ibb.co Open in urlscan Pro
213.174.132.224  Public Scan

10 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 57

• https://media.vlitag.com/vid/?id=6Fk_i-JDmbY&t=y HTTP 302
• https://redirector.googlevideo.com/videoplayback?expire=1702290470&ei=xo92ZffHDMrFsfIPnYar0AQ&ip=184.164.141.146&id=o-ACyCnb7nTM6IXIaduEn2icW6aFf1iHRdB-2gJIihTEaH&itag=18&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=d6&mm=31%2C29&mn=sn-2puupm-2pue%2Csn-p5qs7nzr&ms=au%2Crdu&mv=u&mvi=1&pl=21&spc=UWF9f7jL-sha3MmuqkQeeZ_dhGdmFW6pm_e7qleVqg&vprv=1&svpuc=1&mime=video%2Fmp4&ns=8Rh2zbaYJVs9_LiUqPFwW7wP&cnr=14&ratebypass=yes&dur=200.968&lmt=1685781175523295&mt=1702268307&fvip=3&fexp=24007246&c=WEB&txp=6219224&n=2hOTBWBrTUxcMn-B8&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=ANLwegAwRQIhAN4wxFxatNBYzz_gtC8eWqd0rrVmF_H-QlQjlwGhe5w9AiA5Wz_kX5buZN8NFoeW9rLrVYVoRW_vjUDZpnpdaJKrsg%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AM8Gb2swRQIgdAc5-LV1IGux8xiDbTgRfZdOaebYBNN0hicY4HGcEb4CIQCnW7PBZLDsJePCEnu4p7qJ4zGAykOGENhUP9FFxYv63A%3D%3D HTTP 302
• https://r5---sn-4g5edndk.googlevideo.com/videoplayback?expire=1702290470&ei=xo92ZffHDMrFsfIPnYar0AQ&ip=184.164.141.146&id=o-ACyCnb7nTM6IXIaduEn2icW6aFf1iHRdB-2gJIihTEaH&itag=18&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&spc=UWF9f7jL-sha3MmuqkQeeZ_dhGdmFW6pm_e7qleVqg&vprv=1&svpuc=1&mime=video%2Fmp4&ns=8Rh2zbaYJVs9_LiUqPFwW7wP&cnr=14&ratebypass=yes&dur=200.968&lmt=1685781175523295&fexp=24007246&c=WEB&txp=6219224&n=2hOTBWBrTUxcMn-B8&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=ANLwegAwRQIhAN4wxFxatNBYzz_gtC8eWqd0rrVmF_H-QlQjlwGhe5w9AiA5Wz_kX5buZN8NFoeW9rLrVYVoRW_vjUDZpnpdaJKrsg%3D%3D&cms_redirect=yes&mh=d6&mip=2001:1b60:1010:3:1011:bdef:e85c:e6d3&mm=31&mn=sn-4g5edndk&ms=au&mt=1702278777&mv=m&mvi=5&pl=29&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AM8Gb2swRQIhAJS5kwUwEBUz7hc455huWhE2WyyDvI6-d6vIkxjHJKOpAiAPh61j8BPJ57OMeTaGvFOAzGwa8k1_R0K284vZ37tCbw%3D%3D

Request Chain 76

• https://gum.criteo.com/sid/json?origin=publishertagids&domain=ibb.co&sn=ChromeSyncframe&so=0&topUrl=ibb.co&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
• https://mug.criteo.com/sid?cpp=1VWaonxHeGpXVSttREhWblI0K0h5VzE4NXF4U3lvaHdjUEU2aVNaSWRrS2orckprUTdGMDdVbzFXNFFRWE02djU0STM0dEkwdXdzclVOOVlnZnRIOUF6dnhnbEZFYWk2MS92N3NzSUd2d3JrRmp1VzFZZmVyM3pHNmNuRnpLMGRZUUR2R3JBN1ZrUWY2eXZRWjRGSVNtdmxvMWhzOWxjQkdnVTJsTHZ0RE1waUxaSWtoN3lNM3BuN0lnM2wzWndwRUk1My9jMUROWENEdmJpMkhTeFBRUk5xWmVLbytHVTdFSkE5K2FHRWZ0SVFwR1NCeCtMS25RWFVqTFJlSDB5TXA2TG5FL2haRmdXNE94TjNOUk1RNzNyMHQ2Zz09fA&cppv=2

Request Chain 95

• https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDrk57T4QEQ4QEY4QEyCOqNrdsqEJ6G HTTP 301
• https://tpc.googlesyndication.com/simgad/149948325527134548

Request Chain 104

• https://securepubads.g.doubleclick.net/pagead/adview?ai=C9d8jHLh2ZayjOcG89u8Pj96qiAXzmf-LdOfn0drmEcHfr7_0PhABIJ3CrWlglQKgAZapgf8CyAEJqQJiLYh_9w6yPuACAKgDAcgDywSqBO0BT9CWhpdfCVcNEC-E4JsIgVG_SEoxdtCsvNlamQLVG8wQD4Zw6NFaSdDrlXKicWIaFPw42C7x_T5ou7DFfOjBFRiHvYXSWMtEaCe1wO2n-NRDxeFY6spAUsj3s1OH3nALl5lqRkDRGuuI3jA_cquA-df62-UVD7bT-EC-2zQ6t08IfO5sxEHNqzKky-a_l6zcLwc0YOpaeit0Qd-N8KpEf4N0oqNoMUtYYWOZlWKS7-6oQGGNyco1E9-d_zWQ-Hm8Q9Jr4-10Dunpgu2HDPnXWZJAvHmfzFoiQRBQmuLQMpNjUB7En-Ny0TlHrG15wATDwYjLtgTgBAGIBfO4zfBLkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB5Cq6n-oB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAemvhvYBwDyBwQQi6kP0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOliR9dyW7IaDA5oJHmh0dHBzOi8vd3d3LnN0b2ZmZS1oZW1tZXJzLmRlL4AKAcgLAaIMHCoaChjktLEC7rWxArW4sQKsurEC5LSxAu61sQLiDRMIgKfdluyGgwMVQZ79Bx0PrwpR2BML0BUBmBYBgBcBshceChwIABIUcHViLTgyNzg0MTY5MzkzNzc4OTYY0q5t&sigh=1h2sQl4hF0M&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgDICaaNVHzLrJ_TzLt9sRAeveQG1VIzQvR2xZPpMvqtn-_kL08Hzb5zdcHa1Y9VV0ekzsIkYWk4HMe3Yk1oiDV7DfA-YxTg_BGa9LZK6BgB&template_id=494&cbvp=2&vis=1 HTTP 302
• https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210584449529732261482%22,%22debug_reporting%22:true,%22destination%22:%22https://stoffe-hemmers.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22803230870%22],%224%22:[%2212-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210350410586082257233%22}&andc=true

