ibb.co Open in urlscan Pro
213.174.132.224 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ibb.co/jwyq4JD
Submission: On November 11 via api (November 11th 2023, 2:26:38 pm UTC) from CZ — Scanned from DE

Summary HTTP 134 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 45 IPs in 3 countries across 26 domains to perform 134 HTTP transactions. The main IP is 213.174.132.224, located in Ashburn, United States and belongs to ADVANCEDHOSTERS-AS, NL. The main domain is ibb.co. The Cisco Umbrella rank of the primary domain is 11246.
TLS certificate: Issued by R3 on October 9th 2023. Valid for: 3 months.

This is the only time ibb.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	213.174.132.224 213.174.132.224	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
5	2606:4700:303... 2606:4700:3032::ac43:83fb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 14	2606:4700:10:... 2606:4700:10::ac43:15e3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	162.19.58.161 162.19.58.161	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:1::... 2606:4700:1::6813:824c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
3	108.138.1.25 108.138.1.25	16509 (AMAZON-02) (AMAZON-02)
5	13.32.119.77 13.32.119.77	16509 (AMAZON-02) (AMAZON-02)
1	99.86.4.39 99.86.4.39	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2606:4700:303... 2606:4700:3037::ac43:9e3b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:23::a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:3456	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
1	162.19.138.83 162.19.138.83	16276 (OVH) (OVH)
10	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1 3	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:fa7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::ac43:4b40	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	185.89.211.116 185.89.211.116	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	151.101.193.108 151.101.193.108	54113 (FASTLY) (FASTLY)
3	151.101.1.108 151.101.1.108	54113 (FASTLY) (FASTLY)
1	151.101.129.108 151.101.129.108	54113 (FASTLY) (FASTLY)
1	2a02:2638:d::c 2a02:2638:d::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	146.75.122.132 146.75.122.132	54113 (FASTLY) (FASTLY)
1	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2600:9000:223... 2600:9000:223c:d600:1e:a43d:b640:93a1	16509 (AMAZON-02) (AMAZON-02)
2	34.95.69.49 34.95.69.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	23.213.164.226 23.213.164.226	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a02:2638:3::10 2a02:2638:3::10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	23.213.165.149 23.213.165.149	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2.18.161.178 2.18.161.178	16625 (AKAMAI-AS) (AKAMAI-AS)
2	64.202.112.63 64.202.112.63	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
134	45

1 213.174.132.224 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

ibb.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3032::ac43:83fb (United States)

ASN13335 (CLOUDFLARENET, US)

simgbb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.usefulcontentsites.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.usefulcontentsites.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700:10::ac43:15e3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

services.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsp.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.19.58.161 (France)

ASN16276 (OVH, FR)
PTR: ns3096669.ip-162-19-58.eu

i.ibb.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:1::6813:824c (United States)

ASN13335 (CLOUDFLARENET, US)

cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.1.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-1-25.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.32.119.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-119-77.fra60.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-39.fra6.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:3037::ac43:9e3b (United States)

ASN13335 (CLOUDFLARENET, US)

px.vliplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.vliplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

redirector.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:23::a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r5---sn-4g5edndk.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

edb83bedaa076095b8eab5748de0ea5d.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.83 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532338.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:fa7 (United States)

ASN13335 (CLOUDFLARENET, US)

adsystem.pocpoc.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4b40 (United States)

ASN13335 (CLOUDFLARENET, US)

px.pocpoc.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.211.116 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ams3-ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs-simple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.1.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.108 (United States)

ASN54113 (FASTLY, US)

cdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.122.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

odb.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:d600:1e:a43d:b640:93a1 (United States)

ASN16509 (AMAZON-02, US)

secure-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com

i.clean.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.213.164.226 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-164-226.deploy.static.akamaitechnologies.com

crcdn01.adnxs-simple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.213.165.149 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-165-149.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.161.178 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-161-178.deploy.static.akamaitechnologies.com

images.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.202.112.63 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

mcdp-nydc1.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
log.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	criteo.net static.criteo.net — Cisco Umbrella Rank: 668 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 10986 csm.eu.criteo.net — Cisco Umbrella Rank: 10557	111 KB
18	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 edb83bedaa076095b8eab5748de0ea5d.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 149	88 KB
14	vlitag.com 1 redirects services.vlitag.com — Cisco Umbrella Rank: 35568 assets.vlitag.com — Cisco Umbrella Rank: 44068 media.vlitag.com — Cisco Umbrella Rank: 64551 dsp.vlitag.com — Cisco Umbrella Rank: 55095	1 MB
13	vliplatform.com px.vliplatform.com — Cisco Umbrella Rank: 30945 static.vliplatform.com — Cisco Umbrella Rank: 90592	13 KB
9	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 306 aax.amazon-adsystem.com — Cisco Umbrella Rank: 394 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 598	71 KB
7	adnxs.com ams3-ib.adnxs.com — Cisco Umbrella Rank: 6903 acdn.adnxs.com — Cisco Umbrella Rank: 609 cdn.adnxs.com — Cisco Umbrella Rank: 1682	47 KB
7	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196	226 KB
6	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 454 mug.criteo.com — Cisco Umbrella Rank: 2926 ads.eu.criteo.com — Cisco Umbrella Rank: 10450 rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 17732 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 11552	63 KB
5	adnxs-simple.com acdn.adnxs-simple.com — Cisco Umbrella Rank: 2781 crcdn01.adnxs-simple.com — Cisco Umbrella Rank: 4239	179 KB
5	simgbb.com simgbb.com — Cisco Umbrella Rank: 226834	139 KB
4	outbrain.com odb.outbrain.com — Cisco Umbrella Rank: 3605 widgets.outbrain.com — Cisco Umbrella Rank: 1799 mcdp-nydc1.outbrain.com — Cisco Umbrella Rank: 6774	18 KB
4	ibb.co ibb.co — Cisco Umbrella Rank: 11246 i.ibb.co — Cisco Umbrella Rank: 11551	308 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31 imasdk.googleapis.com — Cisco Umbrella Rank: 447	127 KB
2	outbrainimg.com images.outbrainimg.com — Cisco Umbrella Rank: 2527 log.outbrainimg.com — Cisco Umbrella Rank: 2670	12 KB
2	clean.gg i.clean.gg — Cisco Umbrella Rank: 894	104 B
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	127 KB
2	pocpoc.io adsystem.pocpoc.io — Cisco Umbrella Rank: 50252 px.pocpoc.io — Cisco Umbrella Rank: 50585	1 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 863 id5-sync.com — Cisco Umbrella Rank: 440	32 KB
2	googlevideo.com 1 redirects redirector.googlevideo.com — Cisco Umbrella Rank: 1101 r5---sn-4g5edndk.googlevideo.com — Cisco Umbrella Rank: 623439	947 B
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 335	3 KB
2	usefulcontentsites.com cdn.usefulcontentsites.com — Cisco Umbrella Rank: 126900 c.usefulcontentsites.com — Cisco Umbrella Rank: 57978	3 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 223	5 KB
1	imrworldwide.com secure-gl.imrworldwide.com — Cisco Umbrella Rank: 1758	581 B
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	mgid.com cm.mgid.com — Cisco Umbrella Rank: 1536	412 B
1	gstatic.com fonts.gstatic.com	48 KB
134	26

	Domain	Requested by
12	px.vliplatform.com
10	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com ibb.co edb83bedaa076095b8eab5748de0ea5d.safeframe.googlesyndication.com
9	imageproxy.eu.criteo.net	ads.eu.criteo.com
9	static.criteo.net	securepubads.g.doubleclick.net ads.eu.criteo.com
8	assets.vlitag.com	services.vlitag.com
7	securepubads.g.doubleclick.net	services.vlitag.com securepubads.g.doubleclick.net edb83bedaa076095b8eab5748de0ea5d.safeframe.googlesyndication.com
5	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
5	aax.amazon-adsystem.com	c.amazon-adsystem.com
5	simgbb.com	ibb.co simgbb.com
4	crcdn01.adnxs-simple.com	acdn.adnxs-simple.com crcdn01.adnxs-simple.com edb83bedaa076095b8eab5748de0ea5d.safeframe.googlesyndication.com
4	services.vlitag.com	ibb.co services.vlitag.com
3	acdn.adnxs.com	ams3-ib.adnxs.com crcdn01.adnxs-simple.com
3	ams3-ib.adnxs.com	ibb.co ams3-ib.adnxs.com cdn.adnxs.com
3	edb83bedaa076095b8eab5748de0ea5d.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	c.amazon-adsystem.com	services.vlitag.com c.amazon-adsystem.com
3	i.ibb.co	ibb.co services.vlitag.com
2	widgets.outbrain.com	ibb.co
2	csm.eu.criteo.net	ads.eu.criteo.com
2	i.clean.gg	acdn.adnxs-simple.com
2	www.googletagservices.com	ibb.co edb83bedaa076095b8eab5748de0ea5d.safeframe.googlesyndication.com
2	gum.criteo.com	1 redirects static.criteo.net
2	cdn.jsdelivr.net	assets.vlitag.com securepubads.g.doubleclick.net
2	fonts.googleapis.com	ibb.co edb83bedaa076095b8eab5748de0ea5d.safeframe.googlesyndication.com
1	log.outbrainimg.com
1	mcdp-nydc1.outbrain.com
1	images.outbrainimg.com	ibb.co
1	cdnjs.cloudflare.com	ads.eu.criteo.com
1	secure-gl.imrworldwide.com	ads.eu.criteo.com
1	cat.nl3.eu.criteo.com	ads.eu.criteo.com
1	odb.outbrain.com	static.vliplatform.com
1	rtb.fr3.eu.criteo.com	edb83bedaa076095b8eab5748de0ea5d.safeframe.googlesyndication.com
1	cdn.adnxs.com	ams3-ib.adnxs.com
1	acdn.adnxs-simple.com	ams3-ib.adnxs.com
1	static.vliplatform.com	dsp.vlitag.com
1	ads.eu.criteo.com	edb83bedaa076095b8eab5748de0ea5d.safeframe.googlesyndication.com
1	px.pocpoc.io	ibb.co
1	adsystem.pocpoc.io	dsp.vlitag.com
1	www.google.com	tpc.googlesyndication.com
1	mug.criteo.com
1	dsp.vlitag.com	services.vlitag.com
1	id5-sync.com	cdn.id5-sync.com
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	r5---sn-4g5edndk.googlevideo.com
1	redirector.googlevideo.com	1 redirects
1	media.vlitag.com	1 redirects
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
1	imasdk.googleapis.com	services.vlitag.com
1	c.usefulcontentsites.com
1	cm.mgid.com	cdn.usefulcontentsites.com
1	fonts.gstatic.com	fonts.googleapis.com
1	cdn.usefulcontentsites.com	ibb.co
1	ibb.co
134	52

This site contains links to these domains. Also see Links.

Domain
undefined
imgbb.com
api.imgbb.com
i.ibb.co

Subject Issuer	Validity	Valid
ibb.co R3	`2023-10-09` - `2024-01-07`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
simgbb.com GTS CA 1P5	`2023-10-10` - `2024-01-08`	3 months	crt.sh
usefulcontentsites.com GTS CA 1P5	`2023-10-23` - `2024-01-21`	3 months	crt.sh
vlitag.com GTS CA 1P5	`2023-09-28` - `2023-12-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-11` - `2024-04-10`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2023-02-20` - `2024-03-20`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
*.id5-sync.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
pocpoc.io GTS CA 1P5	`2023-09-21` - `2023-12-20`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-29` - `2023-12-23`	3 months	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2023-03-27` - `2024-04-26`	a year	crt.sh
*.fr3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-07` - `2023-12-30`	3 months	crt.sh
*.outbrain.com R3	`2023-09-23` - `2023-12-22`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-30` - `2023-12-25`	3 months	crt.sh
*.imrworldwide.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-03` - `2024-02-03`	a year	crt.sh
i.clean.gg GTS CA 1D4	`2023-09-17` - `2023-12-16`	3 months	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-17` - `2024-01-18`	3 months	crt.sh
*.outbrainimg.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-02` - `2024-03-02`	a year	crt.sh

This page contains 13 frames:

Primary Page: https://ibb.co/jwyq4JD
Frame ID: 02F0F69C5B1606DFB36CA06ED7C3B594
Requests: 63 HTTP requests in this frame

Frame: https://edb83bedaa076095b8eab5748de0ea5d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: AC65D50BCC2CFDE50942BC6D0F58A55F
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=ibb.co
Frame ID: BFDE059D9B371AEF37309E492B66883A
Requests: 2 HTTP requests in this frame

Frame: https://edb83bedaa076095b8eab5748de0ea5d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 49F1E11CE7AD363073DB409938C02F48
Requests: 1 HTTP requests in this frame

Frame: https://dsp.vlitag.com/js/v1/adtag.js
Frame ID: 9732C8AF5206F0776B9A24C6A23522EA
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 52894133488A54F6413BFFEB185E8034
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 98FA5B5287E509343C90C0E604363C83
Requests: 2 HTTP requests in this frame

Frame: https://edb83bedaa076095b8eab5748de0ea5d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B48544EFF33041C60CAA1F976CD9F568
Requests: 3 HTTP requests in this frame

Frame: https://ams3-ib.adnxs.com/ab?ro=1&an_audit=0&referrer=https%3A%2F%2Fibb.co%2Fjwyq4JD&e=wqT_3QKeDaCeBgAAAwDWAAUBCJuevqoGEPG07q7E5b7NLhgAKjYJsoUgByXMxD8Rsg0JJBkAAACgcD3iPyERGwApEQnAMQAAAIDrUcg_MJU2OLUBQOsbSAJQnoWR4gFY0ccBYABoqTF44_MFgAEBigEDVVNEkgUG8EyYAcACoAHgA6gBAbABALgBAsABBcgBAtABANgBAOABAPABAIoCaHVmKCdhJywgODY3MTEzMiwgMCk7dWYoJ2knLCA5MTc4ODAzLCAwKQUULGcnLCAyMzIxNjk3MRUpLGMnLCA1ODI3NTE0NhUVMHInLCA0NzQyMzU1NTAFFvCwkgL1BCE3SDc2WkFqSzZ1UWJFSjZGa2VJQkdBQWcwY2NCTUFBNEFFQUFTT3NiVUpVMldBQmdfX19fX3c5b0FIQUJlQUdBQVFHSUFRR1FBUUdZQVFHZ0FRR29BUUd3QVFDNUFkdEFGd1piZThNX3dRRXZNandKT016RVA4a0JBQUFBQUFBQThEX1pBWm5UWlRHeC1lMF80QUd6bmJBRTlRRXpNek1fbUFJQW9BSUJ0UUlBATMIdlFJAQfwPEF3QUlCeUFJQjBBSUIyQUlCNEFMcDhwSXg2QUtWakx5cUJ2SUNBekl5Tl9nQ0FJQURBWmdEQWFJREV3anABKPB9RUFnWUFDMWNqMElfTWdNeU1qZWlBeE1JNmZLU01SQUpHQUF0WEk5Q1B6SURNakkzb2dNT0NOTDMwUUVRQ2hnQUxRQUFnRC02QXdsQlRWTXpPall3TnpEZ0FfbEVnQVNuazdRTWlBU3BrN1FNa0FRQW1BUUJvQVFVd1FRQUFBBcMQQUFNa0UNCiRBQUFEWUJBRHhCAQsNARxpQVcyTDZrRg0PFEE4RC14Qh0_EHdRVm1aBQIMYm1QOAkoHFFEc28yal9SLigA4DJRVUFBQUNBNjFIb1AtQUYtSDd3QmN1R2lRdjRCWnlma1FTQ0JnTkZWVktJQmdDUUJnR1lCZ0NoQgVcOFptWnVZX3FBWUVzZ1lrQx2AAEUdDABHHQwASR0MeHVBWUtnUWlpY0QzS1p0WFhQdy4umgKZASFLQmhEeWc6eQIoTkhIQVNBQUtBQXgJ2ZBabTVqODZDVUZOVXpNNk5qQTNNRUQ1UkVtWjAyVXhzZm50UDFFMSAMQUFGaxkMAEc9XABHHRgASB0YEEhnQWlRERAERHcBnfBA2ALwBuACZuoCFmh0dHBzOi8vaWJiLmNvL2p3eXE0SkTyAhEKBkFEVl9JRBIHODY3MTEzMvICEgoGQ1BHX0lEEghxj0TyAgoKBUNQX0lEEgEw8gINCggBNgxGUkVRERAcUkVNX1VTRVIFEAAMCSAYQ09ERRIA8gEPAVERDxALCgdDUBUOEBAKBUlPAVkIBzkxhRAA8gEhBElPFSE4HAoPQ1VTVE9NX01PREVMASs4CTEwMzA3MDA1N_ICHQoWMh8ASExFQUZfTkFNRRIDMjI38gIoCho2IAAIQVNUAUpASUZJRUQSCjE2OTk2Nzc3MTcF1xBTUExJVAFj8G0BMIADAIgDAZADAJgDCaADAaoDAMAD2ATIAwDYA6uLwQHgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA0gQOMzU2MyNBTVMzOjYwNzDaBAIIAeAEAfAEnqFtIIgFAZgFAKAF_xEBGAHABQDJBQAFARTwP9IFCQkFC0AAAADYBQHgBQHwBYiWY_oFBAFuKJAGAJgGALgGAMEGASEwAADwP9AG8g3aBhYKEAkRGQEBnGDgBgHyBgIIAIAHAYgHAKAHAcgH4_MF0gcNFWQBJgjaBwYBXcQYAOAHAOoHAggA8AfRogSKCAIQAJUIAACAP5gIAcAI8AbSCA4IgYKEiJCgwIABEAIYAA..&s=66a3dcafa11fbab2e7ddef3c8c778bfc3570ac7a&pp=ZU-PGwAGSQUK3qsWAAI9SIZCVFe9GGldB5rIiw&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCi6-JG49PZYWSGZbW-gbI-ojIAteirrlgqYTk-voMwI23ARABIABglfqEgpgHggEXY2EtcHViLTM5NjAwOTU3MDk5MzAxMzTIAQmpAtJLWfee7bE-4AIAqAMByAMCqgSSAk_QslXNW2wH739BKNFEEhV9S9WVmtrKkBmcpBmH-RRLPdjIHqjTOZiEn4djUyLNjqbH6rFShQGlhXGh7vqOPD7UO2RRdPg2z-HiZS113aLyvQuvAcXUkQL3pybAIm2cmO6P4xYdTLdk9wdQv5HE2Ko8o4C3AIC74YbH6o9t77HHt_8kSzw1dWJsTKwveB8gBpdByMqjqyFd-e96rjJUTv1FqeOyadN4x4NBWdf3qkQLtRaF8zZu8r0hs3AYTWTwGb-E5UktMU4jBn3Lpd7k5tFbBqSOq4e_q3yZ6q7JOjRdAejGFbg3Ns0Nyp5rvpMdKmrpuFwbqrAWArQMu66c7CA9y6IFGIpZjOOT3KTSWu3QlajgBAGABrL9quyVn-SIbKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3DHrYxPSxFEwO4rWuMpHBF75gwzQ%26client%3Dca-pub-3960095709930134%26adurl%3D
Frame ID: C1B33CB87E25B9C6019F8D0C9F116434
Requests: 12 HTTP requests in this frame

Frame: https://edb83bedaa076095b8eab5748de0ea5d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: EA93022FA3564E9D80D5699C718ABA43
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZU-PGwAHpwUIVQTVAA0IQqYOut0jaySQvEK5mg&u=%7Cz1YgnrrKRt8kxax0twr6khi%2FiNH1fNfmUr4BXroigUc%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZejSh2I_Z98DfpD3kgH7kPZ359Ko-EEu0bIFx89_fBUUM-4NZGzOofl5SC9QMWD1qbwfEXq1Z1UT1fQ6S4fK8uvI9R_f93xWr0TtqshCv16-Sd4Bahw30YhrLXZf2w-uwzQVBH_JtaupddI3FftJhxi5uFpGaqFwA5bwjiG4ORyQIV-Sdao51GUB8tjLYLsHKt3twlCexaqn4PgCQmH1RxSK-fDLZhihIP63t0bVyl4eEWGlrAgajw8U1fPr0V_Fc4f6BAxR1iwn8t3DzOomxoWx9Nlz5O0sZ8R5Z9RGP3LKs39zJOSF_O25QSF2KEthLEZ12w9Pnz_lGhSWt0lF7n8d0hJupH4mwY_aJ8gGGTDEOmn3fWQwba1EuQE0pkiDfWRlanH6uUSvM7Hv85HmjQBXswXqyDmhwQKzFcXunLB2AXSHurW2txBVMg0i3BaW9irQL_0XNDOWANE9AH8gjbQJ3AqNQjcG6nPGZZaDEEY1Bzeecv2lPkwrsL1wRZMTrlktzvYka5oDX94Gb-7Vb7KhHjrpF1EC04aegcKZDEo2H&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCo8JKG49PZYXOHtWJ1PIPwpC0-A3JntKxXNWdkfdwwI23ARABIABglfqEgpgHggEXY2EtcHViLTM5NjAwOTU3MDk5MzAxMzTIAQmpAtJLWfee7bE-4AIAqAMByAMCqgSWAk_Qbwmm90RPSaFuSieYf9OTV3svu5tTk1bu-nBB7_bhCJyHpwJ-_D2qGbIz1YpMWO3Ru_Yb2oGQDY5Y-xlzVsMZtYQTrEz9y3Expoh2XPhPqp4yZy3Cg_kBbIs88r6c-4ENJ09P9F9wzyv4PnY_xWcAffThXcmImjxOx8wmGJIdgB9yIyduXPyBGeBNkYXPBX5OIqTESoqzfRh7xcjY95RsUFG8upX6oLWbDINMYj03QzMi6WZbmZtQR4NiHIC4crnv1Oh3S4DV8o0tf8I63HjPGxV4OCDvm7WzBV8HUYKWl2ODuXPCgxP6xJG5zi5UFYWNJtrgedpdKCZQRdoqkJnM_q0njyikjkExpijtZ2qASA-4xeOn4AQBgAa3zazTroKSq-8BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0Mh4LYKj1WyotvaEF7mfbc_S8baw%26client%3Dca-pub-3960095709930134%26adurl%3D
Frame ID: CFD119281D9081B7B6B4E7AA516689E1
Requests: 23 HTTP requests in this frame

Frame: https://crcdn01.adnxs-simple.com/creative20/p/3563/2023/10/30/51580940/index.html?clickTag=https%3A%2F%2Fams3-ib.adnxs.com%2Fssclick2%3Fe%3DwqT_3QKQAfBlkAAAAAMAxBkFAQibnr6qBhDxtO6uxOW-zS4YACCVNii1ATDrGzgCQJ6FkeIBSNHHAVAAWgNVU0RiA1VTRGjAAnDgA3ipMYAB4_MFiAEBkAECmAEFoAECqQEj2_l-arzEP7EBI9v5BQpQuQEAAACgcD3iP8EBsoUgByXMxD_JFQoY2AHwBuABAA..%2Fs%3De5113644cbe181b2419be64a22352942c5aafd0b%2Fip%3D217.114.218.25%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521KBhDygjK6uQbEJ6FkeIBGNHHASAAKAAxZmZmZmZm5j86CUFNUzM6NjA3MED5REmZ02UxsfntP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMzU2MyNBTVMzOjYwNzA%3D%2Fbn%3D96739%2Fclickenc%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCi6-JG49PZYWSGZbW-gbI-ojIAteirrlgqYTk-voMwI23ARABIABglfqEgpgHggEXY2EtcHViLTM5NjAwOTU3MDk5MzAxMzTIAQmpAtJLWfee7bE-4AIAqAMByAMCqgSSAk_QslXNW2wH739BKNFEEhV9S9WVmtrKkBmcpBmH-RRLPdjIHqjTOZiEn4djUyLNjqbH6rFShQGlhXGh7vqOPD7UO2RRdPg2z-HiZS113aLyvQuvAcXUkQL3pybAIm2cmO6P4xYdTLdk9wdQv5HE2Ko8o4C3AIC74YbH6o9t77HHt_8kSzw1dWJsTKwveB8gBpdByMqjqyFd-e96rjJUTv1FqeOyadN4x4NBWdf3qkQLtRaF8zZu8r0hs3AYTWTwGb-E5UktMU4jBn3Lpd7k5tFbBqSOq4e_q3yZ6q7JOjRdAejGFbg3Ns0Nyp5rvpMdKmrpuFwbqrAWArQMu66c7CA9y6IFGIpZjOOT3KTSWu3QlajgBAGABrL9quyVn-SIbKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3DHrYxPSxFEwO4rWuMpHBF75gwzQ%2526client%253Dca-pub-3960095709930134%2526adurl%253Dhttps%25253A%25252F%25252Fhansefit.de%25252F%25253Futm_source%25253Dplista.com%252526utm_medium%25253Dcpc%252526utm_campaign%25253Dawareness%252526utm_term%25253D1k%252526utm_content%25253Dsocial_awareness
Frame ID: 5862674E4CB32929EDB158557250ABA8
Requests: 5 HTTP requests in this frame

Frame: https://widgets.outbrain.com/images/widgetIcons/ob_logo_16x16.svg
Frame ID: B2C0095651FCF343023B04871AE74FC9
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

x-IVmh-FCWAp-W7-Ykn5-Y1j-Vg hosted at ImgBB — ImgBB

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

134
Requests

98 %
HTTPS

62 %
IPv6

26
Domains

52
Subdomains

45
IPs

3
Countries

2657 kB
Transfer

5925 kB
Size

10
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://undefined/?ref=ibb.co
Title: Valueimpression

