ibb.co Open in urlscan Pro
213.174.132.224  Public Scan

10 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 57

• https://media.vlitag.com/vid/?id=6Fk_i-JDmbY&t=y HTTP 302
• https://redirector.googlevideo.com/videoplayback?expire=1697278916&ei=ZBcqZdjLCLCysfIPo9q64Ao&ip=184.164.141.146&id=o-AKRBT7BuPYrgbM85qY4XBvnozQBWF3niw2_7IX-AdstJ&itag=18&source=youtube&requiressl=yes&mh=d6&mm=31%2C29&mn=sn-2puupm-2pue%2Csn-a5mekn6d&ms=au%2Crdu&mv=m&mvi=1&pl=19&initcwndbps=351250&spc=UWF9f9SyT3UsHHYhd-92Drio7iSXRB9eKP7XYbJ0iw&vprv=1&svpuc=1&mime=video%2Fmp4&ns=lGaXtPCHUWeqFbQzl4eXtzUP&cnr=14&ratebypass=yes&dur=200.968&lmt=1685781175523295&mt=1697256802&fvip=4&fexp=24007246&beids=24350018&c=WEB&txp=6219224&n=XM19EiFkMITNMky&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=AGM4YrMwRQIhAOLIFVKrwL2Qgxddp2dv4kn2fGKnUfLOvFv_nB_Fw0FcAiA_cEXCImguVYa4W2qNkBJUGfpt7GHVS42281BiXVptgw%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AK1ks_kwRQIgM5hn_8ehTIVLip7dObO5FTF5VlV5S7tMYKX6aluIvWQCIQDMSj0Ti5xdFsn-SzngW7H2Toaz9m2IVPM1b83w2LkHyA%3D%3D HTTP 302
• https://r2---sn-5hnekn7k.googlevideo.com/videoplayback?expire=1697278916&ei=ZBcqZdjLCLCysfIPo9q64Ao&ip=184.164.141.146&id=o-AKRBT7BuPYrgbM85qY4XBvnozQBWF3niw2_7IX-AdstJ&itag=18&source=youtube&requiressl=yes&spc=UWF9f9SyT3UsHHYhd-92Drio7iSXRB9eKP7XYbJ0iw&vprv=1&svpuc=1&mime=video%2Fmp4&ns=lGaXtPCHUWeqFbQzl4eXtzUP&cnr=14&ratebypass=yes&dur=200.968&lmt=1685781175523295&fexp=24007246&beids=24350018&c=WEB&txp=6219224&n=XM19EiFkMITNMky&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=AGM4YrMwRQIhAOLIFVKrwL2Qgxddp2dv4kn2fGKnUfLOvFv_nB_Fw0FcAiA_cEXCImguVYa4W2qNkBJUGfpt7GHVS42281BiXVptgw%3D%3D&cms_redirect=yes&mh=d6&mip=176.115.236.15&mm=31&mn=sn-5hnekn7k&ms=au&mt=1697267166&mv=u&mvi=2&pl=22&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AK1ks_kwRAIgNnqrxVqWKKWv5qnD-cKrJEFDzJZd1-cw__4xvVFVgw0CIFmclNEP9sVZ2euxVSKGwKQTSKB6OU1M9QbYmRgWJoLq HTTP 302
• https://r5---sn-25ge7nzd.googlevideo.com/videoplayback?expire=1697278916&ei=ZBcqZdjLCLCysfIPo9q64Ao&ip=184.164.141.146&id=o-AKRBT7BuPYrgbM85qY4XBvnozQBWF3niw2_7IX-AdstJ&itag=18&source=youtube&requiressl=yes&spc=UWF9f9SyT3UsHHYhd-92Drio7iSXRB9eKP7XYbJ0iw&vprv=1&svpuc=1&mime=video%2Fmp4&ns=lGaXtPCHUWeqFbQzl4eXtzUP&cnr=14&ratebypass=yes&dur=200.968&lmt=1685781175523295&fexp=24007246,24350018&beids=24350018&c=WEB&txp=6219224&n=XM19EiFkMITNMky&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=AGM4YrMwRQIhAOLIFVKrwL2Qgxddp2dv4kn2fGKnUfLOvFv_nB_Fw0FcAiA_cEXCImguVYa4W2qNkBJUGfpt7GHVS42281BiXVptgw%3D%3D&redirect_counter=1&rm=sn-5hneld7l&req_id=2eed2536f45a36e2&cms_redirect=yes&cmsv=e&ipbypass=yes&mh=d6&mip=2a01:7e01:e001:1c8::202&mm=31&mn=sn-25ge7nzd&ms=au&mt=1697267166&mv=u&mvi=5&pl=33&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AK1ks_kwRAIgPTZJVsYfFk7cq3Z_IPY0TCOWRI5ngrSRsjbCzTLLkQsCIAyJAA2yFhBzbI1_Od1G3zN8gkf9bF7UIkDirzxemkP7

Request Chain 87

• https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=f77cd66b-51bc-4203-a0bf-900fa54ade87&bidId=15000&bidderId=4&cmExpId=LV1&oAdUnit=391466&publisherId=162645330&rId=176e3cc9-b41c-47ed-a3ba-f4d24bd51855&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3D3b8f8b82590e40df984201bd89b529a5%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=6929499&trafficGroup=knaqe_3c&trafficSubGroup=zzf%3Aknaqe_3c_fs_gbxra_yvfg&aid=5202634579766947150 HTTP 303
• https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=3b8f8b82590e40df984201bd89b529a5&SNR=1&GV=2&med=10

Request Chain 102

• https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=f77cd66b-51bc-4203-a0bf-900fa54ade87&bidId=15000&bidderId=4&cmExpId=LV1&oAdUnit=391466&publisherId=162645330&rId=176e3cc9-b41c-47ed-a3ba-f4d24bd51855&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3D3b8f8b82590e40df984201bd89b529a5%26tids%3D15000%26med%3D10&rtype=mvFeedbackURL&tagId=6929499&trafficGroup=knaqe_3c&trafficSubGroup=zzf%3Aknaqe_3c_fs_gbxra_yvfg&aid=5202634579766947150 HTTP 303
• https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=3b8f8b82590e40df984201bd89b529a5&tids=15000&med=10

114 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request bJHfQhb Show response ibb.co/	21 KB 6 KB	490ms 288ms	Document text/html	213.174.132.224 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://ibb.co/bJHfQhb Protocol H2 Security TLS 1.3, , AES_128_GCM Server 213.174.132.224 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx / Resource Hash 8013fee236151fbb873d3b71c8dc230d97a69024603e938e50a490fdb61b86f6 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload max-age=63072000; includeSubDomains; preload X-Frame-Options DENY DENY Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-encoding gzip content-type text/html; charset=UTF-8 date Sat, 14 Oct 2023 07:19:12 GMT server nginx strict-transport-security max-age=63072000; includeSubDomains; preload max-age=63072000; includeSubDomains; preload vary Accept-Encoding x-frame-options DENY DENY
GET H2	200	css2 fonts.googleapis.com/	9 KB 1 KB	361ms 19ms	Stylesheet text/css	142.250.186.74 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500&display=swap Requested by Host: ibb.co URL: https://ibb.co/bJHfQhb Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.74 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f10.1e100.net Software ESF / Resource Hash b5aacc837f3866c139e24a9c447f8ecc672b3e718536585ac1fd0ce9cc0e4e8c Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sat, 14 Oct 2023 07:19:12 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sat, 14 Oct 2023 05:39:10 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 14 Oct 2023 07:19:12 GMT
GET H2	200	ibb.css simgbb.com/2801/	115 KB 26 KB	370ms 21ms	Stylesheet text/css	104.21.4.104 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://simgbb.com/2801/ibb.css Requested by Host: ibb.co URL: https://ibb.co/bJHfQhb Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.4.104 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d192a5e1527c429f7e465e41ecbf501e491bbb33365f4870a332ff497c4b12e8 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sat, 14 Oct 2023 07:19:12 GMT content-encoding br cf-cache-status HIT last-modified Thu, 02 Feb 2023 10:55:40 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 3332 etag W/"63db96ac-1cd5c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gMtm7BtLwtkF5Zm8u%2Fn5jLZXIdQJ8xhl%2BQTBBRxmNTv%2B0MIwRQ3BX8iMmcP9O%2FIo7K9809iApIMdoSaFikhDVOx2w026vEKGI2gTUuIrpfU4Z3ql7S%2FD2k7eaoAo"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * cache-control max-age=31536000 cf-ray 815e0d7f3f039b2b-FRA alt-svc h3=":443"; ma=86400
GET H2	200	subscribe.js Show response cdn.usefulcontentsites.com/js/push/	5 KB 2 KB	497ms 27ms	Script application/javascript	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.usefulcontentsites.com/js/push/subscribe.js?v=7 Requested by Host: ibb.co URL: https://ibb.co/bJHfQhb Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7c598d6dc2f040f82c608cb1ef063629ad52ade976a354e578cfab5f2fbb428d Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers x-id fr5-hw-edge-gc28 date Sat, 14 Oct 2023 07:19:13 GMT x-amz-version-id null content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id A7HFYF1EN1AGPEGC age 3003 x-cached-since 2023-05-02T09:08:50+00:00 x-nginx nginx-be alt-svc h3=":443"; ma=86400 x-amz-id-2 ZVK85nmcRShBZSPXN6Cu7AHIQlWKsfs7guumJNXuWJ0WIXsN+1w+cU5zpvtApSSCm4t+z/JX7FQ= last-modified Wed, 30 Mar 2022 12:06:36 GMT server cloudflare x-amz-meta-s3cmd-attrs atime:1648641987/ctime:1648641987/gid:0/gname:root/md5:531a7e657aea171bbfa47a0c45adfede/mode:33206/mtime:1648641987/uid:0/uname:root etag W/"531a7e657aea171bbfa47a0c45adfede" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jQYJv48hgq1c%2BsQqrMyMDTGvhPxELHH4VZDFN4MtzhjjUKO%2BSaafCzmdNUeK5k0u%2Br1GemgQ1vc2rZz9WTjXICNW4agBfEzHX8pEUwLsRX%2Fw7dPOhtxh67EBRz%2Bxm0uTPPD0SaxReXeyFNwD6w%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control max-age=14400 cache STALE cf-ray 815e0d824ce018df-FRA
GET H2	200	/ Show response services.vlitag.com/adv1/	574 KB 148 KB	488ms 35ms	Script application/javascript	172.67.21.227 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1 Requested by Host: ibb.co URL: https://ibb.co/bJHfQhb Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.21.227 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dd521f814c36abe01f22855a4adc0ca4acf488af05cd4440eea059dfe36165ac Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sat, 14 Oct 2023 07:19:13 GMT content-encoding br cf-cache-status HIT cf-bgj minify server cloudflare age 818 cf-polished origSize=587811 etag W/"8e6637b4f4f57cc6ca9a8b8db5bcdcb1 2023-10-03T03:28:26 v1 default" vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control public, max-age=900, stale-while-revalidate=3600 x-robots-tag noindex, nofollow, noarchive, nosnippet cf-ray 815e0d823d725c7a-FRA alt-svc h3=":443"; ma=86400
GET H2	200	logo.png simgbb.com/images/	938 B 1 KB	43ms 26ms	Image image/png	104.21.4.104 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://simgbb.com/images/logo.png Requested by Host: ibb.co URL: https://ibb.co/bJHfQhb Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.4.104 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 80329d457bd68a89b53ca393d3ba5f1c7b4f944c3c60ef8244a6969e10647c55 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sat, 14 Oct 2023 07:19:12 GMT cf-cache-status HIT last-modified Thu, 02 Feb 2023 10:55:40 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 3332 etag "63db96ac-3aa" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xng7ru7nJbAAixCwEC%2BapR4FaMIIENXOOa5ObZbqCUYdRskQ9Drh78ZBvn7i0cDwsBhqjc49qfGh8cemBu2GzFAIeplKw%2F%2FzOSpCg2l86MJZ6kpI%2B6atmAl1trfu"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=31536000 accept-ranges bytes cf-ray 815e0d7faf5c9b2b-FRA alt-svc h3=":443"; ma=86400 content-length 938
GET H2	200	DSC-9783.jpg i.ibb.co/VmHKJyw/	85 KB 85 KB	228ms 80ms	Image image/jpeg	162.19.58.161 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://i.ibb.co/VmHKJyw/DSC-9783.jpg Requested by Host: ibb.co URL: https://ibb.co/bJHfQhb Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.19.58.161 , France, ASN16276 (OVH, FR), Reverse DNS ns3096669.ip-162-19-58.eu Software nginx / Resource Hash d4b09bdcc7f88b76cb0bb5e32d50bf7d224ad10c4b752b669b27523baa7b81c9 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sat, 14 Oct 2023 07:19:12 GMT last-modified Sat, 14 Oct 2023 06:50:40 GMT server nginx access-control-allow-methods GET, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 86970 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	script Show response pt.protoawe.com/cifra/	2 KB 2 KB	112ms 20ms	Script application/javascript	93.93.51.191 DOCLER-AS
General Check archive.org Show headers Download Go to Full URL https://pt.protoawe.com/cifra/script?id=awe-customiframe-container&row=1&column=4&border=0&wide=0&padding=8px&model=0&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&legacyRedirect=1 Requested by Host: ibb.co URL: https://ibb.co/bJHfQhb Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 93.93.51.191 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash 3b5c79fa6438eb8abbfc5dbde134a7f49a7f5920a1099a47b5ffed5222b495f0 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sat, 14 Oct 2023 07:18:18 GMT cache-control no-cache x-ud-id tQjir/h3v server unknown x-cache-status R-HIT content-type application/javascript
GET H2	200	jquery2.js Show response simgbb.com/2801/	114 KB 41 KB	43ms 27ms	Script application/javascript	104.21.4.104 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://simgbb.com/2801/jquery2.js Requested by Host: ibb.co URL: https://ibb.co/bJHfQhb Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.4.104 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ff3ec271ef20383e3c4fd7f8a8bbab3610c6bd52fa7ca3a52059b97faf148b24 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sat, 14 Oct 2023 07:19:12 GMT content-encoding br cf-cache-status HIT last-modified Thu, 02 Feb 2023 10:55:40 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 3846 etag W/"63db96ac-1c65d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L6suhrH91ncnM9QNlkjZw2OSJPuqrgFVvTrhRu7ua3xOoveUuItt1AsgizdNry1aSogeqcYVCLTtWGdAm2Ot3YoivrUdNCSfvBCuVJ1USN8JeStER7D7huqlVOkH"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control max-age=31536000 cf-ray 815e0d7faf5f9b2b-FRA alt-svc h3=":443"; ma=86400
GET H2	200	ibb.js Show response simgbb.com/2801/	215 KB 62 KB	47ms 32ms	Script application/javascript	104.21.4.104 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://simgbb.com/2801/ibb.js Requested by Host: ibb.co URL: https://ibb.co/bJHfQhb Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.4.104 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 45906ccf25c34566708e3c7b29332f2d567c6fa53c72a64b2523928343be6cd1 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sat, 14 Oct 2023 07:19:12 GMT content-encoding br cf-cache-status HIT last-modified Tue, 01 Aug 2023 17:15:28 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 5829 etag W/"64c93db0-35a95" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CcK3y0elEVacKtBRcHc4waj7ntLqTAVaX0kECetpVI%2FX3vhNq%2BZ5Qo6Osie4dw72nHEDCdAniBHBw%2FGBSIAoOqZEqXaGl7wSZW%2B%2FSFErSd%2F9vbdpDY1ipdmVfurQ"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control max-age=31536000 cf-ray 815e0d7faf609b2b-FRA alt-svc h3=":443"; ma=86400
GET H2	200	cifra Show response pt.protoawe.com/ Frame 6B02	28 KB 7 KB	219ms 132ms	Document text/html	93.93.51.191 DOCLER-AS
General Check archive.org Show headers Download Go to Full URL https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1 Requested by Host: ibb.co URL: https://ibb.co/bJHfQhb Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 93.93.51.191 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash a14170339eb81af73fc04466ae9558a4f49d2a57a15bf3ce1976a2897d19de14 Request headers Referer https://ibb.co/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control max-age=300, public content-encoding gzip content-type text/html; charset=UTF-8 date Sat, 14 Oct 2023 07:19:12 GMT server unknown vary Accept-Encoding x-cache-status R-MISS x-ud-id eU97a/3EE
GET H2	200	imgbb.woff2 simgbb.com/fonts/	8 KB 9 KB	382ms 17ms	Font font/woff2	104.21.4.104 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://simgbb.com/fonts/imgbb.woff2 Requested by Host: simgbb.com URL: https://simgbb.com/2801/ibb.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.4.104 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f46bf0c1c79af4187878ef33dc72a02a554013f943f2eaeb9ad5e88c246b6b13 Request headers Referer https://simgbb.com/2801/ibb.css Origin https://ibb.co accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sat, 14 Oct 2023 07:19:12 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 6374 alt-svc h3=":443"; ma=86400 content-length 8468 last-modified Thu, 02 Feb 2023 10:55:40 GMT server cloudflare etag "63db96ac-2114" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zRrgJvXwd8HBsRn5fSpFJGRh7c045yMP14R8MNG7wPcviQaIFWMjTmiTkN5dBzt%2BXr704KQp%2Fi2rNk3QtxxnCx31gCZIt4YycldLwF4%2Bw70RSHtoZ3ZqdszVaQNI"}],"group":"cf-nel","max_age":604800} content-type font/woff2 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes cf-ray 815e0d81caff30cf-FRA