118 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request tJ9p6N9 Show response ibb.co/	21 KB 6 KB	578ms 133ms	Document text/html	213.174.132.224 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://ibb.co/tJ9p6N9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 213.174.132.224 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx / Resource Hash b75df69639eff2ef0698ff88d8325d5e08822cd91300140fe6172d498e7ba796 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload max-age=63072000; includeSubDomains; preload X-Frame-Options DENY DENY Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-encoding gzip content-type text/html; charset=UTF-8 date Mon, 11 Dec 2023 07:19:55 GMT server nginx strict-transport-security max-age=63072000; includeSubDomains; preload max-age=63072000; includeSubDomains; preload vary Accept-Encoding x-frame-options DENY DENY
GET H2	200	css2 fonts.googleapis.com/	9 KB 1 KB	84ms 31ms	Stylesheet text/css	2a00:1450:4001:831::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500&display=swap Requested by Host: ibb.co URL: https://ibb.co/tJ9p6N9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash b5aacc837f3866c139e24a9c447f8ecc672b3e718536585ac1fd0ce9cc0e4e8c Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Mon, 11 Dec 2023 07:19:56 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Mon, 11 Dec 2023 05:29:12 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 11 Dec 2023 07:19:56 GMT
GET H2	200	ibb.css simgbb.com/2801/	115 KB 26 KB	81ms 28ms	Stylesheet text/css	2606:4700:3037::6815:468 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://simgbb.com/2801/ibb.css Requested by Host: ibb.co URL: https://ibb.co/tJ9p6N9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:468 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d192a5e1527c429f7e465e41ecbf501e491bbb33365f4870a332ff497c4b12e8 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 07:19:56 GMT content-encoding br cf-cache-status HIT last-modified Sat, 09 Dec 2023 12:35:41 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 6873 etag W/"65745f1d-1cd5c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YL9XwA9BjyePBsXSa%2BOSJER2Capx46EX8iBIvJQsH1PMp0xhnLAhacBqkVGfP9STUyXnM6Qii43FUasfU8Cqqs8BG7DQZ2NnC4rKAJrL4XJg6x13qJ6QPqgnDp2K7HUQvWcg3BeYSGnh"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * cache-control max-age=31536000 cf-ray 833bf64f0c419b98-FRA alt-svc h3=":443"; ma=86400
GET H2	200	subscribe.js Show response cdn.usefulcontentsites.com/js/push/	5 KB 2 KB	79ms 28ms	Script application/javascript	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.usefulcontentsites.com/js/push/subscribe.js?v=7 Requested by Host: ibb.co URL: https://ibb.co/tJ9p6N9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7c598d6dc2f040f82c608cb1ef063629ad52ade976a354e578cfab5f2fbb428d Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers x-id fr5-hw-edge-gc16 date Mon, 11 Dec 2023 07:19:56 GMT x-amz-version-id null content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id E2VXBJEH1WS6ESSV age 3703 x-cached-since 2023-11-29T23:46:52+00:00 x-id-fe fr5-hw-edge-gc16 alt-svc h3=":443"; ma=86400 x-amz-id-2 SYIk104Ig5yFREFuZg2KYJDuQZ/J1NyFgVJ1pZIsBYUQxWPUur4f6nj5686tDnnweRZywFdw1C6adZ4VCsVrHA== last-modified Wed, 30 Mar 2022 12:06:36 GMT server cloudflare x-amz-meta-s3cmd-attrs atime:1648641987/ctime:1648641987/gid:0/gname:root/md5:531a7e657aea171bbfa47a0c45adfede/mode:33206/mtime:1648641987/uid:0/uname:root etag W/"531a7e657aea171bbfa47a0c45adfede" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y15WcjsvJG4Vu1QwarfW5pVzNTzlSNOdt7FeUqAWl82mV%2FnpL9sxJ8YaHLXGV2DRSWvAVplSF59oKBJJAsBAMTJ%2FkaROCy9if12HDhqZ7%2BWPKJQgGaDNCnxd%2F9rRZ1qyyxswHojNgEodGOR3xb5PuvCno9bWUXSevg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control max-age=14400 cache STALE cf-ray 833bf64f9b88bb77-FRA
GET H2	200	/ Show response services.vlitag.com/adv1/	573 KB 147 KB	100ms 47ms	Script application/javascript	2606:4700:10::ac43:15e3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1 Requested by Host: ibb.co URL: https://ibb.co/tJ9p6N9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash da11fea14aa373ea068726762d9842ac4129e659d436ae4f34b71db803046e3b Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 07:19:56 GMT content-encoding br cf-cache-status HIT cf-bgj minify server cloudflare age 635 cf-polished origSize=586945 etag W/"8e6637b4f4f57cc6ca9a8b8db5bcdcb1 2023-12-07T22:46:21 v1 default" vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control public, max-age=900, stale-while-revalidate=3600 x-robots-tag noindex, nofollow, noarchive, nosnippet cf-ray 833bf64f9adfbb8f-FRA alt-svc h3=":443"; ma=86400
GET H2	200	logo.png simgbb.com/images/	938 B 1 KB	53ms 53ms	Image image/png	2606:4700:3037::6815:468 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://simgbb.com/images/logo.png Requested by Host: ibb.co URL: https://ibb.co/tJ9p6N9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:468 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 80329d457bd68a89b53ca393d3ba5f1c7b4f944c3c60ef8244a6969e10647c55 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 07:19:56 GMT cf-cache-status HIT last-modified Sat, 09 Dec 2023 12:35:41 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 6727 etag "65745f1d-3aa" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OxZBIHX8OTvfCZvbIHxd%2Fx1S%2FsynJddtOWjkvAoctO872vS9%2BMRwP5%2B5RKifx2eQ%2FMtXlN6o37YE7dfjxJjATdb1UQL0SydC1HSMArd60Vdt0GmOy7C0NFngcYJsPgLzQYLmCKBNgYm8"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=31536000 accept-ranges bytes cf-ray 833bf64f4c7f9b98-FRA alt-svc h3=":443"; ma=86400 content-length 938
GET H2	200	IMG-0178.jpg i.ibb.co/nLFMyVF/	111 KB 112 KB	85ms 27ms	Image image/jpeg	162.19.58.160 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://i.ibb.co/nLFMyVF/IMG-0178.jpg Requested by Host: ibb.co URL: https://ibb.co/tJ9p6N9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.19.58.160 , France, ASN16276 (OVH, FR), Reverse DNS ns3096649.ip-162-19-58.eu Software nginx / Resource Hash 5b96a92ff3275e3a61f33a0b49a620b5fe1dd76f960d71abff8637a2048fecbe Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 07:19:56 GMT last-modified Mon, 04 Dec 2023 06:21:24 GMT server nginx access-control-allow-methods GET, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 114129 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	script Show response pt.protoawe.com/cifra/	2 KB 2 KB	98ms 38ms	Script application/javascript	93.93.51.191 DOCLER-AS
General Check archive.org Show headers Download Go to Full URL https://pt.protoawe.com/cifra/script?id=awe-customiframe-container&row=1&column=4&border=0&wide=0&padding=8px&model=0&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&legacyRedirect=1 Requested by Host: ibb.co URL: https://ibb.co/tJ9p6N9 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 93.93.51.191 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash 3b5c79fa6438eb8abbfc5dbde134a7f49a7f5920a1099a47b5ffed5222b495f0 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 07:19:56 GMT cache-control no-cache x-ud-id lJcfO/yIA server unknown x-cache-status R-EXPIRED content-type application/javascript
GET H2	200	jquery2.js Show response simgbb.com/2801/	114 KB 41 KB	33ms 32ms	Script application/javascript	2606:4700:3037::6815:468 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://simgbb.com/2801/jquery2.js Requested by Host: ibb.co URL: https://ibb.co/tJ9p6N9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:468 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ff3ec271ef20383e3c4fd7f8a8bbab3610c6bd52fa7ca3a52059b97faf148b24 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 07:19:56 GMT content-encoding br cf-cache-status HIT last-modified Sat, 09 Dec 2023 12:35:41 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 5982 etag W/"65745f1d-1c65d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gn8kg2CgeODXAIv77cCo8yi918tCC7Jhb0dTSby77RciFFTXkfAIle3ZvXghyd1H%2FBMLP0Xe5d46Ke2BiXOlzR1Hjsrbc71JV%2FhelWa%2FSK%2BnqqSLedElHYe8qrxA9qucv4z84Gxpxml%2B"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control max-age=31536000 cf-ray 833bf64f4c809b98-FRA alt-svc h3=":443"; ma=86400
GET H2	200	ibb.js Show response simgbb.com/2801/	215 KB 62 KB	35ms 35ms	Script application/javascript	2606:4700:3037::6815:468 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://simgbb.com/2801/ibb.js Requested by Host: ibb.co URL: https://ibb.co/tJ9p6N9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:468 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 45906ccf25c34566708e3c7b29332f2d567c6fa53c72a64b2523928343be6cd1 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 07:19:56 GMT content-encoding br cf-cache-status HIT last-modified Sat, 09 Dec 2023 12:35:41 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 6797 etag W/"65745f1d-35a95" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6c5Je5qSkLH%2FEu2X%2FmMgGphGn0bE7WguKDs%2F9IE0VeY%2FPzaS%2FXI%2FUG6zbQU6KzSjAIMRJ%2FAaVA05cqxHyIFib7VdDzuy%2B0bov50Lg%2BiXMcoxzukRiHpTtNb0coaTQOa3%2B%2FkXIRS5%2BnPy"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control max-age=31536000 cf-ray 833bf64f4c829b98-FRA alt-svc h3=":443"; ma=86400
GET H2	200	cifra Show response pt.protoawe.com/ Frame 2DCE	28 KB 7 KB	199ms 139ms	Document text/html	93.93.51.191 DOCLER-AS
General Check archive.org Show headers Download Go to Full URL https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1 Requested by Host: ibb.co URL: https://ibb.co/tJ9p6N9 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 93.93.51.191 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash d7d6b6d0cecbfc74dbeb4b876222ba95b409935ac3e31f87a62f333fb9b7645c Request headers Referer https://ibb.co/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control max-age=300, public content-encoding gzip content-type text/html; charset=UTF-8 date Mon, 11 Dec 2023 07:19:56 GMT server unknown vary Accept-Encoding x-cache-status R-MISS x-ud-id UzRpY/Khf
GET H2	200	imgbb.woff2 simgbb.com/fonts/	8 KB 9 KB	345ms 118ms	Font font/woff2	2606:4700:3037::6815:468 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://simgbb.com/fonts/imgbb.woff2 Requested by Host: simgbb.com URL: https://simgbb.com/2801/ibb.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:468 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f46bf0c1c79af4187878ef33dc72a02a554013f943f2eaeb9ad5e88c246b6b13 Request headers Referer https://simgbb.com/2801/ibb.css Origin https://ibb.co accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 07:19:56 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 4818 alt-svc h3=":443"; ma=86400 content-length 8468 last-modified Sat, 09 Dec 2023 12:35:41 GMT server cloudflare etag "65745f1d-2114" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UiffgfppcMDJ6uWagCqLtw4U43yqxm5j%2FQQlDbXRFiBynz9Lx%2BVsPCikIA6OWDqxvTluILDqrRLLtMATvUTWvLr77jAPBAmCJAUUXEdAm7bql91iNwF3DkSadV94B9YCgVSbJZZ2m6NJ"}],"group":"cf-nel","max_age":604800} content-type font/woff2 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes cf-ray 833bf650fe0b9c7f-IAD
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 fonts.gstatic.com/s/opensans/v36/	47 KB 48 KB	63ms 18ms	Font font/woff2	2a00:1450:4001:82a::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://ibb.co accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sat, 09 Dec 2023 04:32:10 GMT x-content-type-options nosniff age 182866 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 48432 x-xss-protection 0 last-modified Thu, 14 Sep 2023 00:40:31 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 08 Dec 2024 04:32:10 GMT
GET H2	200	IMG-0178.jpg i.ibb.co/kSt2Trt/	238 KB 239 KB	26ms 26ms	Image image/jpeg	162.19.58.160 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://i.ibb.co/kSt2Trt/IMG-0178.jpg Requested by Host: ibb.co URL: https://ibb.co/tJ9p6N9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.19.58.160 , France, ASN16276 (OVH, FR), Reverse DNS ns3096649.ip-162-19-58.eu Software nginx / Resource Hash 767bd8ded324950fcf37324acab67f9bcc8d299f3482a3352860667b7ef975d8 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 07:19:56 GMT last-modified Mon, 04 Dec 2023 06:21:24 GMT server nginx access-control-allow-methods GET, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 243848 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	js-cookie-muidn Show response cm.mgid.com/	0 414 B	83ms 36ms	Script application/javascript	2606:4700:1::6813:854c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cm.mgid.com/js-cookie-muidn Requested by Host: cdn.usefulcontentsites.com URL: https://cdn.usefulcontentsites.com/js/push/subscribe.js?v=7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Mon, 11 Dec 2023 07:19:56 GMT strict-transport-security max-age=15552000; includeSubDomains; preload cf-cache-status DYNAMIC server cloudflare content-type application/javascript cache-control no-store, no-cache, must-revalidate, max-age=0 cf-ray 833bf6504f9d2be2-FRA alt-svc h3=":443"; ma=86400 content-length 0
GET H3	200	8e6637b4f4f57cc6ca9a8b8db5bcdcb1.json Show response services.vlitag.com/cli/	42 B 357 B	207ms 165ms	XHR application/json	2606:4700:10::ac43:15e3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://services.vlitag.com/cli/8e6637b4f4f57cc6ca9a8b8db5bcdcb1.json?hn=https://ibb.co Requested by Host: services.vlitag.com URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c8d7e8de674f8d083eaa5c822b7c51aa055767dd7673e8e4f33bb9a5fd053f16 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Mon, 11 Dec 2023 07:19:56 GMT cf-cache-status BYPASS server cloudflare vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin https://ibb.co cache-control private, no-cache, no-store, must-revalidate accept-ranges bytes x-robots-tag noindex, nofollow, noarchive, nosnippet cf-ray 833bf650882b0472-FRA content-length 42 alt-svc h3=":443"; ma=86400 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	di.min-v715370.js Show response pt-static5.awepsljan.com/npe/_common/script/incognito/ Frame 2DCE	3 KB 2 KB	98ms 21ms	Script application/javascript	93.93.51.200 DOCLER-AS
General Check archive.org Show headers Download Go to Full URL https://pt-static5.awepsljan.com/npe/_common/script/incognito/di.min-v715370.js Requested by Host: pt.protoawe.com URL: https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash 7d71a852775aba4b8dc1944e102cb58b344c544fe55e69da4caa73e8ccc1d2cb Request headers accept-language de-DE,de;q=0.9 Referer https://pt.protoawe.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers x-cdn-node defra date Mon, 11 Dec 2023 07:19:56 GMT content-encoding gzip last-modified Fri, 08 Dec 2023 10:38:18 GMT server unknown etag W/"6572f21a-d47" x-cache-status R-HIT vary Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=1209600 expires Mon, 25 Dec 2023 07:19:56 GMT
GET H2	200	advertisement-v715370.js Show response pt-static4.awepsljan.com/npe/_common/script/adblock/ Frame 2DCE	21 B 277 B	97ms 20ms	Script application/javascript	93.93.51.200 DOCLER-AS
General Check archive.org Show headers Download Go to Full URL https://pt-static4.awepsljan.com/npe/_common/script/adblock/advertisement-v715370.js Requested by Host: pt.protoawe.com URL: https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash e97a9988dce8067f81f57557b349dd481e0335e75175179b6b01322be2ff13a5 Request headers accept-language de-DE,de;q=0.9 Referer https://pt.protoawe.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers x-cdn-node defra date Mon, 11 Dec 2023 07:19:56 GMT last-modified Fri, 08 Dec 2023 10:38:18 GMT server unknown etag "6572f21a-15" x-cache-status R-HIT content-type application/javascript access-control-allow-origin * cache-control max-age=1209600 accept-ranges bytes content-length 21 expires Mon, 25 Dec 2023 07:19:56 GMT
GET H2	200	cifra-v715370.css pt-static3.awepsljan.com/npe/cifra/styles/ Frame 2DCE	18 KB 4 KB	101ms 25ms	Stylesheet text/css	93.93.51.200 DOCLER-AS