Search URL Search Domain Scan URL

URL: https://imgbb.com/

Search URL Search Domain Scan URL

URL: https://imgbb.com/plugin
Title: Plugin

Search URL Search Domain Scan URL

URL: https://api.imgbb.com/
Title: API

Search URL Search Domain Scan URL

URL: https://imgbb.com/tos
Title: Terms of service

Search URL Search Domain Scan URL

URL: https://imgbb.com/privacy
Title: Privacy

Search URL Search Domain Scan URL

URL: https://imgbb.com/contact
Title: Contact

Search URL Search Domain Scan URL

URL: https://imgbb.com/upload
Title: Hochladen

Search URL Search Domain Scan URL

URL: https://imgbb.com/login
Title: Anmelden

Search URL Search Domain Scan URL

URL: https://i.ibb.co/my9dzN4/x-IVmh-FCWAp-W7-Ykn5-Y1j-Vg.jpg

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 45

https://media.vlitag.com/vid/?id=6Fk_i-JDmbY&t=y HTTP 302
https://redirector.googlevideo.com/videoplayback?expire=1699727088&ei=kHJPZfW7G7WI_9EP7YquUA&ip=184.164.141.146&id=o-AA-cCaFy5gEV9UDLGwh9WuhPh44oOGASrp7hiWEgIwmX&itag=18&source=youtube&requiressl=yes&mh=d6&mm=31%2C29&mn=sn-2puupm-2pue%2Csn-p5qlsndk&ms=au%2Crdu&mv=u&mvi=1&pl=21&spc=UWF9fyYmP3hPMN_srEwZtBt4XQrzvrsmflEJFKg8Zg&vprv=1&svpuc=1&mime=video%2Fmp4&ns=6sCCPKHZkgxSh2_QpyMQd4kP&cnr=14&ratebypass=yes&dur=200.968&lmt=1685781175523295&mt=1699705043&fvip=3&fexp=24007246&beids=24350018&c=WEB&txp=6219224&n=IXhwK8NQu1Z1Pi1a&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=ANLwegAwRgIhAJ7Saykn1pU3l_y7zm7PoQJZ0spDW6g1VpPRrpXbf6-UAiEAnxHgIY-XsrEHdYFgAGHR-cor2WWdMmIblzNJkYnUsyI%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AM8Gb2swRgIhAPpBd-G60Qw7lJOsCqhU_V04hHu_XeywS2genoexmvTeAiEAvvQBIrPyhWr8QFu9syj8sDNOXojiXYKu21UyZvKHCfQ%3D HTTP 302
https://r5---sn-4g5edndk.googlevideo.com/videoplayback?expire=1699727088&ei=kHJPZfW7G7WI_9EP7YquUA&ip=184.164.141.146&id=o-AA-cCaFy5gEV9UDLGwh9WuhPh44oOGASrp7hiWEgIwmX&itag=18&source=youtube&requiressl=yes&spc=UWF9fyYmP3hPMN_srEwZtBt4XQrzvrsmflEJFKg8Zg&vprv=1&svpuc=1&mime=video%2Fmp4&ns=6sCCPKHZkgxSh2_QpyMQd4kP&cnr=14&ratebypass=yes&dur=200.968&lmt=1685781175523295&fexp=24007246&beids=24350018&c=WEB&txp=6219224&n=IXhwK8NQu1Z1Pi1a&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=ANLwegAwRgIhAJ7Saykn1pU3l_y7zm7PoQJZ0spDW6g1VpPRrpXbf6-UAiEAnxHgIY-XsrEHdYFgAGHR-cor2WWdMmIblzNJkYnUsyI%3D&cms_redirect=yes&mh=d6&mip=2001:1b60:2:240:3247::4&mm=31&mn=sn-4g5edndk&ms=au&mt=1699712470&mv=m&mvi=5&pl=48&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AM8Gb2swRAIgWn1la6ysONkl33Gay7NJ_ioklRR4F58cuNH8QEVrkmsCIHHAjn9uPTUv8iC2mS9OUOtbl7OiZd43oN6Y8o1wGMOu

Request Chain 63

https://gum.criteo.com/sid/json?origin=publishertagids&domain=ibb.co&sn=ChromeSyncframe&so=0&topUrl=ibb.co&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=7XL7pXxlOG5HelNwTkZVS2RaTitoUlIrYUVWWlgwUmVXREdtM3F6TTFvMDdjOTNydXlObU04TTNwZFBabUF0MTVVNUhhUnhveXVhMGxvc3pJWmdQdjk5MjJwTzBBR1I3cDlnd0tWMXBMSEJhZG5xSUpLaXdFRWpua2NBYnBoQ2l0WnNSQ3hacmhRbm5jbVdLRHRRYWRJdlV2blF5N0NQaTJCZ0VWL2g4QXdJLzdpMms0clpHM2xzZHBWRzN3MjlSTllJM2Z6SGM3QldiOGRYRlhOQWxuMjgzUkpuSHkxSDdXNkZsMm0zejZ1TkM1Z0w2M2pwQzRBUy9uQ1ptcWl5WlpXeUx4SFVrSkMrbFB5eVdEOFpiSW54Y3pxZz09fA&cppv=2

134 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request jwyq4JD Show response
ibb.co/ 20 KB
6 KB 626ms
292ms Document
text/html 213.174.132.224
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ibb.co/jwyq4JD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

213.174.132.224 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

d66aaa550dea67f3fdfe5f413e7b387a26c919b2000108c7b29b720313e7080f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload max-age=63072000; includeSubDomains; preload
X-Frame-Options	DENY DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 11 Nov 2023 14:26:33 GMT
server: nginx
strict-transport-security: max-age=63072000; includeSubDomains; preload max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-frame-options: DENY DENY

GET
H2 200 css2
fonts.googleapis.com/ 9 KB
1 KB 83ms
31ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500&display=swap

Requested by

Host: ibb.co
URL: https://ibb.co/jwyq4JD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b5aacc837f3866c139e24a9c447f8ecc672b3e718536585ac1fd0ce9cc0e4e8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 11 Nov 2023 14:26:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 11 Nov 2023 13:09:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 11 Nov 2023 14:26:33 GMT

GET
H2 200 ibb.css
simgbb.com/2801/ 115 KB
26 KB 87ms
31ms Stylesheet
text/css 2606:4700:3032::ac43:83fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://simgbb.com/2801/ibb.css
Requested by: Host: ibb.co
URL: https://ibb.co/jwyq4JD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:83fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d192a5e1527c429f7e465e41ecbf501e491bbb33365f4870a332ff497c4b12e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 14:26:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 02 Feb 2023 10:55:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4022
etag: W/"63db96ac-1cd5c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RDNIxhrYbBbqZ4jPsegdHMXNhdH%2Bg4iuTgBSJEnnmf8CD2QS8a%2BQZSsCXRhAsDm7CaIbCQ5h3lB6hpH5ODCWhUCBCSd2wCPQktSoP2F6WcunLa0rZiISI0r97xFXvJXqKZ8KpDfXn%2FmU"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 824736026f311ca1-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 subscribe.js Show response
cdn.usefulcontentsites.com/js/push/ 5 KB
2 KB 82ms
27ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.usefulcontentsites.com/js/push/subscribe.js?v=7
Requested by: Host: ibb.co
URL: https://ibb.co/jwyq4JD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c598d6dc2f040f82c608cb1ef063629ad52ade976a354e578cfab5f2fbb428d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-id: am3-hw-edge-gc72
date: Sat, 11 Nov 2023 14:26:34 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: RBWNA70VNDW5PT1H
age: 3229
x-cached-since: 2023-10-16T14:46:53+00:00
x-id-fe: am3-hw-edge-gc72
alt-svc: h3=":443"; ma=86400
x-amz-id-2: +SSo4J0OgQm+u4st7TfsUgwR2ZhV7Y4pYUf2l+2Sv9OAQqsBksq3lf+o949mJXoVxjCtywcS3Ro=
last-modified: Wed, 30 Mar 2022 12:06:36 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1648641987/ctime:1648641987/gid:0/gname:root/md5:531a7e657aea171bbfa47a0c45adfede/mode:33206/mtime:1648641987/uid:0/uname:root
etag: W/"531a7e657aea171bbfa47a0c45adfede"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AVcq2jZgnguHRY65TmCiO33GLvpuMXR%2FaYUpwfye2BGlYHxrBvoOxHGQG9IaSfQBU%2Ba3XT0tc0Q%2FE3mmp5TnC%2Ba%2BKwkbpKz45sjB6pGb6CwMg0pq4HkvRRVKtRTc99C54csx3mmz1yTS70%2BDG0mCq2nyRI0PKPvjZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cache: HIT
cf-ray: 82473602fc219130-FRA

GET
H2 200 / Show response
services.vlitag.com/adv1/ 574 KB
147 KB 91ms
42ms Script
application/javascript 2606:4700:10::ac43:15e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1
Requested by: Host: ibb.co
URL: https://ibb.co/jwyq4JD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a90e19c288d073d452ce09027e7fbda248cff44b39e76c7cbe721eea53f424ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 14:26:34 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 161
cf-polished: origSize=587430
etag: W/"8e6637b4f4f57cc6ca9a8b8db5bcdcb1 2023-11-03T04:18:57 v1 default"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, stale-while-revalidate=3600
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 824736030f941c40-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 logo.png
simgbb.com/images/ 938 B
1 KB 28ms
27ms Image
image/png 2606:4700:3032::ac43:83fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simgbb.com/images/logo.png
Requested by: Host: ibb.co
URL: https://ibb.co/jwyq4JD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:83fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80329d457bd68a89b53ca393d3ba5f1c7b4f944c3c60ef8244a6969e10647c55

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 14:26:34 GMT
cf-cache-status: HIT
last-modified: Thu, 02 Feb 2023 10:55:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5469
etag: "63db96ac-3aa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mxJLS1ry2uJHvX%2FqbOz%2FoTH1qOLIAXWdC30hhFgtNTqWQ7v07vb4kTbQc8qlLFE7mYiodq4vf389QKMtTdoEbasmAUcJFZ8eDa9Rzkm%2FDJ11knyQMh53tfCrIf8F%2Fd7gi%2BjPEjwSvYj%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 82473602bf971ca1-FRA
alt-svc: h3=":443"; ma=86400
content-length: 938

GET
H2 200 x-IVmh-FCWAp-W7-Ykn5-Y1j-Vg.jpg
i.ibb.co/C9b40PQ/ 90 KB
90 KB 110ms
29ms Image
image/jpeg 162.19.58.161
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/C9b40PQ/x-IVmh-FCWAp-W7-Ykn5-Y1j-Vg.jpg
Requested by: Host: ibb.co
URL: https://ibb.co/jwyq4JD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096669.ip-162-19-58.eu
Software: nginx /
Resource Hash: 3e16cdac1cdf4a9d63931608523db9e082dde4a43e7d31ab0a51811f3be5b9de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 14:26:34 GMT
last-modified: Sat, 11 Nov 2023 14:23:44 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 91663
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery2.js Show response
simgbb.com/2801/ 114 KB
41 KB 32ms
31ms Script
application/javascript 2606:4700:3032::ac43:83fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://simgbb.com/2801/jquery2.js
Requested by: Host: ibb.co
URL: https://ibb.co/jwyq4JD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:83fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff3ec271ef20383e3c4fd7f8a8bbab3610c6bd52fa7ca3a52059b97faf148b24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 14:26:34 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 02 Feb 2023 10:55:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3631
etag: W/"63db96ac-1c65d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f1%2F4GSYMJmNHA8S9clJAND%2FuarkgPtN8HQPwZhA4BfN4KCNqY%2FDk3DqPmgF8zKZCyaNUwCec5PsL4xmkwC%2BuMkzRp0RyDFjB6jkQ1Ans0A%2FhDp3cx1in8X%2FKHwANCt04eRbkluC00TE2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 82473602bf9a1ca1-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 ibb.js Show response
simgbb.com/2801/ 215 KB
62 KB 35ms
34ms Script
application/javascript 2606:4700:3032::ac43:83fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://simgbb.com/2801/ibb.js
Requested by: Host: ibb.co
URL: https://ibb.co/jwyq4JD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:83fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45906ccf25c34566708e3c7b29332f2d567c6fa53c72a64b2523928343be6cd1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 14:26:34 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Aug 2023 17:15:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6357
etag: W/"64c93db0-35a95"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yXIJN0HqxNu8MBhy%2BMI6%2BST6HMjDSs2PHauev3ui53DyXgXwxfQKsDqAV62qwpb5Y31dt05VgbIWnlNJmzIgpmSMTDuubtBgD48IIqvvPtqXzUFZli1uDnAJHlI97brgijPq8JuwT7YU"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 82473602bf9c1ca1-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 imgbb.woff2
simgbb.com/fonts/ 8 KB
9 KB 78ms
31ms Font
font/woff2 2606:4700:3032::ac43:83fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://simgbb.com/fonts/imgbb.woff2
Requested by: Host: simgbb.com
URL: https://simgbb.com/2801/ibb.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:83fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f46bf0c1c79af4187878ef33dc72a02a554013f943f2eaeb9ad5e88c246b6b13

Request headers

Referer: https://simgbb.com/2801/ibb.css
Origin: https://ibb.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 14:26:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4898
alt-svc: h3=":443"; ma=86400
content-length: 8468
last-modified: Thu, 02 Feb 2023 10:55:40 GMT
server: cloudflare
etag: "63db96ac-2114"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aGR%2BDfMw2TJ8IKYbWvb2aFOmVJP08%2BoqGFvCMeowkxSXPBXNkjjtcPktu7aM7ezcip7y7iGin0X%2BWLQq4t1MohfNjeUNTNPRaqFXIz7qZW67a12oMQ6NoHhScwR6kkcBjq1pEb0tQ2sx"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 824736030ac14db8-FRA

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ 47 KB
48 KB 68ms
20ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ibb.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 18:16:19 GMT
x-content-type-options: nosniff
age: 159015
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48432
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Nov 2024 18:16:19 GMT

GET
H2 200 x-IVmh-FCWAp-W7-Ykn5-Y1j-Vg.jpg
i.ibb.co/my9dzN4/ 106 KB
106 KB 29ms
29ms Image
image/jpeg 162.19.58.161
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/my9dzN4/x-IVmh-FCWAp-W7-Ykn5-Y1j-Vg.jpg
Requested by: Host: ibb.co
URL: https://ibb.co/jwyq4JD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096669.ip-162-19-58.eu
Software: nginx /
Resource Hash: 1b02a79decc77ee5b0aede97402dc9bfa3a4bce46cd32dbde6d6aa45d1ab0329

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 14:26:34 GMT
last-modified: Sat, 11 Nov 2023 14:23:44 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 108164
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js-cookie-muidn Show response
cm.mgid.com/ 0
412 B 96ms
42ms Script
application/javascript 2606:4700:1::6813:824c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.mgid.com/js-cookie-muidn

Requested by

Host: cdn.usefulcontentsites.com
URL: https://cdn.usefulcontentsites.com/js/push/subscribe.js?v=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:824c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Nov 2023 14:26:34 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 824736039caa18b3-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 8e6637b4f4f57cc6ca9a8b8db5bcdcb1.json Show response
services.vlitag.com/cli/ 42 B
344 B 559ms
513ms XHR
application/json 2606:4700:10::ac43:15e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://services.vlitag.com/cli/8e6637b4f4f57cc6ca9a8b8db5bcdcb1.json?hn=https://ibb.co
Requested by: Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98e86d389af2386a03755278ca8157ae089707b4d3005771b581166b4ae803aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Nov 2023 14:26:34 GMT
cf-cache-status: BYPASS
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ibb.co
cache-control: private, no-cache, no-store, must-revalidate
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82473603ecc5bbd9-FRA
content-length: 42
alt-svc: h3=":443"; ma=86400
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 push-event-counter
c.usefulcontentsites.com/ 43 B
458 B 154ms
145ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.usefulcontentsites.com/push-event-counter?permission=default&domain=ibb.co
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 14:26:34 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-mg-request-uuid: d36da482-97cc-406b-b3aa-8315d2b6b4b4
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v9AeqxDemaamhPvbnymUpshkf9H2wR2uJITv3VKg8cQoqz8HOvD63XY7vqDp1JluFdIOPJSq4tUiuz9jJY%2Bd4vdP0BD48Ex%2FhqrVXAIqLtAlysJs1gBD4kyCtw6BB1EdxEmpLUuCTLH3JdjC3HN9hFM%2F9Beza6U%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: https://ibb.co
content-type: image/gif
cf-ray: 82473603ed1a9130-FRA
access-control-allow-headers: *
alt-svc: h3=":443"; ma=86400

GET
H3 200 vl.json Show response
services.vlitag.com/vld/1699678985/ 13 B
266 B 171ms
171ms XHR
application/json 2606:4700:10::ac43:15e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://services.vlitag.com/vld/1699678985/vl.json?page_url=https%3A%2F%2Fibb.co%2Fjwyq4JD
Requested by: Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 14:26:34 GMT
cf-cache-status: MISS
last-modified: Sat, 11 Nov 2023 14:26:34 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ibb.co
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 824736071b9e7188-FRA
content-length: 13
alt-svc: h3=":443"; ma=86400

GET
H3 200 8e6637b4f4f57cc6ca9a8b8db5bcdcb1.json Show response
services.vlitag.com/obj/1699678985/ 44 KB
5 KB 33ms
32ms XHR
application/json 2606:4700:10::ac43:15e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://services.vlitag.com/obj/1699678985/8e6637b4f4f57cc6ca9a8b8db5bcdcb1.json?cc=DE&hn=https://ibb.co
Requested by: Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6f35370a51c2ab4fce5f08aca9b480ec8d2a4018d09ef9db3aba883a7596fac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 14:26:34 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 11 Nov 2023 05:03:12 GMT
server: cloudflare
age: 33798
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ibb.co
cache-control: public, immutable, max-age=31536000
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 824736071ba07188-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 prebid-8.21.0.js Show response
assets.vlitag.com/prebid/default/ 615 KB
187 KB 45ms
43ms Script
application/javascript 2606:4700:10::ac43:15e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Requested by: Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3531c1a6993ccc3e7b0f3e1495768e3464aecd55193ef112cb5555422ae6c90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 14:26:34 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 03 Nov 2023 08:25:02 GMT
server: cloudflare
age: 128114
cf-polished: origSize=630565
etag: W/"6544ae5e-99f25"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=16070400
cf-ray: 824736075be51c40-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 03 Nov 2023 08:55:08 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 102 KB
31 KB 315ms
93ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7e4640b07040b111882c0754a7b1c6dfaeb08e17c6b7348c215c2d58ab72329

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 14:26:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31593
x-xss-protection: 0
server: cafe
etag: 314 / 19672 / 31079511 / config-hash: 5108900474499610176
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 11 Nov 2023 14:26:35 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 363 KB
125 KB 313ms
92ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8ed9456b74c249bdb7a50d95659d7f1cfeec6014d19c253680509cba050f599

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 14:26:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127386
x-xss-protection: 0
expires: Sat, 11 Nov 2023 14:26:35 GMT

GET
H2 200 sf_host.min.js Show response
assets.vlitag.com/plugins/safeframe/src/js/ 38 KB
17 KB 53ms
52ms Script
application/javascript 2606:4700:10::ac43:15e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vlitag.com/plugins/safeframe/src/js/sf_host.min.js
Requested by: Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 14:26:34 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 01 Nov 2019 05:04:50 GMT
server: cloudflare
age: 884888
etag: W/"5dbbbcf2-9806"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=16070400
cf-ray: 824736075be71c40-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 07 Oct 2023 10:59:23 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 265 KB
65 KB 246ms
25ms Script
application/javascript 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6a15af42dcf8e6705a1ecea1dc8a864ce0c050b8c2dc5365d760f6f8b2477825

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 13:42:55 GMT
content-encoding: gzip
via: 1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront), 1.1 def5acc189db6e2856a956225d5cd100.cloudfront.net (CloudFront)
last-modified: Wed, 01 Nov 2023 21:46:15 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P6
age: 2621
x-amz-server-side-encryption: AES256
etag: W/"952090f32d44601808d121a61e707826"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: s_gmCkbTMgfdI_Ms9bAZ8kRlGcGqhRZXaX5Xjh8uBOS3OjNk7wR3SQ==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 63ms
21ms XHR
application/javascript 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 dc85053069397a282d87170bb1bcab4a.cloudfront.net (CloudFront)
date: Sat, 11 Nov 2023 03:40:32 GMT
x-amz-cf-pop: FRA56-P6
age: 38764
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: RSxfFCxdqCIA66wNc0ILlVLZf7u3_0AHeuFWeLSVElYHfOjFBsTVEg==

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311060101/ 427 KB
134 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311060101/pubads_impl.js?cb=31079511

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

97099da6fb4c43aa8cd1fa2cfb9dfefe93b07b3eac3fc20fc7094ff482871d39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 09:26:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18009
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 136817
x-xss-protection: 0
server: cafe
etag: 14142176788290477171
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 10 Nov 2024 09:26:26 GMT

GET
H2 200 %7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%229cf0c4f1-7630-476b-9141-f4472e005192%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Fanalyt... Show response
aax.amazon-adsystem.com/x/px/p/PH/ 43 B
416 B 128ms
56ms Fetch
image/gif 13.32.119.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%229cf0c4f1-7630-476b-9141-f4472e005192%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Fanalytics%252FsetSampling%22%2C%22feat%22%3A%22started%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Fibb.co%252Fjwyq4JD%22%2C%22lv%22%3A%2223.1027.1921%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.119.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-119-77.fra60.r.cloudfront.net

Software

Server /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/jwyq4JD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Nov 2023 14:26:35 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 d954dd318e06aa0e69375f36dcd819de.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P1
x-amz-rid: T6BVKNT4F6WJQD5V7Y41
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: no-cache
content-length: 43
x-amz-cf-id: 169q99f4QNI2nze2SmDvEXB8m6xku3Qj6xiuWr3KYlp_q6Yg17IA0Q==

GET
H2 200 9cf0c4f1-7630-476b-9141-f4472e005192 Show response
config.aps.amazon-adsystem.com/configs/ 537 B
802 B 81ms
19ms Script
application/javascript 99.86.4.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/9cf0c4f1-7630-476b-9141-f4472e005192
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-39.fra6.r.cloudfront.net
Software: CloudFront /
Resource Hash: 8cb19dd370d8a0dd9ee570e546a789c88840bd443082943f099e4c87cdfff2bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 13:29:11 GMT
via: 1.1 2ef0748a2a8fca13fd6065b6b046c33c.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA6-C1
age: 3444
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 537
x-amz-cf-id: 9_Tzb26RN0cYLAKL9JnZIGJcMh1YNrabIfe-41B-CCm8CgSG_67t3Q==

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
304 B 22ms
22ms XHR
text/plain 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fibb.co&pubid=9cf0c4f1-7630-476b-9141-f4472e005192
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 09:36:02 GMT
via: 1.1 def5acc189db6e2856a956225d5cd100.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
age: 17432
x-cache: Hit from cloudfront
access-control-allow-origin: https://ibb.co
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: 9uNDPiMbWM1QxT_GsShshFEDZtRRb0f705NDFPp-lwso3LRXhVEhNQ==

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
2 KB 72ms
29ms Fetch
application/json 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231111

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

643549c253a9b3cbecea6ab4de324e58234fc9400643902455b3afdcce246ad5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ibb.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type: text/plain

Response headers

date: Sat, 11 Nov 2023 14:26:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 37546
x-jsd-version: 1.0.1870
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230095-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"636-pe2smZJTpP5v08jAC6pgSJQAaY0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0pqqFygvILumBD9FPvRNGxuszdw5YugFBRgfaj4ol26BVJLMMgoJfg%2FVAv71dxlpLC1G%2BbPkerD2fiWIMaCbck4UsFc9oKxmR8x2Pn1WNUNbuR5myBqIMGclR%2F5eW87aZWTPHwlw7JaJwnWgbXM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 8247360a4d4c927d-FRA

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
456 B 108ms
63ms XHR
text/javascript 13.32.119.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fibb.co%2Fjwyq4JD&pid=6Jejjjqc69FSf&cb=0&ws=1600x1200&v=23.1027.1921&t=1500&slots=%5B%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A1%2C%22id%22%3A%22Interdog_Media_RON_Instream%22%2C%22mt%22%3A%22v%22%2C%22s%22%3A%5B%22640x480%22%5D%7D%2C%7B%22sd%22%3A%22vi_22154111431_banner%22%2C%22s%22%3A%5B%22336x280%22%2C%22300x250%22%5D%2C%22sn%22%3A111431%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!pubpower.io%2C467%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.119.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-119-77.fra60.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 14:26:35 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 6b17c6258978715ba0681e1d5589502c.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P1
x-amz-rid: CE73QZ4TFXX84YHV1YTJ
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://ibb.co
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 3RPrQurTOxt57kUUnUVMpZIYE52HzKxgOAp5q_9w5uduPfL_f2U8JQ==

GET
H2 200 tf-v1.jpeg
px.vliplatform.com/ 0
525 B 188ms
143ms Image
image/jpeg 2606:4700:3037::ac43:9e3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/tf-v1.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNeByyKPBa-ytYt-PMwY-qtYZ-aUqPYZreTyZBRzyzNhqut_cotvRws0NA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 14:26:35 GMT
cf-cache-status: MISS
last-modified: Sat, 11 Nov 2023 14:26:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W77DJE%2BDKE3ozbpMW%2BikigLlTwgRDxbgqklmzhyqGxMFeX5Ug2dvkWVYQWugcFiRsbYYJpyV2DgJw1N64CiAYN5no8RH8MdRvrBvh%2BGuMgouTP4PEhP3qfA0cYQ6VITtF7s6BZV9GBPBkHmxmPE3ng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 8247360a6dc8bba9-FRA
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 cc.jpeg
px.vliplatform.com/bi-v4/ 0
270 B 190ms
146ms Image
image/jpeg 2606:4700:3037::ac43:9e3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNMBryPPUq-BBwM-PUrT-qTte-TMMTeTMKKUywRdzNcortg%20oflzktqdRlmNUPAbPMARwlNqdqmgfRkjmNUPAbPMARrdzNqdqmgfRwkjNARmNTTTPBTRleNplR_yszuNyqsltRedhNgyy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 14:26:35 GMT
cf-cache-status: MISS
last-modified: Sat, 11 Nov 2023 14:26:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nI0wp7vwjoSam4wImEBdTjl2oVzOd1NTh6%2BG2q69nXLymXAlrQG9nm9dIBL5ihIIJDCZClFSJAKpIt%2BctBK9hCreoVUk7mtW1x8kv42%2Bh2chgMAxPWGauTmeqbIs2gqkmiPpH%2B76ZeaI8qKmzMZQIg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 8247360a6dd0bba9-FRA
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 cc.jpeg
px.vliplatform.com/bi-v4/ 0
273 B 193ms
149ms Image
image/jpeg 2606:4700:3037::ac43:9e3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNTZArrTrP-wYwU-PMYK-qYUq-qeZwwYytTrqrRdzNwqfftkRlmNBBUbPMARwlNqdqmgfRkjmNBBUbYMA,BAAbYZARrdzNqdqmgfRwkjNARmNTTTPBTRleNplR_yszuNyqsltRedhNgyy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 14:26:35 GMT
cf-cache-status: MISS
last-modified: Sat, 11 Nov 2023 14:26:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UuObw9Xdhk69RQJysg25QW7n3clgoFYEGn5na22JZO4%2BlMqeaLcXTPGbuhx37Tpl6ZV9dNDdyGzPsZos2qHD2MWISU%2BDLYutDtU1u%2FaDu8NtrJv6pXqHjjEWme3cdFXN7qgNSWCqWFOpM%2FDPfkuy%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 8247360a6dcabba9-FRA
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
455 B 92ms
65ms XHR
text/javascript 13.32.119.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fibb.co%2Fjwyq4JD&pid=6Jejjjqc69FSf&cb=1&ws=1600x1200&v=23.1027.1921&t=1500&slots=%5B%7B%22sd%22%3A%22vi_22154111432%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A111432%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!pubpower.io%2C467%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.119.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-119-77.fra60.r.cloudfront.net