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 fonts.gstatic.com/s/opensans/v36/	47 KB 48 KB	441ms 11ms	Font font/woff2	216.58.212.131 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.131 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s21-in-f3.1e100.net Software sffe / Resource Hash 9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://ibb.co accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Thu, 12 Oct 2023 18:17:53 GMT x-content-type-options nosniff age 133279 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 48432 x-xss-protection 0 last-modified Thu, 14 Sep 2023 00:40:31 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 11 Oct 2024 18:17:53 GMT
GET H2	200	DSC-9783.jpg i.ibb.co/hfXqL5Y/	430 KB 431 KB	339ms 333ms	Image image/jpeg	162.19.58.161 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://i.ibb.co/hfXqL5Y/DSC-9783.jpg Requested by Host: ibb.co URL: https://ibb.co/bJHfQhb Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.19.58.161 , France, ASN16276 (OVH, FR), Reverse DNS ns3096669.ip-162-19-58.eu Software nginx / Resource Hash 659edfcac88ddd6d56cc7dd4d466d70c1f0ca99ef8a4e07a58a9b335daf1e456 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sat, 14 Oct 2023 07:19:13 GMT last-modified Sat, 14 Oct 2023 06:50:40 GMT server nginx access-control-allow-methods GET, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 439842 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	di.min-v439575.js Show response pt-static5.awepsljan.com/npe/_common/script/incognito/ Frame 6B02	3 KB 2 KB	222ms 17ms	Script application/javascript	93.93.51.200 DOCLER-AS
General Check archive.org Show headers Download Go to Full URL https://pt-static5.awepsljan.com/npe/_common/script/incognito/di.min-v439575.js Requested by Host: pt.protoawe.com URL: https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash 7d71a852775aba4b8dc1944e102cb58b344c544fe55e69da4caa73e8ccc1d2cb Request headers accept-language de-DE,de;q=0.9 Referer https://pt.protoawe.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers x-cdn-node defra date Sat, 14 Oct 2023 07:19:13 GMT content-encoding gzip last-modified Thu, 12 Oct 2023 12:41:00 GMT server unknown etag W/"6527e95c-d47" x-cache-status R-HIT vary Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=1209600 expires Sat, 28 Oct 2023 07:19:13 GMT
GET H2	200	advertisement-v439575.js Show response pt-static4.awepsljan.com/npe/_common/script/adblock/ Frame 6B02	21 B 277 B	209ms 9ms	Script application/javascript	93.93.51.200 DOCLER-AS
General Check archive.org Show headers Download Go to Full URL https://pt-static4.awepsljan.com/npe/_common/script/adblock/advertisement-v439575.js Requested by Host: pt.protoawe.com URL: https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash e97a9988dce8067f81f57557b349dd481e0335e75175179b6b01322be2ff13a5 Request headers accept-language de-DE,de;q=0.9 Referer https://pt.protoawe.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers x-cdn-node defra date Sat, 14 Oct 2023 07:19:12 GMT last-modified Thu, 12 Oct 2023 12:41:00 GMT server unknown etag "6527e95c-15" x-cache-status R-HIT content-type application/javascript access-control-allow-origin * cache-control max-age=1209600 accept-ranges bytes content-length 21 expires Sat, 28 Oct 2023 07:19:12 GMT
GET H2	200	cifra-v439575.css pt-static3.awepsljan.com/npe/cifra/styles/ Frame 6B02	18 KB 4 KB	221ms 14ms	Stylesheet text/css	93.93.51.200 DOCLER-AS
General Check archive.org Show headers Download Go to Full URL https://pt-static3.awepsljan.com/npe/cifra/styles/cifra-v439575.css Requested by Host: pt.protoawe.com URL: https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash f1ea665526cf1500038f5f98c1ef516df91ed4e937f029b0ddf8eff76f63de4c Request headers accept-language de-DE,de;q=0.9 Referer https://pt.protoawe.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers x-cdn-node defra date Sat, 14 Oct 2023 07:19:13 GMT content-encoding gzip last-modified Thu, 12 Oct 2023 12:41:01 GMT server unknown etag W/"6527e95d-4645" x-cache-status R-HIT vary Accept-Encoding, Accept-Encoding content-type text/css access-control-allow-origin * cache-control max-age=1209600 expires Sat, 28 Oct 2023 07:19:13 GMT
GET H2	200	cifrafk-v439575.js Show response pt-static3.awepsljan.com/npe/cifra/script/ Frame 6B02	323 KB 116 KB	236ms 29ms	Script application/javascript	93.93.51.200 DOCLER-AS
General Check archive.org Show headers Download Go to Full URL https://pt-static3.awepsljan.com/npe/cifra/script/cifrafk-v439575.js Requested by Host: pt.protoawe.com URL: https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash b72b133f647545d0fa6ca3c13454dc5adca17490e714c9abb3b56c61fdadd294 Request headers accept-language de-DE,de;q=0.9 Referer https://pt.protoawe.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers x-cdn-node defra date Sat, 14 Oct 2023 07:19:13 GMT content-encoding gzip last-modified Thu, 12 Oct 2023 12:41:01 GMT server unknown etag W/"6527e95d-50a28" x-cache-status R-HIT vary Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=1209600 expires Sat, 28 Oct 2023 07:19:13 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/ Frame 6B02	228 KB 76 KB	379ms 35ms	Script application/javascript	142.250.186.40 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-WXTGF28 Requested by Host: pt.protoawe.com URL: https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.40 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f8.1e100.net Software Google Tag Manager / Resource Hash 424c601bfb3aee86bd67659ac3dbb8f308bacba592af896d637753f5ac7c0eb6 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pt.protoawe.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sat, 14 Oct 2023 07:19:13 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 77645 x-xss-protection 0 last-modified Sat, 14 Oct 2023 06:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sat, 14 Oct 2023 07:19:13 GMT
GET H2	200	js-cookie-muidn Show response cm.mgid.com/	0 414 B	430ms 42ms	Script application/javascript	104.19.131.76 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cm.mgid.com/js-cookie-muidn Requested by Host: cdn.usefulcontentsites.com URL: https://cdn.usefulcontentsites.com/js/push/subscribe.js?v=7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.131.76 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers pragma no-cache date Sat, 14 Oct 2023 07:19:13 GMT strict-transport-security max-age=15552000; includeSubDomains; preload cf-cache-status DYNAMIC server cloudflare content-type application/javascript cache-control no-store, no-cache, must-revalidate, max-age=0 cf-ray 815e0d84fec49006-FRA alt-svc h3=":443"; ma=86400 content-length 0
GET H3	200	8e6637b4f4f57cc6ca9a8b8db5bcdcb1.json Show response services.vlitag.com/cli/	42 B 357 B	229ms 163ms	XHR application/json	2606:4700:10::ac43:15e3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://services.vlitag.com/cli/8e6637b4f4f57cc6ca9a8b8db5bcdcb1.json?hn=https://ibb.co Requested by Host: services.vlitag.com URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aabe037fcc8655d564837616bcd2b2149b79a72bf054198385d1531833c8638a Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers pragma no-cache date Sat, 14 Oct 2023 07:19:13 GMT cf-cache-status BYPASS server cloudflare vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin https://ibb.co cache-control private, no-cache, no-store, must-revalidate accept-ranges bytes x-robots-tag noindex, nofollow, noarchive, nosnippet cf-ray 815e0d83cf9d4da8-FRA content-length 42 alt-svc h3=":443"; ma=86400 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	2bf8369710d0a33419a7a97675e7ff3f_glamour_460x345.jpg galleryn0.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f12/ Frame 6B02	33 KB 34 KB	58ms 22ms	Image image/jpeg	93.93.51.190 DOCLER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://galleryn0.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f12/2bf8369710d0a33419a7a97675e7ff3f_glamour_460x345.jpg?cno=d9f8 Requested by Host: pt.protoawe.com URL: https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.93.51.190 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash 05f40c77e3382d16e704b8b8cb1782cd90f8da113d3bf6850651ab249960bc8e Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://pt.protoawe.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sat, 14 Oct 2023 07:19:13 GMT x-content-type-options nosniff x-cache-status R-HIT x-cache-source Origin content-length 34135 x-cdn-node defra last-modified Fri, 15 Sep 2023 13:38:12 GMT server unknown etag "446e54613077bfa42d6f4058ffb4eebe" content-type image/jpeg access-control-allow-origin * x-rgw-object-type Normal cache-control max-age=1209600 x-real-source - accept-ranges bytes expires Sat, 28 Oct 2023 07:19:13 GMT
GET H2	200	7e77bd32fb7a18b7ce9d17d032413f75_glamour_460x345.jpg galleryn0.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f17/ Frame 6B02	33 KB 34 KB	73ms 37ms	Image image/jpeg	93.93.51.190 DOCLER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://galleryn0.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f17/7e77bd32fb7a18b7ce9d17d032413f75_glamour_460x345.jpg?cno=b844 Requested by Host: pt.protoawe.com URL: https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.93.51.190 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash 1f8b5cd490145e4895577eafd50fd85c7aeb0d1f3e43c3bf85d768ce76c5064b Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://pt.protoawe.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sat, 14 Oct 2023 07:19:13 GMT x-content-type-options nosniff x-cache-status R-HIT x-cache-source Origin content-length 34050 x-cdn-node defra last-modified Wed, 13 Sep 2023 05:03:58 GMT server unknown etag "2f2a14ce835c4d5b6ce99fd992f45318" content-type image/jpeg access-control-allow-origin * x-rgw-object-type Normal cache-control max-age=1209600 x-real-source - accept-ranges bytes expires Sat, 28 Oct 2023 07:19:13 GMT
GET H2	200	f40398cd73ca62da935b4178e3ce6755_glamour_460x345.jpg galleryn1.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f1f/ Frame 6B02	25 KB 26 KB	56ms 22ms	Image image/jpeg	93.93.51.190 DOCLER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://galleryn1.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f1f/f40398cd73ca62da935b4178e3ce6755_glamour_460x345.jpg?cno=c13e Requested by Host: pt.protoawe.com URL: https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.93.51.190 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash 9fbd19449f543dd8503cdb837205959a822df4ba039dc1b6223b4dedc2e8d49a Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://pt.protoawe.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sat, 14 Oct 2023 07:19:13 GMT x-content-type-options nosniff x-cache-status R-HIT x-cache-source Origin content-length 26058 x-cdn-node defra last-modified Fri, 29 Sep 2023 14:53:06 GMT server unknown etag "326c61b6a69e5d35d5cd1b9fba4fa4f2" content-type image/jpeg access-control-allow-origin * x-rgw-object-type Normal cache-control max-age=1209600 x-real-source - accept-ranges bytes expires Sat, 28 Oct 2023 07:19:13 GMT
GET H2	200	0f295eedb42378c3d1038cc1e4724f60_glamour_460x345.jpg galleryn0.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f10/ Frame 6B02	32 KB 32 KB	66ms 31ms	Image image/jpeg	93.93.51.190 DOCLER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://galleryn0.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f10/0f295eedb42378c3d1038cc1e4724f60_glamour_460x345.jpg?cno=c830 Requested by Host: pt.protoawe.com URL: https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.93.51.190 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash 3fe04e19728d34ea52376527331b190b1a47381ba8ab36365e5868c8b6bf1483 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://pt.protoawe.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sat, 14 Oct 2023 07:19:13 GMT x-content-type-options nosniff x-cache-status R-HIT x-cache-source Origin content-length 32686 x-cdn-node defra last-modified Thu, 24 Aug 2023 09:27:28 GMT server unknown etag "cdd4e09ea8e22f9209eb4ca068ec8eaf" content-type image/jpeg access-control-allow-origin * x-rgw-object-type Normal cache-control max-age=1209600 x-real-source - accept-ranges bytes expires Sat, 28 Oct 2023 07:19:13 GMT
GET H3	200	vl.json Show response services.vlitag.com/vld/1697256187/	13 B 265 B	511ms 499ms	XHR application/json	2606:4700:10::ac43:15e3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://services.vlitag.com/vld/1697256187/vl.json?page_url=https%3A%2F%2Fibb.co%2FbJHfQhb Requested by Host: services.vlitag.com URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sat, 14 Oct 2023 07:19:13 GMT cf-cache-status HIT last-modified Sat, 14 Oct 2023 06:53:15 GMT server cloudflare vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin https://ibb.co cache-control public, immutable, max-age=31536000 accept-ranges bytes x-robots-tag noindex, nofollow, noarchive, nosnippet cf-ray 815e0d84f94c4da8-FRA content-length 13 alt-svc h3=":443"; ma=86400
GET H3	200	8e6637b4f4f57cc6ca9a8b8db5bcdcb1.json Show response services.vlitag.com/obj/1697256187/	44 KB 5 KB	64ms 52ms	XHR application/json	2606:4700:10::ac43:15e3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://services.vlitag.com/obj/1697256187/8e6637b4f4f57cc6ca9a8b8db5bcdcb1.json?cc=DE&hn=https://ibb.co Requested by Host: services.vlitag.com URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash de3de1b5f2dc14ad4c1775efce26d217fb718fb7c1f39a0e3a74ece576980482 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sat, 14 Oct 2023 07:19:13 GMT content-encoding br cf-cache-status HIT last-modified Sat, 14 Oct 2023 04:03:45 GMT server cloudflare age 10957 vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin https://ibb.co cache-control public, immutable, max-age=31536000 x-robots-tag noindex, nofollow, noarchive, nosnippet cf-ray 815e0d84f94e4da8-FRA alt-svc h3=":443"; ma=86400
GET H2	200	analytics.js Show response www.google-analytics.com/ Frame 6B02	52 KB 21 KB	567ms 15ms	Script text/javascript	172.217.18.14 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WXTGF28 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.14 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra02s19-in-f14.1e100.net Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://pt.protoawe.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Sat, 14 Oct 2023 05:49:42 GMT last-modified Mon, 12 Jun 2023 18:23:07 GMT server Golfe2 age 5372 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Sat, 14 Oct 2023 07:49:42 GMT