General Check archive.org Show headers Download Go to Full URL https://pt-static3.awepsljan.com/npe/cifra/styles/cifra-v715370.css Requested by Host: pt.protoawe.com URL: https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash 089eb8245e3b54ba7ec782bf62126667c21b7d050e5fe8a50c3c221969eed9fd Request headers accept-language de-DE,de;q=0.9 Referer https://pt.protoawe.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers x-cdn-node defra date Mon, 11 Dec 2023 07:19:56 GMT content-encoding gzip last-modified Fri, 08 Dec 2023 10:38:19 GMT server unknown etag W/"6572f21b-4645" x-cache-status R-HIT vary Accept-Encoding, Accept-Encoding content-type text/css access-control-allow-origin * cache-control max-age=1209600 expires Mon, 25 Dec 2023 07:19:56 GMT
GET H2	200	cifrafk-v715370.js Show response pt-static1.awepsljan.com/npe/cifra/script/ Frame 2DCE	324 KB 116 KB	113ms 37ms	Script application/javascript	93.93.51.200 DOCLER-AS
General Check archive.org Show headers Download Go to Full URL https://pt-static1.awepsljan.com/npe/cifra/script/cifrafk-v715370.js Requested by Host: pt.protoawe.com URL: https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash 2dc37eeeb346edd7286ac5fbd4d78aed9c22129d81fce5b3c06ddc069d2cc08c Request headers accept-language de-DE,de;q=0.9 Referer https://pt.protoawe.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers x-cdn-node defra date Mon, 11 Dec 2023 07:19:56 GMT content-encoding gzip last-modified Fri, 08 Dec 2023 10:38:19 GMT server unknown etag W/"6572f21b-50e9f" x-cache-status R-HIT vary Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=1209600 expires Mon, 25 Dec 2023 07:19:56 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/ Frame 2DCE	230 KB 77 KB	75ms 28ms	Script application/javascript	2a00:1450:4001:80f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-WXTGF28 Requested by Host: pt.protoawe.com URL: https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash b773e12933df37e3499d5ce2e1e43125f6b8629ad215edd30842da319464142f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pt.protoawe.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 07:19:56 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 78670 x-xss-protection 0 last-modified Mon, 11 Dec 2023 06:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Mon, 11 Dec 2023 07:19:56 GMT
GET H3	200	vl.json Show response services.vlitag.com/vld/1702270984/	13 B 265 B	161ms 160ms	XHR application/json	2606:4700:10::ac43:15e3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://services.vlitag.com/vld/1702270984/vl.json?page_url=https%3A%2F%2Fibb.co%2FtJ9p6N9 Requested by Host: services.vlitag.com URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 07:19:56 GMT cf-cache-status HIT last-modified Mon, 11 Dec 2023 06:23:14 GMT server cloudflare vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin https://ibb.co cache-control public, immutable, max-age=31536000 accept-ranges bytes x-robots-tag noindex, nofollow, noarchive, nosnippet cf-ray 833bf651c99d0472-FRA content-length 13 alt-svc h3=":443"; ma=86400
GET H3	200	8e6637b4f4f57cc6ca9a8b8db5bcdcb1.json Show response services.vlitag.com/obj/1702270984/	44 KB 5 KB	28ms 28ms	XHR application/json	2606:4700:10::ac43:15e3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://services.vlitag.com/obj/1702270984/8e6637b4f4f57cc6ca9a8b8db5bcdcb1.json?cc=DE&hn=https://ibb.co Requested by Host: services.vlitag.com URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6873b6283618b5566d46946a8346018f75834560e07c6c041fd35c5482aac982 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 07:19:56 GMT content-encoding br cf-cache-status HIT last-modified Mon, 11 Dec 2023 05:03:29 GMT server cloudflare age 8109 vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin https://ibb.co cache-control public, immutable, max-age=31536000 x-robots-tag noindex, nofollow, noarchive, nosnippet cf-ray 833bf651c99f0472-FRA alt-svc h3=":443"; ma=86400
GET H2	200	3e550c0fe6f32b1d1e5377b6cd35d399_glamour_460x345.jpg galleryn2.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f13/ Frame 2DCE	19 KB 19 KB	125ms 53ms	Image image/jpeg	93.93.51.190 DOCLER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://galleryn2.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f13/3e550c0fe6f32b1d1e5377b6cd35d399_glamour_460x345.jpg?cno=ab8b Requested by Host: pt.protoawe.com URL: https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.93.51.190 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash 0025ee230b186cf9d87269bb59f59dea577de89dcd1026aeb3b7c6b5d6e8e1c7 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://pt.protoawe.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 07:19:56 GMT x-content-type-options nosniff x-cache-status R-HIT x-cache-source Origin content-length 19348 x-cdn-node defra last-modified Sun, 24 Sep 2023 11:13:52 GMT server unknown etag "43d7cf5032e9336cdf8ee87fc0ac8f66" content-type image/jpeg access-control-allow-origin * x-rgw-object-type Normal cache-control max-age=1209600 x-real-source - accept-ranges bytes expires Mon, 25 Dec 2023 07:19:56 GMT
GET H2	200	fc1380d12987ed36625154a06902153c_glamour_460x345.jpg galleryn2.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f1f/ Frame 2DCE	37 KB 38 KB	109ms 37ms	Image image/jpeg	93.93.51.190 DOCLER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://galleryn2.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f1f/fc1380d12987ed36625154a06902153c_glamour_460x345.jpg?cno=0a7f Requested by Host: pt.protoawe.com URL: https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.93.51.190 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash bbddc8c85acc0c0a54bf4d2839173552bc6daf6cfc043d1c583a404d65dc6f74 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://pt.protoawe.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 07:19:56 GMT x-content-type-options nosniff x-cache-status R-HIT x-cache-source Origin content-length 38338 x-cdn-node defra last-modified Wed, 06 Dec 2023 04:03:20 GMT server unknown etag "a18c5e5534c82a5c6808021b023775d7" content-type image/jpeg access-control-allow-origin * x-rgw-object-type Normal cache-control max-age=1209600 x-real-source - accept-ranges bytes expires Mon, 25 Dec 2023 07:19:56 GMT
GET H2	200	0321a269faef1d9a58dd31a7ed307fcd_glamour_460x345.jpg galleryn0.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f10/ Frame 2DCE	15 KB 15 KB	63ms 21ms	Image image/jpeg	93.93.51.190 DOCLER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://galleryn0.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f10/0321a269faef1d9a58dd31a7ed307fcd_glamour_460x345.jpg?cno=2243 Requested by Host: pt.protoawe.com URL: https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.93.51.190 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash 6936d5791882231063305d3d2afd3dc7c57569c0221dbb897511375899a28ace Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://pt.protoawe.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 07:19:56 GMT x-content-type-options nosniff x-cache-status R-HIT x-cache-source Origin content-length 15510 x-cdn-node defra last-modified Wed, 13 Apr 2022 09:40:23 GMT server unknown etag "f2250a974f35a476e6a3ecd829402baf" content-type image/jpeg access-control-allow-origin * x-rgw-object-type Normal cache-control max-age=1209600 x-real-source - accept-ranges bytes expires Mon, 25 Dec 2023 07:19:56 GMT
GET H2	200	ca07f1a0c7c226c1844087e9535dae44_glamour_460x345.jpg galleryn1.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f1c/ Frame 2DCE	24 KB 24 KB	187ms 24ms	Image image/jpeg	93.93.51.190 DOCLER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://galleryn1.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f1c/ca07f1a0c7c226c1844087e9535dae44_glamour_460x345.jpg?cno=6519 Requested by Host: pt.protoawe.com URL: https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.93.51.190 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash 01a43badd979df23ab0c3f22b0626fceb730af6f13341e01f55975de4920d1fe Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://pt.protoawe.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 07:19:56 GMT x-content-type-options nosniff x-cache-status R-HIT x-cache-source Origin content-length 24560 x-cdn-node defra last-modified Tue, 28 Nov 2023 06:51:35 GMT server unknown etag "dda75d836ddf562091e8593a317695f9" content-type image/jpeg access-control-allow-origin * x-rgw-object-type Normal cache-control max-age=1209600 x-real-source - accept-ranges bytes expires Mon, 25 Dec 2023 07:19:56 GMT
GET H2	200	prebid-8.21.0.js Show response assets.vlitag.com/prebid/default/	615 KB 187 KB	53ms 43ms	Script application/javascript	2606:4700:10::ac43:15e3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://assets.vlitag.com/prebid/default/prebid-8.21.0.js Requested by Host: services.vlitag.com URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a3531c1a6993ccc3e7b0f3e1495768e3464aecd55193ef112cb5555422ae6c90 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 07:19:56 GMT content-encoding br cf-cache-status HIT cf-bgj minify last-modified Fri, 03 Nov 2023 08:25:02 GMT server cloudflare age 1055486 cf-polished origSize=630565 etag W/"6544ae5e-99f25" vary Accept-Encoding content-type application/javascript cache-control max-age=16070400 cf-ray 833bf6521d66bb8f-FRA alt-svc h3=":443"; ma=86400 expires Sat, 11 Nov 2023 09:19:28 GMT
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	92 KB 30 KB	129ms 69ms	Script text/javascript	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: services.vlitag.com URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 92a49b46ac71aefd36697cc63c5b31dc51f15677aa1a5e52a1cd5b0c06e9c144 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 07:19:56 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 30052 x-xss-protection 0 server cafe etag 623 / 19702 / m202312040101 / config-hash: 18041799505519846586 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * expires Mon, 11 Dec 2023 07:19:56 GMT
GET H2	200	ima3.js Show response imasdk.googleapis.com/js/sdkloader/	367 KB 126 KB	96ms 52ms	Script text/javascript	2a00:1450:4001:808::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://imasdk.googleapis.com/js/sdkloader/ima3.js Requested by Host: services.vlitag.com URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bda9ec230e9fd779256cde4a4b7687c6fbfab102624bed226faca3e27d255716 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 07:19:56 GMT content-encoding gzip x-content-type-options nosniff server sffe cross-origin-opener-policy same-origin; report-to="ads-doubleclick-instream-static" vary Accept-Encoding report-to {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]} content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 128901 x-xss-protection 0 expires Mon, 11 Dec 2023 07:19:56 GMT
GET H2	200	sf_host.min.js Show response assets.vlitag.com/plugins/safeframe/src/js/	38 KB 17 KB	40ms 32ms	Script application/javascript	2606:4700:10::ac43:15e3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://assets.vlitag.com/plugins/safeframe/src/js/sf_host.min.js Requested by Host: services.vlitag.com URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 07:19:56 GMT content-encoding br cf-cache-status HIT last-modified Fri, 01 Nov 2019 05:04:50 GMT server cloudflare age 93830 etag W/"5dbbbcf2-9806" vary Accept-Encoding content-type application/javascript cache-control max-age=16070400 cf-ray 833bf6521d65bb8f-FRA alt-svc h3=":443"; ma=86400 expires Thu, 09 Nov 2023 16:40:48 GMT
GET H2	200	apstag.js Show response c.amazon-adsystem.com/aax2/	270 KB 66 KB	133ms 22ms	Script application/javascript	13.32.22.213 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/aax2/apstag.js Requested by Host: services.vlitag.com URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.22.213 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-22-213.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 9969c20b05385e44eef49078bb0fbffd8dd6081b90adf392fbcad9a894fa549a Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 06:50:31 GMT content-encoding gzip via 1.1 06a27d66e25d02ebcfb014b9d194016a.cloudfront.net (CloudFront), 1.1 d8670b0c6b76371fb58f730881dfe504.cloudfront.net (CloudFront) last-modified Tue, 05 Dec 2023 22:47:11 GMT server AmazonS3 x-amz-cf-pop FRA60-P1, FRA56-C2 age 1766 x-amz-server-side-encryption AES256 etag W/"aaba284d2b2910b9a4f56befae1e2e69" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=3600 x-amz-cf-id T5eN1ONcnJ_iYxFGjhcX_9u9GCXgzyGSNucw3JAwX2nKorkDwCZpTg==
GET H2	200	analytics.js Show response www.google-analytics.com/ Frame 2DCE	52 KB 21 KB	63ms 18ms	Script text/javascript	2a00:1450:4001:82a::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WXTGF28 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://pt.protoawe.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Mon, 11 Dec 2023 05:48:19 GMT last-modified Mon, 12 Jun 2023 18:23:07 GMT server Golfe2 age 5497 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Mon, 11 Dec 2023 07:48:19 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/ Frame 2DCE	234 KB 81 KB	29ms 28ms	Script application/javascript	2a00:1450:4001:80f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-H7LMNP6Q9N&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WXTGF28 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 22e13559dbe6a993bcacc2c3a12853c9e9d083162cbb48e7e4fe4f34ce84b565 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pt.protoawe.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 07:19:56 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 83280 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Mon, 11 Dec 2023 07:19:56 GMT
GET H2	200	A5Q.gif pt.protoawe.com/XUqCy/ Frame 2DCE	43 B 295 B	23ms 23ms	Image image/gif	93.93.51.191 DOCLER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://pt.protoawe.com/XUqCy/A5Q.gif?psprogram=revs&pstool=212_1&site=jsm&campaign_id=&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&psid=mesaction&categoryName=girl&vp%5BautoPlay%5D=1&vp%5BshowChat%5D=0&vp%5BchatAutoHide%5D=0&im=0 Requested by Host: ibb.co URL: https://ibb.co/tJ9p6N9 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 93.93.51.191 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers accept-language de-DE,de;q=0.9 Referer https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 07:19:56 GMT last-modified Mon, 28 Sep 1970 06:00:00 GMT server unknown content-type image/gif access-control-allow-origin * cache-control no-cache content-length 43 expires Mon, 11 Dec 2023 07:19:55 GMT
GET H2	200	pubads_impl.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/	432 KB 135 KB	20ms 20ms	Script text/javascript	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c417bdd5756646f7102a004458c6aa90e7a4c7ff04631494f0a9b8099619343d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sun, 10 Dec 2023 15:57:30 GMT content-encoding br x-content-type-options nosniff age 55346 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 138293 x-xss-protection 0 server cafe etag 11350998454379829730 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 timing-allow-origin * expires Mon, 09 Dec 2024 15:57:30 GMT
GET H2	200	aps_csm.js Show response c.amazon-adsystem.com/bao-csm/aps-comm/	6 KB 3 KB	65ms 21ms	XHR application/javascript	13.32.22.213 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.22.213 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-22-213.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers x-amz-version-id 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog content-encoding gzip via 1.1 0434556f8ccac61e8735f7c75767727c.cloudfront.net (CloudFront) date Mon, 11 Dec 2023 07:02:28 GMT x-amz-cf-pop FRA56-C2 age 9789 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Tue, 29 Aug 2023 08:30:37 GMT server AmazonS3 etag W/"a4d296427fc806b21335359e398c025c" access-control-max-age 3000 access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control public, max-age=86400 vary Accept-Encoding,Origin x-amz-cf-id KRkXnk2ZuE1ZjWLg4ztMg8AhRvpIru8tyH0J0WZvfogLPwpP3hjlvw==