Software

Server /

Resource Hash

89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 14:26:35 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 6b17c6258978715ba0681e1d5589502c.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P1
x-amz-rid: N08K68YWAY30Q6MBF6XV
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://ibb.co
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: Q7reH4-VXAbOyhJ2XhbVb5KeqbNlO0M8py55nm0oEEJ4nGOfNx50BQ==

GET
H2 200 x-IVmh-FCWAp-W7-Ykn5-Y1j-Vg.jpg
i.ibb.co/my9dzN4/ 106 KB
106 KB 28ms
28ms Image
image/jpeg 162.19.58.161
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/my9dzN4/x-IVmh-FCWAp-W7-Ykn5-Y1j-Vg.jpg
Requested by: Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.161 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096669.ip-162-19-58.eu
Software: nginx /
Resource Hash: 1b02a79decc77ee5b0aede97402dc9bfa3a4bce46cd32dbde6d6aa45d1ab0329

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 14:26:35 GMT
last-modified: Sat, 11 Nov 2023 14:23:44 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 108164
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 cc.jpeg
px.vliplatform.com/bi-v4/ 0
276 B 170ms
144ms Image
image/jpeg 2606:4700:3037::ac43:9e3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNYAPAMZyT-rAPe-PZPA-MZeK-AKqPyArqAUZwRdzNwqfftkRlmNKYMbaARwlNqdqmgfRkjmNKYMbaARrdzNqdqmgfRwkjNARmNTTTPBYRleNplR_yszuNyqsltRedhNgyy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 14:26:35 GMT
cf-cache-status: MISS
last-modified: Sat, 11 Nov 2023 14:26:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iy7X3%2FIR%2FUfef9FNEw0XIz951Ul9ajvjGGYeOfeI7%2FWx7CVx8jBDGB468LX7Ix88FXleSc7llUwfe%2BgBsoX4wdc%2BT%2BfIbio%2FKCoL8HhCzeA%2BSMpDdW85qiIgeqNCga8OF8Kn9L4Z1fBd4wqSddG7Ug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 8247360a6dcdbba9-FRA
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
456 B 80ms
60ms XHR
text/javascript 13.32.119.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fibb.co%2Fjwyq4JD&pid=6Jejjjqc69FSf&cb=2&ws=1600x1200&v=23.1027.1921&t=1500&slots=%5B%7B%22sd%22%3A%22vi_22154111430_7%22%2C%22s%22%3A%5B%22970x90%22%5D%2C%22sn%22%3A111430%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%2C%7B%22sd%22%3A%22vi_22154111430_8%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A111430%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!pubpower.io%2C467%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.119.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-119-77.fra60.r.cloudfront.net

Software

Server /

Resource Hash

5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 14:26:35 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 6b17c6258978715ba0681e1d5589502c.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P1
x-amz-rid: RMZ2HTV3BNDC83G5ZN4K
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://ibb.co
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: ypmFwAnSymM3Y5zmvJRvL50iy2ds9VJffwi2BcZiRc4sPUwKrAWdlQ==

GET
H2 200 cc.jpeg
px.vliplatform.com/bi-v4/ 0
267 B 164ms
145ms Image
image/jpeg 2606:4700:3037::ac43:9e3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNtyTewatK-YUya-PBZa-MtZK-ryTtKMyPZAeeRdzNwqfftkRlmNaKAbaARwlNqdqmgfRkjmNaKAbaARrdzNqdqmgfRwkjNARmNTTTPBARleNplR_yszuNyqsltRedhNgyy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 14:26:35 GMT
cf-cache-status: MISS
last-modified: Sat, 11 Nov 2023 14:26:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jCXBbuEwPxdakTpyES6UDHUIey1%2FpU9RwWE1b4g1Lnnpex89xlKnBEFcorLZJsZamQrnu%2FnSkGj8e260RLgGCasFgwK5z6tizxVkhEixdq8WWXswUFJjvjAik9SJobVqihtvAMRrF10iauCsvWnk8g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 8247360a6dd3bba9-FRA
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 cc.jpeg
px.vliplatform.com/bi-v4/ 0
271 B 164ms
144ms Image
image/jpeg 2606:4700:3037::ac43:9e3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNtyYPqZZT-TMYe-PTUa-wwtt-rTYAUyeTTAytRdzNwqfftkRlmNKYMbaARwlNqdqmgfRkjmNKYMbaARrdzNqdqmgfRwkjNARmNTTTPBARleNplR_yszuNyqsltRedhNgyy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 14:26:35 GMT
cf-cache-status: MISS
last-modified: Sat, 11 Nov 2023 14:26:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vkDQbaVw7cVm%2BaSyAKiywicjYV%2BQFZUC2TFUJt3ZX6c26HmW7vcI04sL5E3d%2BNUu8jYgJpC1yNqDdqPUhlxlTPIKtfxploIQt0n7qcae1WLL%2BKJzKJmXCqUkDFI3bgTtFKOp996CI1xc0w1vSvBJRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 8247360a6dd4bba9-FRA
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
455 B 63ms
63ms XHR
text/javascript 13.32.119.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fibb.co%2Fjwyq4JD&pid=6Jejjjqc69FSf&cb=3&ws=1600x1200&v=23.1027.1921&t=1500&slots=%5B%7B%22sd%22%3A%22vi_2215494532_1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A94532%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!pubpower.io%2C467%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.119.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-119-77.fra60.r.cloudfront.net

Software

Server /

Resource Hash

1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 14:26:35 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 6b17c6258978715ba0681e1d5589502c.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P1
x-amz-rid: 5VWCBS4K3PNWTDWNH2S0
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://ibb.co
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: C8IiUB8-ChybkmrYBdt0qVBrdQQZK507oSN2pj4HtXcP00sGXw93DQ==

GET
H2 200 1679645040.png
assets.vlitag.com/widget/2023/03/24/ 98 KB
99 KB 32ms
30ms Image
image/webp 2606:4700:10::ac43:15e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.vlitag.com/widget/2023/03/24/1679645040.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c43f2cfd502f8404bf58060207dfd8294ad0c7f1bc08e69db75713552f915795

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 14:26:35 GMT
cf-cache-status: HIT
age: 359826
cf-polished: origFmt=png, origSize=323185
content-disposition: inline; filename="1679645040.webp"
alt-svc: h3=":443"; ma=86400
content-length: 100856
cf-bgj: imgq:85,h2pri
last-modified: Fri, 24 Mar 2023 08:04:00 GMT
server: cloudflare
etag: "641d5970-4ee71"
vary: Accept
content-type: image/webp
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 8247360a8ed01c40-FRA
expires: Wed, 01 Nov 2023 22:48:55 GMT

GET
H2 200 1648753545.jpg
assets.vlitag.com/widget/2022/03/31/ 97 KB
97 KB 34ms
33ms Image
image/webp 2606:4700:10::ac43:15e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.vlitag.com/widget/2022/03/31/1648753545.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 191a98003e98b429276e8f3daefd3849a1603a4ddee78efc0168ba41a131a5bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 14:26:35 GMT
cf-cache-status: HIT
age: 359799
cf-polished: qual=85, origFmt=jpeg, origSize=133932
content-disposition: inline; filename="1648753545.webp"
alt-svc: h3=":443"; ma=86400
content-length: 99048
cf-bgj: imgq:85,h2pri
last-modified: Thu, 31 Mar 2022 19:05:45 GMT
server: cloudflare
etag: "6245fb89-20b2c"
vary: Accept
content-type: image/webp
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 8247360a8ed41c40-FRA
expires: Sat, 04 Nov 2023 08:20:28 GMT

GET
H2 200 1572962830.jpg
assets.vlitag.com/widget/2019/11/05/ 170 KB
171 KB 40ms
39ms Image
image/jpeg 2606:4700:10::ac43:15e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.vlitag.com/widget/2019/11/05/1572962830.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a24a1cdd313ab6fa435e1a0f9f4f0395f864a11c9a5ff9610beafe91548d1a8d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 14:26:35 GMT
cf-cache-status: HIT
age: 359805
cf-polished: degrade=85, origSize=227959, status=webp_bigger
alt-svc: h3=":443"; ma=86400
content-length: 174276
cf-bgj: imgq:85,h2pri
last-modified: Tue, 05 Nov 2019 14:07:11 GMT
server: cloudflare
etag: "5dc1820f-37a77"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 8247360a8ed81c40-FRA
expires: Wed, 01 Nov 2023 15:47:05 GMT

GET
H2 200 1592801729.jpg
assets.vlitag.com/widget/2020/06/22/ 74 KB
74 KB 36ms
35ms Image
image/webp 2606:4700:10::ac43:15e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.vlitag.com/widget/2020/06/22/1592801729.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8341f341848ee9eec71870d976b0895ef1084190c2e0b0349d2ba1c9b9ef64e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 14:26:35 GMT
cf-cache-status: HIT
age: 285266
cf-polished: qual=85, origFmt=jpeg, origSize=103053
content-disposition: inline; filename="1592801729.webp"
alt-svc: h3=":443"; ma=86400
content-length: 75514
cf-bgj: imgq:85,h2pri
last-modified: Mon, 22 Jun 2020 04:55:29 GMT
server: cloudflare
etag: "5ef039c1-1928d"
vary: Accept
content-type: image/webp
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 8247360a8ed91c40-FRA
expires: Wed, 08 Nov 2023 05:21:44 GMT

GET
H2 200 1572962870.jpg
assets.vlitag.com/widget/2019/11/05/ 107 KB
107 KB 39ms
39ms Image
image/webp 2606:4700:10::ac43:15e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.vlitag.com/widget/2019/11/05/1572962870.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45fe766308841d0d4a2068ef014d83df899ef6623f6bb4bde509431657b1c707

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 14:26:35 GMT
cf-cache-status: HIT
age: 204946
cf-polished: qual=85, origFmt=jpeg, origSize=151033
content-disposition: inline; filename="1572962870.webp"
alt-svc: h3=":443"; ma=86400
content-length: 109336
cf-bgj: imgq:85,h2pri
last-modified: Tue, 05 Nov 2019 14:07:50 GMT
server: cloudflare
etag: "5dc18236-24df9"
vary: Accept
content-type: image/webp
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 8247360a8edb1c40-FRA
expires: Thu, 02 Nov 2023 12:03:01 GMT

GET
H2 200 1596163502.jpg
assets.vlitag.com/widget/2020/07/30/ 104 KB
105 KB 38ms
37ms Image
image/webp 2606:4700:10::ac43:15e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.vlitag.com/widget/2020/07/30/1596163502.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5db53bf6a77148dae0aece6b6512e4a6bf94603af72e449a0f23ed03e8b96ff3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 14:26:35 GMT
cf-cache-status: HIT
age: 1033355
cf-polished: qual=85, origFmt=jpeg, origSize=140376
content-disposition: inline; filename="1596163502.webp"
alt-svc: h3=":443"; ma=86400
content-length: 106784
cf-bgj: imgq:85,h2pri
last-modified: Fri, 31 Jul 2020 02:45:02 GMT
server: cloudflare
etag: "5f2385ae-22458"
vary: Accept
content-type: image/webp
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 8247360a8edc1c40-FRA
expires: Tue, 24 Oct 2023 19:35:41 GMT

GET
H2 200 cc.jpeg
px.vliplatform.com/bi-v4/ 0
271 B 144ms
144ms Image
image/jpeg 2606:4700:3037::ac43:9e3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNZTtrPZAt-twZy-PZqr-qZrr-waMZABAUZKwTRdzNwqfftkRlmNBAAbYZARwlNqdqmgfRkjmNBAAbYZARrdzNqdqmgfRwkjNARmNaPZBYRleNplR_yszuNyqsltRedhNgyy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 14:26:35 GMT
cf-cache-status: MISS
last-modified: Sat, 11 Nov 2023 14:26:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=igL7slIbUZkpWAx3r7czFbrX%2BlpV7UNfrk4loc8VmLt8nIl%2BgYbOjRHHQoM7wDH749HFeifMqYeGwD3m%2FnxWwYb0tpjbWhQUi8b0%2BMJfZNVEXFMTZcLJNGvPFnsjoPgYGJB2hF4z9AFGGMnEVfElWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 8247360a8dfcbba9-FRA
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H3

206

videoplayback
r5---sn-4g5edndk.googlevideo.com/
Redirect Chain

https://media.vlitag.com/vid/?id=6Fk_i-JDmbY&t=y
https://redirector.googlevideo.com/videoplayback?expire=1699727088&ei=kHJPZfW7G7WI_9EP7YquUA&ip=184.164.141.146&id=o-AA-cCaFy5gEV9UDLGwh9WuhPh44oOGASrp7hiWEgIwmX&itag=18&source=youtube&requiressl=y...
https://r5---sn-4g5edndk.googlevideo.com/videoplayback?expire=1699727088&ei=kHJPZfW7G7WI_9EP7YquUA&ip=184.164.141.146&id=o-AA-cCaFy5gEV9UDLGwh9WuhPh44oOGASrp7hiWEgIwmX&itag=18&source=youtube&requir...

150 KB
0

45ms
20ms

Media
video/mp4

2a00:1450:4001:23::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-4g5edndk.googlevideo.com/videoplayback?expire=1699727088&ei=kHJPZfW7G7WI_9EP7YquUA&ip=184.164.141.146&id=o-AA-cCaFy5gEV9UDLGwh9WuhPh44oOGASrp7hiWEgIwmX&itag=18&source=youtube&requiressl=yes&spc=UWF9fyYmP3hPMN_srEwZtBt4XQrzvrsmflEJFKg8Zg&vprv=1&svpuc=1&mime=video%2Fmp4&ns=6sCCPKHZkgxSh2_QpyMQd4kP&cnr=14&ratebypass=yes&dur=200.968&lmt=1685781175523295&fexp=24007246&beids=24350018&c=WEB&txp=6219224&n=IXhwK8NQu1Z1Pi1a&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=ANLwegAwRgIhAJ7Saykn1pU3l_y7zm7PoQJZ0spDW6g1VpPRrpXbf6-UAiEAnxHgIY-XsrEHdYFgAGHR-cor2WWdMmIblzNJkYnUsyI%3D&cms_redirect=yes&mh=d6&mip=2001:1b60:2:240:3247::4&mm=31&mn=sn-4g5edndk&ms=au&mt=1699712470&mv=m&mvi=5&pl=48&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AM8Gb2swRAIgWn1la6ysONkl33Gay7NJ_ioklRR4F58cuNH8QEVrkmsCIHHAjn9uPTUv8iC2mS9OUOtbl7OiZd43oN6Y8o1wGMOu

Protocol

Server

2a00:1450:4001:23::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

client-protocol: quic
date: Sat, 11 Nov 2023 14:26:35 GMT
x-content-type-options: nosniff
last-modified: Sat, 03 Jun 2023 08:32:55 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
Content-Range: bytes 0-14185952/14185953
cache-control: private, max-age=13993
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 14185953
expires: Sat, 11 Nov 2023 14:26:35 GMT

Redirect headers

pragma: no-cache
date: Sat, 11 Nov 2023 14:26:35 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r5---sn-4g5edndk.googlevideo.com/videoplayback?expire=1699727088&ei=kHJPZfW7G7WI_9EP7YquUA&ip=184.164.141.146&id=o-AA-cCaFy5gEV9UDLGwh9WuhPh44oOGASrp7hiWEgIwmX&itag=18&source=youtube&requiressl=yes&spc=UWF9fyYmP3hPMN_srEwZtBt4XQrzvrsmflEJFKg8Zg&vprv=1&svpuc=1&mime=video%2Fmp4&ns=6sCCPKHZkgxSh2_QpyMQd4kP&cnr=14&ratebypass=yes&dur=200.968&lmt=1685781175523295&fexp=24007246&beids=24350018&c=WEB&txp=6219224&n=IXhwK8NQu1Z1Pi1a&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=ANLwegAwRgIhAJ7Saykn1pU3l_y7zm7PoQJZ0spDW6g1VpPRrpXbf6-UAiEAnxHgIY-XsrEHdYFgAGHR-cor2WWdMmIblzNJkYnUsyI%3D&cms_redirect=yes&mh=d6&mip=2001:1b60:2:240:3247::4&mm=31&mn=sn-4g5edndk&ms=au&mt=1699712470&mv=m&mvi=5&pl=48&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AM8Gb2swRAIgWn1la6ysONkl33Gay7NJ_ioklRR4F58cuNH8QEVrkmsCIHHAjn9uPTUv8iC2mS9OUOtbl7OiZd43oN6Y8o1wGMOu
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1250
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 59ms
35ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311060101/pubads_impl.js?cb=31079511

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 14:26:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 33705
x-jsd-version: master
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230058-FRA
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MR0SeSF%2BFc0TnJ5PT5KUqMeQCW6Ie%2FTrj8llGElAjbwMfaCAb3ag3DVUw2Slfm2NH0GpC9RGqTtfprD4C1CZ5BOKJaRrDwC70RDAKyOMpfuVjh1ubT%2FL%2FCHzpUULB45C7eJN2fVXrrBotNzmJZ0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 8247360b3ec3914d-FRA

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 147 KB
32 KB 83ms
31ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311060101/pubads_impl.js?cb=31079511

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b02f712bafaaaf093abcbe50187969700636642c4a9b659974eae2da90b2f914

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 14:26:35 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 09 Nov 2023 09:47:12 GMT
server: cloudflare
x-amz-request-id: T0X0E3CHZTTH9369
age: 969
etag: W/"c129d5681852fdb4346e144820aba0c3"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 8247360b6cee380a-FRA
x-amz-id-2: q5p5l0hA06hwHSRPXmorz7KPnU+8X+EQk9BZMNRo+BGdrnZ7/EtPZZerWfVIjM5GgEKkMAwwRXQ=

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 150ms
69ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311060101/pubads_impl.js?cb=31079511

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 14:26:35 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 27 Oct 2023 06:43:26 GMT
server: nginx
etag: W/"653b5c0e-a9a7"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 12 Nov 2023 14:26:35 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 69 KB
20 KB 372ms
372ms Fetch
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=594024892429966&correlator=2942178868885762&eid=31079519%2C31079511%2C31079527&output=ldjh&gdfp_req=1&vrg=202311060101&ptt=17&impl=fifs&iu_parts=21724377464%3A22155214454%2Cibb.co_vli111431&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&fsfs=1&ists=1&fas=8&ifs=%5B%5B%5B2%2C1%5D%5D%5D&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1699712795361&lmt=1699712795&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fibb.co%2Fjwyq4JD&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1888832690.1699712795&ga_sid=1699712795&ga_hid=622050887&ga_fc=false&a3p=EhkKCnB1YmNpZC5vcmcY3oWc9rsxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGN-FnPa7MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y34Wc9rsxSABSAghk&dlt=1699712793918&idt=1399&prev_scp=vli_adslot%3D111431%26vli_acc%3D152media%26vli_adtype%3Ddisplay%26hb_width%3D336%26hb_height%3D280%26vli_sf%3D1%26vli_slot%3Dvi_22154111431_banner%26pw_tagid%3D111431%26pw_network%3Dtrue%26vli_ad_type%3Dpassback%26pw_pb%3D0.01&cust_params=hb_domain%3Dibb.co&adks=988992857&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311060101/pubads_impl.js?cb=31079511

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d1d9bc406ab51736aea1d430f5ee11e6ca50d5ccd22d5cf172b12d0c54a7631

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 14:26:35 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20750
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ibb.co
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cc.jpeg
px.vliplatform.com/bi-v4/ 0
272 B 142ms
142ms Image
image/jpeg 2606:4700:3037::ac43:9e3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNTBZZawPM-Zwae-PqUB-MUTa-wTqMtAaaBYYURdzNwqfftkRwlNqrb_TZYdtroqRkjmNBYAbPMA,BBUbYMA,BAAbYZARrdzNuggustRwkjNTRmNTTTPBTRleNplR_yszuNyqsltRedhNgyy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 14:26:35 GMT
cf-cache-status: MISS
last-modified: Sat, 11 Nov 2023 14:26:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pv8EqGqaual4F9qoTYmIlk3O6kFDr3kUfwqZAhAkYxvryGMMDReJDPgOROG9UXwVMdhIYkheAJVD6PTWDRpf1oyx2ZvCpubr9%2F8eJbrWajhBk23%2B%2BPqw3hnBvAYOZKYjpIqCRzKArWq2GWDCNqQvOA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 8247360b1e9cbba9-FRA
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 122ms
72ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311060101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311060101/pubads_impl.js?cb=31079511

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1c358b3bc1cf4b2f5acd9c5ba98d4e739fa948947aab947b78646e4e52bf5cc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 14:26:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12289
x-xss-protection: 0

GET
H2 200 container.html Show response
edb83bedaa076095b8eab5748de0ea5d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame AC65 6 KB
3 KB 134ms
56ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://edb83bedaa076095b8eab5748de0ea5d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311060101/pubads_impl.js?cb=31079511

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ibb.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 11 Nov 2023 14:26:35 GMT
expires: Sun, 10 Nov 2024 14:26:35 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311060101/ 39 KB
13 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311060101/pubads_impl_page_level_ads.js?cb=31079511

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311060101/pubads_impl.js?cb=31079511

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e25e782696ec95f3f2aa45db9c0e1af92affad513980ae4227b4fb8f4b48c744

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 22:36:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56989
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13741
x-xss-protection: 0
server: cafe
etag: 16994429882303358738
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 09 Nov 2024 22:36:46 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 29 KB
13 KB 220ms
219ms Fetch
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=594024892429966&correlator=3118829455062738&eid=31079519%2C31079511%2C31079527&output=ldjh&gdfp_req=1&vrg=202311060101&ptt=17&impl=fifs&iu_parts=21724377464%3A22155214454%2Cibb.co_vli94532&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=2&sfv=1-0-40&fsfs=1&ifs=%5B%5B%5B2%2C1%5D%5D%5D&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1699712795388&lmt=1699712795&adxs=985&adys=265&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fibb.co%2Fjwyq4JD&vis=1&psz=300x-1&msz=300x-1&fws=0&ohw=0&ga_vid=1888832690.1699712795&ga_sid=1699712795&ga_hid=622050887&ga_fc=false&a3p=EhkKCnB1YmNpZC5vcmcY3oWc9rsxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGN-FnPa7MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y34Wc9rsxSABSAghk&dlt=1699712793918&idt=1399&prev_scp=vli_adslot%3D94532%26vli_acc%3D152media%26vli_adtype%3Ddisplay%26hb_width%3D300%26hb_height%3D250%26pw_tagid%3D94532%26vli_sf%3D1%26pw_network%3Dtrue%26vli_ad_type%3Dpassback%26pw_pb%3D0.01&cust_params=hb_domain%3Dibb.co&adks=902507607&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311060101/pubads_impl.js?cb=31079511

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aab6a01bb3c0cbfb0fa3fe2b051792d74c30a5d827be8525c354fb9d4fc3475b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 14:26:35 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12773
x-xss-protection: 0
google-lineitem-id: 5877303303
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138377370627
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ibb.co
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cc.jpeg
px.vliplatform.com/bi-v4/ 0
277 B 142ms
141ms Image
image/jpeg 2606:4700:3037::ac43:9e3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNBYTZwaeP-yyqw-PMZa-aKaA-AUYeZBMraZMyRdzNwqfftkRwlNqrb_TZYdtroqRkjmNBAAbYZARrdzNuggustRwkjNTRmNaPZBYRleNplR_yszuNyqsltRedhNgyy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 14:26:35 GMT
cf-cache-status: MISS
last-modified: Sat, 11 Nov 2023 14:26:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AKEW28zYTUo94uMITmjXTQJ2tdUka0q%2Ffa%2FRV8s4EU10w%2FRoWfKjhcUBRTQt%2B2sVkMbKQdz14c7zB9PxIw%2BVLELKe0pJnfJjBSIuQEC%2BHDfy5PWpRwlxMWB77fv24%2FZtsXYY7g5%2FLPCt672BETC5sw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 8247360b3ec4bba9-FRA
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 36 KB
15 KB 373ms
373ms Fetch
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=594024892429966&correlator=757327331815126&eid=31079519%2C31079511%2C31079527&output=ldjh&gdfp_req=1&vrg=202311060101&ptt=17&impl=fifs&iu_parts=21724377464%3A22155214454%2Cibb.co_vli111430&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90&ifi=3&sfv=1-0-40&fsfs=1&ifs=%5B%5B%5B2%2C1%5D%5D%5D&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1699712795455&lmt=1699712795&adxs=436&adys=1226&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fibb.co%2Fjwyq4JD&vis=1&psz=1600x-1&msz=728x-1&fws=512&ohw=0&ga_vid=1888832690.1699712795&ga_sid=1699712795&ga_hid=622050887&ga_fc=false&a3p=EhkKCnB1YmNpZC5vcmcYp4ac9rsxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGN-FnPa7MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y34Wc9rsxSABSAghk&dlt=1699712793918&idt=1399&prev_scp=vli_adslot%3D111430%26vli_acc%3D152media%26vli_adtype%3Ddisplay%26hb_width%3D970%26hb_height%3D90%26pw_tagid%3D111430%26vli_sf%3D1%26pw_network%3Dtrue%26vli_ad_type%3Dpassback%26pw_pb%3D0.01&cust_params=hb_domain%3Dibb.co&adks=3672933460&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311060101/pubads_impl.js?cb=31079511

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dd62bcd59a370c259487dccdc612e77b3452e57f97d33fbcc08e900a3eef3b44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 14:26:35 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15058
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ibb.co
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cc.jpeg
px.vliplatform.com/bi-v4/ 0
270 B 146ms
145ms Image
image/jpeg 2606:4700:3037::ac43:9e3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNMZBMKeyT-qKTq-PtZr-wPqT-ttqUAytZBwBeRdzNwqfftkRwlNqrb_TZYdtroqRkjmNKYMbaA,aKAbaARrdzNuggustRwkjNTRmNTTTPBARleNplR_yszuNyqsltRedhNgyy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 14:26:35 GMT
cf-cache-status: MISS
last-modified: Sat, 11 Nov 2023 14:26:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9olOZfeB0RAFuKZ1z7P%2BzBwPIG0idcv%2FNv0kybIoAqxW7c79tYSFK21DWjJSgHXusfA2NeYLlizUlBFDcWm1MA2BWfgmE9TSzqxgf2%2FeDkl%2BGdd6369jptjjONCZTTMcqiUSoh7M23efIPB1WL5xkA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 8247360baf41bba9-FRA
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 204 increment Show response
id5-sync.com/api/esp/ 0
222 B 72ms
21ms XHR
text/plain 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://ibb.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ibb.co
date: Sat, 11 Nov 2023 14:26:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 176ms
111ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311060101/pubads_impl.js?cb=31079511

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 14:26:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 11 Nov 2023 14:26:35 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame BFDE 15 KB
6 KB 113ms
39ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=ibb.co

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ibb.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 11 Nov 2023 14:26:35 GMT
server: Kestrel
server-processing-duration-in-ticks: 331042
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET container.html
edb83bedaa076095b8eab5748de0ea5d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 49F1 0
0

GET
H2 200 adtag.js Show response
dsp.vlitag.com/js/v1/ Frame 9732 102 KB
26 KB 42ms
33ms Script
application/javascript 2606:4700:10::ac43:15e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dsp.vlitag.com/js/v1/adtag.js
Requested by: Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44d1c878ee2c022361cfcae57d526f0c92c2c42f553973579c07fcebeac26502

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 14:26:35 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 107
cf-polished: origSize=104022
etag: W/"2023-10-17T03:40:56"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=300, stale-while-revalidate=3600
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 8247360cd90e1c40-FRA
alt-svc: h3=":443"; ma=86400

GET
H2

200

sid Show response
mug.criteo.com/ Frame BFDE
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=ibb.co&sn=ChromeSyncframe&so=0&topUrl=ibb.co&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=7XL7pXxlOG5HelNwTkZVS2RaTitoUlIrYUVWWlgwUmVXREdtM3F6TTFvMDdjOTNydXlObU04TTNwZFBabUF0MTVVNUhhUnhveXVhMGxvc3pJWmdQdjk5MjJwTzBBR1I3cDlnd0tWMXBMSEJhZG5xSUpLaXdFRWpua2NBYn...