GET H2	200	prebid-7.48.0.js Show response assets.vlitag.com/prebid/default/	561 KB 172 KB	451ms 441ms	Script application/javascript	172.67.21.227 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://assets.vlitag.com/prebid/default/prebid-7.48.0.js Requested by Host: services.vlitag.com URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.21.227 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 95dbbacaaa6b78654b2b74da75fa16e9986ff82fe674aea184b07e643295c871 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sat, 14 Oct 2023 07:19:13 GMT content-encoding br cf-cache-status HIT cf-bgj minify last-modified Mon, 08 May 2023 07:36:47 GMT server cloudflare age 593388 cf-polished origSize=575587 etag W/"6458a68f-8c863" vary Accept-Encoding content-type application/javascript cache-control max-age=16070400 cf-ray 815e0d87eb6b5c7a-FRA alt-svc h3=":443"; ma=86400 expires Sat, 07 Oct 2023 10:59:23 GMT
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	90 KB 29 KB	616ms 93ms	Script text/javascript	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: services.vlitag.com URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software cafe / Resource Hash 18de635741cbabda98598ef5df50566dc5b8a35d1f4bec15a66fa370e0c4ce9e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sat, 14 Oct 2023 07:19:14 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 29168 x-xss-protection 0 server cafe etag 288 / 19644 / 31078769 / config-hash: 16770446656291207178 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * expires Sat, 14 Oct 2023 07:19:14 GMT
GET H2	200	ima3.js Show response imasdk.googleapis.com/js/sdkloader/	361 KB 124 KB	555ms 32ms	Script text/javascript	172.217.18.10 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://imasdk.googleapis.com/js/sdkloader/ima3.js Requested by Host: services.vlitag.com URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.10 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra02s19-in-f10.1e100.net Software sffe / Resource Hash 8cbb913d075f48fea47711f393c162c69066118acb543879dc77cf69d6345682 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sat, 14 Oct 2023 07:19:14 GMT content-encoding gzip x-content-type-options nosniff server sffe cross-origin-opener-policy same-origin; report-to="ads-doubleclick-instream-static" vary Accept-Encoding report-to {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]} content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 126236 x-xss-protection 0 expires Sat, 14 Oct 2023 07:19:14 GMT
GET H2	200	sf_host.min.js Show response assets.vlitag.com/plugins/safeframe/src/js/	38 KB 17 KB	449ms 440ms	Script application/javascript	172.67.21.227 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://assets.vlitag.com/plugins/safeframe/src/js/sf_host.min.js Requested by Host: services.vlitag.com URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.21.227 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sat, 14 Oct 2023 07:19:13 GMT content-encoding br cf-cache-status HIT last-modified Fri, 01 Nov 2019 05:04:50 GMT server cloudflare age 593387 etag W/"5dbbbcf2-9806" vary Accept-Encoding content-type application/javascript cache-control max-age=16070400 cf-ray 815e0d87eb695c7a-FRA alt-svc h3=":443"; ma=86400 expires Sat, 07 Oct 2023 10:59:23 GMT
GET H2	200	apstag.js Show response c.amazon-adsystem.com/aax2/	255 KB 63 KB	553ms 31ms	Script application/javascript	52.222.208.154 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/aax2/apstag.js Requested by Host: services.vlitag.com URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.208.154 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-208-154.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 241df04a32e1a0a4da58eb35f672c5f0b4e1fa131475803ce3222bf493632d5e Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sat, 14 Oct 2023 06:23:33 GMT content-encoding gzip via 1.1 490f651effcacfa7d80143d3047d794e.cloudfront.net (CloudFront), 1.1 e41703af87be84ac95b3cadf9d8dd470.cloudfront.net (CloudFront) last-modified Thu, 05 Oct 2023 19:43:17 GMT server AmazonS3 x-amz-cf-pop FRA60-P1, FRA56-P3 age 3342 x-amz-server-side-encryption AES256 etag W/"e1caada96468a3b669d0d0cc6ec9a23c" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=3600 x-amz-cf-id JvmKaGHXxICBMX7hm3uyUOee082DkWB3H3bXketmRM1NXXbN9hH6oA==
GET H2	200	aps_csm.js Show response c.amazon-adsystem.com/bao-csm/aps-comm/	6 KB 3 KB	54ms 10ms	XHR application/javascript	52.222.208.154 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.208.154 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-208-154.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers x-amz-version-id 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog content-encoding gzip via 1.1 8af5231b014ab5e8c35000dd4cf4b68c.cloudfront.net (CloudFront) date Sat, 14 Oct 2023 06:04:13 GMT x-amz-cf-pop FRA56-P3 age 4508 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Tue, 29 Aug 2023 08:30:37 GMT server AmazonS3 etag W/"a4d296427fc806b21335359e398c025c" access-control-max-age 3000 access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control public, max-age=86400 vary Accept-Encoding,Origin x-amz-cf-id 40cFyUaMedrXWQFvyUQ-8EiNvXnnNl8IeYvge8EdwvtcatcFfyP4ew==
GET H2	200	js Show response www.googletagmanager.com/gtag/ Frame 6B02	231 KB 80 KB	65ms 63ms	Script application/javascript	142.250.186.40 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-H7LMNP6Q9N&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WXTGF28 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.40 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f8.1e100.net Software Google Tag Manager / Resource Hash 60e1464b46cd0321988e7cca4e49154aab2184de4471739fab0c25bb050149eb Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pt.protoawe.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sat, 14 Oct 2023 07:19:14 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 82162 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Sat, 14 Oct 2023 07:19:14 GMT
GET H2	200	3EE.gif pt.protoawe.com/eU97a/ Frame 6B02	43 B 296 B	63ms 62ms	Image image/gif	93.93.51.191 DOCLER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://pt.protoawe.com/eU97a/3EE.gif?psprogram=revs&pstool=212_1&site=jsm&campaign_id=&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&psid=mesaction&categoryName=girl&vp%5BautoPlay%5D=1&vp%5BshowChat%5D=0&vp%5BchatAutoHide%5D=0&im=1 Requested by Host: ibb.co URL: https://ibb.co/bJHfQhb Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 93.93.51.191 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers accept-language de-DE,de;q=0.9 Referer https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sat, 14 Oct 2023 07:19:14 GMT last-modified Mon, 28 Sep 1970 06:00:00 GMT server unknown content-type image/gif access-control-allow-origin * cache-control no-cache content-length 43 expires Sat, 14 Oct 2023 07:19:13 GMT
GET H2	200	pubads_impl.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/	420 KB 132 KB	30ms 29ms	Script text/javascript	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js?cb=31078769 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software cafe / Resource Hash ed217f84a2f42753409477460b63ce2ed71c6447b9ec89aa0abde7f42ae5bcf6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Fri, 13 Oct 2023 16:50:59 GMT content-encoding br x-content-type-options nosniff age 52095 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 134786 x-xss-protection 0 server cafe etag 13749274744457858240 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 timing-allow-origin * expires Sat, 12 Oct 2024 16:50:59 GMT
GET H2	200	9cf0c4f1-7630-476b-9141-f4472e005192 Show response config.aps.amazon-adsystem.com/configs/	537 B 801 B	61ms 11ms	Script application/javascript	99.86.4.39 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://config.aps.amazon-adsystem.com/configs/9cf0c4f1-7630-476b-9141-f4472e005192 Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.39 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-39.fra6.r.cloudfront.net Software CloudFront / Resource Hash 8cb19dd370d8a0dd9ee570e546a789c88840bd443082943f099e4c87cdfff2bf Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sat, 14 Oct 2023 07:14:02 GMT via 1.1 71b147cd3102755b55ba8b6fd34e3f4a.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop FRA6-C1 age 312 x-cache Hit from cloudfront content-type application/javascript cache-control max-age=3600 content-length 537 x-amz-cf-id uS9F11sK9nRWm08upXc4_z5tr8JeWcPQIqn8_7gGoAt9UJKQZDYg7A==
GET H2	204	config Show response c.amazon-adsystem.com/cdn/prod/	0 304 B	28ms 28ms	XHR text/plain	52.222.208.154 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fibb.co&pubid=9cf0c4f1-7630-476b-9141-f4472e005192 Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.208.154 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-208-154.fra56.r.cloudfront.net Software Server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sat, 14 Oct 2023 01:45:56 GMT via 1.1 e41703af87be84ac95b3cadf9d8dd470.cloudfront.net (CloudFront) server Server x-amz-cf-pop FRA56-P3 age 19998 x-cache Hit from cloudfront access-control-allow-origin https://ibb.co cache-control max-age=21550, s-maxage=21600 access-control-allow-credentials true x-amz-cf-id VWVNUN9P1my_JAVfanN3yK0X6lND194p-MY4kadSvX1CgJOe2oG8Tg==
GET H2	200	latest.json Show response cdn.jsdelivr.net/gh/prebid/currency-file@1/	2 KB 2 KB	353ms 26ms	XHR application/json	104.16.88.20 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231014 Requested by Host: assets.vlitag.com URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fc199896e3265b455b71f95436abb463f1c18c78d2658a01256ed0932cfc000c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://ibb.co/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Content-Type text/plain Response headers date Sat, 14 Oct 2023 07:19:14 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 11901 x-jsd-version 1.0.1842 content-encoding br x-cache HIT, MISS cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-served-by cache-fra-eddf8230103-FRA, cache-yyz4544-YYZ x-jsd-version-type version server cloudflare etag W/"63b-Y0+98qnTuk0TPS1Yvik3nzYvQfA" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s%2F8zKku7DNhQ%2F8BrJbKQOPMp8N%2FcieihK4LcHs7DVLAo0aduPTLpAWhaxiQlAjfKKUzTgsu4EwNQOVQMJsj38FufrNMzeC8kVQjyfGvQ2aDIqFvJjyG0F0Sqh%2FkKACnb6Iw%3D"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 timing-allow-origin * cf-ray 815e0d8cba7cbb8f-FRA
GET H2	200	bid Show response aax.amazon-adsystem.com/e/dtb/	23 B 455 B	102ms 61ms	XHR text/javascript	52.222.253.136 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fibb.co%2FbJHfQhb&pid=UR9WWMxHeuUH0&cb=0&ws=1600x1200&v=23.919.1525&t=1500&slots=%5B%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A1%2C%22id%22%3A%22Interdog_Media_RON_Instream%22%2C%22mt%22%3A%22v%22%2C%22s%22%3A%5B%22640x480%22%5D%7D%2C%7B%22sd%22%3A%22vi_22154111431_banner%22%2C%22s%22%3A%5B%22336x280%22%2C%22300x250%22%5D%2C%22sn%22%3A111431%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!pubpower.io%2C467%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22no-cmp%22%7D Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.253.136 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-253-136.fra60.r.cloudfront.net Software Server / Resource Hash 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8 Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sat, 14 Oct 2023 07:19:14 GMT strict-transport-security max-age=47474747; includeSubDomains; preload via 1.1 319f376925908156190f5fc160137b42.cloudfront.net (CloudFront) server Server x-amz-cf-pop FRA60-P3 x-amz-rid 4HK398ERP88HQ44GD226 vary Accept-Encoding,User-Agent x-cache Miss from cloudfront content-type text/javascript;charset=UTF-8 access-control-allow-origin https://ibb.co access-control-allow-credentials true timing-allow-origin * content-length 23 x-amz-cf-id YFcw9htMf7WV0yKnoFys8hedkaGTo5lYFrFt4ZgISEatxf8XhuHPUw==
GET H2	200	tf-v1.jpeg px.vliplatform.com/	0 256 B	476ms 133ms	Image image/jpeg	104.21.82.134 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://px.vliplatform.com/tf-v1.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNYUaPYwAY-UKUM-PPUZ-qyPt-TaYaPYrPaZByRzyzNhqut_cotvRws0NA Requested by Host: ibb.co URL: https://ibb.co/bJHfQhb Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.82.134 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sat, 14 Oct 2023 07:19:14 GMT cf-cache-status MISS last-modified Sat, 14 Oct 2023 07:19:14 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T2Mo0juPGXHOTnI9RT3Y5prtfx1HynN8x0IAOY891rZmQW21H%2B5kmwJSolcShmNF32M1qvapBNJrWfR7AnKpYlPAeIEIX8LsIhTTF3RmeXOZ5ieD7IHLWKGC%2Ft0Uhx%2Be45LF6A%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=864000, immutable accept-ranges bytes x-robots-tag noindex, nofollow, noarchive, nosnippet cf-ray 815e0d8d0ff530d2-FRA content-length 0 alt-svc h3=":443"; ma=86400
GET H2	200	cc.jpeg px.vliplatform.com/bi-v4/	0 512 B	476ms 133ms	Image image/jpeg	104.21.82.134 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNeyPAKTTe-qwtM-PKrt-MBtT-qUZaaYBAwYYKRdzNcortg%20oflzktqdRlmNUPAbPMARwlNqdqmgfRkjmNUPAbPMARrdzNqdqmgfRwkjNARmNTTTPBTRleNplR_yszuNyqsltRedhNgyy Requested by Host: ibb.co URL: https://ibb.co/bJHfQhb Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.82.134 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sat, 14 Oct 2023 07:19:14 GMT cf-cache-status MISS last-modified Sat, 14 Oct 2023 07:19:14 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=81IATIa3CTfuQa3rwVz0Qrjl38JJwK%2BfjmRSHyzJ947JXUGuM1rIiHROnQ%2BuHytT5W6xeD65td1Jso0QI%2FCXz6F4ogqKnnEWSUvq5NXEeUoBDy2GRYp8cOZx09kXN90H0xlE0Q%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=864000, immutable accept-ranges bytes x-robots-tag noindex, nofollow, noarchive, nosnippet cf-ray 815e0d8d0ff230d2-FRA content-length 0 alt-svc h3=":443"; ma=86400
GET H2	200	cc.jpeg px.vliplatform.com/bi-v4/	0 257 B	482ms 139ms	Image image/jpeg	104.21.82.134 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNPYKqaBAY-Brwr-PZTU-wTKY-ZAMtZeaMKrPTRdzNwqfftkRlmNBBUbPMARwlNqdqmgfRkjmNBBUbYMA,BAAbYZARrdzNqdqmgfRwkjNARmNTTTPBTRleNplR_yszuNyqsltRedhNgyy Requested by Host: ibb.co URL: https://ibb.co/bJHfQhb Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.82.134 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sat, 14 Oct 2023 07:19:14 GMT cf-cache-status MISS last-modified Sat, 14 Oct 2023 07:19:14 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QEDk3GZLjFdow9YJuhefiFqYfiTRk%2Fov7bp52Koc4eiNeSN84FDS0ULA9sOZppdJDiIbPdNI49G2b5ZUXJMy3KG2xqDjfZexYgSDvTYzTZU5LSHeerG7S%2Fzmc%2FPbGxAewQmRqw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=864000, immutable accept-ranges bytes x-robots-tag noindex, nofollow, noarchive, nosnippet cf-ray 815e0d8d0ff430d2-FRA content-length 0 alt-svc h3=":443"; ma=86400