GET H2	200	9cf0c4f1-7630-476b-9141-f4472e005192 Show response config.aps.amazon-adsystem.com/configs/	537 B 802 B	71ms 20ms	Script application/javascript	99.86.4.39 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://config.aps.amazon-adsystem.com/configs/9cf0c4f1-7630-476b-9141-f4472e005192 Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.39 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-39.fra6.r.cloudfront.net Software CloudFront / Resource Hash 8cb19dd370d8a0dd9ee570e546a789c88840bd443082943f099e4c87cdfff2bf Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 06:38:26 GMT via 1.1 94faae20b0f122c4555025f52a2fd744.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop FRA6-C1 age 2490 x-cache Hit from cloudfront content-type application/javascript cache-control max-age=3600 content-length 537 x-amz-cf-id hys1kRY5o0rV4w6QGOs3BzxAjGXVyQjIIQcAekAEGUO-ANVjed0Ruw==
GET H2	204	config Show response c.amazon-adsystem.com/cdn/prod/	0 305 B	20ms 20ms	XHR text/plain	13.32.22.213 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fibb.co&pubid=9cf0c4f1-7630-476b-9141-f4472e005192 Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.22.213 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-22-213.fra56.r.cloudfront.net Software Server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 03:52:49 GMT via 1.1 d8670b0c6b76371fb58f730881dfe504.cloudfront.net (CloudFront) server Server x-amz-cf-pop FRA56-C2 age 12427 x-cache Hit from cloudfront access-control-allow-origin https://ibb.co cache-control max-age=21550, s-maxage=21600 access-control-allow-credentials true x-amz-cf-id fndAMqGLDSHCDC54yH0lvmFDKTo-kO-_dUN5UGRnAzcMLWUpHzYJIw==
GET H2	200	latest.json Show response cdn.jsdelivr.net/gh/prebid/currency-file@1/	2 KB 2 KB	66ms 26ms	Fetch application/json	2606:4700::6810:5914 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231211 Requested by Host: assets.vlitag.com URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash eb46a46f643895746cfe3e2e199278b0154edfb75cecb1132df74f47b84d67b5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://ibb.co/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 content-type text/plain Response headers date Mon, 11 Dec 2023 07:19:56 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 11944 x-jsd-version 1.0.1900 content-encoding br x-cache HIT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-served-by cache-fra-eddf8230073-FRA x-jsd-version-type version server cloudflare etag W/"636-0aixPJ+F9iGhoT5ok/tLvIFCVz0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QEWRiUOphDhHVsBAjSYZuNwOWYErc3DxJi2CXAdVamPB86nDM%2BkFNfI22TJoFXxeiVM3D3KFFtAspNfUnz%2BOH0ZZYL%2Bo7Orxva0WzDa3Vh14w%2BDfo3pg%2B0eEU9YjfCb9Ic%2FuBZdsYDbYYfnefhU%3D"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 timing-allow-origin * cf-ray 833bf65389a05c20-FRA
GET H2	200	bid Show response aax.amazon-adsystem.com/e/dtb/	23 B 455 B	103ms 58ms	XHR text/javascript	52.222.253.136 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fibb.co%2FtJ9p6N9&pid=mtEmcojGO21aW&cb=0&ws=1600x1200&v=23.1129.2055&t=1500&slots=%5B%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A1%2C%22id%22%3A%22Interdog_Media_RON_Instream%22%2C%22mt%22%3A%22v%22%2C%22s%22%3A%5B%22640x480%22%5D%7D%2C%7B%22sd%22%3A%22vi_22154111431_banner%22%2C%22s%22%3A%5B%22336x280%22%2C%22300x250%22%5D%2C%22sn%22%3A111431%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!pubpower.io%2C467%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22no-cmp%22%7D Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.253.136 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-253-136.fra60.r.cloudfront.net Software Server / Resource Hash 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8 Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 07:19:56 GMT strict-transport-security max-age=47474747; includeSubDomains; preload via 1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront) server Server x-amz-cf-pop FRA60-P3 x-amz-rid 7SHB1B3KMPA4GNW6ZMFW vary Accept-Encoding,User-Agent x-cache Miss from cloudfront content-type text/javascript;charset=UTF-8 access-control-allow-origin https://ibb.co access-control-allow-credentials true timing-allow-origin * content-length 23 x-amz-cf-id JnvSaHGmzn4UmlB45b9Mue1CnhvFaEZyAo8ZGEVS89IH1kxC1LYfbg==
GET H2	200	tf-v1.jpeg px.vliplatform.com/	0 272 B	198ms 148ms	Image image/jpeg	2606:4700:3037::ac43:9e3b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://px.vliplatform.com/tf-v1.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNBAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNwABeqPMq-KPZr-PKaM-aeMa-TYYwMBqZtyrKRzyzNhqut_cotvRws0NA Requested by Host: ibb.co URL: https://ibb.co/tJ9p6N9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 07:19:56 GMT cf-cache-status MISS last-modified Mon, 11 Dec 2023 07:19:56 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pe7WCkoLA01bi3DOm%2Fg3G9V9lCgMbg3iBbbLn%2BqAk2AWzPItSwGHZMBRRltqWWIp2MwCgaxhe7g%2B6nhGt9uHXPQLni48txkqY3poVFZy%2Fuw7MIm0CO9RqH5rDorUDedG8Mz%2FFg6PZJzG3acJLLAmcw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=864000, immutable accept-ranges bytes x-robots-tag noindex, nofollow, noarchive, nosnippet cf-ray 833bf653ab4990ec-FRA content-length 0 alt-svc h3=":443"; ma=86400
GET H2	200	cc.jpeg px.vliplatform.com/bi-v4/	0 270 B	199ms 148ms	Image image/jpeg	2606:4700:3037::ac43:9e3b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNBAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNTteMePrT-YwAB-Ptyq-qwYK-aBMUaeBKZaBqRdzNcortg%20oflzktqdRlmNUPAbPMARwlNqdqmgfRkjmNUPAbPMARrdzNqdqmgfRwkjNARmNTTTPBTRleNplR_yszuNyqsltRedhNgyy Requested by Host: ibb.co URL: https://ibb.co/tJ9p6N9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 07:19:56 GMT cf-cache-status MISS last-modified Mon, 11 Dec 2023 07:19:56 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VRaqqFbVZUowR%2Bf2Ztc%2B0sd9curekxzjSNADWzO2gl73rxag1gauuQxBm5EI3cF0ccHLw%2B1YKxUK8YnqNfouLvtI5AZGsSojDZQuHNPqKg0BUBm3Ia07xiuX80ZD%2BgK8Pj3tTUR6MGzbV6qIxhXa3A%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=864000, immutable accept-ranges bytes x-robots-tag noindex, nofollow, noarchive, nosnippet cf-ray 833bf653ab4190ec-FRA content-length 0 alt-svc h3=":443"; ma=86400
GET H2	200	cc.jpeg px.vliplatform.com/bi-v4/	0 274 B	200ms 150ms	Image image/jpeg	2606:4700:3037::ac43:9e3b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNBAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNUytMwtwP-rqBP-PMtw-qPaT-UUBBaPZPqqtPRdzNwqfftkRlmNBBUbPMARwlNqdqmgfRkjmNBBUbYMA,BAAbYZARrdzNqdqmgfRwkjNARmNTTTPBTRleNplR_yszuNyqsltRedhNgyy Requested by Host: ibb.co URL: https://ibb.co/tJ9p6N9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 07:19:56 GMT cf-cache-status MISS last-modified Mon, 11 Dec 2023 07:19:56 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HZE99wW0lNUNI4Ue2KK%2FSsU6T8izl%2Bi%2B0qp9BUJg95ONSZ7hKp0kFYmuidvhlWgQEAaeXjcWEU0GFwJ%2FGi60eCutcQAKc4tqugI7%2BRW6xR5BeQKkriYkUr1%2Bt1oLtqzRd%2FlmzdcWbHNgZZYxc4cPNA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=864000, immutable accept-ranges bytes x-robots-tag noindex, nofollow, noarchive, nosnippet cf-ray 833bf653ab4390ec-FRA content-length 0 alt-svc h3=":443"; ma=86400
GET H2	200	bid Show response aax.amazon-adsystem.com/e/dtb/	23 B 456 B	110ms 69ms	XHR text/javascript	52.222.253.136 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fibb.co%2FtJ9p6N9&pid=mtEmcojGO21aW&cb=1&ws=1600x1200&v=23.1129.2055&t=1500&slots=%5B%7B%22sd%22%3A%22vi_22154111432%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A111432%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!pubpower.io%2C467%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22no-cmp%22%7D Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.253.136 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-253-136.fra60.r.cloudfront.net Software Server / Resource Hash 89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4 Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 07:19:56 GMT strict-transport-security max-age=47474747; includeSubDomains; preload via 1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront) server Server x-amz-cf-pop FRA60-P3 x-amz-rid HHH9D35P04997TEWT3FW vary Accept-Encoding,User-Agent x-cache Miss from cloudfront content-type text/javascript;charset=UTF-8 access-control-allow-origin https://ibb.co access-control-allow-credentials true timing-allow-origin * content-length 23 x-amz-cf-id w96bAds-ayicKMYN_THtBJXDOXUEnPoUD65nDlYYVW9NIWPgszw9Yg==
GET H2	200	cc.jpeg px.vliplatform.com/bi-v4/	0 529 B	192ms 146ms	Image image/jpeg	2606:4700:3037::ac43:9e3b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNBAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNKeUAYrtM-qePB-PtMB-MMwy-ttywwqZaarTPRdzNwqfftkRlmNKYMbaARwlNqdqmgfRkjmNKYMbaARrdzNqdqmgfRwkjNARmNTTTPBYRleNplR_yszuNyqsltRedhNgyy Requested by Host: ibb.co URL: https://ibb.co/tJ9p6N9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 07:19:56 GMT cf-cache-status MISS last-modified Mon, 11 Dec 2023 07:19:56 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g85zOJypXlM9oePI1NRlyN7BNvgyFcCSuLz%2FLMWu7MAlHR2EBOWO4CCs8RtLRy%2BzO037UVTF05p4P%2BNBKyqPs92%2Bjd81eSYfijmoZCzeblcsGlV0WPREYtJFEZi2XUJEa%2BY8fO7U%2F6Ah1TpqSbmzIg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=864000, immutable accept-ranges bytes x-robots-tag noindex, nofollow, noarchive, nosnippet cf-ray 833bf653ab4690ec-FRA content-length 0 alt-svc h3=":443"; ma=86400
GET H2	200	bid Show response aax.amazon-adsystem.com/e/dtb/	23 B 456 B	95ms 56ms	XHR text/javascript	52.222.253.136 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fibb.co%2FtJ9p6N9&pid=mtEmcojGO21aW&cb=2&ws=1600x1200&v=23.1129.2055&t=1500&slots=%5B%7B%22sd%22%3A%22vi_22154111430_7%22%2C%22s%22%3A%5B%22970x90%22%5D%2C%22sn%22%3A111430%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%2C%7B%22sd%22%3A%22vi_22154111430_8%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A111430%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!pubpower.io%2C467%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22no-cmp%22%7D Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.253.136 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-253-136.fra60.r.cloudfront.net Software Server / Resource Hash 5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5 Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 07:19:56 GMT strict-transport-security max-age=47474747; includeSubDomains; preload via 1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront) server Server x-amz-cf-pop FRA60-P3 x-amz-rid T9Q4YHBYJADCVEH4CCQ3 vary Accept-Encoding,User-Agent x-cache Miss from cloudfront content-type text/javascript;charset=UTF-8 access-control-allow-origin https://ibb.co access-control-allow-credentials true timing-allow-origin * content-length 23 x-amz-cf-id cDD_djt67xiIdgZf4UfhEAEAOS0vNSfS-LuHa82kfQaRSwUNkM_t6g==
GET H2	200	cc.jpeg px.vliplatform.com/bi-v4/	0 272 B	193ms 149ms	Image image/jpeg	2606:4700:3037::ac43:9e3b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNBAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNtPBrKqPT-BPwt-PUUT-MaKq-PwtUTTMKaYUtRdzNwqfftkRlmNaKAbaARwlNqdqmgfRkjmNaKAbaARrdzNqdqmgfRwkjNARmNTTTPBARleNplR_yszuNyqsltRedhNgyy Requested by Host: ibb.co URL: https://ibb.co/tJ9p6N9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 07:19:56 GMT cf-cache-status MISS last-modified Mon, 11 Dec 2023 07:19:56 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=meqyU%2F8Jyr89CaG%2Fnvs8M5%2Bj%2FYSSm%2BWznTUnvcgd8l7DzVMcBMu2UxZoXUw1taZUhK3cIiGs9bQZNe48aX7YaWsoSv%2FyIoZr7iqBAMsg1OTy8Xrt2vaGG9B3QkJhc0qyn29ty4OzOvjDnQHG1t374g%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=864000, immutable accept-ranges bytes x-robots-tag noindex, nofollow, noarchive, nosnippet cf-ray 833bf653ab4590ec-FRA content-length 0 alt-svc h3=":443"; ma=86400
GET H2	200	cc.jpeg px.vliplatform.com/bi-v4/	0 267 B	193ms 149ms	Image image/jpeg	2606:4700:3037::ac43:9e3b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNBAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNeTeUBerM-KryZ-PrUT-qYZM-YeyZPAKwyqMARdzNwqfftkRlmNKYMbaARwlNqdqmgfRkjmNKYMbaARrdzNqdqmgfRwkjNARmNTTTPBARleNplR_yszuNyqsltRedhNgyy Requested by Host: ibb.co URL: https://ibb.co/tJ9p6N9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 07:19:56 GMT cf-cache-status MISS last-modified Mon, 11 Dec 2023 07:19:56 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E51Xemg6cVw50lfn2%2BnKZ8NtlDsroHKzBasCA8WOWqcpFdB8HwkhyvSSyB1LDWnaLOcqo34fqyy5lKFyM4AiBx8LoPGHfqX3rV9F1B2iy9Sx7Z2lj22RpFn4KESRXPl6hgg%2FBt3xOsk4iJ1W8bNQtQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=864000, immutable accept-ranges bytes x-robots-tag noindex, nofollow, noarchive, nosnippet cf-ray 833bf653ab4890ec-FRA content-length 0 alt-svc h3=":443"; ma=86400
GET H2	200	%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%229cf0c4f1-7630-476b-9141-f4472e005192%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22_legacy%252Fbi... Show response aax.amazon-adsystem.com/x/px/p/PH/	43 B 415 B	89ms 49ms	Fetch image/gif	52.222.253.136 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%229cf0c4f1-7630-476b-9141-f4472e005192%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22_legacy%252FbidRequest%252Fmonitor%22%2C%22feat%22%3A%22started%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Fibb.co%252FtJ9p6N9%22%2C%22lv%22%3A%2223.1129.2055%22%7D Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.253.136 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-253-136.fra60.r.cloudfront.net Software Server / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/tJ9p6N9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Mon, 11 Dec 2023 07:19:56 GMT strict-transport-security max-age=47474747; includeSubDomains; preload via 1.1 968007545c497b68cc41825f11e930ba.cloudfront.net (CloudFront) server Server x-amz-cf-pop FRA60-P3 x-amz-rid 66ZS726YX0NHS15PXYKE vary Accept-Encoding,User-Agent x-cache Miss from cloudfront content-type image/gif cache-control no-cache content-length 43 x-amz-cf-id FnS3PaAMvvre9ep_RHpD0hKaj8yxL3_pTvJbw-eYbZh7sg4hVtmvuA==
GET H2	200	bid Show response aax.amazon-adsystem.com/e/dtb/	23 B 455 B	92ms 67ms	XHR text/javascript	52.222.253.136 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fibb.co%2FtJ9p6N9&pid=mtEmcojGO21aW&cb=3&ws=1600x1200&v=23.1129.2055&t=1500&slots=%5B%7B%22sd%22%3A%22vi_2215494532_1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A94532%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!pubpower.io%2C467%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22no-cmp%22%7D Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.253.136 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-253-136.fra60.r.cloudfront.net Software Server / Resource Hash 1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3 Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 07:19:56 GMT strict-transport-security max-age=47474747; includeSubDomains; preload via 1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront) server Server x-amz-cf-pop FRA60-P3 x-amz-rid NK4APNWANNYM5ZBQK673 vary Accept-Encoding,User-Agent x-cache Miss from cloudfront content-type text/javascript;charset=UTF-8 access-control-allow-origin https://ibb.co access-control-allow-credentials true timing-allow-origin * content-length 23 x-amz-cf-id qI-bu6NFlORSbAlrHv8err8wTgIuq_56osAG7_JL7lmMx4WSliYn1Q==
GET H2	200	1679645040.png assets.vlitag.com/widget/2023/03/24/	98 KB 99 KB	28ms 26ms	Image image/webp	2606:4700:10::ac43:15e3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.vlitag.com/widget/2023/03/24/1679645040.png Requested by Host: ibb.co URL: https://ibb.co/tJ9p6N9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c43f2cfd502f8404bf58060207dfd8294ad0c7f1bc08e69db75713552f915795 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 07:19:56 GMT cf-cache-status HIT age 2420104 cf-polished origFmt=png, origSize=323185 content-disposition inline; filename="1679645040.webp" alt-svc h3=":443"; ma=86400 content-length 100856 cf-bgj imgq:85,h2pri last-modified Fri, 24 Mar 2023 08:04:00 GMT server cloudflare etag "641d5970-4ee71" vary Accept content-type image/webp cache-control max-age=16070400 accept-ranges bytes cf-ray 833bf6537ef2bb8f-FRA expires Fri, 10 Nov 2023 20:08:44 GMT