430 B
656 B

40ms
39ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=7XL7pXxlOG5HelNwTkZVS2RaTitoUlIrYUVWWlgwUmVXREdtM3F6TTFvMDdjOTNydXlObU04TTNwZFBabUF0MTVVNUhhUnhveXVhMGxvc3pJWmdQdjk5MjJwTzBBR1I3cDlnd0tWMXBMSEJhZG5xSUpLaXdFRWpua2NBYnBoQ2l0WnNSQ3hacmhRbm5jbVdLRHRRYWRJdlV2blF5N0NQaTJCZ0VWL2g4QXdJLzdpMms0clpHM2xzZHBWRzN3MjlSTllJM2Z6SGM3QldiOGRYRlhOQWxuMjgzUkpuSHkxSDdXNkZsMm0zejZ1TkM1Z0w2M2pwQzRBUy9uQ1ptcWl5WlpXeUx4SFVrSkMrbFB5eVdEOFpiSW54Y3pxZz09fA&cppv=2

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

2366967b326414a468b336c8b7b825c452d90eaec26f00f0be91beb3df37fe38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Nov 2023 14:26:35 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2181276
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 11 Nov 2023 14:26:34 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=7XL7pXxlOG5HelNwTkZVS2RaTitoUlIrYUVWWlgwUmVXREdtM3F6TTFvMDdjOTNydXlObU04TTNwZFBabUF0MTVVNUhhUnhveXVhMGxvc3pJWmdQdjk5MjJwTzBBR1I3cDlnd0tWMXBMSEJhZG5xSUpLaXdFRWpua2NBYnBoQ2l0WnNSQ3hacmhRbm5jbVdLRHRRYWRJdlV2blF5N0NQaTJCZ0VWL2g4QXdJLzdpMms0clpHM2xzZHBWRzN3MjlSTllJM2Z6SGM3QldiOGRYRlhOQWxuMjgzUkpuSHkxSDdXNkZsMm0zejZ1TkM1Z0w2M2pwQzRBUy9uQ1ptcWl5WlpXeUx4SFVrSkMrbFB5eVdEOFpiSW54Y3pxZz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 256372
content-length: 0
expires: 0

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5289 13 KB
5 KB 22ms
21ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ibb.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 13583
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 11 Nov 2023 10:40:12 GMT
expires: Sun, 10 Nov 2024 10:40:12 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 98FA 829 B
1 KB 82ms
31ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

31a93f6ec50f2339370473b311087b1604da751cc0b7a50cadfd8b10a33621b8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-kKJPt9_7Ql6HZtJP9OLFEA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ibb.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-kKJPt9_7Ql6HZtJP9OLFEA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 11 Nov 2023 14:26:35 GMT
expires: Sat, 11 Nov 2023 14:26:35 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 bidding Show response
adsystem.pocpoc.io/adv/v1/ Frame 9732 2 B
589 B 203ms
150ms XHR
application/json 2606:4700:20::681a:fa7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adsystem.pocpoc.io/adv/v1/bidding?dv=desktop&dm=ibb.co&tid=VLI1-94532&sz=1&asz=300x250&at=native,banner
Requested by: Host: dsp.vlitag.com
URL: https://dsp.vlitag.com/js/v1/adtag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fa7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 14:26:35 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 2
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GibKYVJzkNIAcbvH7CMMRnREAAVxI8G5b4%2Bdrayj4H8sCDicTOZeQn17SowhGRntqVlge%2B6lbJyV2G%2BJ3spYlxMG9WJ6bilDac%2BhC10fOtSnZo50Bj1hqxfeEp2AXQ0Uq3we9EL%2F5w5udvpOjXdoGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ibb.co
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 8247360d7feb1c01-FRA
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tfa.jpeg
px.pocpoc.io/v1/ Frame 9732 0
523 B 208ms
153ms Image
image/jpeg 2606:4700:20::ac43:4b40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.pocpoc.io/v1/tfa.jpeg?e=rtNrtl0zghRzdNZKqetAay-UKKe-PUUA-ayZq-qTqPaqPqUTMKRrdNowwGegRzorNcsoT-aPZBYRleNpl
Requested by: Host: ibb.co
URL: https://ibb.co/jwyq4JD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 14:26:35 GMT
cf-cache-status: MISS
last-modified: Sat, 11 Nov 2023 14:26:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HhIixdlL3gq0saZaDaDFDBFYkjtL3oyOSLLwnRgf38K7m3XnzZS01mI4K%2BuR91T2Vg7gCOlU%2Fi%2FgbuiJX%2F%2FBO4fjVVwDYecc%2BnX1gDLCq%2F7EY0CpJiZ408VonKpxnAWYzhNPWj1EBem6RQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, immutable, max-age=864000
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 8247360d7bfa9a2d-FRA
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 5289 39 KB
15 KB 62ms
20ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 09:51:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16494
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 10 Nov 2024 09:51:41 GMT

GET
H3 200 container.html Show response
edb83bedaa076095b8eab5748de0ea5d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B485 6 KB
3 KB 21ms
21ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://edb83bedaa076095b8eab5748de0ea5d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311060101/pubads_impl.js?cb=31079511

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ibb.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 11 Nov 2023 14:26:35 GMT
expires: Sun, 10 Nov 2024 14:26:35 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame B485 4 KB
767 B 32ms
31ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: edb83bedaa076095b8eab5748de0ea5d.safeframe.googlesyndication.com
URL: https://edb83bedaa076095b8eab5748de0ea5d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edb83bedaa076095b8eab5748de0ea5d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 11 Nov 2023 14:26:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 11 Nov 2023 13:35:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 11 Nov 2023 14:26:35 GMT

GET
H2 200 ab Show response
ams3-ib.adnxs.com/ Frame C1B3 12 KB
7 KB 99ms
32ms Script
application/javascript 185.89.211.116
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/ab?ro=1&an_audit=0&referrer=https%3A%2F%2Fibb.co%2Fjwyq4JD&e=wqT_3QKeDaCeBgAAAwDWAAUBCJuevqoGEPG07q7E5b7NLhgAKjYJsoUgByXMxD8Rsg0JJBkAAACgcD3iPyERGwApEQnAMQAAAIDrUcg_MJU2OLUBQOsbSAJQnoWR4gFY0ccBYABoqTF44_MFgAEBigEDVVNEkgUG8EyYAcACoAHgA6gBAbABALgBAsABBcgBAtABANgBAOABAPABAIoCaHVmKCdhJywgODY3MTEzMiwgMCk7dWYoJ2knLCA5MTc4ODAzLCAwKQUULGcnLCAyMzIxNjk3MRUpLGMnLCA1ODI3NTE0NhUVMHInLCA0NzQyMzU1NTAFFvCwkgL1BCE3SDc2WkFqSzZ1UWJFSjZGa2VJQkdBQWcwY2NCTUFBNEFFQUFTT3NiVUpVMldBQmdfX19fX3c5b0FIQUJlQUdBQVFHSUFRR1FBUUdZQVFHZ0FRR29BUUd3QVFDNUFkdEFGd1piZThNX3dRRXZNandKT016RVA4a0JBQUFBQUFBQThEX1pBWm5UWlRHeC1lMF80QUd6bmJBRTlRRXpNek1fbUFJQW9BSUJ0UUlBATMIdlFJAQfwPEF3QUlCeUFJQjBBSUIyQUlCNEFMcDhwSXg2QUtWakx5cUJ2SUNBekl5Tl9nQ0FJQURBWmdEQWFJREV3anABKPB9RUFnWUFDMWNqMElfTWdNeU1qZWlBeE1JNmZLU01SQUpHQUF0WEk5Q1B6SURNakkzb2dNT0NOTDMwUUVRQ2hnQUxRQUFnRC02QXdsQlRWTXpPall3TnpEZ0FfbEVnQVNuazdRTWlBU3BrN1FNa0FRQW1BUUJvQVFVd1FRQUFBBcMQQUFNa0UNCiRBQUFEWUJBRHhCAQsNARxpQVcyTDZrRg0PFEE4RC14Qh0_EHdRVm1aBQIMYm1QOAkoHFFEc28yal9SLigA4DJRVUFBQUNBNjFIb1AtQUYtSDd3QmN1R2lRdjRCWnlma1FTQ0JnTkZWVktJQmdDUUJnR1lCZ0NoQgVcOFptWnVZX3FBWUVzZ1lrQx2AAEUdDABHHQwASR0MeHVBWUtnUWlpY0QzS1p0WFhQdy4umgKZASFLQmhEeWc6eQIoTkhIQVNBQUtBQXgJ2ZBabTVqODZDVUZOVXpNNk5qQTNNRUQ1UkVtWjAyVXhzZm50UDFFMSAMQUFGaxkMAEc9XABHHRgASB0YEEhnQWlRERAERHcBnfBA2ALwBuACZuoCFmh0dHBzOi8vaWJiLmNvL2p3eXE0SkTyAhEKBkFEVl9JRBIHODY3MTEzMvICEgoGQ1BHX0lEEghxj0TyAgoKBUNQX0lEEgEw8gINCggBNgxGUkVRERAcUkVNX1VTRVIFEAAMCSAYQ09ERRIA8gEPAVERDxALCgdDUBUOEBAKBUlPAVkIBzkxhRAA8gEhBElPFSE4HAoPQ1VTVE9NX01PREVMASs4CTEwMzA3MDA1N_ICHQoWMh8ASExFQUZfTkFNRRIDMjI38gIoCho2IAAIQVNUAUpASUZJRUQSCjE2OTk2Nzc3MTcF1xBTUExJVAFj8G0BMIADAIgDAZADAJgDCaADAaoDAMAD2ATIAwDYA6uLwQHgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA0gQOMzU2MyNBTVMzOjYwNzDaBAIIAeAEAfAEnqFtIIgFAZgFAKAF_xEBGAHABQDJBQAFARTwP9IFCQkFC0AAAADYBQHgBQHwBYiWY_oFBAFuKJAGAJgGALgGAMEGASEwAADwP9AG8g3aBhYKEAkRGQEBnGDgBgHyBgIIAIAHAYgHAKAHAcgH4_MF0gcNFWQBJgjaBwYBXcQYAOAHAOoHAggA8AfRogSKCAIQAJUIAACAP5gIAcAI8AbSCA4IgYKEiJCgwIABEAIYAA..&s=66a3dcafa11fbab2e7ddef3c8c778bfc3570ac7a&pp=ZU-PGwAGSQUK3qsWAAI9SIZCVFe9GGldB5rIiw&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCi6-JG49PZYWSGZbW-gbI-ojIAteirrlgqYTk-voMwI23ARABIABglfqEgpgHggEXY2EtcHViLTM5NjAwOTU3MDk5MzAxMzTIAQmpAtJLWfee7bE-4AIAqAMByAMCqgSSAk_QslXNW2wH739BKNFEEhV9S9WVmtrKkBmcpBmH-RRLPdjIHqjTOZiEn4djUyLNjqbH6rFShQGlhXGh7vqOPD7UO2RRdPg2z-HiZS113aLyvQuvAcXUkQL3pybAIm2cmO6P4xYdTLdk9wdQv5HE2Ko8o4C3AIC74YbH6o9t77HHt_8kSzw1dWJsTKwveB8gBpdByMqjqyFd-e96rjJUTv1FqeOyadN4x4NBWdf3qkQLtRaF8zZu8r0hs3AYTWTwGb-E5UktMU4jBn3Lpd7k5tFbBqSOq4e_q3yZ6q7JOjRdAejGFbg3Ns0Nyp5rvpMdKmrpuFwbqrAWArQMu66c7CA9y6IFGIpZjOOT3KTSWu3QlajgBAGABrL9quyVn-SIbKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3DHrYxPSxFEwO4rWuMpHBF75gwzQ%26client%3Dca-pub-3960095709930134%26adurl%3D

Requested by

Host: ibb.co
URL: https://ibb.co/jwyq4JD

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

5325fc593675de36dd31af4d7a8211a9d129f9c4496df70942a5b59b6b4a34c8

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edb83bedaa076095b8eab5748de0ea5d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 14:26:35 GMT
content-encoding: gzip
x-creative-id: 474235550
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
x-proxy-origin: 217.114.218.25; 217.114.218.25; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection: 0
pragma: no-cache
an-x-request-uuid: 69f69f3a-3d14-459a-9ee2-455b14cb416e
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231108/r20110914/client/ Frame C1B3 3 KB
1 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231108/r20110914/client/window_focus_fy2021.js

Requested by

Host: ibb.co
URL: https://ibb.co/jwyq4JD

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edb83bedaa076095b8eab5748de0ea5d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 09:51:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16498
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 25 Nov 2023 09:51:37 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231108/r20110914/client/ Frame C1B3 20 KB
8 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231108/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: ibb.co
URL: https://ibb.co/jwyq4JD

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edb83bedaa076095b8eab5748de0ea5d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 18:27:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71920
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8543
x-xss-protection: 0
server: cafe
etag: 18034338113832500900
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 24 Nov 2023 18:27:55 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame C1B3 24 KB
6 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: ibb.co
URL: https://ibb.co/jwyq4JD

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edb83bedaa076095b8eab5748de0ea5d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 00:22:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 223436
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 08 Nov 2024 00:22:39 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame C1B3 199 KB
64 KB 99ms
35ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: ibb.co
URL: https://ibb.co/jwyq4JD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b4cc063a23b35749b179b99bdb852c968aeca98886d97d6c32961edae25adff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edb83bedaa076095b8eab5748de0ea5d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 14:26:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64401
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1699570296391874"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Nov 2023 14:26:35 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231108/r20110914/elements/html/ Frame B485 21 KB
9 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231108/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: edb83bedaa076095b8eab5748de0ea5d.safeframe.googlesyndication.com
URL: https://edb83bedaa076095b8eab5748de0ea5d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bfd4745fee7e2635754df4ff32e620ff7356b538283d881968cf48255db8eebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edb83bedaa076095b8eab5748de0ea5d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 18:37:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71348
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8785
x-xss-protection: 0
server: cafe
etag: 17726888854999048520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 24 Nov 2023 18:37:27 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 98FA 0
0 60ms
60ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311060101&jk=594024892429966&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

GET
H3 200 container.html Show response
edb83bedaa076095b8eab5748de0ea5d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame EA93 6 KB
3 KB 22ms
21ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://edb83bedaa076095b8eab5748de0ea5d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311060101/pubads_impl.js?cb=31079511

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ibb.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 11 Nov 2023 14:26:35 GMT
expires: Sun, 10 Nov 2024 14:26:35 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cc.jpeg
px.vliplatform.com/imp-v4/ 0
536 B 147ms
146ms Image
image/jpeg 2606:4700:3037::ac43:9e3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/imp-v4/cc.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNMeqBKeTy-Uqry-PBPy-wyUK-TTBYreBMrtrMRqxeNRwNqrb_TZYdtroqRhNARlmNxfrtyoftrbxfrtyoftrRdzNwqfftkRrdzNuggustRwkhNzkxtRmNTTTPBARleNplR_yszuNyqsltRedhNgyy
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 14:26:35 GMT
cf-cache-status: MISS
last-modified: Sat, 11 Nov 2023 14:26:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y%2BVBaUuA7UgcS74Yt%2FX4ypk8gRB6r62TCBS%2FhcK0Cm8N5yGOSprLuSBHbykYm4Q59H5Xv98kShGojoFohtxN%2FALRRyURJ7breZMNC5v3uWwqJdiLFYHCCKSbKmVHyby6uh97gfout2Nsc2AUaEn%2BMA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 8247360e09cc5d55-FRA
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 5289 0
10 B 21ms
21ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?kO9ZmA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 14:26:35 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame CFD1 176 KB
55 KB 222ms
134ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZU-PGwAHpwUIVQTVAA0IQqYOut0jaySQvEK5mg&u=%7Cz1YgnrrKRt8kxax0twr6khi%2FiNH1fNfmUr4BXroigUc%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZejSh2I_Z98DfpD3kgH7kPZ359Ko-EEu0bIFx89_fBUUM-4NZGzOofl5SC9QMWD1qbwfEXq1Z1UT1fQ6S4fK8uvI9R_f93xWr0TtqshCv16-Sd4Bahw30YhrLXZf2w-uwzQVBH_JtaupddI3FftJhxi5uFpGaqFwA5bwjiG4ORyQIV-Sdao51GUB8tjLYLsHKt3twlCexaqn4PgCQmH1RxSK-fDLZhihIP63t0bVyl4eEWGlrAgajw8U1fPr0V_Fc4f6BAxR1iwn8t3DzOomxoWx9Nlz5O0sZ8R5Z9RGP3LKs39zJOSF_O25QSF2KEthLEZ12w9Pnz_lGhSWt0lF7n8d0hJupH4mwY_aJ8gGGTDEOmn3fWQwba1EuQE0pkiDfWRlanH6uUSvM7Hv85HmjQBXswXqyDmhwQKzFcXunLB2AXSHurW2txBVMg0i3BaW9irQL_0XNDOWANE9AH8gjbQJ3AqNQjcG6nPGZZaDEEY1Bzeecv2lPkwrsL1wRZMTrlktzvYka5oDX94Gb-7Vb7KhHjrpF1EC04aegcKZDEo2H&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCo8JKG49PZYXOHtWJ1PIPwpC0-A3JntKxXNWdkfdwwI23ARABIABglfqEgpgHggEXY2EtcHViLTM5NjAwOTU3MDk5MzAxMzTIAQmpAtJLWfee7bE-4AIAqAMByAMCqgSWAk_Qbwmm90RPSaFuSieYf9OTV3svu5tTk1bu-nBB7_bhCJyHpwJ-_D2qGbIz1YpMWO3Ru_Yb2oGQDY5Y-xlzVsMZtYQTrEz9y3Expoh2XPhPqp4yZy3Cg_kBbIs88r6c-4ENJ09P9F9wzyv4PnY_xWcAffThXcmImjxOx8wmGJIdgB9yIyduXPyBGeBNkYXPBX5OIqTESoqzfRh7xcjY95RsUFG8upX6oLWbDINMYj03QzMi6WZbmZtQR4NiHIC4crnv1Oh3S4DV8o0tf8I63HjPGxV4OCDvm7WzBV8HUYKWl2ODuXPCgxP6xJG5zi5UFYWNJtrgedpdKCZQRdoqkJnM_q0njyikjkExpijtZ2qASA-4xeOn4AQBgAa3zazTroKSq-8BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0Mh4LYKj1WyotvaEF7mfbc_S8baw%26client%3Dca-pub-3960095709930134%26adurl%3D

Requested by

Host: edb83bedaa076095b8eab5748de0ea5d.safeframe.googlesyndication.com
URL: https://edb83bedaa076095b8eab5748de0ea5d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

21c6f6310feda6c7cf2ab4910f183d8a2f3caea96fb451b49b808861c7aacbe2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://edb83bedaa076095b8eab5748de0ea5d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sat, 11 Nov 2023 14:26:36 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=atzR3h7halxiiV9o2g_XGL4m2xW-8vfwn3xCyv2L5T-xQfJMWBgW-eYDAN-hE27mY3EN0jBNFybQR-7ONUvotyVE1-QtqjrOxUMsSctyiHO6ba5SRriydbN-lT_QrSEQ2JAbKnbJRGGN6vTdvuaOQrnVY3cg4FR0C8ukHUKKD-Cs4oci_2wXy8E5no7y91ZHCP6C-YhEfGsKfxz2cgDQGdn5Uca-oZ060UJinsmCmsD9V2QjqHwUwE1J673xWjlo95zHEQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 76052413
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231108/r20110914/client/ Frame EA93 3 KB
1 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231108/r20110914/client/window_focus_fy2021.js

Requested by

Host: edb83bedaa076095b8eab5748de0ea5d.safeframe.googlesyndication.com
URL: https://edb83bedaa076095b8eab5748de0ea5d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edb83bedaa076095b8eab5748de0ea5d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 09:51:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16498
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 25 Nov 2023 09:51:37 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231108/r20110914/client/ Frame EA93 20 KB
8 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231108/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: edb83bedaa076095b8eab5748de0ea5d.safeframe.googlesyndication.com
URL: https://edb83bedaa076095b8eab5748de0ea5d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edb83bedaa076095b8eab5748de0ea5d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 18:27:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71920
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8543
x-xss-protection: 0
server: cafe
etag: 18034338113832500900
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 24 Nov 2023 18:27:55 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame EA93 24 KB
6 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: edb83bedaa076095b8eab5748de0ea5d.safeframe.googlesyndication.com
URL: https://edb83bedaa076095b8eab5748de0ea5d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edb83bedaa076095b8eab5748de0ea5d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 00:22:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 223436
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 08 Nov 2024 00:22:39 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame EA93 199 KB
63 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: edb83bedaa076095b8eab5748de0ea5d.safeframe.googlesyndication.com
URL: https://edb83bedaa076095b8eab5748de0ea5d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b4cc063a23b35749b179b99bdb852c968aeca98886d97d6c32961edae25adff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edb83bedaa076095b8eab5748de0ea5d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 14:26:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64401
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1699570296391874"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Nov 2023 14:26:35 GMT

GET
H2 200 creative.min.js Show response
static.vliplatform.com/plugins/pbnative/ Frame 9732 36 KB
9 KB 39ms
29ms Script
application/javascript 2606:4700:3037::ac43:9e3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.vliplatform.com/plugins/pbnative/creative.min.js?v=1.05
Requested by: Host: dsp.vlitag.com
URL: https://dsp.vlitag.com/js/v1/adtag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03a4b8eeed06bd5b9c5a4a3f160407a0417175cc2068df1a2a37b67b821c0e8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 14:26:35 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 29 Aug 2023 09:09:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 45577
etag: W/"64edb5d6-8eb1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T%2BOfiw9zeWmIfpxlCRe%2FkW24IWFLo99QA71YoyJ6oF0eD9j7bR3i5hpwrVOk5EyHtdUqveKzTl3RyiM3YagIEc%2FLhTNqnEGVzBuT53fhpzXppTTTQUwBU5%2Bk10qYUMjPfS7iCJomp1WCWvSCjKM7x2YuzzA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 8247360eaacfbba9-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 11 Nov 2023 02:16:58 GMT

GET
H/1.1 200
OK script.js Show response
acdn.adnxs-simple.com/strikeforce/ Frame C1B3 129 KB
46 KB 140ms
42ms Script
application/javascript 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Requested by: Host: ams3-ib.adnxs.com
URL: https://ams3-ib.adnxs.com/ab?ro=1&an_audit=0&referrer=https%3A%2F%2Fibb.co%2Fjwyq4JD&e=wqT_3QKeDaCeBgAAAwDWAAUBCJuevqoGEPG07q7E5b7NLhgAKjYJsoUgByXMxD8Rsg0JJBkAAACgcD3iPyERGwApEQnAMQAAAIDrUcg_MJU2OLUBQOsbSAJQnoWR4gFY0ccBYABoqTF44_MFgAEBigEDVVNEkgUG8EyYAcACoAHgA6gBAbABALgBAsABBcgBAtABANgBAOABAPABAIoCaHVmKCdhJywgODY3MTEzMiwgMCk7dWYoJ2knLCA5MTc4ODAzLCAwKQUULGcnLCAyMzIxNjk3MRUpLGMnLCA1ODI3NTE0NhUVMHInLCA0NzQyMzU1NTAFFvCwkgL1BCE3SDc2WkFqSzZ1UWJFSjZGa2VJQkdBQWcwY2NCTUFBNEFFQUFTT3NiVUpVMldBQmdfX19fX3c5b0FIQUJlQUdBQVFHSUFRR1FBUUdZQVFHZ0FRR29BUUd3QVFDNUFkdEFGd1piZThNX3dRRXZNandKT016RVA4a0JBQUFBQUFBQThEX1pBWm5UWlRHeC1lMF80QUd6bmJBRTlRRXpNek1fbUFJQW9BSUJ0UUlBATMIdlFJAQfwPEF3QUlCeUFJQjBBSUIyQUlCNEFMcDhwSXg2QUtWakx5cUJ2SUNBekl5Tl9nQ0FJQURBWmdEQWFJREV3anABKPB9RUFnWUFDMWNqMElfTWdNeU1qZWlBeE1JNmZLU01SQUpHQUF0WEk5Q1B6SURNakkzb2dNT0NOTDMwUUVRQ2hnQUxRQUFnRC02QXdsQlRWTXpPall3TnpEZ0FfbEVnQVNuazdRTWlBU3BrN1FNa0FRQW1BUUJvQVFVd1FRQUFBBcMQQUFNa0UNCiRBQUFEWUJBRHhCAQsNARxpQVcyTDZrRg0PFEE4RC14Qh0_EHdRVm1aBQIMYm1QOAkoHFFEc28yal9SLigA4DJRVUFBQUNBNjFIb1AtQUYtSDd3QmN1R2lRdjRCWnlma1FTQ0JnTkZWVktJQmdDUUJnR1lCZ0NoQgVcOFptWnVZX3FBWUVzZ1lrQx2AAEUdDABHHQwASR0MeHVBWUtnUWlpY0QzS1p0WFhQdy4umgKZASFLQmhEeWc6eQIoTkhIQVNBQUtBQXgJ2ZBabTVqODZDVUZOVXpNNk5qQTNNRUQ1UkVtWjAyVXhzZm50UDFFMSAMQUFGaxkMAEc9XABHHRgASB0YEEhnQWlRERAERHcBnfBA2ALwBuACZuoCFmh0dHBzOi8vaWJiLmNvL2p3eXE0SkTyAhEKBkFEVl9JRBIHODY3MTEzMvICEgoGQ1BHX0lEEghxj0TyAgoKBUNQX0lEEgEw8gINCggBNgxGUkVRERAcUkVNX1VTRVIFEAAMCSAYQ09ERRIA8gEPAVERDxALCgdDUBUOEBAKBUlPAVkIBzkxhRAA8gEhBElPFSE4HAoPQ1VTVE9NX01PREVMASs4CTEwMzA3MDA1N_ICHQoWMh8ASExFQUZfTkFNRRIDMjI38gIoCho2IAAIQVNUAUpASUZJRUQSCjE2OTk2Nzc3MTcF1xBTUExJVAFj8G0BMIADAIgDAZADAJgDCaADAaoDAMAD2ATIAwDYA6uLwQHgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA0gQOMzU2MyNBTVMzOjYwNzDaBAIIAeAEAfAEnqFtIIgFAZgFAKAF_xEBGAHABQDJBQAFARTwP9IFCQkFC0AAAADYBQHgBQHwBYiWY_oFBAFuKJAGAJgGALgGAMEGASEwAADwP9AG8g3aBhYKEAkRGQEBnGDgBgHyBgIIAIAHAYgHAKAHAcgH4_MF0gcNFWQBJgjaBwYBXcQYAOAHAOoHAggA8AfRogSKCAIQAJUIAACAP5gIAcAI8AbSCA4IgYKEiJCgwIABEAIYAA..&s=66a3dcafa11fbab2e7ddef3c8c778bfc3570ac7a&pp=ZU-PGwAGSQUK3qsWAAI9SIZCVFe9GGldB5rIiw&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCi6-JG49PZYWSGZbW-gbI-ojIAteirrlgqYTk-voMwI23ARABIABglfqEgpgHggEXY2EtcHViLTM5NjAwOTU3MDk5MzAxMzTIAQmpAtJLWfee7bE-4AIAqAMByAMCqgSSAk_QslXNW2wH739BKNFEEhV9S9WVmtrKkBmcpBmH-RRLPdjIHqjTOZiEn4djUyLNjqbH6rFShQGlhXGh7vqOPD7UO2RRdPg2z-HiZS113aLyvQuvAcXUkQL3pybAIm2cmO6P4xYdTLdk9wdQv5HE2Ko8o4C3AIC74YbH6o9t77HHt_8kSzw1dWJsTKwveB8gBpdByMqjqyFd-e96rjJUTv1FqeOyadN4x4NBWdf3qkQLtRaF8zZu8r0hs3AYTWTwGb-E5UktMU4jBn3Lpd7k5tFbBqSOq4e_q3yZ6q7JOjRdAejGFbg3Ns0Nyp5rvpMdKmrpuFwbqrAWArQMu66c7CA9y6IFGIpZjOOT3KTSWu3QlajgBAGABrL9quyVn-SIbKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3DHrYxPSxFEwO4rWuMpHBF75gwzQ%26client%3Dca-pub-3960095709930134%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: cfde64613d46e92ade43d94fa50b1e00a694e8a460a2d2fd783a1b1dceab2f28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edb83bedaa076095b8eab5748de0ea5d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Expires: Sun, 05 Nov 2023 05:46:12 GMT
Date: Sat, 11 Nov 2023 14:26:36 GMT
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Age: 31882
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 46953
X-Served-By: cache-lga13622-LGA, cache-cph2320058-CPH
Last-Modified: Thu, 05 Oct 2023 15:31:43 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Timer: S1699712796.042970,VS0,VE0
ETag: W/"651ed6df-204b6"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Accept-Ranges: bytes
X-Cache-Hits: 114, 9198