GET H2	200	bid Show response aax.amazon-adsystem.com/e/dtb/	23 B 456 B	138ms 114ms	XHR text/javascript	52.222.253.136 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fibb.co%2FbJHfQhb&pid=UR9WWMxHeuUH0&cb=1&ws=1600x1200&v=23.919.1525&t=1500&slots=%5B%7B%22sd%22%3A%22vi_22154111432%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A111432%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!pubpower.io%2C467%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22no-cmp%22%7D Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.253.136 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-253-136.fra60.r.cloudfront.net Software Server / Resource Hash 89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4 Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sat, 14 Oct 2023 07:19:14 GMT strict-transport-security max-age=47474747; includeSubDomains; preload via 1.1 319f376925908156190f5fc160137b42.cloudfront.net (CloudFront) server Server x-amz-cf-pop FRA60-P3 x-amz-rid J0APE1PQSRD9N4P4V659 vary Accept-Encoding,User-Agent x-cache Miss from cloudfront content-type text/javascript;charset=UTF-8 access-control-allow-origin https://ibb.co access-control-allow-credentials true timing-allow-origin * content-length 23 x-amz-cf-id nVfAZCBIWDS173SSTSNkmv0kdK1iJTQyJhyupJOuHBDv2QjGUo5hYQ==
GET H2	200	cc.jpeg px.vliplatform.com/bi-v4/	0 257 B	465ms 138ms	Image image/jpeg	104.21.82.134 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNrqUeaqqr-KAUM-PPtP-qUPr-BetqBAMaMTyyRdzNwqfftkRlmNKYMbaARwlNqdqmgfRkjmNKYMbaARrdzNqdqmgfRwkjNARmNTTTPBYRleNplR_yszuNyqsltRedhNgyy Requested by Host: ibb.co URL: https://ibb.co/bJHfQhb Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.82.134 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sat, 14 Oct 2023 07:19:14 GMT cf-cache-status MISS last-modified Sat, 14 Oct 2023 07:19:14 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jZenYPiky8g9k5ARI%2F9KfqBIS0OlAD6v1LRBhdZ5H5D8A66XWoqiUU2AY9BUrFKc9yNpsMNyv0NTNT18I8i7etoPTVYb69Y5uQk%2BreD0fAgZV5ZIYR4KMJ%2BqWDOL47Z1HP1X6A%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=864000, immutable accept-ranges bytes x-robots-tag noindex, nofollow, noarchive, nosnippet cf-ray 815e0d8d0ff730d2-FRA content-length 0 alt-svc h3=":443"; ma=86400
GET H2	200	DSC-9783.jpg i.ibb.co/hfXqL5Y/	430 KB 430 KB	24ms 24ms	Image image/jpeg	162.19.58.161 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://i.ibb.co/hfXqL5Y/DSC-9783.jpg Requested by Host: ibb.co URL: https://ibb.co/bJHfQhb Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.19.58.161 , France, ASN16276 (OVH, FR), Reverse DNS ns3096669.ip-162-19-58.eu Software nginx / Resource Hash 659edfcac88ddd6d56cc7dd4d466d70c1f0ca99ef8a4e07a58a9b335daf1e456 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sat, 14 Oct 2023 07:19:14 GMT last-modified Sat, 14 Oct 2023 06:50:40 GMT server nginx access-control-allow-methods GET, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 439842 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	bid Show response aax.amazon-adsystem.com/e/dtb/	23 B 454 B	79ms 62ms	XHR text/javascript	52.222.253.136 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fibb.co%2FbJHfQhb&pid=UR9WWMxHeuUH0&cb=2&ws=1600x1200&v=23.919.1525&t=1500&slots=%5B%7B%22sd%22%3A%22vi_22154111430_7%22%2C%22s%22%3A%5B%22970x90%22%5D%2C%22sn%22%3A111430%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%2C%7B%22sd%22%3A%22vi_22154111430_8%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A111430%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!pubpower.io%2C467%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22no-cmp%22%7D Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.253.136 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-253-136.fra60.r.cloudfront.net Software Server / Resource Hash 5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5 Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sat, 14 Oct 2023 07:19:14 GMT strict-transport-security max-age=47474747; includeSubDomains; preload via 1.1 319f376925908156190f5fc160137b42.cloudfront.net (CloudFront) server Server x-amz-cf-pop FRA60-P3 x-amz-rid B4J61F6BKE56EDP93Y5Q vary Accept-Encoding,User-Agent x-cache Miss from cloudfront content-type text/javascript;charset=UTF-8 access-control-allow-origin https://ibb.co access-control-allow-credentials true timing-allow-origin * content-length 23 x-amz-cf-id 4RRdBSO7oTffGd3ytKJ0s0khvweiid4gwOpD_5SKAcxuIgyssNy9qA==
GET H2	200	cc.jpeg px.vliplatform.com/bi-v4/	0 259 B	457ms 137ms	Image image/jpeg	104.21.82.134 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNteKYteyM-ZYUq-PtUU-aaAy-eZyreUwPwMtaRdzNwqfftkRlmNaKAbaARwlNqdqmgfRkjmNaKAbaARrdzNqdqmgfRwkjNARmNTTTPBARleNplR_yszuNyqsltRedhNgyy Requested by Host: ibb.co URL: https://ibb.co/bJHfQhb Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.82.134 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sat, 14 Oct 2023 07:19:14 GMT cf-cache-status MISS last-modified Sat, 14 Oct 2023 07:19:14 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yG86fiij%2BNGSROIwohbQZkNEb3tsM773kHZKOvf6pyxZ60O4e7pVn93gy8xx7Rn%2BM%2FLkro4LPliA9DdQ%2Fk6jqHa3d0uJloo7fUGfN8lljdVLmgPo0Rg0cUt8xfbIE%2FS083fE%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=864000, immutable accept-ranges bytes x-robots-tag noindex, nofollow, noarchive, nosnippet cf-ray 815e0d8d0ff830d2-FRA content-length 0 alt-svc h3=":443"; ma=86400
GET H2	200	cc.jpeg px.vliplatform.com/bi-v4/	0 260 B	453ms 134ms	Image image/jpeg	104.21.82.134 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNUtZtePtw-yqwy-PaBa-qaaK-KUwqrAqYeeyPRdzNwqfftkRlmNKYMbaARwlNqdqmgfRkjmNKYMbaARrdzNqdqmgfRwkjNARmNTTTPBARleNplR_yszuNyqsltRedhNgyy Requested by Host: ibb.co URL: https://ibb.co/bJHfQhb Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.82.134 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sat, 14 Oct 2023 07:19:14 GMT cf-cache-status MISS last-modified Sat, 14 Oct 2023 07:19:14 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TAxDVwpwkN7uQiK9OG3Ya7x01vm%2B1JIZyTIuk%2F7%2FOs2veT15ycYsE3DFNGhYcSVpFaiGUJ3hHFD9WL4vbl4cT%2BagxEa%2F9c3XM2bLtSyggF2%2BGxupDyzH0KodPEFkqrv1vS0bQQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=864000, immutable accept-ranges bytes x-robots-tag noindex, nofollow, noarchive, nosnippet cf-ray 815e0d8d0ff930d2-FRA content-length 0 alt-svc h3=":443"; ma=86400
GET H2	200	bid Show response aax.amazon-adsystem.com/e/dtb/	23 B 454 B	77ms 76ms	XHR text/javascript	52.222.253.136 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fibb.co%2FbJHfQhb&pid=UR9WWMxHeuUH0&cb=3&ws=1600x1200&v=23.919.1525&t=1500&slots=%5B%7B%22sd%22%3A%22vi_2215494532_1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A94532%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!pubpower.io%2C467%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22no-cmp%22%7D Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.253.136 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-253-136.fra60.r.cloudfront.net Software Server / Resource Hash 1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3 Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sat, 14 Oct 2023 07:19:14 GMT strict-transport-security max-age=47474747; includeSubDomains; preload via 1.1 319f376925908156190f5fc160137b42.cloudfront.net (CloudFront) server Server x-amz-cf-pop FRA60-P3 x-amz-rid 7JN0A5B9PH0P1YBVM0TW vary Accept-Encoding,User-Agent x-cache Miss from cloudfront content-type text/javascript;charset=UTF-8 access-control-allow-origin https://ibb.co access-control-allow-credentials true timing-allow-origin * content-length 23 x-amz-cf-id 4W9fmPPK16I-2sLdf3Cf6VH5pQxKK-7ViwrIW85-Cy6UO0wnDdtULQ==
GET H2	200	1679645040.png assets.vlitag.com/widget/2023/03/24/	98 KB 99 KB	28ms 26ms	Image image/webp	172.67.21.227 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.vlitag.com/widget/2023/03/24/1679645040.png Requested by Host: ibb.co URL: https://ibb.co/bJHfQhb Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.21.227 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c43f2cfd502f8404bf58060207dfd8294ad0c7f1bc08e69db75713552f915795 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sat, 14 Oct 2023 07:19:14 GMT cf-cache-status HIT age 470038 cf-polished origFmt=png, origSize=323185 content-disposition inline; filename="1679645040.webp" alt-svc h3=":443"; ma=86400 content-length 100856 cf-bgj imgq:85,h2pri last-modified Fri, 24 Mar 2023 08:04:00 GMT server cloudflare etag "641d5970-4ee71" vary Accept content-type image/webp cache-control max-age=16070400 accept-ranges bytes cf-ray 815e0d8b6f425c7a-FRA expires Thu, 05 Oct 2023 08:07:10 GMT
GET H2	200	1648753545.jpg assets.vlitag.com/widget/2022/03/31/	97 KB 97 KB	32ms 30ms	Image image/webp	172.67.21.227 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.vlitag.com/widget/2022/03/31/1648753545.jpg Requested by Host: ibb.co URL: https://ibb.co/bJHfQhb Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.21.227 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 191a98003e98b429276e8f3daefd3849a1603a4ddee78efc0168ba41a131a5bb Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sat, 14 Oct 2023 07:19:14 GMT cf-cache-status HIT age 593365 cf-polished qual=85, origFmt=jpeg, origSize=133932 content-disposition inline; filename="1648753545.webp" alt-svc h3=":443"; ma=86400 content-length 99048 cf-bgj imgq:85,h2pri last-modified Thu, 31 Mar 2022 19:05:45 GMT server cloudflare etag "6245fb89-20b2c" vary Accept content-type image/webp cache-control max-age=16070400 accept-ranges bytes cf-ray 815e0d8b6f435c7a-FRA expires Wed, 04 Oct 2023 08:20:21 GMT
GET H2	200	1572962830.jpg assets.vlitag.com/widget/2019/11/05/	170 KB 171 KB	31ms 30ms	Image image/jpeg	172.67.21.227 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.vlitag.com/widget/2019/11/05/1572962830.jpg Requested by Host: ibb.co URL: https://ibb.co/bJHfQhb Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.21.227 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a24a1cdd313ab6fa435e1a0f9f4f0395f864a11c9a5ff9610beafe91548d1a8d Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sat, 14 Oct 2023 07:19:14 GMT cf-cache-status HIT age 593365 cf-polished degrade=85, origSize=227959, status=webp_bigger alt-svc h3=":443"; ma=86400 content-length 174276 cf-bgj imgq:85,h2pri last-modified Tue, 05 Nov 2019 14:07:11 GMT server cloudflare etag "5dc1820f-37a77" vary Accept-Encoding content-type image/jpeg cache-control max-age=16070400 accept-ranges bytes cf-ray 815e0d8b6f445c7a-FRA expires Sat, 07 Oct 2023 10:59:23 GMT
GET H2	200	1592801729.jpg assets.vlitag.com/widget/2020/06/22/	74 KB 74 KB	24ms 23ms	Image image/webp	172.67.21.227 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.vlitag.com/widget/2020/06/22/1592801729.jpg Requested by Host: ibb.co URL: https://ibb.co/bJHfQhb Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.21.227 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b8341f341848ee9eec71870d976b0895ef1084190c2e0b0349d2ba1c9b9ef64e Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sat, 14 Oct 2023 07:19:14 GMT cf-cache-status HIT age 593365 cf-polished qual=85, origFmt=jpeg, origSize=103053 content-disposition inline; filename="1592801729.webp" alt-svc h3=":443"; ma=86400 content-length 75514 cf-bgj imgq:85,h2pri last-modified Mon, 22 Jun 2020 04:55:29 GMT server cloudflare etag "5ef039c1-1928d" vary Accept content-type image/webp cache-control max-age=16070400 accept-ranges bytes cf-ray 815e0d8b6f465c7a-FRA expires Thu, 05 Oct 2023 05:40:00 GMT
GET H2	200	1572962870.jpg assets.vlitag.com/widget/2019/11/05/	107 KB 107 KB	64ms 63ms	Image image/webp	172.67.21.227 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.vlitag.com/widget/2019/11/05/1572962870.jpg Requested by Host: ibb.co URL: https://ibb.co/bJHfQhb Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.21.227 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 45fe766308841d0d4a2068ef014d83df899ef6623f6bb4bde509431657b1c707 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sat, 14 Oct 2023 07:19:14 GMT cf-cache-status HIT age 479527 cf-polished qual=85, origFmt=jpeg, origSize=151033 content-disposition inline; filename="1572962870.webp" alt-svc h3=":443"; ma=86400 content-length 109336 cf-bgj imgq:85,h2pri last-modified Tue, 05 Nov 2019 14:07:50 GMT server cloudflare etag "5dc18236-24df9" vary Accept content-type image/webp cache-control max-age=16070400 accept-ranges bytes cf-ray 815e0d8b6f475c7a-FRA expires Thu, 05 Oct 2023 12:36:18 GMT
GET H2	200	1596163502.jpg assets.vlitag.com/widget/2020/07/30/	104 KB 105 KB	67ms 66ms	Image image/webp	172.67.21.227 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.vlitag.com/widget/2020/07/30/1596163502.jpg Requested by Host: ibb.co URL: https://ibb.co/bJHfQhb Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.21.227 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5db53bf6a77148dae0aece6b6512e4a6bf94603af72e449a0f23ed03e8b96ff3 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sat, 14 Oct 2023 07:19:14 GMT cf-cache-status HIT age 593365 cf-polished qual=85, origFmt=jpeg, origSize=140376 content-disposition inline; filename="1596163502.webp" alt-svc h3=":443"; ma=86400 content-length 106784 cf-bgj imgq:85,h2pri last-modified Fri, 31 Jul 2020 02:45:02 GMT server cloudflare etag "5f2385ae-22458" vary Accept content-type image/webp cache-control max-age=16070400 accept-ranges bytes cf-ray 815e0d8b6f485c7a-FRA expires Thu, 05 Oct 2023 11:30:00 GMT
GET H2	200	cc.jpeg px.vliplatform.com/bi-v4/	0 258 B	147ms 146ms	Image image/jpeg	104.21.82.134 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNYqaZqaYa-UPYY-PZYK-aery-qtAYZePwYUUeRdzNwqfftkRlmNBAAbYZARwlNqdqmgfRkjmNBAAbYZARrdzNqdqmgfRwkjNARmNaPZBYRleNplR_yszuNyqsltRedhNgyy Requested by Host: ibb.co URL: https://ibb.co/bJHfQhb Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.82.134 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sat, 14 Oct 2023 07:19:14 GMT cf-cache-status MISS last-modified Sat, 14 Oct 2023 07:19:14 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rei0djFBQiugFHfQGto%2BNvMOCK1prDCAJ%2BvM8VlcZWvytqGR81LQ1yVPVkdNGutI7qy7WoDwEATRvJzcJ3Oz70l1IMNazF2weH1txY4t82I%2FU%2FWQGPtISDanQKl8QryuSJJOQQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=864000, immutable accept-ranges bytes x-robots-tag noindex, nofollow, noarchive, nosnippet cf-ray 815e0d8de8b830d2-FRA content-length 0 alt-svc h3=":443"; ma=86400