GET H2	200	1648753545.jpg assets.vlitag.com/widget/2022/03/31/	97 KB 97 KB	30ms 29ms	Image image/webp	2606:4700:10::ac43:15e3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.vlitag.com/widget/2022/03/31/1648753545.jpg Requested by Host: ibb.co URL: https://ibb.co/tJ9p6N9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 191a98003e98b429276e8f3daefd3849a1603a4ddee78efc0168ba41a131a5bb Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 07:19:56 GMT cf-cache-status HIT age 2438584 cf-polished qual=85, origFmt=jpeg, origSize=133932 content-disposition inline; filename="1648753545.webp" alt-svc h3=":443"; ma=86400 content-length 99048 cf-bgj imgq:85,h2pri last-modified Thu, 31 Mar 2022 19:05:45 GMT server cloudflare etag "6245fb89-20b2c" vary Accept content-type image/webp cache-control max-age=16070400 accept-ranges bytes cf-ray 833bf6537ef4bb8f-FRA expires Sat, 11 Nov 2023 11:16:32 GMT
GET H2	200	1572962830.jpg assets.vlitag.com/widget/2019/11/05/	170 KB 171 KB	36ms 35ms	Image image/jpeg	2606:4700:10::ac43:15e3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.vlitag.com/widget/2019/11/05/1572962830.jpg Requested by Host: ibb.co URL: https://ibb.co/tJ9p6N9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a24a1cdd313ab6fa435e1a0f9f4f0395f864a11c9a5ff9610beafe91548d1a8d Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 07:19:56 GMT cf-cache-status HIT age 873507 cf-polished degrade=85, origSize=227959, status=webp_bigger alt-svc h3=":443"; ma=86400 content-length 174276 cf-bgj imgq:85,h2pri last-modified Tue, 05 Nov 2019 14:07:11 GMT server cloudflare etag "5dc1820f-37a77" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control max-age=16070400 accept-ranges bytes cf-ray 833bf6538ef5bb8f-FRA expires Thu, 30 Nov 2023 13:45:51 GMT
GET H2	200	1592801729.jpg assets.vlitag.com/widget/2020/06/22/	74 KB 74 KB	36ms 35ms	Image image/webp	2606:4700:10::ac43:15e3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.vlitag.com/widget/2020/06/22/1592801729.jpg Requested by Host: ibb.co URL: https://ibb.co/tJ9p6N9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b8341f341848ee9eec71870d976b0895ef1084190c2e0b0349d2ba1c9b9ef64e Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 07:19:56 GMT cf-cache-status HIT age 878846 cf-polished qual=85, origFmt=jpeg, origSize=103053 content-disposition inline; filename="1592801729.webp" alt-svc h3=":443"; ma=86400 content-length 75514 cf-bgj imgq:85,h2pri last-modified Mon, 22 Jun 2020 04:55:29 GMT server cloudflare etag "5ef039c1-1928d" vary Accept access-control-allow-methods GET, POST, OPTIONS content-type image/webp access-control-allow-origin * cache-control max-age=16070400 accept-ranges bytes cf-ray 833bf6538ef7bb8f-FRA expires Tue, 28 Nov 2023 14:54:15 GMT
GET H2	200	1572962870.jpg assets.vlitag.com/widget/2019/11/05/	107 KB 107 KB	33ms 32ms	Image image/webp	2606:4700:10::ac43:15e3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.vlitag.com/widget/2019/11/05/1572962870.jpg Requested by Host: ibb.co URL: https://ibb.co/tJ9p6N9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 45fe766308841d0d4a2068ef014d83df899ef6623f6bb4bde509431657b1c707 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 07:19:56 GMT cf-cache-status HIT age 2525503 cf-polished qual=85, origFmt=jpeg, origSize=151033 content-disposition inline; filename="1572962870.webp" alt-svc h3=":443"; ma=86400 content-length 109336 cf-bgj imgq:85,h2pri last-modified Tue, 05 Nov 2019 14:07:50 GMT server cloudflare etag "5dc18236-24df9" vary Accept content-type image/webp cache-control max-age=16070400 accept-ranges bytes cf-ray 833bf6538ef8bb8f-FRA expires Thu, 02 Nov 2023 12:03:01 GMT
GET H2	200	1596163502.jpg assets.vlitag.com/widget/2020/07/30/	104 KB 105 KB	35ms 34ms	Image image/webp	2606:4700:10::ac43:15e3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.vlitag.com/widget/2020/07/30/1596163502.jpg Requested by Host: ibb.co URL: https://ibb.co/tJ9p6N9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5db53bf6a77148dae0aece6b6512e4a6bf94603af72e449a0f23ed03e8b96ff3 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 07:19:56 GMT cf-cache-status HIT age 952585 cf-polished qual=85, origFmt=jpeg, origSize=140376 content-disposition inline; filename="1596163502.webp" alt-svc h3=":443"; ma=86400 content-length 106784 cf-bgj imgq:85,h2pri last-modified Fri, 31 Jul 2020 02:45:02 GMT server cloudflare etag "5f2385ae-22458" vary Accept access-control-allow-methods GET, POST, OPTIONS content-type image/webp access-control-allow-origin * cache-control max-age=16070400 accept-ranges bytes cf-ray 833bf6538ef9bb8f-FRA expires Tue, 28 Nov 2023 15:20:24 GMT
GET H2	200	cc.jpeg px.vliplatform.com/bi-v4/	0 270 B	258ms 258ms	Image image/jpeg	2606:4700:3037::ac43:9e3b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNBAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNKwPAwYqe-MTBe-PeBY-werw-tZPMyyPaTYaZRdzNwqfftkRlmNBAAbYZARwlNqdqmgfRkjmNBAAbYZARrdzNqdqmgfRwkjNARmNaPZBYRleNplR_yszuNyqsltRedhNgyy Requested by Host: ibb.co URL: https://ibb.co/tJ9p6N9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 07:19:56 GMT cf-cache-status MISS last-modified Mon, 11 Dec 2023 07:19:56 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uIsu%2BpjC%2F7n09OCA94WWZZj0oWQGPIeSG0UWziEXlZkwRqFlDL5X6Rby4aBofw5PBLz6VcwcFMpkMCtYLkQaSOjeJl3LdnDNOCx7ERPdIhz2w1W3ardKvCC%2FJPV231Ix5Z1xdQAPifAqbaoFt4sW7A%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=864000, immutable accept-ranges bytes x-robots-tag noindex, nofollow, noarchive, nosnippet cf-ray 833bf653ab4a90ec-FRA content-length 0 alt-svc h3=":443"; ma=86400
GET H3	206	videoplayback r5---sn-4g5edndk.googlevideo.com/ Redirect Chain https://media.vlitag.com/vid/?id=6Fk_i-JDmbY&t=y https://redirector.googlevideo.com/videoplayback?expire=1702290470&ei=xo92ZffHDMrFsfIPnYar0AQ&ip=184.164.141.146&id=o-ACyCnb7nTM6IXIaduEn2icW6aFf1iHRdB-2gJIihTEaH&itag=18&source=youtube&requiressl=... https://r5---sn-4g5edndk.googlevideo.com/videoplayback?expire=1702290470&ei=xo92ZffHDMrFsfIPnYar0AQ&ip=184.164.141.146&id=o-ACyCnb7nTM6IXIaduEn2icW6aFf1iHRdB-2gJIihTEaH&itag=18&source=youtube&requi...	233 KB 0	106ms 19ms	Media video/mp4	2a00:1450:4001:23::a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://r5---sn-4g5edndk.googlevideo.com/videoplayback?expire=1702290470&ei=xo92ZffHDMrFsfIPnYar0AQ&ip=184.164.141.146&id=o-ACyCnb7nTM6IXIaduEn2icW6aFf1iHRdB-2gJIihTEaH&itag=18&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&spc=UWF9f7jL-sha3MmuqkQeeZ_dhGdmFW6pm_e7qleVqg&vprv=1&svpuc=1&mime=video%2Fmp4&ns=8Rh2zbaYJVs9_LiUqPFwW7wP&cnr=14&ratebypass=yes&dur=200.968&lmt=1685781175523295&fexp=24007246&c=WEB&txp=6219224&n=2hOTBWBrTUxcMn-B8&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=ANLwegAwRQIhAN4wxFxatNBYzz_gtC8eWqd0rrVmF_H-QlQjlwGhe5w9AiA5Wz_kX5buZN8NFoeW9rLrVYVoRW_vjUDZpnpdaJKrsg%3D%3D&cms_redirect=yes&mh=d6&mip=2001:1b60:1010:3:1011:bdef:e85c:e6d3&mm=31&mn=sn-4g5edndk&ms=au&mt=1702278777&mv=m&mvi=5&pl=29&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AM8Gb2swRQIhAJS5kwUwEBUz7hc455huWhE2WyyDvI6-d6vIkxjHJKOpAiAPh61j8BPJ57OMeTaGvFOAzGwa8k1_R0K284vZ37tCbw%3D%3D Requested by Host: ibb.co URL: https://ibb.co/tJ9p6N9 Protocol H3 Server 2a00:1450:4001:23::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software gvs 1.0 / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers client-protocol quic date Mon, 11 Dec 2023 07:19:57 GMT x-content-type-options nosniff last-modified Sat, 03 Jun 2023 08:32:55 GMT server gvs 1.0 vary Origin content-type video/mp4 Content-Range bytes 0-14185952/14185953 cache-control private, max-age=10973 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46" Content-Length 14185953 expires Mon, 11 Dec 2023 07:19:57 GMT Redirect headers pragma no-cache date Mon, 11 Dec 2023 07:19:57 GMT x-content-type-options nosniff server ClientMapServer x-frame-options SAMEORIGIN content-type text/html; charset=UTF-8 location https://r5---sn-4g5edndk.googlevideo.com/videoplayback?expire=1702290470&ei=xo92ZffHDMrFsfIPnYar0AQ&ip=184.164.141.146&id=o-ACyCnb7nTM6IXIaduEn2icW6aFf1iHRdB-2gJIihTEaH&itag=18&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&spc=UWF9f7jL-sha3MmuqkQeeZ_dhGdmFW6pm_e7qleVqg&vprv=1&svpuc=1&mime=video%2Fmp4&ns=8Rh2zbaYJVs9_LiUqPFwW7wP&cnr=14&ratebypass=yes&dur=200.968&lmt=1685781175523295&fexp=24007246&c=WEB&txp=6219224&n=2hOTBWBrTUxcMn-B8&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=ANLwegAwRQIhAN4wxFxatNBYzz_gtC8eWqd0rrVmF_H-QlQjlwGhe5w9AiA5Wz_kX5buZN8NFoeW9rLrVYVoRW_vjUDZpnpdaJKrsg%3D%3D&cms_redirect=yes&mh=d6&mip=2001:1b60:1010:3:1011:bdef:e85c:e6d3&mm=31&mn=sn-4g5edndk&ms=au&mt=1702278777&mv=m&mvi=5&pl=29&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AM8Gb2swRQIhAJS5kwUwEBUz7hc455huWhE2WyyDvI6-d6vIkxjHJKOpAiAPh61j8BPJ57OMeTaGvFOAzGwa8k1_R0K284vZ37tCbw%3D%3D cache-control no-cache, must-revalidate alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1287 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pubcid.min.js Show response cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/	732 B 1 KB	50ms 27ms	Script application/javascript	2606:4700::6810:5914 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 07:19:56 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 12000 x-jsd-version master content-encoding br x-cache HIT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-served-by cache-fra-eddf8230065-FRA x-jsd-version-type branch server cloudflare etag W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BKaHQMEDy1r0kdSAdb3QdLRmLDZzIxzJIbX6gxDPS0ZYL1Ef2f6T2I0KllZldghFmPzUEy%2FWbDi8cWXkmjy5H3rCgzRV0dwrydoKxcf2CrQNRp4Oh2JgP5hkogFPf9zbvoI4c7VMO%2BGs8VUPzbM%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 timing-allow-origin * cf-ray 833bf654696f4d37-FRA
GET H2	200	esp.js Show response cdn.id5-sync.com/api/1.0/	152 KB 34 KB	74ms 30ms	Script text/javascript	2606:4700:10::6816:3556 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.id5-sync.com/api/1.0/esp.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 65d03eb82a79a732d7c0180593c4f5dc98a8fac5c20c3a5446c4f14bf93d280a Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 07:19:56 GMT strict-transport-security max-age=15552000; includeSubDomains; preload content-encoding gzip cf-cache-status HIT last-modified Thu, 07 Dec 2023 12:57:20 GMT server cloudflare x-amz-request-id 4JBNQ826GQ0066W5 age 3027 etag W/"5fcefeebf5ddc7b2ddf2435967e63de9" x-amz-server-side-encryption AES256 vary Accept-Encoding content-type text/javascript;charset=utf-8 cache-control public, max-age=3600 cf-ray 833bf6548f483808-FRA x-amz-id-2 Bx/qQ0sZIexe3FG1L8SReXrsfreKJVUqBtT2F/zhPKkapHFfezMHqsM1QhphryKCCflb5L0Z/DPiYLePuarPiw==
GET H2	200	publishertag.ids.js Show response static.criteo.net/js/ld/	43 KB 13 KB	110ms 44ms	Script text/javascript	2a02:2638:3::3 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/js/ld/publishertag.ids.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash 2f1ad4ec7176f493b16e0d186f222e3484248cbb48f82289c736a0877f2d5894 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 07:19:56 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Tue, 05 Dec 2023 05:12:22 GMT server nginx etag W/"656eb136-aa2f" content-type text/javascript access-control-allow-origin * cache-control max-age=86400, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Tue, 12 Dec 2023 07:19:56 GMT
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	48 KB 17 KB	334ms 334ms	Fetch text/plain	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3130015337572809&correlator=981098694372845&eid=31077976%2C31080080%2C95320408%2C31079239%2C44807747&output=ldjh&gdfp_req=1&vrg=202312040101&ptt=17&impl=fifs&iu_parts=21724377464%3A22155214454%2Cibb.co_vli111431&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&fsfs=1&ists=1&fas=8&fsapi=1&ifs=%5B%5B%5B2%2C1%5D%5D%5D&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1702279196826&lmt=1702279196&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fibb.co%2FtJ9p6N9&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=236185427.1702279197&ga_sid=1702279197&ga_hid=1891287649&ga_fc=false&a3p=EhkKCnB1YmNpZC5vcmcYmOH8vcUxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGJjh_L3FMUgAUgIIZBIbCgxpZDUtc3luYy5jb20YmOH8vcUxSABSAghk&dlt=1702279195946&idt=792&prev_scp=vli_adslot%3D111431%26vli_acc%3D152media%26vli_adtype%3Ddisplay%26hb_width%3D336%26hb_height%3D280%26vli_sf%3D1%26vli_slot%3Dvi_22154111431_banner%26pw_tagid%3D111431%26pw_network%3Dtrue%26vli_ad_type%3Dpassback%26pw_pb%3D0.01&cust_params=hb_domain%3Dibb.co&adks=988992857&frm=20 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash fae227b044826546b6a12d5ebb60f711e6406a6eb63f8736b2f8a504d1bfece0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 07:19:57 GMT content-encoding br x-content-type-options nosniff observe-browsing-topics ?1 google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 16923 x-xss-protection 0 google-lineitem-id 5877303303 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id 138377370621 content-type text/plain; charset=UTF-8 access-control-allow-origin https://ibb.co cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	cc.jpeg px.vliplatform.com/bi-v4/	0 265 B	144ms 144ms	Image image/jpeg	2606:4700:3037::ac43:9e3b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNBAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNTAaYrtUw-rtPU-PtMP-aMeK-ByKqZZyttrqeRdzNwqfftkRwlNqrb_TZYdtroqRkjmNBYAbPMA,BBUbYMA,BAAbYZARrdzNuggustRwkjNTRmNTTTPBTRleNplR_yszuNyqsltRedhNgyy Requested by Host: ibb.co URL: https://ibb.co/tJ9p6N9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 07:19:56 GMT cf-cache-status MISS last-modified Mon, 11 Dec 2023 07:19:56 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZoTXCDEg0JO7EM1kQVddShkPDaeiS1u4CTr4ttoUzi%2Fn3yDcWCQV8P9MTKEOZYJAcIaExxkSI3t6fanG3JfeugtsZhj792xAkjXcv1u8al2mEtOnrEd2oeuVivQMyWEy2Vlxn6zUMWkOTqSvIrIaqw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=864000, immutable accept-ranges bytes x-robots-tag noindex, nofollow, noarchive, nosnippet cf-ray 833bf6543baf90ec-FRA content-length 0 alt-svc h3=":443"; ma=86400
GET H2	200	container.html Show response 6888d1a91e14a24d6e5242b87950b4db.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4AB5	6 KB 3 KB	129ms 56ms	Document text/html	2a00:1450:4001:82f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://6888d1a91e14a24d6e5242b87950b4db.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ibb.co/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Mon, 11 Dec 2023 07:19:56 GMT expires Tue, 10 Dec 2024 07:19:56 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	pubads_impl_page_level_ads.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/	39 KB 14 KB	18ms 18ms	Script text/javascript	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl_page_level_ads.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 8bbaf7f99000c8db41dc83a3391f120b31bb8fc88dd9bdb5ce4050f59c56eda8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sun, 10 Dec 2023 23:43:34 GMT content-encoding br x-content-type-options nosniff age 27382 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13834 x-xss-protection 0 server cafe etag 17155732702192029938 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 timing-allow-origin * expires Mon, 09 Dec 2024 23:43:34 GMT