GET
H/1.1 200
OK appnexus-html5-lib-host.min.js Show response
acdn.adnxs.com/html5-lib/host/1.4.0/ Frame C1B3 11 KB
4 KB 123ms
36ms Script
application/javascript 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/html5-lib/host/1.4.0/appnexus-html5-lib-host.min.js
Requested by: Host: ams3-ib.adnxs.com
URL: https://ams3-ib.adnxs.com/ab?ro=1&an_audit=0&referrer=https%3A%2F%2Fibb.co%2Fjwyq4JD&e=wqT_3QKeDaCeBgAAAwDWAAUBCJuevqoGEPG07q7E5b7NLhgAKjYJsoUgByXMxD8Rsg0JJBkAAACgcD3iPyERGwApEQnAMQAAAIDrUcg_MJU2OLUBQOsbSAJQnoWR4gFY0ccBYABoqTF44_MFgAEBigEDVVNEkgUG8EyYAcACoAHgA6gBAbABALgBAsABBcgBAtABANgBAOABAPABAIoCaHVmKCdhJywgODY3MTEzMiwgMCk7dWYoJ2knLCA5MTc4ODAzLCAwKQUULGcnLCAyMzIxNjk3MRUpLGMnLCA1ODI3NTE0NhUVMHInLCA0NzQyMzU1NTAFFvCwkgL1BCE3SDc2WkFqSzZ1UWJFSjZGa2VJQkdBQWcwY2NCTUFBNEFFQUFTT3NiVUpVMldBQmdfX19fX3c5b0FIQUJlQUdBQVFHSUFRR1FBUUdZQVFHZ0FRR29BUUd3QVFDNUFkdEFGd1piZThNX3dRRXZNandKT016RVA4a0JBQUFBQUFBQThEX1pBWm5UWlRHeC1lMF80QUd6bmJBRTlRRXpNek1fbUFJQW9BSUJ0UUlBATMIdlFJAQfwPEF3QUlCeUFJQjBBSUIyQUlCNEFMcDhwSXg2QUtWakx5cUJ2SUNBekl5Tl9nQ0FJQURBWmdEQWFJREV3anABKPB9RUFnWUFDMWNqMElfTWdNeU1qZWlBeE1JNmZLU01SQUpHQUF0WEk5Q1B6SURNakkzb2dNT0NOTDMwUUVRQ2hnQUxRQUFnRC02QXdsQlRWTXpPall3TnpEZ0FfbEVnQVNuazdRTWlBU3BrN1FNa0FRQW1BUUJvQVFVd1FRQUFBBcMQQUFNa0UNCiRBQUFEWUJBRHhCAQsNARxpQVcyTDZrRg0PFEE4RC14Qh0_EHdRVm1aBQIMYm1QOAkoHFFEc28yal9SLigA4DJRVUFBQUNBNjFIb1AtQUYtSDd3QmN1R2lRdjRCWnlma1FTQ0JnTkZWVktJQmdDUUJnR1lCZ0NoQgVcOFptWnVZX3FBWUVzZ1lrQx2AAEUdDABHHQwASR0MeHVBWUtnUWlpY0QzS1p0WFhQdy4umgKZASFLQmhEeWc6eQIoTkhIQVNBQUtBQXgJ2ZBabTVqODZDVUZOVXpNNk5qQTNNRUQ1UkVtWjAyVXhzZm50UDFFMSAMQUFGaxkMAEc9XABHHRgASB0YEEhnQWlRERAERHcBnfBA2ALwBuACZuoCFmh0dHBzOi8vaWJiLmNvL2p3eXE0SkTyAhEKBkFEVl9JRBIHODY3MTEzMvICEgoGQ1BHX0lEEghxj0TyAgoKBUNQX0lEEgEw8gINCggBNgxGUkVRERAcUkVNX1VTRVIFEAAMCSAYQ09ERRIA8gEPAVERDxALCgdDUBUOEBAKBUlPAVkIBzkxhRAA8gEhBElPFSE4HAoPQ1VTVE9NX01PREVMASs4CTEwMzA3MDA1N_ICHQoWMh8ASExFQUZfTkFNRRIDMjI38gIoCho2IAAIQVNUAUpASUZJRUQSCjE2OTk2Nzc3MTcF1xBTUExJVAFj8G0BMIADAIgDAZADAJgDCaADAaoDAMAD2ATIAwDYA6uLwQHgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA0gQOMzU2MyNBTVMzOjYwNzDaBAIIAeAEAfAEnqFtIIgFAZgFAKAF_xEBGAHABQDJBQAFARTwP9IFCQkFC0AAAADYBQHgBQHwBYiWY_oFBAFuKJAGAJgGALgGAMEGASEwAADwP9AG8g3aBhYKEAkRGQEBnGDgBgHyBgIIAIAHAYgHAKAHAcgH4_MF0gcNFWQBJgjaBwYBXcQYAOAHAOoHAggA8AfRogSKCAIQAJUIAACAP5gIAcAI8AbSCA4IgYKEiJCgwIABEAIYAA..&s=66a3dcafa11fbab2e7ddef3c8c778bfc3570ac7a&pp=ZU-PGwAGSQUK3qsWAAI9SIZCVFe9GGldB5rIiw&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCi6-JG49PZYWSGZbW-gbI-ojIAteirrlgqYTk-voMwI23ARABIABglfqEgpgHggEXY2EtcHViLTM5NjAwOTU3MDk5MzAxMzTIAQmpAtJLWfee7bE-4AIAqAMByAMCqgSSAk_QslXNW2wH739BKNFEEhV9S9WVmtrKkBmcpBmH-RRLPdjIHqjTOZiEn4djUyLNjqbH6rFShQGlhXGh7vqOPD7UO2RRdPg2z-HiZS113aLyvQuvAcXUkQL3pybAIm2cmO6P4xYdTLdk9wdQv5HE2Ko8o4C3AIC74YbH6o9t77HHt_8kSzw1dWJsTKwveB8gBpdByMqjqyFd-e96rjJUTv1FqeOyadN4x4NBWdf3qkQLtRaF8zZu8r0hs3AYTWTwGb-E5UktMU4jBn3Lpd7k5tFbBqSOq4e_q3yZ6q7JOjRdAejGFbg3Ns0Nyp5rvpMdKmrpuFwbqrAWArQMu66c7CA9y6IFGIpZjOOT3KTSWu3QlajgBAGABrL9quyVn-SIbKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3DHrYxPSxFEwO4rWuMpHBF75gwzQ%26client%3Dca-pub-3960095709930134%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 4d30543ac6e90772e81a0884755c1ec57baacc83daac73fa91e30682c82d13dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edb83bedaa076095b8eab5748de0ea5d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Expires: Fri, 27 Jan 2023 02:15:19 GMT
Date: Sat, 11 Nov 2023 14:26:36 GMT
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Age: 43284
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 3768
X-Served-By: cache-lga21953-LGA, cache-cph2320055-CPH
Last-Modified: Wed, 23 May 2018 13:47:22 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Timer: S1699712796.025957,VS0,VE0
ETag: W/"5b0570ea-2b85"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Accept-Ranges: bytes
X-Cache-Hits: 123924, 5309

GET
H/1.1 200
OK appnexus-html5-lib.min.js Show response
acdn.adnxs.com/html5-lib/1.3.0/ Frame C1B3 9 KB
3 KB 138ms
42ms Script
application/javascript 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/html5-lib/1.3.0/appnexus-html5-lib.min.js
Requested by: Host: ams3-ib.adnxs.com
URL: https://ams3-ib.adnxs.com/ab?ro=1&an_audit=0&referrer=https%3A%2F%2Fibb.co%2Fjwyq4JD&e=wqT_3QKeDaCeBgAAAwDWAAUBCJuevqoGEPG07q7E5b7NLhgAKjYJsoUgByXMxD8Rsg0JJBkAAACgcD3iPyERGwApEQnAMQAAAIDrUcg_MJU2OLUBQOsbSAJQnoWR4gFY0ccBYABoqTF44_MFgAEBigEDVVNEkgUG8EyYAcACoAHgA6gBAbABALgBAsABBcgBAtABANgBAOABAPABAIoCaHVmKCdhJywgODY3MTEzMiwgMCk7dWYoJ2knLCA5MTc4ODAzLCAwKQUULGcnLCAyMzIxNjk3MRUpLGMnLCA1ODI3NTE0NhUVMHInLCA0NzQyMzU1NTAFFvCwkgL1BCE3SDc2WkFqSzZ1UWJFSjZGa2VJQkdBQWcwY2NCTUFBNEFFQUFTT3NiVUpVMldBQmdfX19fX3c5b0FIQUJlQUdBQVFHSUFRR1FBUUdZQVFHZ0FRR29BUUd3QVFDNUFkdEFGd1piZThNX3dRRXZNandKT016RVA4a0JBQUFBQUFBQThEX1pBWm5UWlRHeC1lMF80QUd6bmJBRTlRRXpNek1fbUFJQW9BSUJ0UUlBATMIdlFJAQfwPEF3QUlCeUFJQjBBSUIyQUlCNEFMcDhwSXg2QUtWakx5cUJ2SUNBekl5Tl9nQ0FJQURBWmdEQWFJREV3anABKPB9RUFnWUFDMWNqMElfTWdNeU1qZWlBeE1JNmZLU01SQUpHQUF0WEk5Q1B6SURNakkzb2dNT0NOTDMwUUVRQ2hnQUxRQUFnRC02QXdsQlRWTXpPall3TnpEZ0FfbEVnQVNuazdRTWlBU3BrN1FNa0FRQW1BUUJvQVFVd1FRQUFBBcMQQUFNa0UNCiRBQUFEWUJBRHhCAQsNARxpQVcyTDZrRg0PFEE4RC14Qh0_EHdRVm1aBQIMYm1QOAkoHFFEc28yal9SLigA4DJRVUFBQUNBNjFIb1AtQUYtSDd3QmN1R2lRdjRCWnlma1FTQ0JnTkZWVktJQmdDUUJnR1lCZ0NoQgVcOFptWnVZX3FBWUVzZ1lrQx2AAEUdDABHHQwASR0MeHVBWUtnUWlpY0QzS1p0WFhQdy4umgKZASFLQmhEeWc6eQIoTkhIQVNBQUtBQXgJ2ZBabTVqODZDVUZOVXpNNk5qQTNNRUQ1UkVtWjAyVXhzZm50UDFFMSAMQUFGaxkMAEc9XABHHRgASB0YEEhnQWlRERAERHcBnfBA2ALwBuACZuoCFmh0dHBzOi8vaWJiLmNvL2p3eXE0SkTyAhEKBkFEVl9JRBIHODY3MTEzMvICEgoGQ1BHX0lEEghxj0TyAgoKBUNQX0lEEgEw8gINCggBNgxGUkVRERAcUkVNX1VTRVIFEAAMCSAYQ09ERRIA8gEPAVERDxALCgdDUBUOEBAKBUlPAVkIBzkxhRAA8gEhBElPFSE4HAoPQ1VTVE9NX01PREVMASs4CTEwMzA3MDA1N_ICHQoWMh8ASExFQUZfTkFNRRIDMjI38gIoCho2IAAIQVNUAUpASUZJRUQSCjE2OTk2Nzc3MTcF1xBTUExJVAFj8G0BMIADAIgDAZADAJgDCaADAaoDAMAD2ATIAwDYA6uLwQHgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA0gQOMzU2MyNBTVMzOjYwNzDaBAIIAeAEAfAEnqFtIIgFAZgFAKAF_xEBGAHABQDJBQAFARTwP9IFCQkFC0AAAADYBQHgBQHwBYiWY_oFBAFuKJAGAJgGALgGAMEGASEwAADwP9AG8g3aBhYKEAkRGQEBnGDgBgHyBgIIAIAHAYgHAKAHAcgH4_MF0gcNFWQBJgjaBwYBXcQYAOAHAOoHAggA8AfRogSKCAIQAJUIAACAP5gIAcAI8AbSCA4IgYKEiJCgwIABEAIYAA..&s=66a3dcafa11fbab2e7ddef3c8c778bfc3570ac7a&pp=ZU-PGwAGSQUK3qsWAAI9SIZCVFe9GGldB5rIiw&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCi6-JG49PZYWSGZbW-gbI-ojIAteirrlgqYTk-voMwI23ARABIABglfqEgpgHggEXY2EtcHViLTM5NjAwOTU3MDk5MzAxMzTIAQmpAtJLWfee7bE-4AIAqAMByAMCqgSSAk_QslXNW2wH739BKNFEEhV9S9WVmtrKkBmcpBmH-RRLPdjIHqjTOZiEn4djUyLNjqbH6rFShQGlhXGh7vqOPD7UO2RRdPg2z-HiZS113aLyvQuvAcXUkQL3pybAIm2cmO6P4xYdTLdk9wdQv5HE2Ko8o4C3AIC74YbH6o9t77HHt_8kSzw1dWJsTKwveB8gBpdByMqjqyFd-e96rjJUTv1FqeOyadN4x4NBWdf3qkQLtRaF8zZu8r0hs3AYTWTwGb-E5UktMU4jBn3Lpd7k5tFbBqSOq4e_q3yZ6q7JOjRdAejGFbg3Ns0Nyp5rvpMdKmrpuFwbqrAWArQMu66c7CA9y6IFGIpZjOOT3KTSWu3QlajgBAGABrL9quyVn-SIbKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3DHrYxPSxFEwO4rWuMpHBF75gwzQ%26client%3Dca-pub-3960095709930134%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a41628988ddb24e6304b002e534b034e517d24b8d6a2465a8eeaf44a8973d070

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edb83bedaa076095b8eab5748de0ea5d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Expires: Mon, 31 Oct 2022 06:00:23 GMT
Date: Sat, 11 Nov 2023 14:26:36 GMT
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Age: 29600
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 2930
X-Served-By: cache-lga21976-LGA, cache-cph2320024-CPH
Last-Modified: Tue, 31 May 2016 15:39:23 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Timer: S1699712796.041228,VS0,VE0
ETag: W/"574db02b-2499"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Accept-Ranges: bytes
X-Cache-Hits: 15236, 6194

GET
H2 200 rd_log Show response
ams3-ib.adnxs.com/ Frame C1B3 0
532 B 50ms
50ms Script
text/html 185.89.211.116
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fibb.co%2Fjwyq4JD&e=wqT_3QKeE_BDngkAAAMA1gAFAQibnr6qBhDxtO6uxOW-zS4YACo2CSPb-X5qvMQ_ESPb-X5qvMQ_GQAAAKBwPeI_IbKFIAclzMQ_KbINCcAxAAAAgOtRyD8wlTY4tQFA6xtIAlCehZHiAVjRxwFgAGipMXjj8wWAAQGKAQNVU0SSBQbwPJgBwAKgAeADqAEBsAEAuAECwAEFyAEC0AEA2AEA4AEA6gHrBWh0dHBzOi8vYWRjbGljay5nLmRvdWJsZWMFDvSABW5ldC9hY2xrP3NhPUwmYWk9Q2k2LUpHNDlQWllXU0daYlctZ2JJLW9qSUF0ZWlycmxncVlUay12b013STIzQVJBQklBQmdsZnFFZ3BnSGdnRVhZMkV0Y0hWaUxUTTVOakF3T1RVM01EazVNekF4TXpUSUFRbXBBdEpMV2ZlZTdiRS00QUlBcUFNQnlBTUNxZ1NTQWtfUXNsWE5XMndINzM5QktORkVFaFY5UzlXVm10cktrQm1jcEJtSC1SUkxQZGpJSHFqVE9aaUVuNGRqVXlMTmpxYkg2ckZTaFFHbGhYR2g3dnFPUEQ3VU8yUlJkUGcyei1IaVpTMTEzYUx5dlF1dkFjWFVrUUwzcHliQUltMmNtTzZQNHhZZFRMZGs5d2RRdjVIRTJLbzhvNEMzQUlDNzRZYkg2bzl0NzdISHRfOGtTencxZFdKc1RLd3ZlQjhnQnBkQnlNcWpxeUZkLWU5NnJqSlVUdjFGcWVPeWFkTjR4NE5CV2RmM3FrUUx0UmFGOHpadThyMGhzM0FZVFdUd0diLUU1VWt0TVU0akJuM0xwZDdrNXRGYkJxU09xNGVfcTN5WjZxN0pPalJkQWVqR0ZiZzNOczBOeXA1cnZwTWRLbXJwdUZ3YnFyQVdBclFNdTY2YzdDQTl5NklGR0lwWmpPT1QzS1RTV3UzUWxhamdCQUdBQnJMOXF1eVZuLVNJYktBR0lhZ0hwcjRicUFlVzJCdW9CNnFic1FLb0I0T3RzUUtvQl8tZXNRS29COS1mc1FMWUJ3RFNDQlFJZ09HQUVCQUJNZ0txQWpvQ2dFQkl2ZjNCT3ZvTEFnZ0JnQXdCMEJVQmdCY0ImbnVtPTEmc2lnPUFPRDY0XzNESHJZeFBTeEZFd080cld1TXBIQkY3NWd3elEmY2xpZW50PWNhLXB1Yi0zOTYwMDk1NzA5OTMwMTM0JmFkdXJsPfABAIoCaHVmKCdhJywgODY3MTEzMiwgMCk7dWYoJ2knLCA5MTc4ODAzLCAwKTt1ZignZycsIDIzMjE2OTcxLCAwKTt1ZignYycsIDU4Mjc1MTQ2LCAwKTt1ZigncicsIDQ3NDIzNTU1MCwgMCk7kgL1BCE3SDc2WkFqSzZ1UWJFSjZGa2VJQkdBQWcwY2NCTUFBNEFFQUFTT3NiVUpVMldBQmdfX19fX3c5b0FIQUJlQUdBQVFHSUFRR1FBUUdZQVFHZ0FRR29BUUd3QVFDNUFkdEFGd1piZThNX3dRRXZNandKT016RVA4a0JBQUFBQUFBQThEX1pBWm5UWlRHeC1lMF80QUd6bmJBRTlRRXpNek1fbUFJQW9BSUJ0UUlBQUFBQXZRSUFBQUFBd0FJQnlBSUIwQUlCMkFJQjRBTHA4cEl4NkFLVmpMeXFCdklDQXpJeU5fZ0NBSUFEQVpnREFhSURFd2pwOHBJeEVBZ1lBQzFjajBJX01nTXlNamVpQXhNSTZmS1NNUkFKR0FBdFhJOUNQeklETWpJM29nTU9DTkwzMFFFUUNoZ0FMUUFBZ0QtNkF3bEJUVk16T2pZd056RGdBX2xFZ0FTbms3UU1pQVNwazdRTWtBUUFtQVFCb0FRVXdRUUFBQUFBQUFBQUFNa0VBQUFBQUFBQUFBRFlCQUR4QkFBQUFBQUFBQUFBaUFXMkw2a0ZBQUFBQUFBQThELXhCUUFBQUFBQUFBQUF3UVZtWm1abVptYm1QOGtGQUFBQVFEc28yal9SQlFBQUFBQUFBQUFBMlFVQUFBQ0E2MUhvUC1BRi1IN3dCY3VHaVF2NEJaeWZrUVNDQmdORlZWS0lCZ0NRQmdHWUJnQ2hCbVptWm1abVp1WV9xQVlFc2dZa0NRQUFBQUFBQUFBQUVRQUFBDcsER1ENCQxBQUFJHQzodUFZS2dRaWljRDNLWnRYWFB3Li6aApkBIUtCaER5Z2pLNnVRYkVKNkZrZUlCR05ISEFTQUFLQUF4Wm0JAog1ajg2Q1VGTlV6TTZOakEzTUVENVJFbVowMlV4c2ZudFAxRQF0CQEERmsJCAEBBEdFAQYJAQBHHRgASB0YEEhnQWlRERAERHcBnSjYAvAG4AJm6gIWaM158ItpYmIuY28vand5cTRKRPICEQoGQURWX0lEEgc4NjcxMTMy8gISCgZDUEdfSUQSCDIzMjE2OTcx8gIKCgVDUF9JRBIBMPICDQoIQURWX0ZSRVESATDyAg0KCFJFTV9VU0VSEgEw8gIMCghBRFZfQ09ERRIA8gIMCghDUEdfQ09ERRIA8gILCgdDUF9DTwkOEBAKBUlPBYEEOTGFEAUhDElPX0MNPjgcCg9DVVNUT01fTU9ERUwBKzgJMTAzMDcwMDU38gIdChYyHwBITEVBRl9OQU1FEgMyMjfyAigKGjYgAAhBU1QBSkBJRklFRBIKMTY5OTY3NzcxNwXXEFNQTElUAWPwfQEwgAMAiAMBkAMAmAMJoAMBqgMAwAPYBMgDANgDq4vBAeADAOgDAPgDA4AEAJIEBC91YXCYBACiBA4yMTcuMTE0LjIxOC4yNagEALIEDAgAEAAYACAAMAA4ArgEAMAEAMgEANIEDjM1NjMjQU1TMzo2MDcw2gQCCAHgBAHwBBJtCCCIBQGYBQCgBf8RARgBwAUAyQUABQEU8D_SBQkJBQt8AAAA2AUB4AUB8AWIlmP6BQQIABAAkAYAmAYAuAYAwQYBITAAAPA_0AbyDdoGFgoQCREZAQGcYOAGAfIGAggAgAcBiAcAoAcByAfj8wXSBw0VZAEmCNoHBgFdxBgA4AcA6gcCCADwB9GiBIoIAhAAlQgAAIA_mAgBwAjwBtIIDgiBgoSIkKDAgAEQAhgA&s=dd50cf98f072f10add4e96843f5aab9f334cfd74&bdref=https%3A%2F%2Fibb.co%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fibb.co%2F,https%3A%2F%2Fedb83bedaa076095b8eab5748de0ea5d.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html,https%3A%2F%2Fedb83bedaa076095b8eab5748de0ea5d.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&