GET H3	206	videoplayback r5---sn-25ge7nzd.googlevideo.com/ Redirect Chain https://media.vlitag.com/vid/?id=6Fk_i-JDmbY&t=y https://redirector.googlevideo.com/videoplayback?expire=1697278916&ei=ZBcqZdjLCLCysfIPo9q64Ao&ip=184.164.141.146&id=o-AKRBT7BuPYrgbM85qY4XBvnozQBWF3niw2_7IX-AdstJ&itag=18&source=youtube&requiressl=... https://r2---sn-5hnekn7k.googlevideo.com/videoplayback?expire=1697278916&ei=ZBcqZdjLCLCysfIPo9q64Ao&ip=184.164.141.146&id=o-AKRBT7BuPYrgbM85qY4XBvnozQBWF3niw2_7IX-AdstJ&itag=18&source=youtube&requi... https://r5---sn-25ge7nzd.googlevideo.com/videoplayback?expire=1697278916&ei=ZBcqZdjLCLCysfIPo9q64Ao&ip=184.164.141.146&id=o-AKRBT7BuPYrgbM85qY4XBvnozQBWF3niw2_7IX-AdstJ&itag=18&source=youtube&requi...	265 KB 0	90ms 18ms	Media video/mp4	2a00:1450:4007:c::a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://r5---sn-25ge7nzd.googlevideo.com/videoplayback?expire=1697278916&ei=ZBcqZdjLCLCysfIPo9q64Ao&ip=184.164.141.146&id=o-AKRBT7BuPYrgbM85qY4XBvnozQBWF3niw2_7IX-AdstJ&itag=18&source=youtube&requiressl=yes&spc=UWF9f9SyT3UsHHYhd-92Drio7iSXRB9eKP7XYbJ0iw&vprv=1&svpuc=1&mime=video%2Fmp4&ns=lGaXtPCHUWeqFbQzl4eXtzUP&cnr=14&ratebypass=yes&dur=200.968&lmt=1685781175523295&fexp=24007246,24350018&beids=24350018&c=WEB&txp=6219224&n=XM19EiFkMITNMky&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=AGM4YrMwRQIhAOLIFVKrwL2Qgxddp2dv4kn2fGKnUfLOvFv_nB_Fw0FcAiA_cEXCImguVYa4W2qNkBJUGfpt7GHVS42281BiXVptgw%3D%3D&redirect_counter=1&rm=sn-5hneld7l&req_id=2eed2536f45a36e2&cms_redirect=yes&cmsv=e&ipbypass=yes&mh=d6&mip=2a01:7e01:e001:1c8::202&mm=31&mn=sn-25ge7nzd&ms=au&mt=1697267166&mv=u&mvi=5&pl=33&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AK1ks_kwRAIgPTZJVsYfFk7cq3Z_IPY0TCOWRI5ngrSRsjbCzTLLkQsCIAyJAA2yFhBzbI1_Od1G3zN8gkf9bF7UIkDirzxemkP7 Requested by Host: ibb.co URL: https://ibb.co/bJHfQhb Protocol H3 Server 2a00:1450:4007:c::a , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software gvs 1.0 / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers client-protocol quic date Sat, 14 Oct 2023 07:19:15 GMT x-content-type-options nosniff last-modified Sat, 03 Jun 2023 08:32:55 GMT server gvs 1.0 vary Origin content-type video/mp4 Content-Range bytes 0-14185952/14185953 cache-control private, max-age=10661 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46" Content-Length 14185953 expires Sat, 14 Oct 2023 07:19:15 GMT Redirect headers date Sat, 14 Oct 2023 07:19:15 GMT x-content-type-options nosniff last-modified Wed, 02 May 2007 10:26:10 GMT server gvs 1.0 vary Origin content-type text/html location https://r5---sn-25ge7nzd.googlevideo.com/videoplayback?expire=1697278916&ei=ZBcqZdjLCLCysfIPo9q64Ao&ip=184.164.141.146&id=o-AKRBT7BuPYrgbM85qY4XBvnozQBWF3niw2_7IX-AdstJ&itag=18&source=youtube&requiressl=yes&spc=UWF9f9SyT3UsHHYhd-92Drio7iSXRB9eKP7XYbJ0iw&vprv=1&svpuc=1&mime=video%2Fmp4&ns=lGaXtPCHUWeqFbQzl4eXtzUP&cnr=14&ratebypass=yes&dur=200.968&lmt=1685781175523295&fexp=24007246,24350018&beids=24350018&c=WEB&txp=6219224&n=XM19EiFkMITNMky&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=AGM4YrMwRQIhAOLIFVKrwL2Qgxddp2dv4kn2fGKnUfLOvFv_nB_Fw0FcAiA_cEXCImguVYa4W2qNkBJUGfpt7GHVS42281BiXVptgw%3D%3D&redirect_counter=1&rm=sn-5hneld7l&req_id=2eed2536f45a36e2&cms_redirect=yes&cmsv=e&ipbypass=yes&mh=d6&mip=2a01:7e01:e001:1c8::202&mm=31&mn=sn-25ge7nzd&ms=au&mt=1697267166&mv=u&mvi=5&pl=33&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AK1ks_kwRAIgPTZJVsYfFk7cq3Z_IPY0TCOWRI5ngrSRsjbCzTLLkQsCIAyJAA2yFhBzbI1_Od1G3zN8gkf9bF7UIkDirzxemkP7 cache-control private, max-age=900 cross-origin-resource-policy cross-origin content-length 0 expires Sat, 14 Oct 2023 07:19:15 GMT
GET H2	200	adtag.js Show response dsp.vlitag.com/js/v1/ Frame CDCF	102 KB 26 KB	37ms 28ms	Script application/javascript	172.67.21.227 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dsp.vlitag.com/js/v1/adtag.js Requested by Host: services.vlitag.com URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.21.227 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 44d1c878ee2c022361cfcae57d526f0c92c2c42f553973579c07fcebeac26502 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sat, 14 Oct 2023 07:19:14 GMT content-encoding br cf-cache-status HIT cf-bgj minify server cloudflare age 126 cf-polished origSize=104022 etag W/"2023-09-19T02:46:59" vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control public, max-age=300, stale-while-revalidate=3600 x-robots-tag noindex, nofollow, noarchive, nosnippet cf-ray 815e0d8c0fbd5c7a-FRA alt-svc h3=":443"; ma=86400
GET H2	200	pubcid.min.js Show response cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/	732 B 1 KB	346ms 23ms	Script application/javascript	104.16.88.20 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js?cb=31078769 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sat, 14 Oct 2023 07:19:14 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 11601 x-jsd-version master content-encoding br x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-served-by cache-fra-eddf8230042-FRA, cache-yyz4527-YYZ x-jsd-version-type branch server cloudflare etag W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0rATvceI5pDIKc1YTparw0fpjbSnkBhaaCZwBXKlYaNKABxMw9AEWhPgj67OJOpThJm69zCZotMvGoKMqjlaJE6vTeGju9%2FGjXlw5W3x6WJPLFBG2R1ofdOk%2Bs1LlflUrDo%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 timing-allow-origin * cf-ray 815e0d8e5ce030ed-FRA
GET H2	200	esp.js Show response cdn.id5-sync.com/api/1.0/	139 KB 30 KB	363ms 21ms	Script text/javascript	104.22.53.86 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.id5-sync.com/api/1.0/esp.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js?cb=31078769 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.22.53.86 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 310de9600c8bb44cc93f7917cf8285ebd1ad24620773adf3f2df4e5e0db9dfd1 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sat, 14 Oct 2023 07:19:14 GMT strict-transport-security max-age=15552000; includeSubDomains; preload content-encoding gzip cf-cache-status HIT last-modified Tue, 10 Oct 2023 14:20:27 GMT server cloudflare x-amz-request-id X563Z11F0G8FH85X age 395 etag W/"88086289b3f2ebf319996b249365dbe2" x-amz-server-side-encryption AES256 vary Accept-Encoding content-type text/javascript;charset=utf-8 cache-control public, max-age=3600 cf-ray 815e0d8e7dc1373f-FRA x-amz-id-2 /dY6XJVQ4TA+o1z/K98Br8AnzYvutAfEP8OGcrpDhKsIeE71kDQFImUMGuh4OC6D6gCTfOiG/b0=
GET H2	200	publishertag.ids.js Show response static.criteo.net/js/ld/	42 KB 13 KB	382ms 34ms	Script text/javascript	178.250.7.2 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/js/ld/publishertag.ids.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js?cb=31078769 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash 5a0e0bff8aff490cd3817c0f945e120780bd2148eb66f8179899bb4c999fc762 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sat, 14 Oct 2023 07:19:14 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Wed, 11 Oct 2023 08:53:04 GMT server nginx etag W/"65266270-a892" content-type text/javascript access-control-allow-origin * cache-control max-age=86400, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Sun, 15 Oct 2023 07:19:14 GMT
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	47 KB 16 KB	327ms 324ms	Fetch text/plain	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4217312119770705&correlator=3093522696004470&eid=31078637%2C31078744%2C31078769%2C44769661&output=ldjh&gdfp_req=1&vrg=202310110101&ptt=17&impl=fifs&iu_parts=21724377464%3A22155214454%2Cibb.co_vli111431&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&fsfs=1&ists=1&fas=8&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1697267954602&lmt=1697260754&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fibb.co%2FbJHfQhb&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=278179445.1697267955&ga_sid=1697267955&ga_hid=1300104231&ga_fc=false&a3p=EhkKCnB1YmNpZC5vcmcYpee26LIxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGKbntuiyMUgAUgIIZBIbCgxpZDUtc3luYy5jb20Ypue26LIxSABSAghk&dlt=1697267952162&idt=2402&prev_scp=vli_adslot%3D111431%26vli_acc%3D152media%26vli_adtype%3Ddisplay%26hb_width%3D336%26hb_height%3D280%26vli_sf%3D1%26vli_slot%3Dvi_22154111431_banner%26pw_tagid%3D111431%26pw_network%3Dtrue%26vli_ad_type%3Dpassback%26pw_pb%3D0.01&cust_params=hb_domain%3Dibb.co&adks=988992857&frm=20 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js?cb=31078769 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9aa5aae0dc74ec1449d21a8ad916c4a06f93f2a3c1da87a2b2c8f04cf479af66 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sat, 14 Oct 2023 07:19:14 GMT content-encoding br x-content-type-options nosniff observe-browsing-topics ?1 google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 16494 x-xss-protection 0 google-lineitem-id 5877303303 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id 138377346455 content-type text/plain; charset=UTF-8 access-control-allow-origin https://ibb.co cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	cc.jpeg px.vliplatform.com/bi-v4/	0 255 B	139ms 138ms	Image image/jpeg	104.21.82.134 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNwUqUyKwT-UeyP-PYTK-aqZy-ZyAeaPrBKaBaRdzNwqfftkRwlNqrb_TZYdtroqRkjmNBYAbPMA,BBUbYMA,BAAbYZARrdzNuggustRwkjNTRmNTTTPBTRleNplR_yszuNyqsltRedhNgyy Requested by Host: ibb.co URL: https://ibb.co/bJHfQhb Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.82.134 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sat, 14 Oct 2023 07:19:14 GMT cf-cache-status MISS last-modified Sat, 14 Oct 2023 07:19:14 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FaAb8tasQB83nUZXig%2BaUnyuFd1rssYJm7pznebNmBJop0ac0731rwa3f9AyHXoXS8SgUrxLZMgz1ekIepPx%2F0ycH5Dy9SLl7PYRp%2FArHPeGlyectdvphC%2Fenei0xSc%2FtlizSg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=864000, immutable accept-ranges bytes x-robots-tag noindex, nofollow, noarchive, nosnippet cf-ray 815e0d8de8b930d2-FRA content-length 0 alt-svc h3=":443"; ma=86400
GET H2	200	container.html Show response 8a34e81ee451283a4ebbde9dd2260ba3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2CC4	6 KB 3 KB	419ms 17ms	Document text/html	142.250.181.225 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://8a34e81ee451283a4ebbde9dd2260ba3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js?cb=31078769 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.181.225 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f1.1e100.net Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ibb.co/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Sat, 14 Oct 2023 07:19:15 GMT expires Sun, 13 Oct 2024 07:19:15 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	pubads_impl_page_level_ads.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/	38 KB 13 KB	23ms 22ms	Script text/javascript	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl_page_level_ads.js?cb=31078769 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js?cb=31078769 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash fc2b61cf28583354672e9ceb5b4c4d8e182e8e9e2003df6fa8723a1dc459fbd3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Fri, 13 Oct 2023 10:36:49 GMT content-encoding br x-content-type-options nosniff age 74545 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13428 x-xss-protection 0 server cafe etag 7072425772309545193 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 timing-allow-origin * expires Sat, 12 Oct 2024 10:36:49 GMT
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	59 KB 19 KB	328ms 328ms	Fetch text/plain	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4217312119770705&correlator=1667178373542759&eid=31078637%2C31078744%2C31078769%2C44769661&output=ldjh&gdfp_req=1&vrg=202310110101&ptt=17&impl=fifs&iu_parts=21724377464%3A22155214454%2Cibb.co_vli111430&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90&ifi=2&sfv=1-0-40&fsfs=1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1697267954650&lmt=1697260754&adxs=436&adys=1226&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fibb.co%2FbJHfQhb&vis=1&psz=1600x-1&msz=728x-1&fws=512&ohw=0&ga_vid=278179445.1697267955&ga_sid=1697267955&ga_hid=1300104231&ga_fc=false&a3p=EhkKCnB1YmNpZC5vcmcYpee26LIxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGKbntuiyMUgAUgIIZBIbCgxpZDUtc3luYy5jb20Ypue26LIxSABSAghk&dlt=1697267952162&idt=2402&prev_scp=vli_adslot%3D111430%26vli_acc%3D152media%26vli_adtype%3Ddisplay%26hb_width%3D970%26hb_height%3D90%26pw_tagid%3D111430%26vli_sf%3D1%26pw_network%3Dtrue%26vli_ad_type%3Dpassback%26pw_pb%3D0.01&cust_params=hb_domain%3Dibb.co&adks=3672933460&frm=20 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js?cb=31078769 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9fbb31ff61e876748f8972800f2b2b47324f9efecb8d871579aadd338b0dec52 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sat, 14 Oct 2023 07:19:14 GMT content-encoding br x-content-type-options nosniff observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 19415 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://ibb.co cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	cc.jpeg px.vliplatform.com/bi-v4/	0 259 B	140ms 139ms	Image image/jpeg	104.21.82.134 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNrYAraYYt-BYPq-Praq-aAwq-PTKMPyKtUBqYRdzNwqfftkRwlNqrb_TZYdtroqRkjmNKYMbaA,aKAbaARrdzNuggustRwkjNTRmNTTTPBARleNplR_yszuNyqsltRedhNgyy Requested by Host: ibb.co URL: https://ibb.co/bJHfQhb Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.82.134 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sat, 14 Oct 2023 07:19:14 GMT cf-cache-status MISS last-modified Sat, 14 Oct 2023 07:19:14 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x%2Bhs3RsA4btGzeU9MBsnF3IrHOjOcwxHDQclheagjCgCBMW0jY5UhfJTXQYWGg0ZBjejnYN%2F8Q9yLiyMAEbSKtTHhcZxZfuxc%2BN55ESmaYdK8SyLSpD8zWl8brQC5vEwZ9hD%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=864000, immutable accept-ranges bytes x-robots-tag noindex, nofollow, noarchive, nosnippet cf-ray 815e0d8de8ba30d2-FRA content-length 0 alt-svc h3=":443"; ma=86400
GET H2	200	bidding Show response adsystem.pocpoc.io/adv/v1/ Frame CDCF	2 B 575 B	483ms 132ms	XHR application/json	104.26.15.167 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://adsystem.pocpoc.io/adv/v1/bidding?dv=desktop&dm=ibb.co&tid=VLI1-94532&sz=1&asz=300x250&at=native,banner Requested by Host: dsp.vlitag.com URL: https://dsp.vlitag.com/js/v1/adtag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.15.167 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sat, 14 Oct 2023 07:19:15 GMT cf-cache-status BYPASS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 content-length 2 pragma no-cache server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BnQX%2Fwqtd3wQ5zKvOagC0cwmxoBAEdP3R2wkVv0eE5Gv1iLtvTHi2b3r1Kx8h%2BVpqMQb6yBbUwQr8aiRt1NncZJu38R6Fc3sufKlmV%2BDUDlkSc2IQKHAhn3JHZCSqCALVpGA%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 access-control-allow-origin https://ibb.co cache-control no-cache, no-store, must-revalidate accept-ranges bytes x-robots-tag noindex, nofollow, noarchive, nosnippet cf-ray 815e0d8edb58381c-FRA expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	tfa.jpeg px.pocpoc.io/v1/ Frame CDCF	0 507 B	482ms 134ms	Image image/jpeg	104.26.14.167 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://px.pocpoc.io/v1/tfa.jpeg?e=rtNrtl0zghRzdNewZZytry-ZPqa-PwtM-wKyA-KrMBYrtZttUARrdNowwGegRzorNcsoT-aPZBYRleNpl Requested by Host: ibb.co URL: https://ibb.co/bJHfQhb Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.14.167 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sat, 14 Oct 2023 07:19:15 GMT cf-cache-status MISS last-modified Sat, 14 Oct 2023 07:19:15 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j%2FgSVauPTsRMnSc%2FcGHfQ5M4IPXyEeVRgLSEO1Y8TfHUJtStHslU5Ld2yu7HyIsYgs0cVeDmWcGhCu3XXxVLWTXNFjvfaftbL5F5v%2BvQyfZfCCXgAw%2B1Ir2kAeMj8w%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, immutable, max-age=864000 accept-ranges bytes x-robots-tag noindex, nofollow, noarchive, nosnippet cf-ray 815e0d900f6c698f-FRA content-length 0 alt-svc h3=":443"; ma=86400