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	29 KB 13 KB	333ms 332ms	Fetch text/plain	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3130015337572809&correlator=3651972391547196&eid=31077976%2C31080080%2C95320408%2C31079239%2C44807747&output=ldjh&gdfp_req=1&vrg=202312040101&ptt=17&impl=fifs&iu_parts=21724377464%3A22155214454%2Cibb.co_vli94532&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=2&sfv=1-0-40&fsfs=1&ifs=%5B%5B%5B2%2C1%5D%5D%5D&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1702279196840&lmt=1702279196&adxs=985&adys=265&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fibb.co%2FtJ9p6N9&vis=1&psz=300x-1&msz=300x-1&fws=0&ohw=0&ga_vid=236185427.1702279197&ga_sid=1702279197&ga_hid=1891287649&ga_fc=false&a3p=EhkKCnB1YmNpZC5vcmcYmOH8vcUxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGJjh_L3FMUgAUgIIZBIbCgxpZDUtc3luYy5jb20YmOH8vcUxSABSAghk&dlt=1702279195946&idt=792&prev_scp=vli_adslot%3D94532%26vli_acc%3D152media%26vli_adtype%3Ddisplay%26hb_width%3D300%26hb_height%3D250%26pw_tagid%3D94532%26vli_sf%3D1%26pw_network%3Dtrue%26vli_ad_type%3Dpassback%26pw_pb%3D0.01&cust_params=hb_domain%3Dibb.co&adks=902507607&frm=20 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 1ba7d10f27d95b3d99b3478b0664b557733673667a08031c5a240ce289411976 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 07:19:57 GMT content-encoding br x-content-type-options nosniff observe-browsing-topics ?1 google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12879 x-xss-protection 0 google-lineitem-id 5877303303 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id 138377370636 content-type text/plain; charset=UTF-8 access-control-allow-origin https://ibb.co cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	cc.jpeg px.vliplatform.com/bi-v4/	0 269 B	141ms 140ms	Image image/jpeg	2606:4700:3037::ac43:9e3b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNBAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNZMTeTwBy-UAAZ-PUMY-MrPU-KTrAaKraqeyURdzNwqfftkRwlNqrb_TZYdtroqRkjmNBAAbYZARrdzNuggustRwkjNTRmNaPZBYRleNplR_yszuNyqsltRedhNgyy Requested by Host: ibb.co URL: https://ibb.co/tJ9p6N9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 07:19:56 GMT cf-cache-status MISS last-modified Mon, 11 Dec 2023 07:19:56 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K8KLGwnKBHytsquYLLF35Jq95m8%2FkR88%2FYZTH76Op7C1R4uIuT18TE7a6rtmjcP4rR2zoELRWY1ErLi7HhCta1FfXqM%2BtzhtN8W560YRDSAfxTVSG6gIDaqCMGFGmD8cWuw7oaZjJYPDKoVpAlkvQQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=864000, immutable accept-ranges bytes x-robots-tag noindex, nofollow, noarchive, nosnippet cf-ray 833bf6545bb990ec-FRA content-length 0 alt-svc h3=":443"; ma=86400
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	156 KB 44 KB	799ms 799ms	Fetch text/plain	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3130015337572809&correlator=4012447071894729&eid=31077976%2C31080080%2C95320408%2C31079239%2C44807747&output=ldjh&gdfp_req=1&vrg=202312040101&ptt=17&impl=fifs&iu_parts=21724377464%3A22155214454%2Cibb.co_vli111430&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90&ifi=3&sfv=1-0-40&fsfs=1&ifs=%5B%5B%5B2%2C1%5D%5D%5D&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1702279196899&lmt=1702279196&adxs=436&adys=1226&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fibb.co%2FtJ9p6N9&vis=1&psz=1600x-1&msz=728x-1&fws=512&ohw=0&ga_vid=236185427.1702279197&ga_sid=1702279197&ga_hid=1891287649&ga_fc=false&a3p=EhkKCnB1YmNpZC5vcmcY0uH8vcUxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGJjh_L3FMUgAUgIIZBIbCgxpZDUtc3luYy5jb20YmOH8vcUxSABSAghk&dlt=1702279195946&idt=792&prev_scp=vli_adslot%3D111430%26vli_acc%3D152media%26vli_adtype%3Ddisplay%26hb_width%3D970%26hb_height%3D90%26pw_tagid%3D111430%26vli_sf%3D1%26pw_network%3Dtrue%26vli_ad_type%3Dpassback%26pw_pb%3D0.01&cust_params=hb_domain%3Dibb.co&adks=3672933460&frm=20 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3a821d29f784713733cddc87b992f1e3a0ccb33b2b3ba534f2fcaa17b9de3fc1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 07:19:57 GMT content-encoding br x-content-type-options nosniff observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 45405 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://ibb.co cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	cc.jpeg px.vliplatform.com/bi-v4/	0 316 B	144ms 144ms	Image image/jpeg	2606:4700:3037::ac43:9e3b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNBAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNetYeUUyT-TMZt-PwZM-wUYe-wZKAUYtUMtyeRdzNwqfftkRwlNqrb_TZYdtroqRkjmNKYMbaA,aKAbaARrdzNuggustRwkjNTRmNTTTPBARleNplR_yszuNyqsltRedhNgyy Requested by Host: ibb.co URL: https://ibb.co/tJ9p6N9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 07:19:57 GMT cf-cache-status MISS last-modified Mon, 11 Dec 2023 07:19:57 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BWflBWzQCA9u716d3iWmPpwDoBxf5BL91P8YoJz%2FsSnZW3uEtyR1PLMgRmmxO7twfgzJWxQzvhuDhol%2BCZ2Up5dstM3EcP9Gi%2FmE1eEdE9aFIjgulKIlphS8hV3%2BfqJG1foKYN4XP2vBKfYVHocw2g%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=864000, immutable accept-ranges bytes x-robots-tag noindex, nofollow, noarchive, nosnippet cf-ray 833bf654abf990ec-FRA content-length 0 alt-svc h3=":443"; ma=86400
GET H2	204	increment Show response id5-sync.com/api/esp/	0 222 B	70ms 21ms	XHR text/plain	162.19.138.118 OVH
General Check archive.org Show headers Download Go to Full URL https://id5-sync.com/api/esp/increment?counter=no-config Requested by Host: cdn.id5-sync.com URL: https://cdn.id5-sync.com/api/1.0/esp.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR), Reverse DNS ns31533569.ip-162-19-138.eu Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Referer https://ibb.co/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://ibb.co date Mon, 11 Dec 2023 07:19:56 GMT strict-transport-security max-age=63072000; includeSubDomains; preload access-control-allow-credentials true vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
GET H2	200	syncframe Show response gum.criteo.com/ Frame EC15	15 KB 6 KB	338ms 40ms	Document text/html	2a02:2638:3::c ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=ibb.co Requested by Host: static.criteo.net URL: https://static.criteo.net/js/ld/publishertag.ids.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 4563823fd629a48517c7feb8bf33640e12440e08bdde7a172ce477c2ddfc9c4d Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://ibb.co/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control private, max-age=3600 content-encoding gzip content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Mon, 11 Dec 2023 07:19:56 GMT server Kestrel server-processing-duration-in-ticks 305073 strict-transport-security max-age=31536000; preload; vary Accept-Encoding x-robots-tag noindex
GET		container.html 6888d1a91e14a24d6e5242b87950b4db.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 463F	0 0
GET		container.html 6888d1a91e14a24d6e5242b87950b4db.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D5C6	0 0
GET H2	200	adtag.js Show response dsp.vlitag.com/js/v1/ Frame 2F72	102 KB 26 KB	40ms 30ms	Script application/javascript	2606:4700:10::ac43:15e3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dsp.vlitag.com/js/v1/adtag.js Requested by Host: services.vlitag.com URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e00cb88738adfce7ad329a09432c6bb494decc964b1b1c311c34d2f180e56b65 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 07:19:57 GMT content-encoding br cf-cache-status HIT cf-bgj minify server cloudflare age 247 cf-polished origSize=104022 etag W/"2023-11-17T05:03:23" vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control public, max-age=300, stale-while-revalidate=3600 x-robots-tag noindex, nofollow, noarchive, nosnippet cf-ray 833bf6569a9fbb8f-FRA alt-svc h3=":443"; ma=86400
GET H2	200	bidding Show response adsystem.pocpoc.io/adv/v1/ Frame 2F72	2 B 585 B	199ms 146ms	XHR application/json	2606:4700:20::681a:ea7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://adsystem.pocpoc.io/adv/v1/bidding?dv=desktop&dm=ibb.co&tid=VLI1-94532&sz=1&asz=300x250&at=native,banner Requested by Host: dsp.vlitag.com URL: https://dsp.vlitag.com/js/v1/adtag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:ea7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 07:19:57 GMT cf-cache-status BYPASS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 content-length 2 pragma no-cache server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bbqIB70YYa%2BEgpUiRPaS3lUglcWQitv2Mk5j1zSY1VI4FHfe%2BoRPRQGJVTq1z4HYd1z2Tx2kQu1aOu55O3Wo0JHkLnzw0BAD3aeccDJYJlhfUk3%2Fba2XM4Esg6bq5xYmCUnm1G5hrQv6ctsWlsbarg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 access-control-allow-origin https://ibb.co cache-control no-cache, no-store, must-revalidate accept-ranges bytes x-robots-tag noindex, nofollow, noarchive, nosnippet cf-ray 833bf6573e675d46-FRA expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	tfa.jpeg px.pocpoc.io/v1/ Frame 2F72	0 517 B	192ms 143ms	Image image/jpeg	2606:4700:20::ac43:4b40 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://px.pocpoc.io/v1/tfa.jpeg?e=rtNrtl0zghRzdNYUtBaaKa-rarP-PYTB-aYeT-BYtAyyBZPAKeRrdNowwGegRzorNcsoT-aPZBYRleNpl Requested by Host: ibb.co URL: https://ibb.co/tJ9p6N9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4b40 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 07:19:57 GMT cf-cache-status MISS last-modified Mon, 11 Dec 2023 07:19:57 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i1h0iLY9Wvp9sZDzEii1r5h7IqTPuXQTFxpifoloXn4kbAM0sRtT77hHKF%2F%2BpTRKO8MtE7ZxleDOAVoN3MQXOWBentMwDAjkzWeeuC3d1sgkw%2BryiueuwtWGc7v7Q3wTN3jrvWzxtfVZvw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, immutable, max-age=864000 accept-ranges bytes x-robots-tag noindex, nofollow, noarchive, nosnippet cf-ray 833bf6572ff918d4-FRA content-length 0 alt-svc h3=":443"; ma=86400
GET H2	200	sid Show response mug.criteo.com/ Frame EC15 Redirect Chain https://gum.criteo.com/sid/json?origin=publishertagids&domain=ibb.co&sn=ChromeSyncframe&so=0&topUrl=ibb.co&cw=1&lsw=1&topicsavail=0&fledgeavail=0 https://mug.criteo.com/sid?cpp=1VWaonxHeGpXVSttREhWblI0K0h5VzE4NXF4U3lvaHdjUEU2aVNaSWRrS2orckprUTdGMDdVbzFXNFFRWE02djU0STM0dEkwdXdzclVOOVlnZnRIOUF6dnhnbEZFYWk2MS92N3NzSUd2d3JrRmp1VzFZZmVyM3pHNmNuRn...	438 B 659 B	37ms 37ms	Fetch application/json	2a02:2638:3::c ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://mug.criteo.com/sid?cpp=1VWaonxHeGpXVSttREhWblI0K0h5VzE4NXF4U3lvaHdjUEU2aVNaSWRrS2orckprUTdGMDdVbzFXNFFRWE02djU0STM0dEkwdXdzclVOOVlnZnRIOUF6dnhnbEZFYWk2MS92N3NzSUd2d3JrRmp1VzFZZmVyM3pHNmNuRnpLMGRZUUR2R3JBN1ZrUWY2eXZRWjRGSVNtdmxvMWhzOWxjQkdnVTJsTHZ0RE1waUxaSWtoN3lNM3BuN0lnM2wzWndwRUk1My9jMUROWENEdmJpMkhTeFBRUk5xWmVLbytHVTdFSkE5K2FHRWZ0SVFwR1NCeCtMS25RWFVqTFJlSDB5TXA2TG5FL2haRmdXNE94TjNOUk1RNzNyMHQ2Zz09fA&cppv=2 Requested by Host: ibb.co URL: https://ibb.co/tJ9p6N9 Protocol H2 Server 2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 4b8bbb4d71b79e34eb196442ee2d182b93848078d68c6fc77443a4b6b7857f12 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://gum.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Mon, 11 Dec 2023 07:19:57 GMT strict-transport-security max-age=31536000; preload; content-encoding gzip server Kestrel vary Accept-Encoding access-control-allow-methods GET content-type application/json; charset=utf-8 access-control-allow-origin https://gum.criteo.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 1386236 expires 0 Redirect headers pragma no-cache date Mon, 11 Dec 2023 07:19:56 GMT strict-transport-security max-age=31536000; preload; server Kestrel location https://mug.criteo.com/sid?cpp=1VWaonxHeGpXVSttREhWblI0K0h5VzE4NXF4U3lvaHdjUEU2aVNaSWRrS2orckprUTdGMDdVbzFXNFFRWE02djU0STM0dEkwdXdzclVOOVlnZnRIOUF6dnhnbEZFYWk2MS92N3NzSUd2d3JrRmp1VzFZZmVyM3pHNmNuRnpLMGRZUUR2R3JBN1ZrUWY2eXZRWjRGSVNtdmxvMWhzOWxjQkdnVTJsTHZ0RE1waUxaSWtoN3lNM3BuN0lnM2wzWndwRUk1My9jMUROWENEdmJpMkhTeFBRUk5xWmVLbytHVTdFSkE5K2FHRWZ0SVFwR1NCeCtMS25RWFVqTFJlSDB5TXA2TG5FL2haRmdXNE94TjNOUk1RNzNyMHQ2Zz09fA&cppv=2 cache-control no-cache, no-store, must-revalidate server-processing-duration-in-ticks 208701 content-length 0 expires 0
GET H2	200	creative.min.js Show response static.vliplatform.com/plugins/pbnative/ Frame 2F72	36 KB 9 KB	38ms 29ms	Script application/javascript	2606:4700:3037::ac43:9e3b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.vliplatform.com/plugins/pbnative/creative.min.js?v=1.06 Requested by Host: dsp.vlitag.com URL: https://dsp.vlitag.com/js/v1/adtag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8f1b8610e956324918230ac2715a40b0b09f6668dda455871f11924a15a53fa9 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 07:19:57 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 954235 alt-svc h3=":443"; ma=86400 last-modified Fri, 17 Nov 2023 09:53:08 GMT server cloudflare etag W/"65573804-8ec5" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kU%2FKPPXVjYw%2FP%2B1GDKSUyR%2FrBs4BmoyJEUUHCxg5muq6h0qT0C2BDFAtVk0OsHHr41e1jW4boo2ORAKO8d5n4EkBpT51AluLKrRCGpAgcFmssPRgURlCZpx2RYJEVKats1eKFsfFTvTipmBAzxiCS8FXECM%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=31536000 cf-ray 833bf6583e0490ec-FRA expires Thu, 30 Nov 2023 06:46:02 GMT
GET H2	200	platforms Show response odb.outbrain.com/utils/ Frame 2F72	4 KB 3 KB	369ms 297ms	XHR application/json	146.75.122.132 FASTLY
General Check archive.org Show headers Download Go to Full URL https://odb.outbrain.com/utils/platforms?contentUrl=https%3A%2F%2Fibb.co%2FtJ9p6N9&widgetJSId=APP_1&key=INTER1JBG3BD8Q2B763PIB4G3&idx=0&format=vjnc&cors=true&extid=vli-94532 Requested by Host: static.vliplatform.com URL: https://static.vliplatform.com/plugins/pbnative/creative.min.js?v=1.06 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 146.75.122.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 851c4d7a360640962a55a55a956c9f7b21fa90ba4983f2f5e39d532e1136a257 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers x-cache-hits 0, 0 date Mon, 11 Dec 2023 07:19:57 GMT content-encoding br via 1.1 varnish, 1.1 varnish traffic-path NYDC1, LGA, FRA, Europe1 x-cache MISS, MISS x-traceid 3eeef30653ce7d418ad09382b456aa8c content-length 2565 x-served-by cache-lga21967-LGA, cache-fra-etou8220113-FRA x-timer S1702279198.587387,VS0,VE267 vary Accept-Encoding, User-Agent content-type application/json; charset=UTF-8 access-control-allow-origin https://ibb.co access-control-allow-credentials true accept-ranges bytes expires Thu, 01 Jan 1970 00:00:00 GMT
GET H3	200	container.html Show response 6888d1a91e14a24d6e5242b87950b4db.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D7E2	6 KB 3 KB	21ms 20ms	Document text/html	2a00:1450:4001:82f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://6888d1a91e14a24d6e5242b87950b4db.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ibb.co/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 1 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Mon, 11 Dec 2023 07:19:56 GMT expires Tue, 10 Dec 2024 07:19:56 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	cc.jpeg px.vliplatform.com/imp-v4/	0 532 B	223ms 223ms	Image image/jpeg	2606:4700:3037::ac43:9e3b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://px.vliplatform.com/imp-v4/cc.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNBAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNeYeZqYAZ-rttT-PMTY-MyqU-PwwtBqZrwZBrRqxeNRwNqrb_TZYdtroqRhNARlmNxfrtyoftrbxfrtyoftrRdzNwqfftkRrdzNuggustRwkhNzkxtRmNTTTPBARleNplR_yszuNyqsltRedhNgyy Requested by Host: ibb.co URL: https://ibb.co/tJ9p6N9 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 07:19:57 GMT cf-cache-status MISS last-modified Mon, 11 Dec 2023 07:19:57 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rTVbkTLZsJmg5R%2FqU9Q9p9TVziVYrxm6Q8z2m7eno3S1f9iGVj9gO7%2FlrJA4caUznBbgU4hQ1TQxEAPaGKlcAWnzsTeyKp4p747PBeclMN2UGttTvEvnOa85VyGMmVnmcQoywQyWLHy2%2FeJYc7Fjmg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=864000, immutable accept-ranges bytes x-robots-tag noindex, nofollow, noarchive, nosnippet cf-ray 833bf65a4e6b15c8-SJC content-length 0 alt-svc h3=":443"; ma=86400
GET H2	200	css fonts.googleapis.com/ Frame D7E2	4 KB 728 B	29ms 29ms	Stylesheet text/css	2a00:1450:4001:831::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500 Requested by Host: 6888d1a91e14a24d6e5242b87950b4db.safeframe.googlesyndication.com URL: https://6888d1a91e14a24d6e5242b87950b4db.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 4681d619f677c1b314814309a6f00a5e0ec3f12968e807ee71def1cf42bd7808 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://6888d1a91e14a24d6e5242b87950b4db.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Mon, 11 Dec 2023 07:19:57 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Mon, 11 Dec 2023 07:18:46 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 11 Dec 2023 07:19:57 GMT