Requested by

Host: ams3-ib.adnxs.com
URL: https://ams3-ib.adnxs.com/ab?ro=1&an_audit=0&referrer=https%3A%2F%2Fibb.co%2Fjwyq4JD&e=wqT_3QKeDaCeBgAAAwDWAAUBCJuevqoGEPG07q7E5b7NLhgAKjYJsoUgByXMxD8Rsg0JJBkAAACgcD3iPyERGwApEQnAMQAAAIDrUcg_MJU2OLUBQOsbSAJQnoWR4gFY0ccBYABoqTF44_MFgAEBigEDVVNEkgUG8EyYAcACoAHgA6gBAbABALgBAsABBcgBAtABANgBAOABAPABAIoCaHVmKCdhJywgODY3MTEzMiwgMCk7dWYoJ2knLCA5MTc4ODAzLCAwKQUULGcnLCAyMzIxNjk3MRUpLGMnLCA1ODI3NTE0NhUVMHInLCA0NzQyMzU1NTAFFvCwkgL1BCE3SDc2WkFqSzZ1UWJFSjZGa2VJQkdBQWcwY2NCTUFBNEFFQUFTT3NiVUpVMldBQmdfX19fX3c5b0FIQUJlQUdBQVFHSUFRR1FBUUdZQVFHZ0FRR29BUUd3QVFDNUFkdEFGd1piZThNX3dRRXZNandKT016RVA4a0JBQUFBQUFBQThEX1pBWm5UWlRHeC1lMF80QUd6bmJBRTlRRXpNek1fbUFJQW9BSUJ0UUlBATMIdlFJAQfwPEF3QUlCeUFJQjBBSUIyQUlCNEFMcDhwSXg2QUtWakx5cUJ2SUNBekl5Tl9nQ0FJQURBWmdEQWFJREV3anABKPB9RUFnWUFDMWNqMElfTWdNeU1qZWlBeE1JNmZLU01SQUpHQUF0WEk5Q1B6SURNakkzb2dNT0NOTDMwUUVRQ2hnQUxRQUFnRC02QXdsQlRWTXpPall3TnpEZ0FfbEVnQVNuazdRTWlBU3BrN1FNa0FRQW1BUUJvQVFVd1FRQUFBBcMQQUFNa0UNCiRBQUFEWUJBRHhCAQsNARxpQVcyTDZrRg0PFEE4RC14Qh0_EHdRVm1aBQIMYm1QOAkoHFFEc28yal9SLigA4DJRVUFBQUNBNjFIb1AtQUYtSDd3QmN1R2lRdjRCWnlma1FTQ0JnTkZWVktJQmdDUUJnR1lCZ0NoQgVcOFptWnVZX3FBWUVzZ1lrQx2AAEUdDABHHQwASR0MeHVBWUtnUWlpY0QzS1p0WFhQdy4umgKZASFLQmhEeWc6eQIoTkhIQVNBQUtBQXgJ2ZBabTVqODZDVUZOVXpNNk5qQTNNRUQ1UkVtWjAyVXhzZm50UDFFMSAMQUFGaxkMAEc9XABHHRgASB0YEEhnQWlRERAERHcBnfBA2ALwBuACZuoCFmh0dHBzOi8vaWJiLmNvL2p3eXE0SkTyAhEKBkFEVl9JRBIHODY3MTEzMvICEgoGQ1BHX0lEEghxj0TyAgoKBUNQX0lEEgEw8gINCggBNgxGUkVRERAcUkVNX1VTRVIFEAAMCSAYQ09ERRIA8gEPAVERDxALCgdDUBUOEBAKBUlPAVkIBzkxhRAA8gEhBElPFSE4HAoPQ1VTVE9NX01PREVMASs4CTEwMzA3MDA1N_ICHQoWMh8ASExFQUZfTkFNRRIDMjI38gIoCho2IAAIQVNUAUpASUZJRUQSCjE2OTk2Nzc3MTcF1xBTUExJVAFj8G0BMIADAIgDAZADAJgDCaADAaoDAMAD2ATIAwDYA6uLwQHgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA0gQOMzU2MyNBTVMzOjYwNzDaBAIIAeAEAfAEnqFtIIgFAZgFAKAF_xEBGAHABQDJBQAFARTwP9IFCQkFC0AAAADYBQHgBQHwBYiWY_oFBAFuKJAGAJgGALgGAMEGASEwAADwP9AG8g3aBhYKEAkRGQEBnGDgBgHyBgIIAIAHAYgHAKAHAcgH4_MF0gcNFWQBJgjaBwYBXcQYAOAHAOoHAggA8AfRogSKCAIQAJUIAACAP5gIAcAI8AbSCA4IgYKEiJCgwIABEAIYAA..&s=66a3dcafa11fbab2e7ddef3c8c778bfc3570ac7a&pp=ZU-PGwAGSQUK3qsWAAI9SIZCVFe9GGldB5rIiw&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCi6-JG49PZYWSGZbW-gbI-ojIAteirrlgqYTk-voMwI23ARABIABglfqEgpgHggEXY2EtcHViLTM5NjAwOTU3MDk5MzAxMzTIAQmpAtJLWfee7bE-4AIAqAMByAMCqgSSAk_QslXNW2wH739BKNFEEhV9S9WVmtrKkBmcpBmH-RRLPdjIHqjTOZiEn4djUyLNjqbH6rFShQGlhXGh7vqOPD7UO2RRdPg2z-HiZS113aLyvQuvAcXUkQL3pybAIm2cmO6P4xYdTLdk9wdQv5HE2Ko8o4C3AIC74YbH6o9t77HHt_8kSzw1dWJsTKwveB8gBpdByMqjqyFd-e96rjJUTv1FqeOyadN4x4NBWdf3qkQLtRaF8zZu8r0hs3AYTWTwGb-E5UktMU4jBn3Lpd7k5tFbBqSOq4e_q3yZ6q7JOjRdAejGFbg3Ns0Nyp5rvpMdKmrpuFwbqrAWArQMu66c7CA9y6IFGIpZjOOT3KTSWu3QlajgBAGABrL9quyVn-SIbKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3DHrYxPSxFEwO4rWuMpHBF75gwzQ%26client%3Dca-pub-3960095709930134%26adurl%3D

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edb83bedaa076095b8eab5748de0ea5d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Nov 2023 14:26:35 GMT
an-x-request-uuid: 95e88dce-9096-4a66-afe5-a6e16e565c2c
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.25; 217.114.218.25; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/239/ Frame C1B3 80 KB
28 KB 143ms
42ms Script
application/x-javascript 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/239/trk.js
Requested by: Host: ams3-ib.adnxs.com
URL: https://ams3-ib.adnxs.com/ab?ro=1&an_audit=0&referrer=https%3A%2F%2Fibb.co%2Fjwyq4JD&e=wqT_3QKeDaCeBgAAAwDWAAUBCJuevqoGEPG07q7E5b7NLhgAKjYJsoUgByXMxD8Rsg0JJBkAAACgcD3iPyERGwApEQnAMQAAAIDrUcg_MJU2OLUBQOsbSAJQnoWR4gFY0ccBYABoqTF44_MFgAEBigEDVVNEkgUG8EyYAcACoAHgA6gBAbABALgBAsABBcgBAtABANgBAOABAPABAIoCaHVmKCdhJywgODY3MTEzMiwgMCk7dWYoJ2knLCA5MTc4ODAzLCAwKQUULGcnLCAyMzIxNjk3MRUpLGMnLCA1ODI3NTE0NhUVMHInLCA0NzQyMzU1NTAFFvCwkgL1BCE3SDc2WkFqSzZ1UWJFSjZGa2VJQkdBQWcwY2NCTUFBNEFFQUFTT3NiVUpVMldBQmdfX19fX3c5b0FIQUJlQUdBQVFHSUFRR1FBUUdZQVFHZ0FRR29BUUd3QVFDNUFkdEFGd1piZThNX3dRRXZNandKT016RVA4a0JBQUFBQUFBQThEX1pBWm5UWlRHeC1lMF80QUd6bmJBRTlRRXpNek1fbUFJQW9BSUJ0UUlBATMIdlFJAQfwPEF3QUlCeUFJQjBBSUIyQUlCNEFMcDhwSXg2QUtWakx5cUJ2SUNBekl5Tl9nQ0FJQURBWmdEQWFJREV3anABKPB9RUFnWUFDMWNqMElfTWdNeU1qZWlBeE1JNmZLU01SQUpHQUF0WEk5Q1B6SURNakkzb2dNT0NOTDMwUUVRQ2hnQUxRQUFnRC02QXdsQlRWTXpPall3TnpEZ0FfbEVnQVNuazdRTWlBU3BrN1FNa0FRQW1BUUJvQVFVd1FRQUFBBcMQQUFNa0UNCiRBQUFEWUJBRHhCAQsNARxpQVcyTDZrRg0PFEE4RC14Qh0_EHdRVm1aBQIMYm1QOAkoHFFEc28yal9SLigA4DJRVUFBQUNBNjFIb1AtQUYtSDd3QmN1R2lRdjRCWnlma1FTQ0JnTkZWVktJQmdDUUJnR1lCZ0NoQgVcOFptWnVZX3FBWUVzZ1lrQx2AAEUdDABHHQwASR0MeHVBWUtnUWlpY0QzS1p0WFhQdy4umgKZASFLQmhEeWc6eQIoTkhIQVNBQUtBQXgJ2ZBabTVqODZDVUZOVXpNNk5qQTNNRUQ1UkVtWjAyVXhzZm50UDFFMSAMQUFGaxkMAEc9XABHHRgASB0YEEhnQWlRERAERHcBnfBA2ALwBuACZuoCFmh0dHBzOi8vaWJiLmNvL2p3eXE0SkTyAhEKBkFEVl9JRBIHODY3MTEzMvICEgoGQ1BHX0lEEghxj0TyAgoKBUNQX0lEEgEw8gINCggBNgxGUkVRERAcUkVNX1VTRVIFEAAMCSAYQ09ERRIA8gEPAVERDxALCgdDUBUOEBAKBUlPAVkIBzkxhRAA8gEhBElPFSE4HAoPQ1VTVE9NX01PREVMASs4CTEwMzA3MDA1N_ICHQoWMh8ASExFQUZfTkFNRRIDMjI38gIoCho2IAAIQVNUAUpASUZJRUQSCjE2OTk2Nzc3MTcF1xBTUExJVAFj8G0BMIADAIgDAZADAJgDCaADAaoDAMAD2ATIAwDYA6uLwQHgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA0gQOMzU2MyNBTVMzOjYwNzDaBAIIAeAEAfAEnqFtIIgFAZgFAKAF_xEBGAHABQDJBQAFARTwP9IFCQkFC0AAAADYBQHgBQHwBYiWY_oFBAFuKJAGAJgGALgGAMEGASEwAADwP9AG8g3aBhYKEAkRGQEBnGDgBgHyBgIIAIAHAYgHAKAHAcgH4_MF0gcNFWQBJgjaBwYBXcQYAOAHAOoHAggA8AfRogSKCAIQAJUIAACAP5gIAcAI8AbSCA4IgYKEiJCgwIABEAIYAA..&s=66a3dcafa11fbab2e7ddef3c8c778bfc3570ac7a&pp=ZU-PGwAGSQUK3qsWAAI9SIZCVFe9GGldB5rIiw&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCi6-JG49PZYWSGZbW-gbI-ojIAteirrlgqYTk-voMwI23ARABIABglfqEgpgHggEXY2EtcHViLTM5NjAwOTU3MDk5MzAxMzTIAQmpAtJLWfee7bE-4AIAqAMByAMCqgSSAk_QslXNW2wH739BKNFEEhV9S9WVmtrKkBmcpBmH-RRLPdjIHqjTOZiEn4djUyLNjqbH6rFShQGlhXGh7vqOPD7UO2RRdPg2z-HiZS113aLyvQuvAcXUkQL3pybAIm2cmO6P4xYdTLdk9wdQv5HE2Ko8o4C3AIC74YbH6o9t77HHt_8kSzw1dWJsTKwveB8gBpdByMqjqyFd-e96rjJUTv1FqeOyadN4x4NBWdf3qkQLtRaF8zZu8r0hs3AYTWTwGb-E5UktMU4jBn3Lpd7k5tFbBqSOq4e_q3yZ6q7JOjRdAejGFbg3Ns0Nyp5rvpMdKmrpuFwbqrAWArQMu66c7CA9y6IFGIpZjOOT3KTSWu3QlajgBAGABrL9quyVn-SIbKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3DHrYxPSxFEwO4rWuMpHBF75gwzQ%26client%3Dca-pub-3960095709930134%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edb83bedaa076095b8eab5748de0ea5d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Expires: Wed, 10 Jul 2024 11:56:20 GMT
Date: Sat, 11 Nov 2023 14:26:36 GMT
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Age: 10636217
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 27646
X-Served-By: cache-lga21944-LGA, cache-cph2320035-CPH
Last-Modified: Tue, 11 Jul 2023 11:56:12 GMT
Server: AkamaiNetStorage
X-Timer: S1699712796.047963,VS0,VE0
ETag: "615fd4ad24a409f4de5416b603f042c1:1689076572.555276"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Accept-Ranges: bytes
X-Cache-Hits: 23, 233675

GET
DATA 200
OK truncated
/ Frame EA93 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: abd4d5e67d3fd018cb9066a189d42dd2b3143f7bc127e2bf49d97ed51605121a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame EA93 0
0 68ms
66ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CCmjCG49PZYXOHtWJ1PIPwpC0-A3JntKxXNWdkfdwwI23ARABIABglfqEgpgHggEXY2EtcHViLTM5NjAwOTU3MDk5MzAxMzTIAQmpAtJLWfee7bE-4AIAqAMByAMCqgSTAk_Qbwmm90RPSaFuSieYf9OTV3svu5tTk1bu-nBB7_bhCJyHpwJ-_D2qGbIz1YpMWO3Ru_Yb2oGQDY5Y-xlzVsMZtYQTrEz9y3Expoh2XPhPqp4yZy3Cg_kBbIs88r6c-4ENJ09P9F9wzyv4PnY_xWcAffThXcmImjxOx8wmGJIdgB9yIyduXPyBGeBNkYXPBX5OIqTESoqzfRh7xcjY95RsUFG8upX6oLWbDINMYj03QzMi6WZbmZtQR4NiHIC4crnv1Oh3S4DV8o0tf8I63HjPGxV4OCDvm7WzBV8HUYKWl2ODuXPCgxP6xJG5zmxWNBcNtQrd3wp68qpwrH4kt5N69IM_DZxss-fDGTbBf_JK3C9R4AQBgAa3zazTroKSq-8BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6gAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTM5NjAwOTU3MDk5MzAxMzQY0q5t&sigh=QILLhFceFLg&uach_m=[UACH]&cid=CAQSTwDICaaNTJrO4IOevtox1_EZoQe3VpvJjjjvmlMM9AtuG_isZ-DLADGdr4DxeRzZcdPCkHihZ3KMMvq7PyffT_uver0RJkgf3iW0s6IhMPUYAQ&cbvp=2&vis=1
Requested by: Host: edb83bedaa076095b8eab5748de0ea5d.safeframe.googlesyndication.com
URL: https://edb83bedaa076095b8eab5748de0ea5d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edb83bedaa076095b8eab5748de0ea5d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

GET
H2 200 notify
rtb.fr3.eu.criteo.com/google/auction/ Frame EA93 0
126 B 105ms
33ms Image
text/plain 2a02:2638:d::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=kpXPF-jMCcoHWp2DYgICAAAACaz4N0rN0n3Zd5zhEBuPT2U0Ic4Bsqrm37EOAAASAAAKCkFRVUJEd0VCRHc&wp=ZU-PGwAHpwUIVQTVAA0IQqYOut0jaySQvEK5mg&cbvp=2

Requested by

Host: edb83bedaa076095b8eab5748de0ea5d.safeframe.googlesyndication.com
URL: https://edb83bedaa076095b8eab5748de0ea5d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edb83bedaa076095b8eab5748de0ea5d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 14:26:35 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 126426
server: Kestrel
content-length: 0

GET
H2 200 platforms Show response
odb.outbrain.com/utils/ Frame 9732 5 KB
3 KB 285ms
217ms XHR
application/json 146.75.122.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/platforms?contentUrl=https://ibb.co/jwyq4JD&widgetJSId=APP_1&key=INTER1JBG3BD8Q2B763PIB4G3&idx=0&format=vjnc&cors=true&extid=vli-94532
Requested by: Host: static.vliplatform.com
URL: https://static.vliplatform.com/plugins/pbnative/creative.min.js?v=1.05
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.122.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 00cc865426fbbbe4e1477c5e10d397bfc3976e25c7cb124205efd2c7714e1371

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-cache-hits: 0, 0
date: Sat, 11 Nov 2023 14:26:36 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, FRA, Europe1
x-cache: MISS, MISS
x-traceid: 5a493930f7767b38fe651827a2d432b7
content-length: 2876
x-served-by: cache-lga21942-LGA, cache-fra-etou8220087-FRA
x-timer: S1699712796.094419,VS0,VE192
vary: Accept-Encoding, User-Agent
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://ibb.co
access-control-allow-credentials: true
accept-ranges: bytes
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame CFD1 2 KB
1 KB 38ms
38ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZU-PGwAHpwUIVQTVAA0IQqYOut0jaySQvEK5mg&u=%7Cz1YgnrrKRt8kxax0twr6khi%2FiNH1fNfmUr4BXroigUc%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZejSh2I_Z98DfpD3kgH7kPZ359Ko-EEu0bIFx89_fBUUM-4NZGzOofl5SC9QMWD1qbwfEXq1Z1UT1fQ6S4fK8uvI9R_f93xWr0TtqshCv16-Sd4Bahw30YhrLXZf2w-uwzQVBH_JtaupddI3FftJhxi5uFpGaqFwA5bwjiG4ORyQIV-Sdao51GUB8tjLYLsHKt3twlCexaqn4PgCQmH1RxSK-fDLZhihIP63t0bVyl4eEWGlrAgajw8U1fPr0V_Fc4f6BAxR1iwn8t3DzOomxoWx9Nlz5O0sZ8R5Z9RGP3LKs39zJOSF_O25QSF2KEthLEZ12w9Pnz_lGhSWt0lF7n8d0hJupH4mwY_aJ8gGGTDEOmn3fWQwba1EuQE0pkiDfWRlanH6uUSvM7Hv85HmjQBXswXqyDmhwQKzFcXunLB2AXSHurW2txBVMg0i3BaW9irQL_0XNDOWANE9AH8gjbQJ3AqNQjcG6nPGZZaDEEY1Bzeecv2lPkwrsL1wRZMTrlktzvYka5oDX94Gb-7Vb7KhHjrpF1EC04aegcKZDEo2H&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCo8JKG49PZYXOHtWJ1PIPwpC0-A3JntKxXNWdkfdwwI23ARABIABglfqEgpgHggEXY2EtcHViLTM5NjAwOTU3MDk5MzAxMzTIAQmpAtJLWfee7bE-4AIAqAMByAMCqgSWAk_Qbwmm90RPSaFuSieYf9OTV3svu5tTk1bu-nBB7_bhCJyHpwJ-_D2qGbIz1YpMWO3Ru_Yb2oGQDY5Y-xlzVsMZtYQTrEz9y3Expoh2XPhPqp4yZy3Cg_kBbIs88r6c-4ENJ09P9F9wzyv4PnY_xWcAffThXcmImjxOx8wmGJIdgB9yIyduXPyBGeBNkYXPBX5OIqTESoqzfRh7xcjY95RsUFG8upX6oLWbDINMYj03QzMi6WZbmZtQR4NiHIC4crnv1Oh3S4DV8o0tf8I63HjPGxV4OCDvm7WzBV8HUYKWl2ODuXPCgxP6xJG5zi5UFYWNJtrgedpdKCZQRdoqkJnM_q0njyikjkExpijtZ2qASA-4xeOn4AQBgAa3zazTroKSq-8BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0Mh4LYKj1WyotvaEF7mfbc_S8baw%26client%3Dca-pub-3960095709930134%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 14:26:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 05 Nov 2024 14:26:36 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame CFD1 2 KB
1 KB 35ms
35ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 14:26:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 05 Nov 2024 14:26:36 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame CFD1 308 B
636 B 36ms
35ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 14:26:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Tue, 05 Nov 2024 14:26:36 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame CFD1 293 B
621 B 37ms
36ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 14:26:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Tue, 05 Nov 2024 14:26:36 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame CFD1 43 B
348 B 85ms
28ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=hUi77yvTBBhsGpjeuij4ZRoOtC8_IpKS3M8KIYEyJkBTYx-HWDwx5gIfiRctu7eBx5J0q_vMxtBYpQ_DFty7xnpjleEokPdmW2yRrOy2Rcl9S2INGpTx_EALiv1D9eyh00y-X_sukwOfr-iUQ5o6swFMl1-YwFAwo-RMc3XRxbYFsP0YGYBQsKbXl0YstfT5FNLGV76HBh0Y2cKilhjeeBCvjI5gTnB9TyWh9PQQVSAL_wJc-JR7nZlSsc-GTNmZkQI57VjG9Y-goF_CVOgcKaMEFKyfhqB8A0g-qpZ6ondGL-eluPMbKbXQ0S9mWMTV7E7mUEZNJz1ujLt9_RjHGwBSTvNM3ZynnoZzHvl9rKhrXWoa8ue79RQC_FPOwXo_A9Yd5rWhn7xZDx6F1FNIH863rQljRR183c2msWxwHxgmr5_a

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Nov 2023 14:26:35 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2100977
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 m
secure-gl.imrworldwide.com/cgi-bin/ Frame CFD1 44 B
581 B 121ms
48ms Image
image/gif 2600:9000:223c:d600:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1699712795
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZU-PGwAHpwUIVQTVAA0IQqYOut0jaySQvEK5mg&u=%7Cz1YgnrrKRt8kxax0twr6khi%2FiNH1fNfmUr4BXroigUc%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZejSh2I_Z98DfpD3kgH7kPZ359Ko-EEu0bIFx89_fBUUM-4NZGzOofl5SC9QMWD1qbwfEXq1Z1UT1fQ6S4fK8uvI9R_f93xWr0TtqshCv16-Sd4Bahw30YhrLXZf2w-uwzQVBH_JtaupddI3FftJhxi5uFpGaqFwA5bwjiG4ORyQIV-Sdao51GUB8tjLYLsHKt3twlCexaqn4PgCQmH1RxSK-fDLZhihIP63t0bVyl4eEWGlrAgajw8U1fPr0V_Fc4f6BAxR1iwn8t3DzOomxoWx9Nlz5O0sZ8R5Z9RGP3LKs39zJOSF_O25QSF2KEthLEZ12w9Pnz_lGhSWt0lF7n8d0hJupH4mwY_aJ8gGGTDEOmn3fWQwba1EuQE0pkiDfWRlanH6uUSvM7Hv85HmjQBXswXqyDmhwQKzFcXunLB2AXSHurW2txBVMg0i3BaW9irQL_0XNDOWANE9AH8gjbQJ3AqNQjcG6nPGZZaDEEY1Bzeecv2lPkwrsL1wRZMTrlktzvYka5oDX94Gb-7Vb7KhHjrpF1EC04aegcKZDEo2H&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCo8JKG49PZYXOHtWJ1PIPwpC0-A3JntKxXNWdkfdwwI23ARABIABglfqEgpgHggEXY2EtcHViLTM5NjAwOTU3MDk5MzAxMzTIAQmpAtJLWfee7bE-4AIAqAMByAMCqgSWAk_Qbwmm90RPSaFuSieYf9OTV3svu5tTk1bu-nBB7_bhCJyHpwJ-_D2qGbIz1YpMWO3Ru_Yb2oGQDY5Y-xlzVsMZtYQTrEz9y3Expoh2XPhPqp4yZy3Cg_kBbIs88r6c-4ENJ09P9F9wzyv4PnY_xWcAffThXcmImjxOx8wmGJIdgB9yIyduXPyBGeBNkYXPBX5OIqTESoqzfRh7xcjY95RsUFG8upX6oLWbDINMYj03QzMi6WZbmZtQR4NiHIC4crnv1Oh3S4DV8o0tf8I63HjPGxV4OCDvm7WzBV8HUYKWl2ODuXPCgxP6xJG5zi5UFYWNJtrgedpdKCZQRdoqkJnM_q0njyikjkExpijtZ2qASA-4xeOn4AQBgAa3zazTroKSq-8BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0Mh4LYKj1WyotvaEF7mfbc_S8baw%26client%3Dca-pub-3960095709930134%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:d600:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 14:26:36 GMT
via: 1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
x-cache: Miss from cloudfront
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
cross-origin-resource-policy: cross-origin
content-length: 44
pragma: no-cache
server: nginx
accept-ch: Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
access-control-allow-methods: POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
x-amz-cf-id: aKK5qoHHmM2f1RcUL-8Gv0INMJFUEYcU1yFFR40CodIHRoyW-kyDcg==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 f9d5f193fe704d30bc6e97384f41c8fe_relative-bold-pro.woff
static.criteo.net/design/dt/ Frame CFD1 57 KB
57 KB 143ms
71ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/f9d5f193fe704d30bc6e97384f41c8fe_relative-bold-pro.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

0c94f7120af1dd1e52881cfb218fb4fda3f26d6971c0ebd317ba23b459dcaa1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 14:26:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 20 Apr 2023 14:26:14 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"64414b86-e41c"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 05 Nov 2024 14:26:36 GMT

OPTIONS
H2 204 1a
i.clean.gg/ Frame 0
0 160ms
110ms Preflight
text/plain 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://edb83bedaa076095b8eab5748de0ea5d.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=utf-8
date: Sat, 11 Nov 2023 14:26:36 GMT
server: nginx/1.21.6
via: 1.1 google

POST
H2 200 1a Show response
i.clean.gg/ Frame C1B3 0
104 B 110ms
110ms XHR
application/octet-stream 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Requested by: Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://edb83bedaa076095b8eab5748de0ea5d.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 11 Nov 2023 14:26:36 GMT
via: 1.1 google
server: nginx/1.21.6
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H/1.1 200
OK index.html Show response
crcdn01.adnxs-simple.com/creative20/p/3563/2023/10/30/51580940/ Frame 5862 20 KB
6 KB 106ms
21ms Document
text/html 23.213.164.226
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://crcdn01.adnxs-simple.com/creative20/p/3563/2023/10/30/51580940/index.html?clickTag=https%3A%2F%2Fams3-ib.adnxs.com%2Fssclick2%3Fe%3DwqT_3QKQAfBlkAAAAAMAxBkFAQibnr6qBhDxtO6uxOW-zS4YACCVNii1ATDrGzgCQJ6FkeIBSNHHAVAAWgNVU0RiA1VTRGjAAnDgA3ipMYAB4_MFiAEBkAECmAEFoAECqQEj2_l-arzEP7EBI9v5BQpQuQEAAACgcD3iP8EBsoUgByXMxD_JFQoY2AHwBuABAA..%2Fs%3De5113644cbe181b2419be64a22352942c5aafd0b%2Fip%3D217.114.218.25%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521KBhDygjK6uQbEJ6FkeIBGNHHASAAKAAxZmZmZmZm5j86CUFNUzM6NjA3MED5REmZ02UxsfntP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMzU2MyNBTVMzOjYwNzA%3D%2Fbn%3D96739%2Fclickenc%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCi6-JG49PZYWSGZbW-gbI-ojIAteirrlgqYTk-voMwI23ARABIABglfqEgpgHggEXY2EtcHViLTM5NjAwOTU3MDk5MzAxMzTIAQmpAtJLWfee7bE-4AIAqAMByAMCqgSSAk_QslXNW2wH739BKNFEEhV9S9WVmtrKkBmcpBmH-RRLPdjIHqjTOZiEn4djUyLNjqbH6rFShQGlhXGh7vqOPD7UO2RRdPg2z-HiZS113aLyvQuvAcXUkQL3pybAIm2cmO6P4xYdTLdk9wdQv5HE2Ko8o4C3AIC74YbH6o9t77HHt_8kSzw1dWJsTKwveB8gBpdByMqjqyFd-e96rjJUTv1FqeOyadN4x4NBWdf3qkQLtRaF8zZu8r0hs3AYTWTwGb-E5UktMU4jBn3Lpd7k5tFbBqSOq4e_q3yZ6q7JOjRdAejGFbg3Ns0Nyp5rvpMdKmrpuFwbqrAWArQMu66c7CA9y6IFGIpZjOOT3KTSWu3QlajgBAGABrL9quyVn-SIbKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3DHrYxPSxFEwO4rWuMpHBF75gwzQ%2526client%253Dca-pub-3960095709930134%2526adurl%253Dhttps%25253A%25252F%25252Fhansefit.de%25252F%25253Futm_source%25253Dplista.com%252526utm_medium%25253Dcpc%252526utm_campaign%25253Dawareness%252526utm_term%25253D1k%252526utm_content%25253Dsocial_awareness
Requested by: Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.213.164.226 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-164-226.deploy.static.akamaitechnologies.com
Software: nginx/1.21.3 /
Resource Hash: 8de0e308adeaa8bb6d2b568dff10553a2de5568b8333845060fdd68b9e78fef0

Request headers

Referer: https://edb83bedaa076095b8eab5748de0ea5d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=3888000
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 5508
Content-MD5: KqRG/07pmu6EDQ/7lfEsbQ==
Content-Type: text/html
Date: Sat, 11 Nov 2023 14:26:36 GMT
Expires: Tue, 26 Dec 2023 14:26:36 GMT
Last-Modified: Mon, 30 Oct 2023 14:03:16 GMT
Server: nginx/1.21.3
Vary: Accept-Encoding
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: c256558f-601e-0032-7912-0c158d000000
x-ms-version: 2009-09-19

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame C1B3 0
583 B 30ms
30ms Ping
text/html 185.89.211.116
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fibb.co%2Fjwyq4JD&e=wqT_3QKBEfBDgQgAAAMA1gAFAQibnr6qBhDxtO6uxOW-zS4YACo2CSPb-X5qvMQ_ESPb-X5qvMQ_GQAAAKBwPeI_IbKFIAclzMQ_KbINCcAxAAAAgOtRyD8wlTY4tQFA6xtIAlCehZHiAVjRxwFgAGipMXjj8wWAAQGKAQNVU0SSBQbwPJgBwAKgAeADqAEBsAEAuAECwAEFyAEC0AEA2AEA4AEA6gHrBWh0dHBzOi8vYWRjbGljay5nLmRvdWJsZWMFDvSABW5ldC9hY2xrP3NhPUwmYWk9Q2k2LUpHNDlQWllXU0daYlctZ2JJLW9qSUF0ZWlycmxncVlUay12b013STIzQVJBQklBQmdsZnFFZ3BnSGdnRVhZMkV0Y0hWaUxUTTVOakF3T1RVM01EazVNekF4TXpUSUFRbXBBdEpMV2ZlZTdiRS00QUlBcUFNQnlBTUNxZ1NTQWtfUXNsWE5XMndINzM5QktORkVFaFY5UzlXVm10cktrQm1jcEJtSC1SUkxQZGpJSHFqVE9aaUVuNGRqVXlMTmpxYkg2ckZTaFFHbGhYR2g3dnFPUEQ3VU8yUlJkUGcyei1IaVpTMTEzYUx5dlF1dkFjWFVrUUwzcHliQUltMmNtTzZQNHhZZFRMZGs5d2RRdjVIRTJLbzhvNEMzQUlDNzRZYkg2bzl0NzdISHRfOGtTencxZFdKc1RLd3ZlQjhnQnBkQnlNcWpxeUZkLWU5NnJqSlVUdjFGcWVPeWFkTjR4NE5CV2RmM3FrUUx0UmFGOHpadThyMGhzM0FZVFdUd0diLUU1VWt0TVU0akJuM0xwZDdrNXRGYkJxU09xNGVfcTN5WjZxN0pPalJkQWVqR0ZiZzNOczBOeXA1cnZwTWRLbXJwdUZ3YnFyQVdBclFNdTY2YzdDQTl5NklGR0lwWmpPT1QzS1RTV3UzUWxhamdCQUdBQnJMOXF1eVZuLVNJYktBR0lhZ0hwcjRicUFlVzJCdW9CNnFic1FLb0I0T3RzUUtvQl8tZXNRS29COS1mc1FMWUJ3RFNDQlFJZ09HQUVCQUJNZ0txQWpvQ2dFQkl2ZjNCT3ZvTEFnZ0JnQXdCMEJVQmdCY0ImbnVtPTEmc2lnPUFPRDY0XzNESHJZeFBTeEZFd080cld1TXBIQkY3NWd3elEmY2xpZW50PWNhLXB1Yi0zOTYwMDk1NzA5OTMwMTM0JmFkdXJsPfABAIoCaHVmKCdhJywgODY3MTEzMiwgMCk7dWYoJ2knLCA5MTc4ODAzLCAwKTt1ZignZycsIDIzMjE2OTcxLCAwKTt1ZignYycsIDU4Mjc1MTQ2LCAwKTt1ZigncicsIDQ3NDIzNTU1MCwgMCk7kgL1BCE3SDc2WkFqSzZ1UWJFSjZGa2VJQkdBQWcwY2NCTUFBNEFFQUFTT3NiVUpVMldBQmdfX19fX3c5b0FIQUJlQUdBQVFHSUFRR1FBUUdZQVFHZ0FRR29BUUd3QVFDNUFkdEFGd1piZThNX3dRRXZNandKT016RVA4a0JBQUFBQUFBQThEX1pBWm5UWlRHeC1lMF80QUd6bmJBRTlRRXpNek1fbUFJQW9BSUJ0UUlBQUFBQXZRSUFBQUFBd0FJQnlBSUIwQUlCMkFJQjRBTHA4cEl4NkFLVmpMeXFCdklDQXpJeU5fZ0NBSUFEQVpnREFhSURFd2pwOHBJeEVBZ1lBQzFjajBJX01nTXlNamVpQXhNSTZmS1NNUkFKR0FBdFhJOUNQeklETWpJM29nTU9DTkwzMFFFUUNoZ0FMUUFBZ0QtNkF3bEJUVk16T2pZd056RGdBX2xFZ0FTbms3UU1pQVNwazdRTWtBUUFtQVFCb0FRVXdRUUFBQUFBQUFBQUFNa0VBQUFBQUFBQUFBRFlCQUR4QkFBQUFBQUFBQUFBaUFXMkw2a0ZBQUFBQUFBQThELXhCUUFBQUFBQUFBQUF3UVZtWm1abVptYm1QOGtGQUFBQVFEc28yal9SQlFBQUFBQUFBQUFBMlFVQUFBQ0E2MUhvUC1BRi1IN3dCY3VHaVF2NEJaeWZrUVNDQmdORlZWS0lCZ0NRQmdHWUJnQ2hCbVptWm1abVp1WV9xQVlFc2dZa0NRQUFBQUFBQUFBQUVRQUFBDcsER1ENCQxBQUFJHQzodUFZS2dRaWljRDNLWnRYWFB3Li6aApkBIUtCaER5Z2pLNnVRYkVKNkZrZUlCR05ISEFTQUFLQUF4Wm0JAog1ajg2Q1VGTlV6TTZOakEzTUVENVJFbVowMlV4c2ZudFAxRQF0CQEERmsJCAEBBEdFAQYJAQBHHRgASB0YEEhnQWlRERAERHcBnSjYAvAG4AJm6gIWaM158O1pYmIuY28vand5cTRKRIADAIgDAZADAJgDCaADAaoDAMAD2ATIAwDYA6uLwQHgAwDoAwD4AwOABACSBAQvdWFwmAQAogQOMjE3LjExNC4yMTguMjWoBACyBAwIABAAGAAgADAAOAK4BADABADIBADSBA4zNTYzI0FNUzM6NjA3MNoEAggB4AQB8ASehZHiAYgFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBYiWY_oFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0AbyDdoGFgoQAAAAAAAABRYFAQGcYOAGAfIGAggAgAcBiAcAoAcByAfj8wXSBw0VZAEmDNoHBggFCbzgBwDqBwIIAPAH0aIEiggCEACVCAAAgD-YCAHACPAG0ggOCIGChIiQoMCAARACGAA.&s=ddfb6a34bc7eebf019230d44eedfe76f6c9d724d&type=nv&nvt=5&jm=1003&px=0&py=0&bw=320&bh=480&sid=4304421441076949473&vd=ct~0|rr~0&sv=239&tv=view7-1js&ua=chrome52&pl=win&x=v&tag_id=6933&cid=3&cr=nv&sw=1600&sh=1200&pw=0&ph=0&ww=0&wh=0&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edb83bedaa076095b8eab5748de0ea5d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Nov 2023 14:26:36 GMT
an-x-request-uuid: be74dd7f-933f-4dbb-b3f1-edb3b3890e50
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://edb83bedaa076095b8eab5748de0ea5d.safeframe.googlesyndication.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.25; 217.114.218.25; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame CFD1 12 KB
5 KB 75ms
28ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 14:26:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 122371
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aRv54VEof2I9XaEz0iu4Z6y7slvIpkxCckhE7avISc06fAltewjVcx%2BuWMsxABhSlnpRN7T1G29tgGLY4gtdmHhcOfHK1sqkgag1sBXN11WqQsX1LGce6Y6QMDlnlQcTbuwN0zXQeCU9R3vG%2FFfPofMw"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82473610d89a9b6e-FRA
expires: Thu, 31 Oct 2024 14:26:36 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame CFD1 12 KB
6 KB 38ms
38ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 14:26:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 05 Nov 2024 14:26:36 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame CFD1 7 KB
7 KB 143ms
72ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=176&m=0&partner=2861&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F230502%2F6c678b4c3aaa4eb8985bff7ee55cf9b8_stepstone_job_portal_negative_rgb.png&v=3&w=256&rid=4&s=nj_OBTNTFzB7xL-NVOJP12cd

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

a9590a47c67d39dd16c7602ac0567db7d52913f28995584756a10ffadb7df15b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 14:26:35 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 7064
expires: Fri, 04 Oct 2024 03:42:41 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame CFD1 6 KB
6 KB 112ms
41ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F9%2FlogoInterSearch-Executive-Consultants-GmbH-Co-KG-187325DE-2002271656.gif%3Feb%3D1&v=3&w=400&rid=4&s=ea49tQW9JqYbGmxnJ0KYw1tg&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

cc76ae3d24eb98b0860610051f666c8ff915d4be46cdb1a5f88272c8bf101dc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 14:26:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=86400
timing-allow-origin: *
content-length: 6210
expires: Sat, 11 Nov 2023 14:34:03 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame CFD1 4 KB
5 KB 137ms
66ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FC%2FlogoBWI-GmbH-82433DE-2208161325.gif%3Feb%3D1&v=3&w=400&rid=4&s=EtBeg5nQSnr_a19B0xzUOSo-&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

cc3b04e00cede182123138355e4659b44ea24ad4a89243615203533591cedc61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 14:26:35 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=86400
timing-allow-origin: *
content-length: 4456
expires: Sun, 12 Nov 2023 12:44:39 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame CFD1 1 KB
1 KB 105ms
35ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FH%2FlogoHensoldt-c-o-Airbus-DS-Electronics-and-Border-173428DE.gif%3Feb%3D1&v=3&w=400&rid=4&s=P1V-JNiL37ZgaIVtecxTW2tN&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

8272f3273f1554eff059ac2ceeaefeff4528117d33805bf54cb9da658909e24c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 14:26:35 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=86400
timing-allow-origin: *
content-length: 1250
expires: Sun, 12 Nov 2023 10:30:29 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame CFD1 1 KB
2 KB 145ms
74ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F0%2FlogoKPS-Prufservice-GmbH-150470DE.gif%3Feb%3D1&v=3&w=400&rid=4&s=t_bCngq8RFvljqjcVGRGcupg&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

384092f3b0f214fed0106e9987355e77ad0735bab4acc2bb2c51c53e02d4e321

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 14:26:35 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=86374
timing-allow-origin: *
content-length: 1394
expires: Sat, 11 Nov 2023 19:27:22 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame CFD1 2 KB
2 KB 104ms
34ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FB%2FlogoS-Kreditpartner-GmbH-93756DE-2310111728.gif%3Feb%3D1&v=3&w=400&rid=4&s=rsWXp0n35BD-ot3VpRGBViCt&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

f6df3167422208b5555fc2922abaf1baddf84e465bcd45c19c79bdc591e2a487

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 14:26:35 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=86392
timing-allow-origin: *
content-length: 1935
expires: Sat, 11 Nov 2023 22:22:33 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame CFD1 766 B
977 B 44ms
43ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FD%2FlogoHDI-Service-AG-221127DE.gif%3Feb%3D1&v=3&w=400&rid=4&s=KWbJITQx4S4FX1TcaT8m2HuC&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

aa1cc4a9d7e24348ad5d5cc461f8015fb07cfc3e0fc6f6663968b20920088cbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 14:26:35 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=85422
timing-allow-origin: *
content-length: 766
expires: Sun, 12 Nov 2023 04:02:56 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame CFD1 878 B
1 KB 42ms
41ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F4%2Flogooperational-services-GmbH-Co-KG-72471DE.gif%3Feb%3D1&v=3&w=400&rid=4&s=d9Yh9AUAiTwAFUJt20r0YRri&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

a1a4aa5768b7d11ce36c2972af75f7f5a9e7c66a475f5e381fee3ae7cf0f7773

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 14:26:35 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=86340
timing-allow-origin: *
content-length: 878
expires: Sun, 12 Nov 2023 11:52:41 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame CFD1 3 KB
3 KB 41ms
41ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F0%2FlogoPoyry-Deutschland-GmbH-66755DE-2001031117.gif%3Feb%3D1&v=3&w=400&rid=4&s=R6UyyIXeSMHhjaxZu-VbqREF&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

81871e1c8b0148c1e88d8fb7ce6bccd0747cf99ab319a54fff22f51485d95e6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 14:26:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=43200
timing-allow-origin: *
content-length: 2956
expires: Sat, 11 Nov 2023 19:45:37 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame CFD1 0
128 B 111ms
37ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=atzR3h7halxiiV9o2g_XGL4m2xW-8vfwn3xCyv2L5T-xQfJMWBgW-eYDAN-hE27mY3EN0jBNFybQR-7ONUvotyVE1-QtqjrOxUMsSctyiHO6ba5SRriydbN-lT_QrSEQ2JAbKnbJRGGN6vTdvuaOQrnVY3cg4FR0C8ukHUKKD-Cs4oci_2wXy8E5no7y91ZHCP6C-YhEfGsKfxz2cgDQGdn5Uca-oZ060UJinsmCmsD9V2QjqHwUwE1J673xWjlo95zHEQ&sds=2&rev=89278&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 11 Nov 2023 14:26:36 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame CFD1 2 KB
1 KB 36ms
35ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 14:26:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 05 Nov 2024 14:26:36 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame CFD1 2 KB
1 KB 37ms
37ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 14:26:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 05 Nov 2024 14:26:36 GMT

GET
H/1.1 200
OK appnexus-html5-lib.min.js Show response
acdn.adnxs.com/html5-lib/1.3.0/ Frame 5862 9 KB
3 KB 42ms
42ms Script
application/javascript 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/html5-lib/1.3.0/appnexus-html5-lib.min.js
Requested by: Host: crcdn01.adnxs-simple.com
URL: https://crcdn01.adnxs-simple.com/creative20/p/3563/2023/10/30/51580940/index.html?clickTag=https%3A%2F%2Fams3-ib.adnxs.com%2Fssclick2%3Fe%3DwqT_3QKQAfBlkAAAAAMAxBkFAQibnr6qBhDxtO6uxOW-zS4YACCVNii1ATDrGzgCQJ6FkeIBSNHHAVAAWgNVU0RiA1VTRGjAAnDgA3ipMYAB4_MFiAEBkAECmAEFoAECqQEj2_l-arzEP7EBI9v5BQpQuQEAAACgcD3iP8EBsoUgByXMxD_JFQoY2AHwBuABAA..%2Fs%3De5113644cbe181b2419be64a22352942c5aafd0b%2Fip%3D217.114.218.25%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521KBhDygjK6uQbEJ6FkeIBGNHHASAAKAAxZmZmZmZm5j86CUFNUzM6NjA3MED5REmZ02UxsfntP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMzU2MyNBTVMzOjYwNzA%3D%2Fbn%3D96739%2Fclickenc%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCi6-JG49PZYWSGZbW-gbI-ojIAteirrlgqYTk-voMwI23ARABIABglfqEgpgHggEXY2EtcHViLTM5NjAwOTU3MDk5MzAxMzTIAQmpAtJLWfee7bE-4AIAqAMByAMCqgSSAk_QslXNW2wH739BKNFEEhV9S9WVmtrKkBmcpBmH-RRLPdjIHqjTOZiEn4djUyLNjqbH6rFShQGlhXGh7vqOPD7UO2RRdPg2z-HiZS113aLyvQuvAcXUkQL3pybAIm2cmO6P4xYdTLdk9wdQv5HE2Ko8o4C3AIC74YbH6o9t77HHt_8kSzw1dWJsTKwveB8gBpdByMqjqyFd-e96rjJUTv1FqeOyadN4x4NBWdf3qkQLtRaF8zZu8r0hs3AYTWTwGb-E5UktMU4jBn3Lpd7k5tFbBqSOq4e_q3yZ6q7JOjRdAejGFbg3Ns0Nyp5rvpMdKmrpuFwbqrAWArQMu66c7CA9y6IFGIpZjOOT3KTSWu3QlajgBAGABrL9quyVn-SIbKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3DHrYxPSxFEwO4rWuMpHBF75gwzQ%2526client%253Dca-pub-3960095709930134%2526adurl%253Dhttps%25253A%25252F%25252Fhansefit.de%25252F%25253Futm_source%25253Dplista.com%252526utm_medium%25253Dcpc%252526utm_campaign%25253Dawareness%252526utm_term%25253D1k%252526utm_content%25253Dsocial_awareness
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a41628988ddb24e6304b002e534b034e517d24b8d6a2465a8eeaf44a8973d070

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crcdn01.adnxs-simple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Expires: Mon, 31 Oct 2022 06:00:23 GMT
Date: Sat, 11 Nov 2023 14:26:36 GMT
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Age: 29600
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 2930
X-Served-By: cache-lga21976-LGA, cache-cph2320024-CPH
Last-Modified: Tue, 31 May 2016 15:39:23 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Timer: S1699712796.319916,VS0,VE0
ETag: W/"574db02b-2499"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Accept-Ranges: bytes
X-Cache-Hits: 15236, 6195

GET
H/1.1 404
Not Found main.jpg
crcdn01.adnxs-simple.com/creative20/p/3563/2023/10/30/51580940/ Frame 5862 215 B
215 B 225ms
224ms Image
application/xml 23.213.164.226
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crcdn01.adnxs-simple.com/creative20/p/3563/2023/10/30/51580940/main.jpg
Requested by: Host: crcdn01.adnxs-simple.com
URL: https://crcdn01.adnxs-simple.com/creative20/p/3563/2023/10/30/51580940/index.html?clickTag=https%3A%2F%2Fams3-ib.adnxs.com%2Fssclick2%3Fe%3DwqT_3QKQAfBlkAAAAAMAxBkFAQibnr6qBhDxtO6uxOW-zS4YACCVNii1ATDrGzgCQJ6FkeIBSNHHAVAAWgNVU0RiA1VTRGjAAnDgA3ipMYAB4_MFiAEBkAECmAEFoAECqQEj2_l-arzEP7EBI9v5BQpQuQEAAACgcD3iP8EBsoUgByXMxD_JFQoY2AHwBuABAA..%2Fs%3De5113644cbe181b2419be64a22352942c5aafd0b%2Fip%3D217.114.218.25%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521KBhDygjK6uQbEJ6FkeIBGNHHASAAKAAxZmZmZmZm5j86CUFNUzM6NjA3MED5REmZ02UxsfntP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMzU2MyNBTVMzOjYwNzA%3D%2Fbn%3D96739%2Fclickenc%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCi6-JG49PZYWSGZbW-gbI-ojIAteirrlgqYTk-voMwI23ARABIABglfqEgpgHggEXY2EtcHViLTM5NjAwOTU3MDk5MzAxMzTIAQmpAtJLWfee7bE-4AIAqAMByAMCqgSSAk_QslXNW2wH739BKNFEEhV9S9WVmtrKkBmcpBmH-RRLPdjIHqjTOZiEn4djUyLNjqbH6rFShQGlhXGh7vqOPD7UO2RRdPg2z-HiZS113aLyvQuvAcXUkQL3pybAIm2cmO6P4xYdTLdk9wdQv5HE2Ko8o4C3AIC74YbH6o9t77HHt_8kSzw1dWJsTKwveB8gBpdByMqjqyFd-e96rjJUTv1FqeOyadN4x4NBWdf3qkQLtRaF8zZu8r0hs3AYTWTwGb-E5UktMU4jBn3Lpd7k5tFbBqSOq4e_q3yZ6q7JOjRdAejGFbg3Ns0Nyp5rvpMdKmrpuFwbqrAWArQMu66c7CA9y6IFGIpZjOOT3KTSWu3QlajgBAGABrL9quyVn-SIbKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3DHrYxPSxFEwO4rWuMpHBF75gwzQ%2526client%253Dca-pub-3960095709930134%2526adurl%253Dhttps%25253A%25252F%25252Fhansefit.de%25252F%25253Futm_source%25253Dplista.com%252526utm_medium%25253Dcpc%252526utm_campaign%25253Dawareness%252526utm_term%25253D1k%252526utm_content%25253Dsocial_awareness
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.213.164.226 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-164-226.deploy.static.akamaitechnologies.com
Software: nginx/1.21.3 /
Resource Hash: 838937322ebd1e116aa6b9a5cc102e610660a768c6a25f5cb63e9f635948aba2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crcdn01.adnxs-simple.com/creative20/p/3563/2023/10/30/51580940/index.html?clickTag=https%3A%2F%2Fams3-ib.adnxs.com%2Fssclick2%3Fe%3DwqT_3QKQAfBlkAAAAAMAxBkFAQibnr6qBhDxtO6uxOW-zS4YACCVNii1ATDrGzgCQJ6FkeIBSNHHAVAAWgNVU0RiA1VTRGjAAnDgA3ipMYAB4_MFiAEBkAECmAEFoAECqQEj2_l-arzEP7EBI9v5BQpQuQEAAACgcD3iP8EBsoUgByXMxD_JFQoY2AHwBuABAA..%2Fs%3De5113644cbe181b2419be64a22352942c5aafd0b%2Fip%3D217.114.218.25%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521KBhDygjK6uQbEJ6FkeIBGNHHASAAKAAxZmZmZmZm5j86CUFNUzM6NjA3MED5REmZ02UxsfntP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMzU2MyNBTVMzOjYwNzA%3D%2Fbn%3D96739%2Fclickenc%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCi6-JG49PZYWSGZbW-gbI-ojIAteirrlgqYTk-voMwI23ARABIABglfqEgpgHggEXY2EtcHViLTM5NjAwOTU3MDk5MzAxMzTIAQmpAtJLWfee7bE-4AIAqAMByAMCqgSSAk_QslXNW2wH739BKNFEEhV9S9WVmtrKkBmcpBmH-RRLPdjIHqjTOZiEn4djUyLNjqbH6rFShQGlhXGh7vqOPD7UO2RRdPg2z-HiZS113aLyvQuvAcXUkQL3pybAIm2cmO6P4xYdTLdk9wdQv5HE2Ko8o4C3AIC74YbH6o9t77HHt_8kSzw1dWJsTKwveB8gBpdByMqjqyFd-e96rjJUTv1FqeOyadN4x4NBWdf3qkQLtRaF8zZu8r0hs3AYTWTwGb-E5UktMU4jBn3Lpd7k5tFbBqSOq4e_q3yZ6q7JOjRdAejGFbg3Ns0Nyp5rvpMdKmrpuFwbqrAWArQMu66c7CA9y6IFGIpZjOOT3KTSWu3QlajgBAGABrL9quyVn-SIbKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3DHrYxPSxFEwO4rWuMpHBF75gwzQ%2526client%253Dca-pub-3960095709930134%2526adurl%253Dhttps%25253A%25252F%25252Fhansefit.de%25252F%25253Futm_source%25253Dplista.com%252526utm_medium%25253Dcpc%252526utm_campaign%25253Dawareness%252526utm_term%25253D1k%252526utm_content%25253Dsocial_awareness
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Sat, 11 Nov 2023 14:26:36 GMT
Server: nginx/1.21.3
Content-Type: application/xml
x-ms-request-id: cf2b7e60-901e-00ed-4fab-145eb7000000
Cache-Control: max-age=86400
x-ms-version: 2009-09-19
Connection: keep-alive
Content-Length: 215
Expires: Sun, 12 Nov 2023 14:26:36 GMT

GET
H2 200 ob_logo_16x16.svg
widgets.outbrain.com/images/widgetIcons/ Frame B2C0 13 KB
14 KB 68ms
19ms Image
image/svg+xml 23.213.165.149
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/ob_logo_16x16.svg
Requested by: Host: ibb.co
URL: https://ibb.co/jwyq4JD
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.213.165.149 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-165-149.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: c3c89d5295be3c6415416b83a9e4c0fc67a790e55713ddc3f2d0c07185779acf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires: Mon, 11 Dec 2023 14:26:36 GMT
date: Sat, 11 Nov 2023 14:26:36 GMT
last-modified: Tue, 10 Jan 2023 16:40:08 GMT
server: AkamaiNetStorage
etag: "af7be0711fb1cf2f41bb793256c8f148:1673369412.559449"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 13687
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ Frame B2C0 990 B
1 KB 70ms
21ms Image
image/svg+xml 23.213.165.149
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by: Host: ibb.co
URL: https://ibb.co/jwyq4JD
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.213.165.149 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-165-149.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires: Mon, 11 Dec 2023 14:26:36 GMT
date: Sat, 11 Nov 2023 14:26:36 GMT
last-modified: Tue, 10 Jan 2023 16:40:08 GMT
server: AkamaiNetStorage
etag: "5ab8e16b5f46213840bcd403e349419c:1673369393.880194"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 990
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H2 200 eyJpdSI6IjQ2ZTgwODdmYjIzMWIzODFkZDljMTgxYzM4NDU0ZWFkOWE2NmFhZDFmYTE3NDZhODdiMzAzNWNlYjBkMGQ4YTIiLCJ3IjozMjAsImgiOjE4MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ Frame B2C0 11 KB
11 KB 129ms
36ms Image
image/webp 2.18.161.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjQ2ZTgwODdmYjIzMWIzODFkZDljMTgxYzM4NDU0ZWFkOWE2NmFhZDFmYTE3NDZhODdiMzAzNWNlYjBkMGQ4YTIiLCJ3IjozMjAsImgiOjE4MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: ibb.co
URL: https://ibb.co/jwyq4JD
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.161.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-161-178.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 04f06597f680af8ab62eaa9a54ee375a3f0903dd5c503cf09665de017a9557f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 14:26:36 GMT
last-modified: Tue, 31 Oct 2023 12:47:07 GMT
access-control-allow-methods: GET,POST
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2012856
access-control-allow-credentials: false
x-traceid: feae11d10201c1ce8bcdda9c6cec5e0c
timing-allow-origin: *, *
content-length: 11424

GET
H/1.1 200
OK l
mcdp-nydc1.outbrain.com/ Frame 9732 2 B
278 B 446ms
113ms Image
text/plain 64.202.112.63
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mcdp-nydc1.outbrain.com/l?token=ca10dae8e10b03043d4f43127142098f_198067_1699712796242
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.63 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Sat, 11 Nov 2023 14:26:36 GMT
content-encoding: br
X-TraceId: bc40771de5cbe39f6f129c0ba2296280
Content-Length: 6
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: text/plain; charset=UTF-8

GET
H/1.1 200
OK log-viewability
log.outbrainimg.com/loggerServices/ Frame 9732 4 B
325 B 478ms
115ms Image
application/json 64.202.112.63
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.outbrainimg.com/loggerServices/log-viewability?requestId=ca10dae8e10b03043d4f43127142098f&position=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.63 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 11 Nov 2023 14:26:36 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 2d20525232459bb6569de044228596e7
Content-Length: 4
Expires: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 57ms
57ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311060101&jk=594024892429966&bg=!5uWl5arNAAZxrfrxUa07ADQBe5WfOB6jQrcDwzzKADyf29rjoRx1yyRVZ7xAXfRCh5k-_dWnOKQlko11Op8S6JZZFqpTAgAAAH9SAAAABWgBBwoAGkslUZkYqcDiDjSrVB8fHqM_If0m8u2rdXRmmQK4_dZQxVZngbay-nEv2ha7KYrl8cLjLtB7zuFWEWdvCFRTue3JSYP2zP6w5WUoI8PXbDw5A4xZoPBSZU-GDA4umAnZSpRF9_GwJtSHQrDIoMOLPDlGbGqHk8ShQKOorWvNv3-wvm4vmTYPLwCknA-dwN-ym-UL3tQ4s1Hi-9U-yTGwQSWhe830D2mjqwEedM8NBz2NkONvmc7gFsozm-3CRZrmKqBCN5YfH845DMtVXty9CealxWdUSziEoEsWg_OBu6N3AK-1eDWIN4T2qc3O5gCIz1GGA-PgPpnQsTdHF56vBOfp9jsa9WQAE2pQ8ndk3v5bb0ABFi9ThQ-jUZBbD4sndTfq1_f2d4650rlaVjqy9KKVkaEmcBEul1nI3qY4HsD-hzuixH39JJ7d3eYLUHZQX1VxbSIq9fjoDvt6bWfGGx5PEA1p6Qxdtfs1MS8VwS0gA9VQezE72eeXq7xR4D4AHL0MeZspilwDDg-AadwBB0EHE3_hYYTICwCeMRbaNMgM34DYQnc78wEkvr3EmVNdDcNQnfKRIY5Nn19z---7CfrQF7BaHqjaGIzQWUP6LATgyfQ42dnH4CEBqQbq_bP2gf_4zk75aRLoZdfOXiKCvOM-fw6dQYOLjIQvSFaimLJ4gOicxDA0p455JFooP75DmT4A_WTfPnJNO-TRyDn2eieXAAwqQlfmSncqmCTE6QWjINVPMG-nqejdPLyYldejs2fa4-RaKWO5hfVPgPGvLjSqd-OkPycsjrhOXDPlCALTtCp0vgjmJYE5oQ2lBEKhOuwcaJMqx9E2ZZAUs39moyq9epfjH5pstKxIcrMbt3UZmr6pXrHxDA5onsXtsWHUhvjRES8WvI_VRiD7li1h2V3cS5B9ZIuL417ycvdMCFZyZFopy5NEMO48n2q4fKYA8KHNuyFl
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

GET
H/1.1 200
OK NjUyNzhmOWFhNTIxYV94QjRXQllsaHM2LTIwMjMtOS0xMi04LTE4LTItODYuanBn.jpg
crcdn01.adnxs-simple.com/creative20/p/3563/2023/10/30/51580940/ Frame 5862 119 KB
119 KB 31ms
30ms Image
image/jpeg 23.213.164.226
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crcdn01.adnxs-simple.com/creative20/p/3563/2023/10/30/51580940/NjUyNzhmOWFhNTIxYV94QjRXQllsaHM2LTIwMjMtOS0xMi04LTE4LTItODYuanBn.jpg
Requested by: Host: edb83bedaa076095b8eab5748de0ea5d.safeframe.googlesyndication.com
URL: https://edb83bedaa076095b8eab5748de0ea5d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.213.164.226 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-164-226.deploy.static.akamaitechnologies.com
Software: nginx/1.21.3 /
Resource Hash: ebbb1addf06909f4e2829b46b5eaf9ecf3935ab1367e57ff03cf59d7f563cdda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crcdn01.adnxs-simple.com/creative20/p/3563/2023/10/30/51580940/index.html?clickTag=https%3A%2F%2Fams3-ib.adnxs.com%2Fssclick2%3Fe%3DwqT_3QKQAfBlkAAAAAMAxBkFAQibnr6qBhDxtO6uxOW-zS4YACCVNii1ATDrGzgCQJ6FkeIBSNHHAVAAWgNVU0RiA1VTRGjAAnDgA3ipMYAB4_MFiAEBkAECmAEFoAECqQEj2_l-arzEP7EBI9v5BQpQuQEAAACgcD3iP8EBsoUgByXMxD_JFQoY2AHwBuABAA..%2Fs%3De5113644cbe181b2419be64a22352942c5aafd0b%2Fip%3D217.114.218.25%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521KBhDygjK6uQbEJ6FkeIBGNHHASAAKAAxZmZmZmZm5j86CUFNUzM6NjA3MED5REmZ02UxsfntP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMzU2MyNBTVMzOjYwNzA%3D%2Fbn%3D96739%2Fclickenc%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCi6-JG49PZYWSGZbW-gbI-ojIAteirrlgqYTk-voMwI23ARABIABglfqEgpgHggEXY2EtcHViLTM5NjAwOTU3MDk5MzAxMzTIAQmpAtJLWfee7bE-4AIAqAMByAMCqgSSAk_QslXNW2wH739BKNFEEhV9S9WVmtrKkBmcpBmH-RRLPdjIHqjTOZiEn4djUyLNjqbH6rFShQGlhXGh7vqOPD7UO2RRdPg2z-HiZS113aLyvQuvAcXUkQL3pybAIm2cmO6P4xYdTLdk9wdQv5HE2Ko8o4C3AIC74YbH6o9t77HHt_8kSzw1dWJsTKwveB8gBpdByMqjqyFd-e96rjJUTv1FqeOyadN4x4NBWdf3qkQLtRaF8zZu8r0hs3AYTWTwGb-E5UktMU4jBn3Lpd7k5tFbBqSOq4e_q3yZ6q7JOjRdAejGFbg3Ns0Nyp5rvpMdKmrpuFwbqrAWArQMu66c7CA9y6IFGIpZjOOT3KTSWu3QlajgBAGABrL9quyVn-SIbKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3DHrYxPSxFEwO4rWuMpHBF75gwzQ%2526client%253Dca-pub-3960095709930134%2526adurl%253Dhttps%25253A%25252F%25252Fhansefit.de%25252F%25253Futm_source%25253Dplista.com%252526utm_medium%25253Dcpc%252526utm_campaign%25253Dawareness%252526utm_term%25253D1k%252526utm_content%25253Dsocial_awareness
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sat, 11 Nov 2023 14:26:36 GMT
Last-Modified: Mon, 30 Oct 2023 14:03:16 GMT
Server: nginx/1.21.3
Content-MD5: 0z3breRPw13xHS59XvXgww==
ETag: 0x8DBD950F6E92D4D
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
x-ms-request-id: 1598fec1-d01e-0008-5a12-0c0ff5000000
Cache-Control: max-age=3888000
x-ms-version: 2009-09-19
Connection: keep-alive
Content-Length: 121625
Expires: Tue, 26 Dec 2023 14:26:36 GMT

GET
H/1.1 200
OK NjUwMDZkZWM1NjA1MF9BbFJHczUxYnZBLTIwMjMtOC0xMi0xNS01NS01NS05MTAucG5n.png
crcdn01.adnxs-simple.com/creative20/p/3563/2023/10/30/51580940/ Frame 5862 7 KB
7 KB 62ms
21ms Image
image/png 23.213.164.226
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crcdn01.adnxs-simple.com/creative20/p/3563/2023/10/30/51580940/NjUwMDZkZWM1NjA1MF9BbFJHczUxYnZBLTIwMjMtOC0xMi0xNS01NS01NS05MTAucG5n.png
Requested by: Host: edb83bedaa076095b8eab5748de0ea5d.safeframe.googlesyndication.com
URL: https://edb83bedaa076095b8eab5748de0ea5d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.213.164.226 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-164-226.deploy.static.akamaitechnologies.com
Software: nginx/1.21.3 /
Resource Hash: 37dcb8c682f0358571281c93cfba19ce15ea74be9ec03195b8961fd9a36b0bc0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crcdn01.adnxs-simple.com/creative20/p/3563/2023/10/30/51580940/index.html?clickTag=https%3A%2F%2Fams3-ib.adnxs.com%2Fssclick2%3Fe%3DwqT_3QKQAfBlkAAAAAMAxBkFAQibnr6qBhDxtO6uxOW-zS4YACCVNii1ATDrGzgCQJ6FkeIBSNHHAVAAWgNVU0RiA1VTRGjAAnDgA3ipMYAB4_MFiAEBkAECmAEFoAECqQEj2_l-arzEP7EBI9v5BQpQuQEAAACgcD3iP8EBsoUgByXMxD_JFQoY2AHwBuABAA..%2Fs%3De5113644cbe181b2419be64a22352942c5aafd0b%2Fip%3D217.114.218.25%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521KBhDygjK6uQbEJ6FkeIBGNHHASAAKAAxZmZmZmZm5j86CUFNUzM6NjA3MED5REmZ02UxsfntP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMzU2MyNBTVMzOjYwNzA%3D%2Fbn%3D96739%2Fclickenc%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCi6-JG49PZYWSGZbW-gbI-ojIAteirrlgqYTk-voMwI23ARABIABglfqEgpgHggEXY2EtcHViLTM5NjAwOTU3MDk5MzAxMzTIAQmpAtJLWfee7bE-4AIAqAMByAMCqgSSAk_QslXNW2wH739BKNFEEhV9S9WVmtrKkBmcpBmH-RRLPdjIHqjTOZiEn4djUyLNjqbH6rFShQGlhXGh7vqOPD7UO2RRdPg2z-HiZS113aLyvQuvAcXUkQL3pybAIm2cmO6P4xYdTLdk9wdQv5HE2Ko8o4C3AIC74YbH6o9t77HHt_8kSzw1dWJsTKwveB8gBpdByMqjqyFd-e96rjJUTv1FqeOyadN4x4NBWdf3qkQLtRaF8zZu8r0hs3AYTWTwGb-E5UktMU4jBn3Lpd7k5tFbBqSOq4e_q3yZ6q7JOjRdAejGFbg3Ns0Nyp5rvpMdKmrpuFwbqrAWArQMu66c7CA9y6IFGIpZjOOT3KTSWu3QlajgBAGABrL9quyVn-SIbKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3DHrYxPSxFEwO4rWuMpHBF75gwzQ%2526client%253Dca-pub-3960095709930134%2526adurl%253Dhttps%25253A%25252F%25252Fhansefit.de%25252F%25253Futm_source%25253Dplista.com%252526utm_medium%25253Dcpc%252526utm_campaign%25253Dawareness%252526utm_term%25253D1k%252526utm_content%25253Dsocial_awareness
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sat, 11 Nov 2023 14:26:36 GMT
Last-Modified: Mon, 30 Oct 2023 14:03:16 GMT
Server: nginx/1.21.3
Content-MD5: IZCv71cq4HeKWrFsKE1Uiw==
ETag: 0x8DBD950F6E5D5B8
Content-Type: image/png
Access-Control-Allow-Origin: *
x-ms-request-id: e8037dd3-201e-0103-2312-0c0a93000000
Cache-Control: max-age=3888000
x-ms-version: 2009-09-19
Connection: keep-alive
Content-Length: 6933
Expires: Tue, 26 Dec 2023 14:26:36 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame EA93 42 B
174 B 58ms
58ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvWuf_XT30Hk_e42zySbCF0nYGEviu4R5fjzNijA2FjPMue4DBHPjo05iqSLPBWhbBRA6GQ1tAh5pT0a-WlEHK5VBLhk0dwswVRtvePrrtM_f1IDEaq&sig=Cg0ArKJSzIsRfqzz8XtDEAE&id=lidar2&mcvt=1000&p=1176,314,1266,1284&mtos=674,834,1000,1028,1046&tos=674,160,166,28,18&v=20231109&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3672933460&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699712795837&rpt=153&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edb83bedaa076095b8eab5748de0ea5d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Nov 2023 14:26:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cc.jpeg
px.vliplatform.com/iv-v4/ 0
506 B 143ms
143ms Image
image/jpeg 2606:4700:3037::ac43:9e3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/iv-v4/cc.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNoc-MeqBKeTy-Uqry-PBPy-wyUK-TTBYreBMrtrMRqxeNRwNqrb_TZYdtroqRlmNxfrtyoftrbxfrtyoftrRdzNwqfftkRrdzNuggustRmNTTTPBARleNplR_yszuNyqslt
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 14:26:37 GMT
cf-cache-status: MISS
last-modified: Sat, 11 Nov 2023 14:26:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pjGAebQQCvpcFGRmAW5xoP%2BJ%2Ftv6a6zDhoo180i4R%2BxxLVmBY4FNmY0Z%2Bh5rx0GIizaAZX6vm8FUSiFz4kvZgYtXb10mfw%2BOqPuwa7ATPvXvvjFHw%2BZLOwnhM%2FrSjnPmw%2BbMlfvaq8Ytp%2BDaDMdIHA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 8247361599ff5d55-FRA
content-length: 0
alt-svc: h3=":443"; ma=86400

POST
H2 200 all
csm.eu.criteo.net/ Frame CFD1 0
127 B 38ms
37ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 11 Nov 2023 14:26:36 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: edb83bedaa076095b8eab5748de0ea5d.safeframe.googlesyndication.com
URL: https://edb83bedaa076095b8eab5748de0ea5d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Verdicts & Comments Add Verdict or Comment

110 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mgid.com/	1970-01-20 16:08:34	Name: __cf_bm Value: R.wWxy8U9NDe5pVRcS3is1vcGDJopYP5ey22qTlni5U-1699712794-0-ARdZmJKWIa7JnQEEK5Icw0hek/yGhItRWsN6VFkXl/ngH0VvWeaP4Cjv8KnltXDu3pxtg9LcunrrxU1+JmnPR6c=
ibb.co/	1970-01-20 17:34:56	Name: __ppIdCC Value: ivv_xo210..7167.4707
.ibb.co/	1970-01-20 16:48:51	Name: sharedid Value: 1046921c-0d8a-4afa-bef3-626d91377c20
.ibb.co/	1970-01-20 16:48:51	Name: sharedid_cst Value: zix7LPQsHA%3D%3D
.criteo.com/	1970-01-21 01:30:08	Name: uid Value: fca7a584-745c-46d0-a48e-118a2fb33e7b
.ibb.co/	1970-01-21 01:30:08	Name: cto_bundle Value: jBOcE19JRDk4VXNhOWNKWkY3RHIxWDhNbTNLSTRiVTRwTFhDZHg4VmklMkYzeElQaUZqWmtUMnBxV1FxJTJGcm51VjJPOGhGeGt2YkVTWURBZmh1b0Q3RyUyRklUVVhQcG5FVW5wbXd3TkpzQld6MmJab0FOQUc0RVdndFZZTXFPSGRxdWx1VCUyRnhleERac09vajJhcHB3SEJNcHUlMkJIeFN3JTNEJTNE
.ibb.co/	1970-01-21 01:30:08	Name: __gads Value: ID=e80f3178f6fe80e1:T=1699712795:RT=1699712795:S=ALNI_Mb1oi2SDedOgy1zsFUNMssInulImA
.ibb.co/	1970-01-21 01:30:08	Name: __gpi Value: UID=00000cbfc9c647ea:T=1699712795:RT=1699712795:S=ALNI_MaobSDxBNvSDQR2BXzyBjanfJNpOg
.adnxs.com/	1970-01-20 18:18:08	Name: anj Value: dTM7k!M4/8CxrEQF']wIg2GU'hczcQ!]tbP6j2F-XstGt!@Dvq$yyA!
.doubleclick.net/	1970-01-21 01:30:08	Name: IDE Value: AHWqTUk5Nj2ljCyibnNJG0EtlNzxOUpPunvfuWHYYOSyFy14dK157ruygl1iFSVTlII

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1(Line 6) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
other	warning	URL: https://edb83bedaa076095b8eab5748de0ea5d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
network	error	URL: https://crcdn01.adnxs-simple.com/creative20/p/3563/2023/10/30/51580940/main.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload max-age=63072000; includeSubDomains; preload
X-Frame-Options	DENY DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax.amazon-adsystem.com
acdn.adnxs-simple.com
acdn.adnxs.com
ads.eu.criteo.com
adsystem.pocpoc.io
ams3-ib.adnxs.com
assets.vlitag.com
c.amazon-adsystem.com
c.usefulcontentsites.com
cat.nl3.eu.criteo.com
cdn.adnxs.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.usefulcontentsites.com
cdnjs.cloudflare.com
cm.mgid.com
config.aps.amazon-adsystem.com
crcdn01.adnxs-simple.com
csm.eu.criteo.net
dsp.vlitag.com
edb83bedaa076095b8eab5748de0ea5d.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
gum.criteo.com
i.clean.gg
i.ibb.co
ibb.co
id5-sync.com
imageproxy.eu.criteo.net
images.outbrainimg.com
imasdk.googleapis.com
log.outbrainimg.com
mcdp-nydc1.outbrain.com
media.vlitag.com
mug.criteo.com
odb.outbrain.com
pagead2.googlesyndication.com
px.pocpoc.io
px.vliplatform.com
r5---sn-4g5edndk.googlevideo.com
redirector.googlevideo.com
rtb.fr3.eu.criteo.com
secure-gl.imrworldwide.com
securepubads.g.doubleclick.net
services.vlitag.com
simgbb.com
static.criteo.net
static.vliplatform.com
tpc.googlesyndication.com
widgets.outbrain.com
www.google.com
www.googletagservices.com
edb83bedaa076095b8eab5748de0ea5d.safeframe.googlesyndication.com
108.138.1.25
13.32.119.77
146.75.122.132
151.101.1.108
151.101.129.108
151.101.193.108
162.19.138.83
162.19.58.161
178.250.1.6
185.89.211.116
2.18.161.178
213.174.132.224
23.213.164.226
23.213.165.149
2600:9000:223c:d600:1e:a43d:b640:93a1
2606:4700:10::6816:3456
2606:4700:10::ac43:15e3
2606:4700:1::6813:824c
2606:4700:20::681a:fa7
2606:4700:20::ac43:4b40
2606:4700:3032::ac43:83fb
2606:4700:3037::ac43:9e3b
2606:4700::6810:5814
2606:4700::6811:180e
2a00:1450:4001:23::a
2a00:1450:4001:802::2002
2a00:1450:4001:813::200e
2a00:1450:4001:827::200a
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::2001
2a00:1450:4001:830::2002
2a00:1450:4001:830::2003
2a00:1450:4001:831::2002
2a00:1450:4001:831::2004
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:3::c
2a02:2638:d::c
2a06:98c1:3121::3
34.95.69.49
64.202.112.63
99.86.4.39
00cc865426fbbbe4e1477c5e10d397bfc3976e25c7cb124205efd2c7714e1371
03a4b8eeed06bd5b9c5a4a3f160407a0417175cc2068df1a2a37b67b821c0e8c
04f06597f680af8ab62eaa9a54ee375a3f0903dd5c503cf09665de017a9557f4
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0c94f7120af1dd1e52881cfb218fb4fda3f26d6971c0ebd317ba23b459dcaa1e
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0
191a98003e98b429276e8f3daefd3849a1603a4ddee78efc0168ba41a131a5bb
1b02a79decc77ee5b0aede97402dc9bfa3a4bce46cd32dbde6d6aa45d1ab0329
1c358b3bc1cf4b2f5acd9c5ba98d4e739fa948947aab947b78646e4e52bf5cc7
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
21c6f6310feda6c7cf2ab4910f183d8a2f3caea96fb451b49b808861c7aacbe2
2366967b326414a468b336c8b7b825c452d90eaec26f00f0be91beb3df37fe38
2b4cc063a23b35749b179b99bdb852c968aeca98886d97d6c32961edae25adff
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31a93f6ec50f2339370473b311087b1604da751cc0b7a50cadfd8b10a33621b8
37dcb8c682f0358571281c93cfba19ce15ea74be9ec03195b8961fd9a36b0bc0
384092f3b0f214fed0106e9987355e77ad0735bab4acc2bb2c51c53e02d4e321
3e16cdac1cdf4a9d63931608523db9e082dde4a43e7d31ab0a51811f3be5b9de
44d1c878ee2c022361cfcae57d526f0c92c2c42f553973579c07fcebeac26502
45906ccf25c34566708e3c7b29332f2d567c6fa53c72a64b2523928343be6cd1
45fe766308841d0d4a2068ef014d83df899ef6623f6bb4bde509431657b1c707
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4d1d9bc406ab51736aea1d430f5ee11e6ca50d5ccd22d5cf172b12d0c54a7631
4d30543ac6e90772e81a0884755c1ec57baacc83daac73fa91e30682c82d13dc
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5325fc593675de36dd31af4d7a8211a9d129f9c4496df70942a5b59b6b4a34c8
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5db53bf6a77148dae0aece6b6512e4a6bf94603af72e449a0f23ed03e8b96ff3
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
643549c253a9b3cbecea6ab4de324e58234fc9400643902455b3afdcce246ad5
6a15af42dcf8e6705a1ecea1dc8a864ce0c050b8c2dc5365d760f6f8b2477825
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554
7c598d6dc2f040f82c608cb1ef063629ad52ade976a354e578cfab5f2fbb428d
80329d457bd68a89b53ca393d3ba5f1c7b4f944c3c60ef8244a6969e10647c55
81871e1c8b0148c1e88d8fb7ce6bccd0747cf99ab319a54fff22f51485d95e6b
8272f3273f1554eff059ac2ceeaefeff4528117d33805bf54cb9da658909e24c
838937322ebd1e116aa6b9a5cc102e610660a768c6a25f5cb63e9f635948aba2
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8cb19dd370d8a0dd9ee570e546a789c88840bd443082943f099e4c87cdfff2bf
8de0e308adeaa8bb6d2b568dff10553a2de5568b8333845060fdd68b9e78fef0
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
97099da6fb4c43aa8cd1fa2cfb9dfefe93b07b3eac3fc20fc7094ff482871d39
98e86d389af2386a03755278ca8157ae089707b4d3005771b581166b4ae803aa
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9
a1a4aa5768b7d11ce36c2972af75f7f5a9e7c66a475f5e381fee3ae7cf0f7773
a24a1cdd313ab6fa435e1a0f9f4f0395f864a11c9a5ff9610beafe91548d1a8d
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a3531c1a6993ccc3e7b0f3e1495768e3464aecd55193ef112cb5555422ae6c90
a41628988ddb24e6304b002e534b034e517d24b8d6a2465a8eeaf44a8973d070
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a8ed9456b74c249bdb7a50d95659d7f1cfeec6014d19c253680509cba050f599
a90e19c288d073d452ce09027e7fbda248cff44b39e76c7cbe721eea53f424ca
a9590a47c67d39dd16c7602ac0567db7d52913f28995584756a10ffadb7df15b
a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa1cc4a9d7e24348ad5d5cc461f8015fb07cfc3e0fc6f6663968b20920088cbd
aab6a01bb3c0cbfb0fa3fe2b051792d74c30a5d827be8525c354fb9d4fc3475b
abd4d5e67d3fd018cb9066a189d42dd2b3143f7bc127e2bf49d97ed51605121a
b02f712bafaaaf093abcbe50187969700636642c4a9b659974eae2da90b2f914
b5aacc837f3866c139e24a9c447f8ecc672b3e718536585ac1fd0ce9cc0e4e8c
b8341f341848ee9eec71870d976b0895ef1084190c2e0b0349d2ba1c9b9ef64e
bfd4745fee7e2635754df4ff32e620ff7356b538283d881968cf48255db8eebc
c3c89d5295be3c6415416b83a9e4c0fc67a790e55713ddc3f2d0c07185779acf
c43f2cfd502f8404bf58060207dfd8294ad0c7f1bc08e69db75713552f915795
c6f35370a51c2ab4fce5f08aca9b480ec8d2a4018d09ef9db3aba883a7596fac
cc3b04e00cede182123138355e4659b44ea24ad4a89243615203533591cedc61
cc76ae3d24eb98b0860610051f666c8ff915d4be46cdb1a5f88272c8bf101dc7
cfde64613d46e92ade43d94fa50b1e00a694e8a460a2d2fd783a1b1dceab2f28
d192a5e1527c429f7e465e41ecbf501e491bbb33365f4870a332ff497c4b12e8
d66aaa550dea67f3fdfe5f413e7b387a26c919b2000108c7b29b720313e7080f
dd62bcd59a370c259487dccdc612e77b3452e57f97d33fbcc08e900a3eef3b44
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e25e782696ec95f3f2aa45db9c0e1af92affad513980ae4227b4fb8f4b48c744
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7e4640b07040b111882c0754a7b1c6dfaeb08e17c6b7348c215c2d58ab72329
ebbb1addf06909f4e2829b46b5eaf9ecf3935ab1367e57ff03cf59d7f563cdda
ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f46bf0c1c79af4187878ef33dc72a02a554013f943f2eaeb9ad5e88c246b6b13
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f6df3167422208b5555fc2922abaf1baddf84e465bcd45c19c79bdc591e2a487
ff3ec271ef20383e3c4fd7f8a8bbab3610c6bd52fa7ca3a52059b97faf148b24

ibb.co Open in urlscan Pro 213.174.132.224 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

134 Requests

98 %HTTPS

62 %IPv6

26 Domains

52 Subdomains

45 IPs

3 Countries

2657 kBTransfer

5925 kBSize

10 Cookies

10 Outgoing links

Redirected requests

134 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ibb.co Open in urlscan Pro
213.174.132.224 Public Scan

Screenshot
Live screenshot

Full Image

134
Requests

98 %
HTTPS

62 %
IPv6

26
Domains

52
Subdomains

45
IPs

3
Countries

2657 kB
Transfer

5925 kB
Size

10
Cookies

134 HTTP transactions
1 data transactions