GET H2	200	container.html Show response 8a34e81ee451283a4ebbde9dd2260ba3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6577	6 KB 3 KB	29ms 20ms	Document text/html	142.250.181.225 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://8a34e81ee451283a4ebbde9dd2260ba3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js?cb=31078769 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.181.225 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f1.1e100.net Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ibb.co/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Sat, 14 Oct 2023 07:19:15 GMT expires Sun, 13 Oct 2024 07:19:15 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	container.html Show response 8a34e81ee451283a4ebbde9dd2260ba3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 427B	6 KB 3 KB	10ms 9ms	Document text/html	142.250.181.225 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://8a34e81ee451283a4ebbde9dd2260ba3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js?cb=31078769 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.181.225 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f1.1e100.net Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ibb.co/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Sat, 14 Oct 2023 07:19:15 GMT expires Sun, 13 Oct 2024 07:19:15 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	cc.jpeg px.vliplatform.com/imp-v4/	0 542 B	135ms 135ms	Image image/jpeg	2606:4700:3037::ac43:9e3b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://px.vliplatform.com/imp-v4/cc.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNwataMqKY-Meqq-PArT-MwKr-YwTBPAatwrqURqxeNRwNqrb_TZYdtroqRhNARlmNxfrtyoftrbxfrtyoftrRdzNwqfftkRrdzNuggustRwkhNzkxtRmNTTTPBARleNplR_yszuNyqsltRedhNgyy Requested by Host: ibb.co URL: https://ibb.co/bJHfQhb Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sat, 14 Oct 2023 07:19:15 GMT cf-cache-status MISS last-modified Sat, 14 Oct 2023 07:19:15 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qm%2BKW%2BkkcgYLyFop416r3XtIdFCwn%2F2UAj8THf1lVtkzeI%2FY8llWzgl0bsj2%2BzRvVtKK%2FWTH%2BC%2BLv5Oamv8fJshtYF85scE1shuVRhj9tIaTNbfYupZFWXRx07QgLwlzzyqKIH6WrUYV6Ni9TI%2FaMQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=864000, immutable accept-ranges bytes x-robots-tag noindex, nofollow, noarchive, nosnippet cf-ray 815e0d8f9ef64d8d-FRA content-length 0 alt-svc h3=":443"; ma=86400
GET H2	200	css2 fonts.googleapis.com/ Frame 6577	4 KB 767 B	20ms 19ms	Stylesheet text/css	142.250.186.74 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap Requested by Host: 8a34e81ee451283a4ebbde9dd2260ba3.safeframe.googlesyndication.com URL: https://8a34e81ee451283a4ebbde9dd2260ba3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.74 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f10.1e100.net Software ESF / Resource Hash 2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://8a34e81ee451283a4ebbde9dd2260ba3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sat, 14 Oct 2023 07:19:15 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sat, 14 Oct 2023 05:47:57 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 14 Oct 2023 07:19:15 GMT
GET H2	200	ext.js Show response tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame E2F0	24 KB 7 KB	366ms 18ms	Script text/javascript	172.217.18.1 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js Requested by Host: ibb.co URL: https://ibb.co/bJHfQhb Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.1 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s22-in-f1.1e100.net Software sffe / Resource Hash 08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://8a34e81ee451283a4ebbde9dd2260ba3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Fri, 13 Oct 2023 06:34:09 GMT content-encoding br x-content-type-options nosniff age 89106 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6402 x-xss-protection 0 last-modified Thu, 03 Nov 2022 19:10:08 GMT server sffe vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control public, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Sat, 12 Oct 2024 06:34:09 GMT
GET H2	200	creative.js Show response cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame E2F0	26 KB 9 KB	18ms 17ms	Script application/javascript	104.16.88.20 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js Requested by Host: ibb.co URL: https://ibb.co/bJHfQhb Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7f85637bbf5c0ee6a01fa5afb711af0e3d873ab20f0cbeaeb9105998530822c0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://8a34e81ee451283a4ebbde9dd2260ba3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sat, 14 Oct 2023 07:19:15 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 39116 x-jsd-version 1.16.0 content-encoding br x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-served-by cache-fra-eddf8230064-FRA, cache-jnb7024-JNB x-jsd-version-type version server cloudflare etag W/"6721-FSYTlyriJmmnEqYsq5KQLDRsrFg" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wtVnLnC7ufjTdwXfPQQfp%2BTWegVqqZA5H3%2FbZv2QqwN2QmzmWU03ZabW%2Fgpe6L6jt9WoPSEfDmcKRkVRp6f1HiKB18EARFwvGAA2g%2BkErlWQAgsycZRm5ATRqWmR3TWsY3s%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 timing-allow-origin * cf-ray 815e0d8fce3c30ed-FRA
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame E2F0	187 KB 59 KB	392ms 37ms	Script text/javascript	142.250.185.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: ibb.co URL: https://ibb.co/bJHfQhb Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f2.1e100.net Software sffe / Resource Hash 7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://8a34e81ee451283a4ebbde9dd2260ba3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sat, 14 Oct 2023 07:19:15 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 60003 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1697024009209687" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Sat, 14 Oct 2023 07:19:15 GMT
GET H2	200	interstitial_ad_frame_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231011/r20110914/elements/html/ Frame 6577	20 KB 8 KB	370ms 24ms	Script text/javascript	172.217.18.1 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/elements/html/interstitial_ad_frame_fy2021.js Requested by Host: 8a34e81ee451283a4ebbde9dd2260ba3.safeframe.googlesyndication.com URL: https://8a34e81ee451283a4ebbde9dd2260ba3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.1 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s22-in-f1.1e100.net Software cafe / Resource Hash e08fab994eb10dfab342ea8c594178451e92a54746244e47f90d513c187ae228 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://8a34e81ee451283a4ebbde9dd2260ba3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Fri, 13 Oct 2023 22:53:09 GMT content-encoding br x-content-type-options nosniff age 30366 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8568 x-xss-protection 0 server cafe etag 3657364187347500438 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 27 Oct 2023 22:53:09 GMT
GET H2	200	syncframe Show response gum.criteo.com/ Frame E990	15 KB 6 KB	387ms 21ms	Document text/html	178.250.1.11 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=ibb.co Requested by Host: static.criteo.net URL: https://static.criteo.net/js/ld/publishertag.ids.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://ibb.co/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control private, max-age=3600 content-encoding gzip content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Sat, 14 Oct 2023 07:19:15 GMT server Kestrel server-processing-duration-in-ticks 305993 strict-transport-security max-age=31536000; preload; vary Accept-Encoding
GET H2	204	increment Show response id5-sync.com/api/esp/	0 222 B	38ms 9ms	XHR text/plain	162.19.138.116 OVH
General Check archive.org Show headers Download Go to Full URL https://id5-sync.com/api/esp/increment?counter=no-config Requested by Host: cdn.id5-sync.com URL: https://cdn.id5-sync.com/api/1.0/esp.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR), Reverse DNS ns31533567.ip-162-19-138.eu Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Referer https://ibb.co/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://ibb.co date Sat, 14 Oct 2023 07:19:14 GMT strict-transport-security max-age=63072000; includeSubDomains; preload access-control-allow-credentials true vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
GET H2	200	creative.min.js Show response static.vliplatform.com/plugins/pbnative/ Frame CDCF	36 KB 9 KB	31ms 22ms	Script application/javascript	104.21.82.134 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.vliplatform.com/plugins/pbnative/creative.min.js?v=1.05 Requested by Host: dsp.vlitag.com URL: https://dsp.vlitag.com/js/v1/adtag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.82.134 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 03a4b8eeed06bd5b9c5a4a3f160407a0417175cc2068df1a2a37b67b821c0e8c Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sat, 14 Oct 2023 07:19:15 GMT content-encoding br cf-cache-status HIT last-modified Tue, 29 Aug 2023 09:09:42 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1287587 etag W/"64edb5d6-8eb1" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tR3%2FWaDiv6hDrxf7sl5QXR%2FKl5PCQ30M5k1pZLkt9PpPJuaaZ6PAHShN%2FR2zWQFPGo0hjjHz5YKRUhCVxuDlem488epPVAymtRC1PYd%2F382VE3cxXJ18z7Umg8B%2Fn3KxiqMV77dDIEo%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=31536000 cf-ray 815e0d8ffae630d2-FRA alt-svc h3=":443"; ma=86400 expires Fri, 29 Sep 2023 10:09:28 GMT
GET H2	200	sdk.js Show response adsdk.microsoft.com/native-to-display/ Frame 291E	89 KB 36 KB	474ms 22ms	Script application/javascript	13.107.246.63 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://adsdk.microsoft.com/native-to-display/sdk.js Requested by Host: ibb.co URL: https://ibb.co/bJHfQhb Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.107.246.63 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e615f6f367dc60fdba6d1448d36ac3b9195d53b0547eecd900ec7ac5da35f87f Request headers Referer https://8a34e81ee451283a4ebbde9dd2260ba3.safeframe.googlesyndication.com/ Origin https://8a34e81ee451283a4ebbde9dd2260ba3.safeframe.googlesyndication.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob date Sat, 14 Oct 2023 07:19:15 GMT content-encoding br last-modified Tue, 10 Oct 2023 17:29:05 GMT vary Accept-Encoding x-azure-ref 20231014T071915Z-qck65em4xx6et52k0tneb8224g000000039g000000004g5k content-type application/javascript access-control-allow-origin * x-ms-request-id 49722335-401e-005f-44fb-fc8092000000 cache-control private, max-age=3600 x-cache TCP_HIT x-ms-version 2009-09-19
GET H/1.1	200 OK	trk.js Show response cdn.adnxs.com/v/s/239/ Frame 291E	80 KB 27 KB	145ms 31ms	Script application/x-javascript	2.19.104.211 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://cdn.adnxs.com/v/s/239/trk.js Requested by Host: ibb.co URL: https://ibb.co/bJHfQhb Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.19.104.211 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-19-104-211.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d Request headers accept-language de-DE,de;q=0.9 Referer https://8a34e81ee451283a4ebbde9dd2260ba3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers Date Sat, 14 Oct 2023 07:19:15 GMT Content-Encoding gzip Last-Modified Tue, 11 Jul 2023 11:56:12 GMT Server AkamaiNetStorage ETag "615fd4ad24a409f4de5416b603f042c1:1689076572.555276" Vary Accept-Encoding Content-Type application/x-javascript Access-Control-Allow-Origin * Cache-Control max-age=31536000 Connection keep-alive Accept-Ranges bytes Content-Length 27646 Expires Sun, 13 Oct 2024 07:19:15 GMT
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 291E	3 KB 1 KB	325ms 15ms	Script text/javascript	172.217.18.1 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/window_focus_fy2021.js Requested by Host: ibb.co URL: https://ibb.co/bJHfQhb Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.1 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s22-in-f1.1e100.net Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://8a34e81ee451283a4ebbde9dd2260ba3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Fri, 13 Oct 2023 21:18:07 GMT content-encoding br x-content-type-options nosniff age 36068 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 27 Oct 2023 21:18:07 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 291E	20 KB 9 KB	322ms 13ms	Script text/javascript	172.217.18.1 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/qs_click_protection_fy2021.js Requested by Host: ibb.co URL: https://ibb.co/bJHfQhb Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.1 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s22-in-f1.1e100.net Software cafe / Resource Hash def028b193b87150eeb974ece780b8476797f52aa2edc9d7031e35bb5d0edd15 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://8a34e81ee451283a4ebbde9dd2260ba3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Fri, 13 Oct 2023 22:35:17 GMT content-encoding br x-content-type-options nosniff age 31438 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8337 x-xss-protection 0 server cafe etag 13483435759450910196 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 27 Oct 2023 22:35:17 GMT
GET H2	200	ext.js Show response tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 291E	24 KB 6 KB	329ms 20ms	Script text/javascript	172.217.18.1 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js Requested by Host: ibb.co URL: https://ibb.co/bJHfQhb Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.1 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s22-in-f1.1e100.net Software sffe / Resource Hash 08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://8a34e81ee451283a4ebbde9dd2260ba3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Fri, 13 Oct 2023 06:34:09 GMT content-encoding br x-content-type-options nosniff age 89106 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6402 x-xss-protection 0 last-modified Thu, 03 Nov 2022 19:10:08 GMT server sffe vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control public, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Sat, 12 Oct 2024 06:34:09 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 291E	187 KB 59 KB	376ms 60ms	Script text/javascript	142.250.185.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: ibb.co URL: https://ibb.co/bJHfQhb Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f2.1e100.net Software sffe / Resource Hash 7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://8a34e81ee451283a4ebbde9dd2260ba3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sat, 14 Oct 2023 07:19:15 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 60003 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1697024009209687" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Sat, 14 Oct 2023 07:19:15 GMT