GET H2	200	load_preloaded_resource_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame D7E2	2 KB 903 B	68ms 23ms	Script text/javascript	2a00:1450:4001:803::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/load_preloaded_resource_fy2021.js Requested by Host: 6888d1a91e14a24d6e5242b87950b4db.safeframe.googlesyndication.com URL: https://6888d1a91e14a24d6e5242b87950b4db.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://6888d1a91e14a24d6e5242b87950b4db.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sun, 10 Dec 2023 19:43:32 GMT content-encoding br x-content-type-options nosniff age 41785 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 795 x-xss-protection 0 server cafe etag 4925184154378345226 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 24 Dec 2023 19:43:32 GMT
GET H2	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame D7E2	24 KB 9 KB	67ms 23ms	Script text/javascript	2a00:1450:4001:803::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js Requested by Host: 6888d1a91e14a24d6e5242b87950b4db.safeframe.googlesyndication.com URL: https://6888d1a91e14a24d6e5242b87950b4db.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://6888d1a91e14a24d6e5242b87950b4db.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sun, 10 Dec 2023 20:42:23 GMT content-encoding br x-content-type-options nosniff age 38254 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9318 x-xss-protection 0 server cafe etag 3562968281324141506 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 24 Dec 2023 20:42:23 GMT
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame D7E2	3 KB 1 KB	66ms 22ms	Script text/javascript	2a00:1450:4001:803::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js Requested by Host: 6888d1a91e14a24d6e5242b87950b4db.safeframe.googlesyndication.com URL: https://6888d1a91e14a24d6e5242b87950b4db.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://6888d1a91e14a24d6e5242b87950b4db.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sun, 10 Dec 2023 09:21:43 GMT content-encoding br x-content-type-options nosniff age 79094 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 24 Dec 2023 09:21:43 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame D7E2	20 KB 9 KB	63ms 19ms	Script text/javascript	2a00:1450:4001:803::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js Requested by Host: 6888d1a91e14a24d6e5242b87950b4db.safeframe.googlesyndication.com URL: https://6888d1a91e14a24d6e5242b87950b4db.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://6888d1a91e14a24d6e5242b87950b4db.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sun, 10 Dec 2023 23:43:40 GMT content-encoding br x-content-type-options nosniff age 27377 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8581 x-xss-protection 0 server cafe etag 5638635208567908330 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 24 Dec 2023 23:43:40 GMT
GET H2	200	ufs_web_display.js Show response www.googletagservices.com/activeview/js/current/ Frame D7E2	202 KB 64 KB	122ms 79ms	Script text/javascript	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Requested by Host: 6888d1a91e14a24d6e5242b87950b4db.safeframe.googlesyndication.com URL: https://6888d1a91e14a24d6e5242b87950b4db.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://6888d1a91e14a24d6e5242b87950b4db.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 07:19:57 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 65145 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1701866768669483" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Mon, 11 Dec 2023 07:19:57 GMT
GET H2	200	f9d9b65dbd646119ce96bad0f484d579.js Show response www.gstatic.com/mysidia/ Frame D7E2	37 KB 16 KB	66ms 20ms	Script text/javascript	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: 6888d1a91e14a24d6e5242b87950b4db.safeframe.googlesyndication.com URL: https://6888d1a91e14a24d6e5242b87950b4db.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://6888d1a91e14a24d6e5242b87950b4db.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sat, 09 Dec 2023 20:42:23 GMT content-encoding gzip x-content-type-options nosniff age 124654 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15460 x-xss-protection 0 last-modified Thu, 07 Dec 2023 22:13:01 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Fri, 08 Mar 2024 20:42:23 GMT
GET H2	200	shopping encrypted-tbn2.gstatic.com/ Frame D7E2	16 KB 16 KB	70ms 26ms	Image image/jpeg	2a00:1450:4001:827::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQuEVG_HjYTMjdUS2psPHCy8vmvJrlf-ihPC4tguCzdPUZH86k3XoDiNT5pPA&usqp=CAI Requested by Host: 6888d1a91e14a24d6e5242b87950b4db.safeframe.googlesyndication.com URL: https://6888d1a91e14a24d6e5242b87950b4db.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f34b55b0be7a5111fb8c3d796db990e4d58380266933877f02462626e9a997de Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://6888d1a91e14a24d6e5242b87950b4db.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sun, 10 Dec 2023 23:47:43 GMT x-content-type-options nosniff age 27134 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 16383 x-xss-protection 0 last-modified Wed, 03 Jan 2024 02:04:56 GMT server sffe report-to {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]} content-type image/jpeg cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="images-tbn" expires Mon, 09 Dec 2024 23:47:43 GMT
GET H2	200	shopping encrypted-tbn1.gstatic.com/ Frame D7E2	15 KB 15 KB	69ms 20ms	Image image/jpeg	2a00:1450:4001:800::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQBosDkPZ4p5BDmbvryxQDdvys8qjFibt2kvTB8285A4hq35LnICnkLH1UrNw&usqp=CAI Requested by Host: 6888d1a91e14a24d6e5242b87950b4db.safeframe.googlesyndication.com URL: https://6888d1a91e14a24d6e5242b87950b4db.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 792c45522c9f8bd4e4b3dd28f8531dbf65662f70b1585b857a6671b4189fce06 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://6888d1a91e14a24d6e5242b87950b4db.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sat, 09 Dec 2023 14:49:06 GMT x-content-type-options nosniff age 145851 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15304 x-xss-protection 0 last-modified Fri, 05 Jan 2024 08:37:30 GMT server sffe report-to {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]} content-type image/jpeg cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="images-tbn" expires Sun, 08 Dec 2024 14:49:06 GMT
GET H2	200	shopping encrypted-tbn0.gstatic.com/ Frame D7E2	18 KB 18 KB	67ms 20ms	Image image/jpeg	2a00:1450:4001:830::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcRVYoIJgPEU56OLPmb3vpJFV5Y-suzLsrrjjxGr72mvIcb2ly61dROnKSn9QGQ&usqp=CAI Requested by Host: 6888d1a91e14a24d6e5242b87950b4db.safeframe.googlesyndication.com URL: https://6888d1a91e14a24d6e5242b87950b4db.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 53a7bb3e5dd1f0de6f1dde1491e25499086c1fc58e0f6e37de011c61d32099a2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://6888d1a91e14a24d6e5242b87950b4db.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sat, 09 Dec 2023 11:18:05 GMT x-content-type-options nosniff age 158512 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 17926 x-xss-protection 0 last-modified Mon, 31 Jul 2023 04:09:28 GMT server sffe report-to {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]} content-type image/jpeg cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="images-tbn" expires Sun, 08 Dec 2024 11:18:05 GMT
GET H2	200	shopping encrypted-tbn3.gstatic.com/ Frame D7E2	14 KB 14 KB	98ms 38ms	Image image/jpeg	2a00:1450:4001:82f::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQVjH5LIRXKgDAqEtGGUCoUIU0XZLNz7W9Aea12vdHu0s_SsJ_h3Z5u80_NUKc&usqp=CAI Requested by Host: 6888d1a91e14a24d6e5242b87950b4db.safeframe.googlesyndication.com URL: https://6888d1a91e14a24d6e5242b87950b4db.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b6191750405e05bca87e1834edac86e604657dab290e8f40acf86bdf50247404 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://6888d1a91e14a24d6e5242b87950b4db.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 21:14:05 GMT x-content-type-options nosniff age 209152 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14488 x-xss-protection 0 last-modified Tue, 06 Feb 2024 03:54:05 GMT server sffe report-to {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]} content-type image/jpeg cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="images-tbn" expires Sat, 07 Dec 2024 21:14:05 GMT
GET H2	200	shopping encrypted-tbn0.gstatic.com/ Frame D7E2	23 KB 23 KB	73ms 27ms	Image image/jpeg	2a00:1450:4001:830::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQEZis7xuQ8WpR-tCKvkCbQdUoiqNXukKe8Zvpm2raj9ybBFwTsLnCytILbAg&usqp=CAI Requested by Host: 6888d1a91e14a24d6e5242b87950b4db.safeframe.googlesyndication.com URL: https://6888d1a91e14a24d6e5242b87950b4db.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c55483fa7c2d8e362f3c6455f7abaec8113ea27c52713953feb667124cb341e1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://6888d1a91e14a24d6e5242b87950b4db.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 21:22:25 GMT x-content-type-options nosniff age 208652 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 23769 x-xss-protection 0 last-modified Tue, 02 Jan 2024 05:49:09 GMT server sffe report-to {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]} content-type image/jpeg cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="images-tbn" expires Sat, 07 Dec 2024 21:22:25 GMT
GET H2	200	shopping encrypted-tbn2.gstatic.com/ Frame D7E2	19 KB 20 KB	63ms 19ms	Image image/jpeg	2a00:1450:4001:827::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcTVKVDDZaoN_VSady1kQkvE54ht2CFvv55Wu9Z3IJke-xU_nc9_mTS-mFJe5LM&usqp=CAI Requested by Host: 6888d1a91e14a24d6e5242b87950b4db.safeframe.googlesyndication.com URL: https://6888d1a91e14a24d6e5242b87950b4db.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2d885e778582f9e0e394a0143c567a8e731e301050eab20967d36ad80b9acc2f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://6888d1a91e14a24d6e5242b87950b4db.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sun, 10 Dec 2023 23:43:46 GMT x-content-type-options nosniff age 27371 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 19484 x-xss-protection 0 last-modified Sun, 16 Apr 2023 09:02:07 GMT server sffe report-to {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]} content-type image/jpeg cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="images-tbn" expires Mon, 09 Dec 2024 23:43:46 GMT
GET H2	200	shopping encrypted-tbn3.gstatic.com/ Frame D7E2	24 KB 24 KB	79ms 20ms	Image image/jpeg	2a00:1450:4001:82f::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcRPRarhLROnAUeNj8-1eCHzlicKh62BGwB3bUzxwinzOREcMEIHGz9wVMcdwqA&usqp=CAI Requested by Host: 6888d1a91e14a24d6e5242b87950b4db.safeframe.googlesyndication.com URL: https://6888d1a91e14a24d6e5242b87950b4db.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8e0cb4d89da27a9a16231484ddc34ea0758828f5a5452a3721b3a7ac12548f6b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://6888d1a91e14a24d6e5242b87950b4db.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sat, 09 Dec 2023 05:24:35 GMT x-content-type-options nosniff age 179722 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 24519 x-xss-protection 0 last-modified Fri, 16 Dec 2022 17:02:01 GMT server sffe report-to {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]} content-type image/jpeg cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="images-tbn" expires Sun, 08 Dec 2024 05:24:35 GMT
GET H2	200	149948325527134548 tpc.googlesyndication.com/simgad/ Frame D7E2 Redirect Chain https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDrk57T4QEQ4QEY4QEyCOqNrdsqEJ6G https://tpc.googlesyndication.com/simgad/149948325527134548	30 KB 30 KB	19ms 19ms	Image image/png	2a00:1450:4001:803::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/149948325527134548 Requested by Host: 6888d1a91e14a24d6e5242b87950b4db.safeframe.googlesyndication.com URL: https://6888d1a91e14a24d6e5242b87950b4db.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Server 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d13e591fad5d260884e97a194be69a72eac53978157b95a3f3238a7de511af92 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://6888d1a91e14a24d6e5242b87950b4db.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sun, 10 Dec 2023 23:43:37 GMT x-content-type-options nosniff age 27380 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 30553 x-xss-protection 0 last-modified Wed, 06 Jun 2018 16:00:34 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Mon, 09 Dec 2024 23:43:37 GMT Redirect headers date Mon, 11 Dec 2023 03:14:08 GMT x-content-type-options nosniff server cafe age 14749 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" location https://tpc.googlesyndication.com/simgad/149948325527134548 content-type text/html; charset=UTF-8 cache-control public, max-age=2592000 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Wed, 10 Jan 2024 03:14:08 GMT
GET DATA	200 OK	truncated / Frame D7E2	211 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash cc3a1c555eb3de68361cdc9d9f54555dbac96c831645ca48eb8d69a627210f84 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Content-Type image/png
GET H2	200	ob_logo_16x16.svg widgets.outbrain.com/images/widgetIcons/ Frame 3D95	4 KB 4 KB	111ms 35ms	Image image/svg+xml	23.43.61.58 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://widgets.outbrain.com/images/widgetIcons/ob_logo_16x16.svg Requested by Host: ibb.co URL: https://ibb.co/tJ9p6N9 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.43.61.58 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-43-61-58.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash 9764f6ea10d17a29553a666699d2a12bbbf6805ec29f539084c051285d86c516 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers expires Wed, 10 Jan 2024 07:19:57 GMT date Mon, 11 Dec 2023 07:19:57 GMT last-modified Tue, 05 Dec 2023 07:28:21 GMT server AkamaiNetStorage etag "1415406c6886077dae89bf474cd6c146:1701762093.651712" access-control-allow-methods GET,POST content-type image/svg+xml access-control-allow-origin * cache-control max-age=2592000 access-control-allow-credentials false accept-ranges bytes timing-allow-origin *, * content-length 4128 access-control-request-headers X-OB-STG,X-OB-PRD
GET H2	200	achoice.svg widgets.outbrain.com/images/widgetIcons/ Frame 3D95	990 B 1 KB	110ms 34ms	Image image/svg+xml	23.43.61.58 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://widgets.outbrain.com/images/widgetIcons/achoice.svg Requested by Host: ibb.co URL: https://ibb.co/tJ9p6N9 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.43.61.58 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-43-61-58.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash 9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers expires Wed, 10 Jan 2024 07:19:57 GMT date Mon, 11 Dec 2023 07:19:57 GMT last-modified Tue, 05 Dec 2023 07:28:21 GMT server AkamaiNetStorage etag "5ab8e16b5f46213840bcd403e349419c:1701762077.100249" access-control-allow-methods GET,POST content-type image/svg+xml access-control-allow-origin * cache-control max-age=2592000 access-control-allow-credentials false accept-ranges bytes timing-allow-origin *, * content-length 990 access-control-request-headers X-OB-STG,X-OB-PRD
GET H2	200	eyJpdSI6IjU1NjVlNDI0NGMyNmVmMmFjNzIwOTI5YWJkMzRhNmZmZjIyNzc3ODUwNDMyOTg1Mjk5YjZmNjNhOTRjZGJmOGMiLCJ3IjozMjAsImgiOjE4MCwiZCI6MS41LCJjaCI6LTExMTYyNzc4ODgsImNzIjowLCJmIjo0fQ.webp images.outbrainimg.com/transform/v3/ Frame 3D95	8 KB 8 KB	135ms 40ms	Image image/webp	2.19.100.22 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://images.outbrainimg.com/transform/v3/eyJpdSI6IjU1NjVlNDI0NGMyNmVmMmFjNzIwOTI5YWJkMzRhNmZmZjIyNzc3ODUwNDMyOTg1Mjk5YjZmNjNhOTRjZGJmOGMiLCJ3IjozMjAsImgiOjE4MCwiZCI6MS41LCJjaCI6LTExMTYyNzc4ODgsImNzIjowLCJmIjo0fQ.webp Requested by Host: ibb.co URL: https://ibb.co/tJ9p6N9 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.19.100.22 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-19-100-22.deploy.static.akamaitechnologies.com Software / Resource Hash 6fc38c01157457d806486235962b6f19d028652e6f409a55ea1baa56a9c8818b Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 07:19:57 GMT last-modified Fri, 17 Nov 2023 11:12:13 GMT access-control-allow-methods GET,POST content-type image/webp access-control-allow-origin * cache-control max-age=402739 access-control-allow-credentials false x-traceid 8ad113c6bbff6bad37d4f7eccbe5ad0c timing-allow-origin *, * content-length 8008
GET H/1.1	200 OK	l mcdp-nydc1.outbrain.com/ Frame 2F72	2 B 278 B	458ms 111ms	Image text/plain	64.202.112.127 SERVERCENTRAL
General Check archive.org Show headers Download Go to Show image Full URL https://mcdp-nydc1.outbrain.com/l?token=9e231c1cba84b6f19188d309abdfcf12_198067_1702279197806 Requested by Host: ibb.co URL: https://ibb.co/tJ9p6N9 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 64.202.112.127 , United States, ASN23352 (SERVERCENTRAL, US), Reverse DNS ny.outbrain.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Date Mon, 11 Dec 2023 07:19:58 GMT content-encoding br X-TraceId d56868f8cd9b203509446d5d1cdc129e Content-Length 6 Vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers Content-Type text/plain; charset=UTF-8
GET H/1.1	200 OK	log-viewability log.outbrainimg.com/loggerServices/ Frame 2F72	4 B 325 B	432ms 107ms	Image application/json	64.202.112.127 SERVERCENTRAL
General Check archive.org Show headers Download Go to Show image Full URL https://log.outbrainimg.com/loggerServices/log-viewability?requestId=9e231c1cba84b6f19188d309abdfcf12&position=0 Requested by Host: ibb.co URL: https://ibb.co/tJ9p6N9 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 64.202.112.127 , United States, ASN23352 (SERVERCENTRAL, US), Reverse DNS ny.outbrain.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Pragma no-cache Date Mon, 11 Dec 2023 07:19:58 GMT Access-Control-Allow-Methods GET,POST Content-Type application/json; charset=UTF-8 Access-Control-Allow-Origin * Cache-Control no-cache, no-store, must-revalidate X-TraceId c401eefc08ff19007bb84e61cd5eb1be Content-Length 4 Expires 0
GET H2	200	ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2 fonts.gstatic.com/s/googlesansdisplay/v21/ Frame D7E2	21 KB 21 KB	18ms 18ms	Font font/woff2	2a00:1450:4001:82a::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://6888d1a91e14a24d6e5242b87950b4db.safeframe.googlesyndication.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 17:44:05 GMT x-content-type-options nosniff age 221752 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 21428 x-xss-protection 0 last-modified Tue, 19 Apr 2022 19:32:46 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 07 Dec 2024 17:44:05 GMT
OPTIONS H3	204	adview securepubads.g.doubleclick.net/pagead/ Frame	0 0	96ms 55ms	Preflight text/html	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=C9d8jHLh2ZayjOcG89u8Pj96qiAXzmf-LdOfn0drmEcHfr7_0PhABIJ3CrWlglQKgAZapgf8CyAEJqQJiLYh_9w6yPuACAKgDAcgDywSqBO0BT9CWhpdfCVcNEC-E4JsIgVG_SEoxdtCsvNlamQLVG8wQD4Zw6NFaSdDrlXKicWIaFPw42C7x_T5ou7DFfOjBFRiHvYXSWMtEaCe1wO2n-NRDxeFY6spAUsj3s1OH3nALl5lqRkDRGuuI3jA_cquA-df62-UVD7bT-EC-2zQ6t08IfO5sxEHNqzKky-a_l6zcLwc0YOpaeit0Qd-N8KpEf4N0oqNoMUtYYWOZlWKS7-6oQGGNyco1E9-d_zWQ-Hm8Q9Jr4-10Dunpgu2HDPnXWZJAvHmfzFoiQRBQmuLQMpNjUB7En-Ny0TlHrG15wATDwYjLtgTgBAGIBfO4zfBLkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB5Cq6n-oB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAemvhvYBwDyBwQQi6kP0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOliR9dyW7IaDA5oJHmh0dHBzOi8vd3d3LnN0b2ZmZS1oZW1tZXJzLmRlL4AKAcgLAaIMHCoaChjktLEC7rWxArW4sQKsurEC5LSxAu61sQLiDRMIgKfdluyGgwMVQZ79Bx0PrwpR2BML0BUBmBYBgBcBshceChwIABIUcHViLTgyNzg0MTY5MzkzNzc4OTYY0q5t&sigh=1h2sQl4hF0M&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgDICaaNVHzLrJ_TzLt9sRAeveQG1VIzQvR2xZPpMvqtn-_kL08Hzb5zdcHa1Y9VV0ekzsIkYWk4HMe3Yk1oiDV7DfA-YxTg_BGa9LZK6BgB&template_id=494&cbvp=2&vis=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers attribution-reporting-eligible Access-Control-Request-Method GET Origin https://6888d1a91e14a24d6e5242b87950b4db.safeframe.googlesyndication.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers attribution-reporting-eligible access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin https://6888d1a91e14a24d6e5242b87950b4db.safeframe.googlesyndication.com alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/html; charset=UTF-8 date Mon, 11 Dec 2023 07:19:58 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	/ www.googleadservices.com/pagead/ar-adview/ Frame D7E2 Redirect Chain https://securepubads.g.doubleclick.net/pagead/adview?ai=C9d8jHLh2ZayjOcG89u8Pj96qiAXzmf-LdOfn0drmEcHfr7_0PhABIJ3CrWlglQKgAZapgf8CyAEJqQJiLYh_9w6yPuACAKgDAcgDywSqBO0BT9CWhpdfCVcNEC-E4JsIgVG_SEoxdtCs... https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210584449529732261482%22,%22debug_reporting%22:true,%22destination%22:%22https://stoffe-hemmers.de%22,%22event_report_windo...	0 0	96ms 55ms	Fetch text/css	142.250.186.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210584449529732261482%22,%22debug_reporting%22:true,%22destination%22:%22https://stoffe-hemmers.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22803230870%22],%224%22:[%2212-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210350410586082257233%22}&andc=true Requested by Host: ibb.co URL: https://ibb.co/tJ9p6N9 Protocol H3 Server 142.250.186.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://6888d1a91e14a24d6e5242b87950b4db.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 07:19:58 GMT x-content-type-options nosniff attribution-reporting-register-source {"debug_key":"10584449529732261482","debug_reporting":true,"destination":"https://stoffe-hemmers.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["803230870"],"4":["12-11"],"6":["true"]},"priority":"500","source_event_id":"10350410586082257233"} server cafe content-type text/css; charset=UTF-8 access-control-allow-origin null p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Mon, 11 Dec 2023 07:19:58 GMT Redirect headers content-security-policy script-src 'none'; object-src 'none' date Mon, 11 Dec 2023 07:19:58 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 location https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"10584449529732261482","debug_reporting":true,"destination":"https://stoffe-hemmers.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["803230870"],"4":["12-11"],"6":["true"]},"priority":"500","source_event_id":"10350410586082257233"}&andc=true access-control-allow-origin https://6888d1a91e14a24d6e5242b87950b4db.safeframe.googlesyndication.com p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H2	200	gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js Show response pagead2.googlesyndication.com/bg/ Frame 6251	50 KB 20 KB	62ms 18ms	Script text/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js Requested by Host: ibb.co URL: https://ibb.co/tJ9p6N9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://6888d1a91e14a24d6e5242b87950b4db.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sun, 10 Dec 2023 23:48:29 GMT content-encoding br x-content-type-options nosniff age 27089 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 19632 x-xss-protection 0 last-modified Tue, 28 Nov 2023 18:18:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Mon, 09 Dec 2024 23:48:29 GMT
OPTIONS H2	204	/ www.googleadservices.com/pagead/ar-adview/ Frame	0 0	104ms 55ms	Preflight text/html	142.250.186.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210584449529732261482%22,%22debug_reporting%22:true,%22destination%22:%22https://stoffe-hemmers.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22803230870%22],%224%22:[%2212-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210350410586082257233%22}&andc=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers attribution-reporting-eligible Access-Control-Request-Method GET Origin null Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers attribution-reporting-eligible access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin null alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/html; charset=UTF-8 date Mon, 11 Dec 2023 07:19:58 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	cc.jpeg px.vliplatform.com/iv-v4/	0 504 B	220ms 220ms	Image image/jpeg	2606:4700:3037::ac43:9e3b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://px.vliplatform.com/iv-v4/cc.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNBAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNoc-eYeZqYAZ-rttT-PMTY-MyqU-PwwtBqZrwZBrRqxeNRwNqrb_TZYdtroqRlmNxfrtyoftrbxfrtyoftrRdzNwqfftkRrdzNuggustRmNTTTPBARleNplR_yszuNyqslt Requested by Host: ibb.co URL: https://ibb.co/tJ9p6N9 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 07:19:59 GMT cf-cache-status MISS last-modified Mon, 11 Dec 2023 07:19:59 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y%2BHaj9ri2MdftOVJtOWfDccThYIjdIqHpZ8D31Jjl5%2FD7Vb2G%2BWsq3%2Fs2MorfuSj%2BTar3MuWTmayPJA5C2883rUAdw3iybxWDAUVordOAVAJX6ZXXlCj%2Fbg6ijLc48D%2FrvHnkjeBoQXY%2BJ38GlZFUQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=864000, immutable accept-ranges bytes x-robots-tag noindex, nofollow, noarchive, nosnippet cf-ray 833bf661af1d15c8-SJC content-length 0 alt-svc h3=":443"; ma=86400
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame D7E2	42 B 64 B	94ms 56ms	Fetch image/gif	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst_9MUSHrksn0gLTHhpuyaCv07V3ybuhIv1aN4nfKLDXhFaUd8vTZ1WNTts6jEItInR51hhKQmpx2MvEYmGB4kB-WPDG1oRXlPFUrEc5Kl3HjCf_TbyVXQP0uFW_pYqLdl4Tsw56KpJvf13IN4qDdUyX1nXHGAC-yr8ICMTQKHs&sai=AMfl-YS3g7ddnolqu07K8Mhpff8xuSftQr7J4NzbVGOoQhTHj16Xx0E4EbQzYioKbI3Ze0BBEEGm5W91MUaG5zn1Es3_z2L-Vh87UmugqF76u42zmqRO3-Wzzt78D35ExULOtM-qrS2rStRaRwX56Hx7hbaTYDwUNzpNn7s&sig=Cg0ArKJSzNppTB--B8IcEAE&cid=CAQSTgDICaaNVHzLrJ_TzLt9sRAeveQG1VIzQvR2xZPpMvqtn-_kL08Hzb5zdcHa1Y9VV0ekzsIkYWk4HMe3Yk1oiDV7DfA-YxTg_BGa9LZK6BgB&id=lidar2&mcvt=1000&p=1137,435,1227,1163&mtos=778,977,1000,1000,1000&tos=778,199,23,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3672933460&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702279197716&rpt=236&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://6888d1a91e14a24d6e5242b87950b4db.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Mon, 11 Dec 2023 07:19:59 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/	16 KB 12 KB	65ms 65ms	XHR application/json	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312040101&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 52fba803a3ecc02448e9738b610e3d9454a84b34939ef653060dbb6aff904273 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 07:19:59 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12228 x-xss-protection 0
GET H2	200	push-event-counter c.usefulcontentsites.com/	43 B 486 B	160ms 152ms	Image image/gif	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://c.usefulcontentsites.com/push-event-counter?permission=default&domain=ibb.co Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 07:19:59 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-mg-request-uuid 2d417cfa-cd6f-4535-92a4-9075884971cd server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uChPETKAx4LNEiVtC%2FZULcm7FYx5SZMmaz3OKxZSn7xbhKojCBHLH83D8kAC1aKai9LUETSyLWp%2BRC4abMxFdDviAKnu3jg6OYlooGCo%2BosyXy39G3OhvX%2Fcv%2BkXFmHCyyze4ygNTJuQrn2vszgkiU6sk9i9JXM%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-methods POST, OPTIONS access-control-allow-origin https://ibb.co content-type image/gif cf-ray 833bf6645ef3bb77-FRA access-control-allow-headers * alt-svc h3=":443"; ma=86400
GET H3	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 6 KB	26ms 26ms	Script text/javascript	2a00:1450:4001:803::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 07:19:59 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Mon, 11 Dec 2023 07:19:59 GMT
GET H3	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame 38D1	13 KB 5 KB	19ms 18ms	Document text/html	2a00:1450:4001:803::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ibb.co/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 46256 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Sun, 10 Dec 2023 18:29:03 GMT expires Mon, 09 Dec 2024 18:29:03 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	aframe Show response www.google.com/recaptcha/api2/ Frame 6916	829 B 1 KB	74ms 28ms	Document text/html	2a00:1450:4001:82a::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 7edf6cced0a42d94871bf4d1a2d9942f86fe446ac4e0aec642862da08aed6e22 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-M6gosuRi3jTw8EHwRFLGew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://ibb.co/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-M6gosuRi3jTw8EHwRFLGew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Mon, 11 Dec 2023 07:19:59 GMT expires Mon, 11 Dec 2023 07:19:59 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H2	200	Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response pagead2.googlesyndication.com/bg/ Frame 38D1	39 KB 15 KB	18ms 18ms	Script text/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sun, 10 Dec 2023 19:00:51 GMT content-encoding br x-content-type-options nosniff age 44348 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15165 x-xss-protection 0 last-modified Tue, 28 Nov 2023 18:18:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Mon, 09 Dec 2024 19:00:51 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame 6916	0 0	55ms 55ms	Image text/html	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312040101&jk=3130015337572809&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame 38D1	0 10 B	18ms 18ms	Image text/plain	2a00:1450:4001:803::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?j3HZSg Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 07:19:59 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H3	204	sodar pagead2.googlesyndication.com/pagead/	0 0	57ms 57ms	Image text/html	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312040101&jk=3130015337572809&bg=!jY6ljsHNAAY3kmNgF5I7ADQBe5WfOJ_nxa7lEvsVad4jIxe1uL2IKM6cEoyu1vLv5ZN7Ea1Qd9o1mGvWFn6qCh_hj1llAgAAADtSAAAAAmgBB5kC-0Mq1lB1QCdSiG3f-d8J1tkkfzV4TyAWiVZQiKadLJkHXAsrz8iULPxsrCSLZDZI0M9LpXAqsBjWFjjvzmwlyauHNmouhHRgZW9t3yx0w9B_ZyTZfx_pwp-litZ4kF27gVOKUeMrtW0PcoBXM28kSUigRJ7C8i9lVmLEMdsDBjhdKqqx_CfpSxHgoUebYke8ICf2xPGc4yxBcGC7UWeKTenDglz96HzCHqxRyd7QzrXREtYcufHpH13Ps93fjYZ9mkAme7WUpU9cpfffJwhxj2aoOwlh-cXgW1Lu5Z4rBZdPRBLkSopctHacbmtseZmQd_gqVsHdZ8lZn2q0rpRPqT8HjH2uTiq77HNj92lbpi9cJu52QGb4ZyzRq1v5xWfN4o0yqK2cULyxKi_UNcQg4kze7nkQq_ZG_FtZPAK3RcFND3tALlxv4Aqfcb26aAX_R9I6-NYYn_Z5Kv75NGByrQNEM12lQjARD-10vbV3gVONfbbtetAc9W1UW6hIEHDZ4iUdbw4K4bEw47zvK9_EUf5Iokiz5k5FpocUgrpMNUGrFunZ2DLHZgDy3sdveyntiujNtrhKEiS0u3Vnr44Mhn4xe4A5P5v_XKEYURpjq9NEBniJ1_gbZrDPe-MrmQ2tZiBX4yySj98AkPEx_CmjgFKg7bNUjX1n3-HtEwrdrb9riCTsROie5wP5w-WoNB9ks_lK8mdUt0HxqjKVen2u53q7WD60lRfPgrlXSbIfE1zGl4P3KWpuddi8YXt1JybcZHpeLpxP9Zwj02q_chwDdbyrOPbPhSoaN3sTY8Aex4yGilOQ7YS-PDvF9LXqbaVG2emqqozlhtluoLNS4J5SCRmvarr9dWyjQjVT6NRmjdsBXtzJUI8ZT8t2U-XjQXLUJRWC-0ujpSrgwJA5f7uT_YV3my0yA8o6tJyuf738Z34Y7w3pe2F8_y_DPb184omlJuQ6RQei-fSyA0_D2VfDL0IoaXDgFTcZmrGfvIKJLe0rFr3Cu6Hy66rt3NM Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

6888d1a91e14a24d6e5242b87950b4db.safeframe.googlesyndication.com

URL

https://6888d1a91e14a24d6e5242b87950b4db.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Domain

6888d1a91e14a24d6e5242b87950b4db.safeframe.googlesyndication.com

URL

https://6888d1a91e14a24d6e5242b87950b4db.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html