GET H2	200	c.gif www.bing.com/aes/ Frame 291E Redirect Chain https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=f77cd66b-51bc-4203-a0bf-900fa54ade87&bidId=15000&bidderId=4&cmExpId=LV1&oAdUnit=391466&publisherId=162645330&rId=176e3cc9-b41c-47ed... https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=3b8f8b82590e40df984201bd89b529a5&SNR=1&GV=2&med=10	0 240 B	40ms 40ms	Image text/plain	204.79.197.200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=3b8f8b82590e40df984201bd89b529a5&SNR=1&GV=2&med=10 Requested by Host: 8a34e81ee451283a4ebbde9dd2260ba3.safeframe.googlesyndication.com URL: https://8a34e81ee451283a4ebbde9dd2260ba3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Server 204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS a-0001.a-msedge.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://8a34e81ee451283a4ebbde9dd2260ba3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers pragma no-cache date Sat, 14 Oct 2023 07:19:14 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 741A52774B3C4A9384D74BB98A907548 Ref B: FRAEDGE1514 Ref C: 2023-10-14T07:19:15Z vary Origin x-cache CONFIG_NOCACHE p3p CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo cache-control private,no-store content-length 0 Redirect headers pragma no-cache strict-transport-security max-age=15724800; includeSubDomains date Sat, 14 Oct 2023 07:19:14 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 76E02A14B64D473F8AB513CD360A95C3 Ref B: FRAEDGE1514 Ref C: 2023-10-14T07:19:15Z vary Origin x-cache CONFIG_NOCACHE content-type text/html; charset=utf-8 location https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=3b8f8b82590e40df984201bd89b529a5&SNR=1&GV=2&med=10 cache-control no-cache, no-store, must-revalidate content-length 154 expires 0
GET H2	200	platforms Show response odb.outbrain.com/utils/ Frame CDCF	4 KB 3 KB	230ms 189ms	XHR application/json	146.75.118.132 FASTLY
General Check archive.org Show headers Download Go to Full URL https://odb.outbrain.com/utils/platforms?contentUrl=https://ibb.co/bJHfQhb&widgetJSId=APP_1&key=INTER1JBG3BD8Q2B763PIB4G3&idx=0&format=vjnc&cors=true&extid=vli-94532 Requested by Host: static.vliplatform.com URL: https://static.vliplatform.com/plugins/pbnative/creative.min.js?v=1.05 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 146.75.118.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash ab3645db69dbb0021b9fd35eddc7c3bb82a621dede6a84332d2b39101a27ef44 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers x-cache-hits 0, 0 date Sat, 14 Oct 2023 07:19:15 GMT content-encoding br via 1.1 varnish, 1.1 varnish traffic-path NYDC1, LGA, FRA, USA_EAST1 x-cache MISS, MISS x-traceid 545a6c103351081b80a1a89ae2be8693 content-length 2690 x-served-by cache-lga21936-LGA, cache-fra-eddf8230105-FRA x-timer S1697267955.282680,VS0,VE159 vary Accept-Encoding, User-Agent content-type application/json; charset=UTF-8 access-control-allow-origin https://ibb.co access-control-allow-credentials true accept-ranges bytes expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	ob_logo_16x16.svg widgets.outbrain.com/images/widgetIcons/ Frame 118E	13 KB 14 KB	105ms 43ms	Image image/svg+xml	23.32.185.60 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://widgets.outbrain.com/images/widgetIcons/ob_logo_16x16.svg Requested by Host: ibb.co URL: https://ibb.co/bJHfQhb Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-32-185-60.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash c3c89d5295be3c6415416b83a9e4c0fc67a790e55713ddc3f2d0c07185779acf Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers expires Mon, 13 Nov 2023 07:19:15 GMT date Sat, 14 Oct 2023 07:19:15 GMT last-modified Tue, 10 Jan 2023 16:40:08 GMT server AkamaiNetStorage etag "af7be0711fb1cf2f41bb793256c8f148:1673369412.559449" access-control-allow-methods GET,POST content-type image/svg+xml access-control-allow-origin * cache-control max-age=2592000 access-control-allow-credentials false accept-ranges bytes timing-allow-origin *, * content-length 13687 access-control-request-headers X-OB-STG,X-OB-PRD
GET H2	200	achoice.svg widgets.outbrain.com/images/widgetIcons/ Frame 118E	990 B 1 KB	102ms 41ms	Image image/svg+xml	23.32.185.60 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://widgets.outbrain.com/images/widgetIcons/achoice.svg Requested by Host: ibb.co URL: https://ibb.co/bJHfQhb Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-32-185-60.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash 9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers expires Mon, 13 Nov 2023 07:19:15 GMT date Sat, 14 Oct 2023 07:19:15 GMT last-modified Tue, 10 Jan 2023 16:40:08 GMT server AkamaiNetStorage etag "5ab8e16b5f46213840bcd403e349419c:1673369393.880194" access-control-allow-methods GET,POST content-type image/svg+xml access-control-allow-origin * cache-control max-age=2592000 access-control-allow-credentials false accept-ranges bytes timing-allow-origin *, * content-length 990 access-control-request-headers X-OB-STG,X-OB-PRD
GET H2	200	eyJpdSI6IjkyZjc1NDA5NDcyZGYyYmIxMGY5MGI3NmYyY2NhYmQ2NGUzYjcwMTg0ODM1Yzk5OTFkMzYwMGVlNzQ4MWIyMTUiLCJ3IjozMjAsImgiOjE4MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp images.outbrainimg.com/transform/v3/ Frame 118E	34 KB 34 KB	126ms 13ms	Image image/webp	184.30.25.193 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://images.outbrainimg.com/transform/v3/eyJpdSI6IjkyZjc1NDA5NDcyZGYyYmIxMGY5MGI3NmYyY2NhYmQ2NGUzYjcwMTg0ODM1Yzk5OTFkMzYwMGVlNzQ4MWIyMTUiLCJ3IjozMjAsImgiOjE4MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp Requested by Host: ibb.co URL: https://ibb.co/bJHfQhb Protocol H2 Security TLS 1.3, , AES_256_GCM Server 184.30.25.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-30-25-193.deploy.static.akamaitechnologies.com Software / Resource Hash f2527602b6d5b6013435dff202ccb0748094e9a6d6e7bf6829b88bdce85333c4 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sat, 14 Oct 2023 07:19:15 GMT last-modified Sun, 11 Jun 2023 13:14:17 GMT access-control-allow-methods GET,POST content-type image/webp access-control-allow-origin * cache-control max-age=938270 access-control-allow-credentials false x-traceid 81e210377205f2095f05a869d0646d55 timing-allow-origin *, * content-length 34372
GET H/1.1	200 OK	l mcdp-nydc1.outbrain.com/ Frame CDCF	2 B 278 B	389ms 91ms	Image text/plain	70.42.32.191 AS-OUTBRAIN
General Check archive.org Show headers Download Go to Show image Full URL https://mcdp-nydc1.outbrain.com/l?token=3f42abbd52e8f3780d475c371beb7cb2_198067_1697267955396 Requested by Host: ibb.co URL: https://ibb.co/bJHfQhb Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 70.42.32.191 , United States, ASN22075 (AS-OUTBRAIN, US), Reverse DNS ny.outbrain.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers Date Sat, 14 Oct 2023 07:19:15 GMT content-encoding br X-TraceId 6f37c32b84f823852b2ffcba4205ec02 Content-Length 6 Vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers Content-Type text/plain; charset=UTF-8
GET H/1.1	200 OK	log-viewability log.outbrainimg.com/loggerServices/ Frame CDCF	4 B 325 B	496ms 113ms	Image application/json	50.31.142.159 SERVERCENTRAL
General Check archive.org Show headers Download Go to Show image Full URL https://log.outbrainimg.com/loggerServices/log-viewability?requestId=3f42abbd52e8f3780d475c371beb7cb2&position=0 Requested by Host: ibb.co URL: https://ibb.co/bJHfQhb Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 50.31.142.159 Hickory Hills, United States, ASN23352 (SERVERCENTRAL, US), Reverse DNS chi.outbrain.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers Pragma no-cache Date Sat, 14 Oct 2023 07:19:15 GMT Access-Control-Allow-Methods GET,POST Content-Type application/json; charset=UTF-8 Access-Control-Allow-Origin * Cache-Control no-cache, no-store, must-revalidate X-TraceId ab3acab9ccbbcd894ccf0fca482f2a0f Content-Length 4 Expires 0
GET H2	200	json Show response gum.criteo.com/sid/ Frame E990	428 B 556 B	17ms 17ms	Fetch application/json	178.250.1.11 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/sid/json?origin=publishertagids&domain=ibb.co&sn=ChromeSyncframe&so=0&topUrl=ibb.co&cw=1&lsw=1&topicsavail=0&fledgeavail=0 Requested by Host: gum.criteo.com URL: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=ibb.co Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash e710cc6b1145a00b15fe5908bdd8a13c873d37fb4416c6743483cd9c7643dd86 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=ibb.co User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers pragma no-cache date Sat, 14 Oct 2023 07:19:15 GMT strict-transport-security max-age=31536000; preload; content-encoding gzip server Kestrel vary Accept-Encoding content-type application/json; charset=utf-8 cache-control no-cache, no-store, must-revalidate server-processing-duration-in-ticks 1281061 expires 0
GET H2	200	th www.bing.com/ Frame 291E	9 KB 10 KB	17ms 16ms	Image image/jpeg	204.79.197.200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://www.bing.com/th?id=OADD2.7215929103037_1150MR8QV8F0B6B2TV&pid=21.2&c=17&roil=0&roit=0.2383&roir=1&roib=0.7617&w=200&h=105&qlt=90 Requested by Host: 8a34e81ee451283a4ebbde9dd2260ba3.safeframe.googlesyndication.com URL: https://8a34e81ee451283a4ebbde9dd2260ba3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS a-0001.a-msedge.net Software / Resource Hash 9c88a69b43a2b84b989c5dd6b153c38acb57dcd6aa53ce3aa4018fe68b3535c3 Request headers accept-language de-DE,de;q=0.9 Referer https://8a34e81ee451283a4ebbde9dd2260ba3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sat, 14 Oct 2023 07:19:15 GMT nel {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0} accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: EDD0CBC511DA4632B837EFF1CFFA0E07 Ref B: FRAEDGE1514 Ref C: 2023-10-14T07:19:15Z access-control-allow-methods GET, POST, OPTIONS x-cache TCP_HIT access-control-allow-origin * report-to {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]} content-type image/jpeg cache-control public, max-age=2592000 timing-allow-origin * access-control-allow-headers * content-length 9677
GET H2	200	rd_log Show response ams3-ib.adnxs.com/ Frame 291E	0 533 B	83ms 22ms	Script text/html	185.89.210.153 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fibb.co%2FbJHfQhb&e=wqT_3QLtA-jtAQAAAwDWAAUBCPKBqakGEM7asLnekt6ZSBgAKjYJlMghTpxnrT8RPkqMQciFrD8ZAAAAoEfhyj8hPg0SACkRJAAxARvAmZmpPzDb-KYDOLUBQLVeSOMDULqJirYBWMexPWAAaJ-kVHjX8gWAAQGKAQNVU0SSAQEG8J-YAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCFmh0dHBzOi8vaWJiLmNvL2JKSGZRaGKAAwCIAwGQAwCYAwmgAwGqAwDAA9gEyAMA2AOri8EB4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AS6AcFYiAUBmAUAoAWZ-tjXr7i1jUDABQDJBQAFARTwP9IFCQkFC3wAAADYBQHgBQHwBc6bAfoFBAgAEACQBgCYBgC4BgDBBgEhNAAA8D_QBsKNBNoGFgoQCRIZAQGLYOAGAfIGAggAgAcBiAcAoAcByAfX8gXSBw0VZQEmCNoHBgFepBgA4AcA6gcCCADwB4fjAooIAhAAlQgAAIA_mAgBwAjwBtIIBggAEAAYAA..&s=44030b22a7972fd9bd030c984d3e2ac8a756c8dc&bdref=https%3A%2F%2Fibb.co%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fibb.co%2F,https%3A%2F%2F8a34e81ee451283a4ebbde9dd2260ba3.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html,https%3A%2F%2F8a34e81ee451283a4ebbde9dd2260ba3.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html& Requested by Host: 8a34e81ee451283a4ebbde9dd2260ba3.safeframe.googlesyndication.com URL: https://8a34e81ee451283a4ebbde9dd2260ba3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.21.3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://8a34e81ee451283a4ebbde9dd2260ba3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers pragma no-cache date Sat, 14 Oct 2023 07:19:15 GMT an-x-request-uuid 8eb9bd0e-ccc5-46e3-8666-5f0a02428442 server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 176.115.236.15; 176.115.236.15; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET DATA	200 OK	truncated / Frame 291E	215 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash e792cb88e4d9e2223cbdb125c400999533bc3fd99b7a4ed7188000a28f3ab108 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers Content-Type image/png
GET H3	200	adview securepubads.g.doubleclick.net/pagead/ Frame 291E	0 0	57ms 56ms	Image text/html	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=C00yv8kAqZfWTKrKR1PIPzJKfkAfS4Nfgbo-ktpOTCsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi04Mjc4NDE2OTM5Mzc3ODk2yAEJ4AIAqAMByAMCqgTeAU_QnaH30-TENolpuK0ZQbf5ScBTw6tl9nJJeotL1ruOK1xdZo6EMNiaoOLdlb8U4frjFlg5BmyxleO8zARJe_SNvuU3IEwIKJy39gK5rRM1-BCTR8fCd8AgkWEahbkk9mcQfjPGeWuzFCRk_uetzeI80nk4UkUrTKb95-7BHXasvsYRHG_qFRfJOmtTQgbpn5EUKrHmAtaxpZI-G90Zesx0ZiCd3kTuw5N4qWRAqmx0Q5zFjfzBOGP8PQYKvay0-U0BXRowrrXfRyZIRPeY9hyacQyf1hkHcbbhM1xAlOAEAYAGwNKfhsi4sfjxAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOoAKAfoLAggBgAwB0BUBgBcBshccChoSFHB1Yi04Mjc4NDE2OTM5Mzc3ODk2GNKubQ&sigh=Yy7JAxesXM0&uach_m=[UACH]&cid=CAQSTADICaaNf_goz3JixGUJHkfn7KLt56A9-Dw0P-U6HMirDqSd3cyUQMIWTW8rEjOgmt3DEJWuc84txikWkgM9YWXSJ1HhH07fylcBYmkYAQ&cbvp=2&vis=1 Requested by Host: 8a34e81ee451283a4ebbde9dd2260ba3.safeframe.googlesyndication.com URL: https://8a34e81ee451283a4ebbde9dd2260ba3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://8a34e81ee451283a4ebbde9dd2260ba3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers
GET H2	200	it ams3-ib.adnxs.com/ Frame 291E	0 532 B	17ms 16ms	Image text/html	185.89.210.153 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fibb.co%2FbJHfQhb&e=wqT_3QKfB-ifAwAAAwDWAAUBCPKBqakGEM7asLnekt6ZSBgAKjYJlMghTpxnrT8RPkqMQciFrD8ZAAAAoEfhyj8hPg0SACkRJAAxARvAmZmpPzDb-KYDOLUBQLVeSOMDULqJirYBWMexPWAAaJ-kVHjX8gWAAQGKAQNVU0SSAQEG9NkCmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCFmh0dHBzOi8vaWJiLmNvL2JKSGZRaGKAAwCIAwGQAwCYAwmgAwGqA68DCsUCaHR0cHM6Ly93d3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9MTc2ZTNjYzktYjQxYy00N2VkLWEzYmEtZjRkMjRiZDUxODU1JmJpZElkPTE1MDAwJmJpZGRlcklkPTQmY21FeHBJZD1MVjEmb0FkVW5pdD0zOTE0NjYmcHVibGlzaGVySWQ9MTYyNjQ1MzMwJnJJZD0xNzZlM2NjOS1iNDFjLTQ3ZWQtYTNiYS1mNGQyNGJkNTE4NTUmcnR5cGU9bnVybCZ0YWdJZD02OTI5NDk5JnRyYWZmaWNHcm91cD1rbmFxZV8zYyZ0cmFmZmljU3ViR3JvdXA9enpmJTNBa25hcWVfM2NfZnNfZ2J4cmFfeXZmZyZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzUyMDI2MzQ1Nzk3NjY5NDcxNTAiCTM4MTg0NjcxNCoEYmluZzo4VTJWaGNtTm9RV1FqTnpJeU1qUTBPREkyT1RnMk1URWpNak15TkRBeU16azROREV3T1RVMk9BPT3AA9gEyAMA2AOri8EB4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAFmfrY16-4tY1AwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFzpsB-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBsKNBNoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAcgH1_IF0gcNCREtHBAAGADaBwYIBQmo4AcA6gcCCADwB4fjAooIAhAAlQgAAIA_mAgBwAjwBtIICQj___8_EAIYAA..&s=7dd6195adfd9ff1f1d7f5e8252252976a82746d6&pp=ZSpA8gAKifUIVQiyAAfJTJDoTpyFC4Q2DDm_PQ&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXC928kAqZfWTKrKR1PIPzJKfkAfS4Nfgbo-ktpOTCsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi04Mjc4NDE2OTM5Mzc3ODk2yAEJ4AIAqAMByAMCqgThAU_QnaH30-TENolpuK0ZQbf5ScBTw6tl9nJJeotL1ruOK1xdZo6EMNiaoOLdlb8U4frjFlg5BmyxleO8zARJe_SNvuU3IEwIKJy39gK5rRM1-BCTR8fCd8AgkWEahbkk9mcQfjPGeWuzFCRk_uetzeI80nk4UkUrTKb95-7BHXasvsYRHG_qFRfJOmtTQgbpn5EUKrHmAtaxpZI-G90Zesx0ZiCd3kTuw5N4qWRAqmx0Q5zFjfzBOGO-PyeYfwhOlNn7Ka-u9zFpQwVCwP627sU491UbapktXa4hsr4tAA7GLOAEAYAGwNKfhsi4sfjxAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2V-O4ktORA5b9eGwbL5E74VswFtw%26client%3Dca-pub-8278416939377896%26adurl%3D&cbvp=2 Requested by Host: 8a34e81ee451283a4ebbde9dd2260ba3.safeframe.googlesyndication.com URL: https://8a34e81ee451283a4ebbde9dd2260ba3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.21.3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://8a34e81ee451283a4ebbde9dd2260ba3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers pragma no-cache date Sat, 14 Oct 2023 07:19:15 GMT an-x-request-uuid c549b41a-6b78-426b-8b92-43e7ca2710b5 server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 176.115.236.15; 176.115.236.15; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
POST H2	200	vevent ams3-ib.adnxs.com/ Frame 291E	0 581 B	18ms 17ms	Ping text/html	185.89.210.153 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fibb.co%2FbJHfQhb&e=wqT_3QKfB-ifAwAAAwDWAAUBCPKBqakGEM7asLnekt6ZSBgAKjYJlMghTpxnrT8RPkqMQciFrD8ZAAAAoEfhyj8hPg0SACkRJAAxARvAmZmpPzDb-KYDOLUBQLVeSOMDULqJirYBWMexPWAAaJ-kVHjX8gWAAQGKAQNVU0SSAQEG9NkCmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCFmh0dHBzOi8vaWJiLmNvL2JKSGZRaGKAAwCIAwGQAwCYAwmgAwGqA68DCsUCaHR0cHM6Ly93d3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9MTc2ZTNjYzktYjQxYy00N2VkLWEzYmEtZjRkMjRiZDUxODU1JmJpZElkPTE1MDAwJmJpZGRlcklkPTQmY21FeHBJZD1MVjEmb0FkVW5pdD0zOTE0NjYmcHVibGlzaGVySWQ9MTYyNjQ1MzMwJnJJZD0xNzZlM2NjOS1iNDFjLTQ3ZWQtYTNiYS1mNGQyNGJkNTE4NTUmcnR5cGU9bnVybCZ0YWdJZD02OTI5NDk5JnRyYWZmaWNHcm91cD1rbmFxZV8zYyZ0cmFmZmljU3ViR3JvdXA9enpmJTNBa25hcWVfM2NfZnNfZ2J4cmFfeXZmZyZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzUyMDI2MzQ1Nzk3NjY5NDcxNTAiCTM4MTg0NjcxNCoEYmluZzo4VTJWaGNtTm9RV1FqTnpJeU1qUTBPREkyT1RnMk1URWpNak15TkRBeU16azROREV3T1RVMk9BPT3AA9gEyAMA2AOri8EB4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAFmfrY16-4tY1AwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFzpsB-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBsKNBNoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAcgH1_IF0gcNCREtHBAAGADaBwYIBQmo4AcA6gcCCADwB4fjAooIAhAAlQgAAIA_mAgBwAjwBtIICQj___8_EAIYAA..&s=7dd6195adfd9ff1f1d7f5e8252252976a82746d6&type=nv&nvt=5&jm=1003&px=121&py=0&bw=182&bh=90&sid=9030064601604508457&vd=ct~0|rr~0&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6929499&sw=1600&sh=1200&pw=970&ph=90&ww=970&wh=90&ft=3 Requested by Host: cdn.adnxs.com URL: https://cdn.adnxs.com/v/s/239/trk.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.21.3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://8a34e81ee451283a4ebbde9dd2260ba3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers pragma no-cache date Sat, 14 Oct 2023 07:19:15 GMT an-x-request-uuid ba1b7b15-21d1-4c27-ba07-b4437c918abb server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 access-control-allow-origin https://8a34e81ee451283a4ebbde9dd2260ba3.safeframe.googlesyndication.com cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 176.115.236.15; 176.115.236.15; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H3	200	cc.jpeg px.vliplatform.com/iv-v4/	0 499 B	132ms 131ms	Image image/jpeg	2606:4700:3037::ac43:9e3b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://px.vliplatform.com/iv-v4/cc.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNoc-wataMqKY-Meqq-PArT-MwKr-YwTBPAatwrqURqxeNRwNqrb_TZYdtroqRlmNxfrtyoftrbxfrtyoftrRdzNwqfftkRrdzNuggustRmNTTTPBARleNplR_yszuNyqslt Requested by Host: ibb.co URL: https://ibb.co/bJHfQhb Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sat, 14 Oct 2023 07:19:16 GMT cf-cache-status MISS last-modified Sat, 14 Oct 2023 07:19:16 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8vFgno7N7EeJZoWgM4lu%2BnDXtB%2BZl0oLQ5Ued6se4NmEfCFBKJaCZAxAxA1YxXcZA2xjIgbI48q3CJql%2BDa19B4atA%2FIF3YQKXm1hF44Y%2BoGIk1GIMZCxkgshvhPLwoRTq4Jd0eDTcyQoAgW2H19Ng%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=864000, immutable accept-ranges bytes x-robots-tag noindex, nofollow, noarchive, nosnippet cf-ray 815e0d973eac4d8d-FRA content-length 0 alt-svc h3=":443"; ma=86400
GET H2	200	c.gif www.bing.com/aes/ Frame 291E Redirect Chain https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=f77cd66b-51bc-4203-a0bf-900fa54ade87&bidId=15000&bidderId=4&cmExpId=LV1&oAdUnit=391466&publisherId=162645330&rId=176e3cc9-b41c-47ed... https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=3b8f8b82590e40df984201bd89b529a5&tids=15000&med=10	0 182 B	36ms 36ms	Image text/plain	204.79.197.200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=3b8f8b82590e40df984201bd89b529a5&tids=15000&med=10 Requested by Host: ibb.co URL: https://ibb.co/bJHfQhb Protocol H2 Server 204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS a-0001.a-msedge.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://8a34e81ee451283a4ebbde9dd2260ba3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers pragma no-cache date Sat, 14 Oct 2023 07:19:16 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 701335B2F8744B80A8D2DC100DD04A0B Ref B: FRAEDGE1514 Ref C: 2023-10-14T07:19:16Z vary Origin x-cache CONFIG_NOCACHE p3p CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo cache-control private,no-store content-length 0 Redirect headers pragma no-cache strict-transport-security max-age=15724800; includeSubDomains date Sat, 14 Oct 2023 07:19:16 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 375EE4417D484759912D9BEE984B3C06 Ref B: FRAEDGE1514 Ref C: 2023-10-14T07:19:16Z vary Origin x-cache CONFIG_NOCACHE content-type text/html; charset=utf-8 location https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=3b8f8b82590e40df984201bd89b529a5&tids=15000&med=10 cache-control no-cache, no-store, must-revalidate content-length 146 expires 0
GET H2	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 291E	42 B 404 B	489ms 56ms	Fetch image/gif	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuP1TP3fxtpU51CteDicsdO2umW9GcZl9T9fbmZDfxToIuXt16iH-L-vlSd9c4hCvOE9bb2XUstlYoBqEGk1KE8maUhEL2BnD4gxZOR&sig=Cg0ArKJSzPcupAivanIOEAE&id=lidar2&mcvt=1001&p=0,0,90,728&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20231011&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3672933460&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697267955191&rpt=669&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://8a34e81ee451283a4ebbde9dd2260ba3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers pragma no-cache date Sat, 14 Oct 2023 07:19:17 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	vevent ams3-ib.adnxs.com/ Frame 291E	0 581 B	24ms 23ms	Ping text/html	185.89.210.153 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fibb.co%2FbJHfQhb&e=wqT_3QKfB-ifAwAAAwDWAAUBCPKBqakGEM7asLnekt6ZSBgAKjYJlMghTpxnrT8RPkqMQciFrD8ZAAAAoEfhyj8hPg0SACkRJAAxARvAmZmpPzDb-KYDOLUBQLVeSOMDULqJirYBWMexPWAAaJ-kVHjX8gWAAQGKAQNVU0SSAQEG9NkCmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCFmh0dHBzOi8vaWJiLmNvL2JKSGZRaGKAAwCIAwGQAwCYAwmgAwGqA68DCsUCaHR0cHM6Ly93d3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9MTc2ZTNjYzktYjQxYy00N2VkLWEzYmEtZjRkMjRiZDUxODU1JmJpZElkPTE1MDAwJmJpZGRlcklkPTQmY21FeHBJZD1MVjEmb0FkVW5pdD0zOTE0NjYmcHVibGlzaGVySWQ9MTYyNjQ1MzMwJnJJZD0xNzZlM2NjOS1iNDFjLTQ3ZWQtYTNiYS1mNGQyNGJkNTE4NTUmcnR5cGU9bnVybCZ0YWdJZD02OTI5NDk5JnRyYWZmaWNHcm91cD1rbmFxZV8zYyZ0cmFmZmljU3ViR3JvdXA9enpmJTNBa25hcWVfM2NfZnNfZ2J4cmFfeXZmZyZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzUyMDI2MzQ1Nzk3NjY5NDcxNTAiCTM4MTg0NjcxNCoEYmluZzo4VTJWaGNtTm9RV1FqTnpJeU1qUTBPREkyT1RnMk1URWpNak15TkRBeU16azROREV3T1RVMk9BPT3AA9gEyAMA2AOri8EB4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAFmfrY16-4tY1AwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFzpsB-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBsKNBNoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAcgH1_IF0gcNCREtHBAAGADaBwYIBQmo4AcA6gcCCADwB4fjAooIAhAAlQgAAIA_mAgBwAjwBtIICQj___8_EAIYAA..&s=7dd6195adfd9ff1f1d7f5e8252252976a82746d6&type=pv&jm=1003&px=121&py=0&bw=182&bh=90&sf=1&sid=9030064601604508457&vd=ct~0|rr~5&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6929499&ft=3 Requested by Host: cdn.adnxs.com URL: https://cdn.adnxs.com/v/s/239/trk.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.21.3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://8a34e81ee451283a4ebbde9dd2260ba3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers pragma no-cache date Sat, 14 Oct 2023 07:19:16 GMT an-x-request-uuid 7e0e2583-0b78-4628-a737-182255886e29 server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 access-control-allow-origin https://8a34e81ee451283a4ebbde9dd2260ba3.safeframe.googlesyndication.com cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 176.115.236.15; 176.115.236.15; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/	16 KB 12 KB	74ms 73ms	XHR application/json	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310110101&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js?cb=31078769 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software cafe / Resource Hash 51687da7412d1f3a52f3c6b12257a97b5073364d8e1f837607f5ca4a48e1ec36 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sat, 14 Oct 2023 07:19:17 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12436 x-xss-protection 0
GET H2	200	push-event-counter c.usefulcontentsites.com/	43 B 470 B	144ms 134ms	Image image/gif	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://c.usefulcontentsites.com/push-event-counter?permission=default&domain=ibb.co Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sat, 14 Oct 2023 07:19:17 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-mg-request-uuid d6e5f84d-b0c8-4214-b15a-a8b2c5fdfad5 server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xALnXZm2KcWvZeiEAau%2FB%2BkSjUCot2z1P88yzdIHIg2bh2HfdnGK0uAy8BgRoz1HeVn6y6viXWq62ARqeE4zWeci9bUcVcqPU%2F%2FGGa6OZEoSYQiVjuFR9TnPUSXxgtV17%2FvPWJnuQ8nUP7o%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-methods POST, OPTIONS access-control-allow-origin https://ibb.co content-type image/gif cf-ray 815e0d9fdc7218df-FRA access-control-allow-headers * alt-svc h3=":443"; ma=86400
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 7 KB	32ms 31ms	Script text/javascript	172.217.18.1 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js?cb=31078769 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.1 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s22-in-f1.1e100.net Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sat, 14 Oct 2023 07:19:17 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Sat, 14 Oct 2023 07:19:17 GMT
GET H2	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame DB20	13 KB 5 KB	9ms 9ms	Document text/html	172.217.18.1 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.1 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s22-in-f1.1e100.net Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ibb.co/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 36063 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Fri, 13 Oct 2023 21:18:14 GMT expires Sat, 12 Oct 2024 21:18:14 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	aframe Show response www.google.com/recaptcha/api2/ Frame 9031	829 B 1 KB	374ms 25ms	Document text/html	142.250.185.164 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.164 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f4.1e100.net Software GSE / Resource Hash 04174ffc4192486f54fe56aac267b091a2112e0afbea6c9847a0a2f2b139edcd Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-FBv9bBSL0bMciph50NXCXQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://ibb.co/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-FBv9bBSL0bMciph50NXCXQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Sat, 14 Oct 2023 07:19:18 GMT expires Sat, 14 Oct 2023 07:19:18 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js Show response pagead2.googlesyndication.com/bg/ Frame DB20	37 KB 14 KB	38ms 8ms	Script text/javascript	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Fri, 13 Oct 2023 17:02:41 GMT content-encoding br x-content-type-options nosniff age 51396 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14648 x-xss-protection 0 last-modified Tue, 10 Oct 2023 07:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 12 Oct 2024 17:02:41 GMT
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame DB20	0 10 B	9ms 9ms	Image text/plain	2a00:1450:4001:80b::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?J24OQg Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sat, 14 Oct 2023 07:19:17 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame 9031	0 0	51ms 48ms	Image text/html	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310110101&jk=4217312119770705&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers
GET H3	204	sodar pagead2.googlesyndication.com/pagead/	0 0	56ms 55ms	Image text/html	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310110101&jk=4217312119770705&bg=!BAelB0jNAAbFpEfJ5aQ7ADQBe5WfOMD5umKGYSUG574Xbyv5NeNHlqjWdsepmbx2dGwB-DVne_XPQqe1D89J9IBTV7lEAgAAAE9SAAAAJmgBB5kDDj4ydJrVHZkeT_W0IZV802yxgSOGhKuEuAvpmYxXRMp0doTkAflQIQjyrtAGHSPFzniPf_CMpTMv--vLSQqLg-H8s22GHmwy7gDvIHHN-5-YS_arkhJ-NsEGrhhFyt3uFvXmMobNMPd1ZJ7h_63UBxlWSRi8WGfgP4X8UiGJYtRxkUDVKDBJQuGtzKiGvWJyyL3BK-A_AZWj3fCax2IU9XnOPY0fDOjqTd02IHDgICSX-lRDBuLvlY_I6siYuy8vndwopGlZ6Gq0el0lBJY13yO8kdIjA4FES5tQzBfrFDf9w5TIDZwDSrIQhhvKp1Xv6Co9qvfan5tplBOgJHye5kJOrZN8LxjAo4ywHPaWvjvUN9_Z9VTMOPGi0ElNSWba7ZhYvOqmcXw98UD2t_9kD-LRUsgqbD22e1jskBu0XHJQAlS5hfEEOjeh8fZIgzFdBqRH1fB37JSpPVEPMlsIeHmaXtqpDKE4GerWV6NPraTcFL_KkNnhlLXjxdfgykjzTN6NIrAO3k3T7ZcoOrnMmOevQQha23Bv0BzIC1qpAte5s4bYVjGi0WzMqUp8MxzJiusf2cZaPX03S7aQgK5wy0O-WyuFRN6PfOTBlJD76ltuCUcr7d3zK49DNnffFS0M9_Z_LCm7YmQx-03alG3CQuhKfAd629DSUa0v7muoSL0Y8YCZ9O4qMIIJ78hnFE8pPwTAXez8JLo6Mn8FFVDAFJ1Q-UVM6t8pdTSqu8zCgFxL3jkLQQAF7ntkaM-ZFqsYBDnXgvacnj0k-5XANzpB3jC1PupW6lhGL77bMOXOIjrLDz4JiqWqNgLW82ujHGjo8e3sDO-4ZDkgPHlqvwgxj8SlLaxszBJii97QsoVK31RnFmYq0SG6zGwJk_Zzlq0lyVzq80wjEJqh3BCF2LREG3OcApSbGdqlwQx4hqTPNdSk9Fkiuls0ZfNjxYCOL_quHfv3pAvKJw82gdwTHgNCVt6Q8v5HTvygPwig2ej51YagI-muqV5y2weGcEJFr2K84ife6DNLYsED1EnLjNyA Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers