ibb.co Open in urlscan Pro
213.174.132.224  Public Scan

10 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://t.co/HzblRj9eRJ Page URL
2. https://ibb.co/XpNHLfM Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44

• https://media.vlitag.com/vid/?id=6Fk_i-JDmbY&t=y HTTP 302
• https://redirector.googlevideo.com/videoplayback?expire=1699338260&ei=tINJZbnaDMqQsfIPi-Cy8Ag&ip=184.164.141.146&id=o-AGzMjlyPtl3sh-T5Zsj2PREhpJW9sZOdn1PuDiI6GuXe&itag=18&source=youtube&requiressl=yes&mh=d6&mm=31%2C29&mn=sn-2puupm-2pue%2Csn-a5mlrnek&ms=au%2Crdu&mv=m&mvi=1&pl=19&initcwndbps=366250&spc=UWF9f_c0GHhL4qrjfNXVrCkJ3e_1dmniFeoRXf3RhQ&vprv=1&svpuc=1&mime=video%2Fmp4&ns=EAYK6z4TqoMigzyfx6F19W4P&cnr=14&ratebypass=yes&dur=200.968&lmt=1685781175523295&mt=1699316217&fvip=4&fexp=24007246&beids=24350018&c=WEB&txp=6219224&n=Vm3PtDAAe-D_uz&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=ANLwegAwRQIgdg0CJmVNYwX_Is4p2rDzxHCnade7fhrImfZhEqcanLcCIQDfoaPqRxvfOf-zIWMObl8si_wIstQ5GmLETUq-gx2qSg%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AM8Gb2swRQIgIbLX_X_PXMlpIMBb8jKSEzUzAgXm8IKQVQ0mZzWGWSoCIQCph118hJcQ2vqq94soe9AlHnmyITzRMquM0mLcenHTXA%3D%3D HTTP 302
• https://r4---sn-5go7ynld.googlevideo.com/videoplayback?expire=1699338260&ei=tINJZbnaDMqQsfIPi-Cy8Ag&ip=184.164.141.146&id=o-AGzMjlyPtl3sh-T5Zsj2PREhpJW9sZOdn1PuDiI6GuXe&itag=18&source=youtube&requiressl=yes&spc=UWF9f_c0GHhL4qrjfNXVrCkJ3e_1dmniFeoRXf3RhQ&vprv=1&svpuc=1&mime=video%2Fmp4&ns=EAYK6z4TqoMigzyfx6F19W4P&cnr=14&ratebypass=yes&dur=200.968&lmt=1685781175523295&fexp=24007246&beids=24350018&c=WEB&txp=6219224&n=Vm3PtDAAe-D_uz&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=ANLwegAwRQIgdg0CJmVNYwX_Is4p2rDzxHCnade7fhrImfZhEqcanLcCIQDfoaPqRxvfOf-zIWMObl8si_wIstQ5GmLETUq-gx2qSg%3D%3D&cms_redirect=yes&mh=d6&mip=2a00:c98:2050:a007:2::14&mm=31&mn=sn-5go7ynld&ms=au&mt=1699316699&mv=m&mvi=4&pl=60&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AM8Gb2swRQIhALXqnpZVcTWfx-7w-wPtRxfYwML2PS_vgoDh6MxNdDNwAiAXJwTkBQHVO561rBAvgE03BpOQYOE7xfDgw5Wso4Vxkw%3D%3D

Request Chain 61

• https://gum.criteo.com/sid/json?origin=publishertagids&domain=ibb.co&sn=ChromeSyncframe&so=0&topUrl=ibb.co&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
• https://mug.criteo.com/sid?cpp=aulTK3w0VmM2dDZLVHBWajZtRTA0MVYzYU42bGhOaGtFTjdFNm5selZ5K2tYMGp0ZjhHbWlCUDIvODhGMEE0TzBCWWJGMnQrRmZiQ3g4SjR2LzNlVkc1REcrSjZkYmcvdmNzcjZEb3FQekdZTzAva2FwcExiQTJvbityN1lLVGhVei9JQWRucXhPQ2VqbnRwL1JsSjNIajhlQzlrYnFjMkRaeTRmWjFPeHpQKzNGUHhnWkhLeFFxVmRNVjZsMVcrdnE2ZGN4OE1QSG5Sbi9wVTBOK1RZekk5cGptN0tpTGVhbVZ6a2h5U0Yva241V0ZYd09QVkt4VE5pY0NpSU5LOUxlNWtCZnBVQnZxdG5TaG5zOFk5L0RLYklhZz09fA&cppv=2

Request Chain 95

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMPUkibG2mz2UaEd6kBAlf0&google_cver=1

Request Chain 96

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUmFGrKxm2PLoIRFMMkUlwAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMPUkibG2mz2UaEd6kBAlf0&google_cver=1

Request Chain 97

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESEKK0oNGCR0LtdW_gD5dNbs8&google_cver=1

Request Chain 98

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzkzMzc0NzgzOTc1NjgxMzA0Ng%3D%3D

Request Chain 104

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 107

• https://hal900030.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=c48a88d773&subid=&uid=f5cff2fcd87495d6&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCkcOLGoVJZfy4CcSYgQexpLuABablvaBphZWcp8kP8C4QASCdwq1pYJWCgICwB8gBCakCLozSnqf6sT6oAwHIA5sEqgTTAU_QRutfvC2Dlyp6s7ulqIIvVZMKccN_QeXixTQ91SoWk7LTKgTlT9CnnSWYZqKSgrPJzP7KknrSn1iryVTnTk1kFJtZQO620V8d7QE_tr7rrYOse2FINaksoGmoO3eDoAowfZtJlZ09ahBe2OLnLMFCgrcxsteU4g2yjIz6gjiBg9j1Bu3VaMs98rFz-2l8IY_I2cOzzQ7KBkWx8FYLHuSwG98cyEZ5Kitwg20edPJzPn3FHSmIxgKTb_dUliJVaUgQEKudIYD4SExxxzVNTM197d7ABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgGYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJEReINEwimtuiZ0bCCAxVETOAKHTHSDlCwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26num%3D1%26cid%3DCAQSTADICaaNSwsSUZ77mWBZ7qgfv2QTsiAfc3A0ksUK7h-GbPW1lSNLB9ZWQcZjO1TkdUYbe9HgouPRQ-It3IiSCI2m49kfnVHxYWmR4nQYAQ%26sig%3DAOD64_20LXBg2fCBYuDkBuykQNUWxI_joQ%26client%3Dca-pub-8278416939377896%26dbm_c%3DAKAmf-C_AVgqnoZyCosq-07WJeCdPXIulwzLFFpVK04yJiL0NaAZ20K8x3rtaRWDRtg1QF6HJDaqOLdja3fX4lJgVXL9xsEEzV7azXUDa2mHRdpiXsF0MmvFmUIHRkfLEDiU-RxnZF2QY5as3roffdq2SliAovYnx3dCgGKYyws9oMErVD_YG0w%26cry%3D1%26dbm_d%3DAKAmf-AmHuPajiQ-61kCluKzeu-4ZWe4lgzVotBefx5uqbhiebx-C8DrW4guvN6LlmDD7_SUF5s4CQombcFGvtP9MeJvmRh6zOteWoIH0xJ2cZbK6DnjwHI5Qgflx8P4hIY84ZX0_C9op9stXq-qIJzKU3dG0cv8WV68pT0SoVqH59ZEwjH4ZDLRbJvXwMrCr4IZL35ZMD5zJ4jt7cqoH2y9LpxRp5IX-mPy72vfe4oy0kXjQkn3PaCT5BncQtnJBx2IAA3bJeyPINld1UBPqipDhAqLYYBDsNzw0UuIka17a7Ndd6UYR25SuWgAbXwqN9JhCZHv6IdEoe6AMQTztKd4pwlSl7r6qbpJb13E6quE8sPX9S_yRiMLKA3dcEI6UFpHmuWak-9kV_fE1QumUgd8xKFnn3jp99CpCIUQmYPZEmRw8vQHUPqEoAClI4J2d4xZQ8r_oGFfkFau2YJ296HBUzQ7wj0gSocUB8H71y3m9KCqpY69FTopHQWrB_PyBMbvDRuvb_M1nE2CG6XqHapah4V-o59pAYx26hBcNYf5uVjNYeSxIcU%26adurl%3D&documentReferer=https%3A%2F%2Fibb.co%2F&ancestorOrigins=https%3A%2F%2Fibb.co&random=872430427933&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
• https://hal900030.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=c48a88d773&subid=&uid=f5cff2fcd87495d6&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCkcOLGoVJZfy4CcSYgQexpLuABablvaBphZWcp8kP8C4QASCdwq1pYJWCgICwB8gBCakCLozSnqf6sT6oAwHIA5sEqgTTAU_QRutfvC2Dlyp6s7ulqIIvVZMKccN_QeXixTQ91SoWk7LTKgTlT9CnnSWYZqKSgrPJzP7KknrSn1iryVTnTk1kFJtZQO620V8d7QE_tr7rrYOse2FINaksoGmoO3eDoAowfZtJlZ09ahBe2OLnLMFCgrcxsteU4g2yjIz6gjiBg9j1Bu3VaMs98rFz-2l8IY_I2cOzzQ7KBkWx8FYLHuSwG98cyEZ5Kitwg20edPJzPn3FHSmIxgKTb_dUliJVaUgQEKudIYD4SExxxzVNTM197d7ABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgGYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJEReINEwimtuiZ0bCCAxVETOAKHTHSDlCwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26num%3D1%26cid%3DCAQSTADICaaNSwsSUZ77mWBZ7qgfv2QTsiAfc3A0ksUK7h-GbPW1lSNLB9ZWQcZjO1TkdUYbe9HgouPRQ-It3IiSCI2m49kfnVHxYWmR4nQYAQ%26sig%3DAOD64_20LXBg2fCBYuDkBuykQNUWxI_joQ%26client%3Dca-pub-8278416939377896%26dbm_c%3DAKAmf-C_AVgqnoZyCosq-07WJeCdPXIulwzLFFpVK04yJiL0NaAZ20K8x3rtaRWDRtg1QF6HJDaqOLdja3fX4lJgVXL9xsEEzV7azXUDa2mHRdpiXsF0MmvFmUIHRkfLEDiU-RxnZF2QY5as3roffdq2SliAovYnx3dCgGKYyws9oMErVD_YG0w%26cry%3D1%26dbm_d%3DAKAmf-AmHuPajiQ-61kCluKzeu-4ZWe4lgzVotBefx5uqbhiebx-C8DrW4guvN6LlmDD7_SUF5s4CQombcFGvtP9MeJvmRh6zOteWoIH0xJ2cZbK6DnjwHI5Qgflx8P4hIY84ZX0_C9op9stXq-qIJzKU3dG0cv8WV68pT0SoVqH59ZEwjH4ZDLRbJvXwMrCr4IZL35ZMD5zJ4jt7cqoH2y9LpxRp5IX-mPy72vfe4oy0kXjQkn3PaCT5BncQtnJBx2IAA3bJeyPINld1UBPqipDhAqLYYBDsNzw0UuIka17a7Ndd6UYR25SuWgAbXwqN9JhCZHv6IdEoe6AMQTztKd4pwlSl7r6qbpJb13E6quE8sPX9S_yRiMLKA3dcEI6UFpHmuWak-9kV_fE1QumUgd8xKFnn3jp99CpCIUQmYPZEmRw8vQHUPqEoAClI4J2d4xZQ8r_oGFfkFau2YJ296HBUzQ7wj0gSocUB8H71y3m9KCqpY69FTopHQWrB_PyBMbvDRuvb_M1nE2CG6XqHapah4V-o59pAYx26hBcNYf5uVjNYeSxIcU%26adurl%3D&documentReferer=https%3A%2F%2Fibb.co%2F&ancestorOrigins=https%3A%2F%2Fibb.co&random=872430427933&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 111

• https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=20846500005084504444550012501030&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
• https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=20846500005084504444550012501030&actionid=879111&produktid=ratenkredit&dt_url=

Request Chain 112

• https://pv.medialead.de/trck/epv/89f7480c0afa0150827cf163f8728151?subid=20846500005084504444550012501030&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
• https://pb.media01.eu/view.aspx?trackid=FCAFEED7E361667AB6C39756DB56E118&dt_subid1=6549851b22d4c960ab320087&dt_subid2=&actionid=56481&produktid=&bannerID=FYRSTDisplay&dt_url=

Request Chain 114

• https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=20846500005084504444550012501030&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
• https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=20846500005084504444550012501030&actionid=879111&produktid=ratenkredit&dt_url=

136 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	HzblRj9eRJ t.co/	221 B 544 B	161ms 125ms	Document text/html	104.244.42.133 TWITTER
General Check archive.org Show headers Download Go to Full URL https://t.co/HzblRj9eRJ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.244.42.133 , United States, ASN13414 (TWITTER, US), Reverse DNS Software tsa_o / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=0 X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control private,max-age=300 content-encoding gzip content-length 174 content-type text/html; charset=utf-8 date Tue, 07 Nov 2023 00:30:15 GMT expires Tue, 07 Nov 2023 00:35:16 GMT perf 7626143928 server tsa_o strict-transport-security max-age=0 vary Origin x-connection-hash 26e84397c4b9446dfafdf71b65e0cfe7c043832a1abac1315f31a02b46e96680 x-response-time 112 x-transaction-id 30750a1b1a3d169e x-xss-protection 0
GET H2	200	Primary Request XpNHLfM Show response ibb.co/	20 KB 6 KB	490ms 296ms	Document text/html	213.174.132.224 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://ibb.co/XpNHLfM Requested by Host: t.co URL: https://t.co/HzblRj9eRJ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 213.174.132.224 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx / Resource Hash 80b68151236cc34c26ae79f1096c89fbb04645abc819abb7ffff3aaef3ff1716 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload max-age=63072000; includeSubDomains; preload X-Frame-Options DENY DENY Request headers Referer https://t.co/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-encoding gzip content-type text/html; charset=UTF-8 date Tue, 07 Nov 2023 00:30:16 GMT server nginx strict-transport-security max-age=63072000; includeSubDomains; preload max-age=63072000; includeSubDomains; preload vary Accept-Encoding x-frame-options DENY DENY
GET H2	200	css2 fonts.googleapis.com/	9 KB 1 KB	58ms 22ms	Stylesheet text/css	2a00:1450:4001:80b::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500&display=swap Requested by Host: ibb.co URL: https://ibb.co/XpNHLfM Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash b5aacc837f3866c139e24a9c447f8ecc672b3e718536585ac1fd0ce9cc0e4e8c Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Tue, 07 Nov 2023 00:30:17 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Mon, 06 Nov 2023 23:20:07 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 07 Nov 2023 00:30:17 GMT
GET H2	200	ibb.css simgbb.com/2801/	115 KB 26 KB	45ms 17ms	Stylesheet text/css	2606:4700:3037::6815:468 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://simgbb.com/2801/ibb.css Requested by Host: ibb.co URL: https://ibb.co/XpNHLfM Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:468 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d192a5e1527c429f7e465e41ecbf501e491bbb33365f4870a332ff497c4b12e8 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 00:30:17 GMT content-encoding br cf-cache-status HIT last-modified Thu, 02 Feb 2023 10:55:40 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 6555 etag W/"63db96ac-1cd5c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A2qzgoUkfX9B8tpFi8JzaldPTVDjyB2brHzR03VU2BsxoqFclQN3jESZ5LwJc6qmj07dP2ri0gn9Iccv91sNdVAv3V1noV0BAFkaBTV8gBOO0I4ZncH1buw4lkRuQLCEHtWWLYorYKXQ"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * cache-control max-age=31536000 cf-ray 8221777d8aeb9030-FRA alt-svc h3=":443"; ma=86400
GET H2	200	subscribe.js Show response cdn.usefulcontentsites.com/js/push/	5 KB 2 KB	47ms 18ms	Script application/javascript	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.usefulcontentsites.com/js/push/subscribe.js?v=7 Requested by Host: ibb.co URL: https://ibb.co/XpNHLfM Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7c598d6dc2f040f82c608cb1ef063629ad52ade976a354e578cfab5f2fbb428d Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers x-id fr5-up-gc37 date Tue, 07 Nov 2023 00:30:17 GMT x-amz-version-id null content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id EVDQ8VQH6QHZ3VN7 age 511 x-cached-since 2022-07-14T11:15:35+00:00 alt-svc h3=":443"; ma=86400 x-amz-id-2 dNW3R+OlpbvdnqfMwOXcQgixMWv/1RgSl2QuODF8+odJfd7UGmjpdKnp7ubguAQryI4jSitj1bY= last-modified Wed, 30 Mar 2022 12:06:36 GMT server cloudflare x-amz-meta-s3cmd-attrs atime:1648641987/ctime:1648641987/gid:0/gname:root/md5:531a7e657aea171bbfa47a0c45adfede/mode:33206/mtime:1648641987/uid:0/uname:root etag W/"531a7e657aea171bbfa47a0c45adfede" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nvJOrWlYzB6165DdOoCvz%2BekWCW8f8zQVjjpUX8Qz26a%2FchWtT74E6Ym3q%2BrGpBiKZnCA8EE%2FE6wnB0h%2FgxkW1ko674oFeoNnAVmyP7FTkX3dVjTGp3cZBzfY6UrnEGPN9I2R70UeK6vo7TCn7ttd5ncVT6f4n%2ByOw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control max-age=14400 cache STALE cf-ray 8221777dec469b3a-FRA
GET H2	200	/ Show response services.vlitag.com/adv1/	574 KB 147 KB	194ms 161ms	Script application/javascript	2606:4700:10::ac43:15e3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1 Requested by Host: ibb.co URL: https://ibb.co/XpNHLfM Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a90e19c288d073d452ce09027e7fbda248cff44b39e76c7cbe721eea53f424ca Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 00:30:17 GMT content-encoding br cf-cache-status HIT cf-bgj minify server cloudflare cf-polished origSize=587430 etag W/"8e6637b4f4f57cc6ca9a8b8db5bcdcb1 2023-11-03T04:18:57 v1 default" vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control public, max-age=900, stale-while-revalidate=3600 x-robots-tag noindex, nofollow, noarchive, nosnippet cf-ray 8221777dfb9d2bf3-FRA alt-svc h3=":443"; ma=86400
GET H2	200	logo.png simgbb.com/images/	938 B 1 KB	13ms 12ms	Image image/png	2606:4700:3037::6815:468 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://simgbb.com/images/logo.png Requested by Host: ibb.co URL: https://ibb.co/XpNHLfM Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:468 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 80329d457bd68a89b53ca393d3ba5f1c7b4f944c3c60ef8244a6969e10647c55 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 00:30:17 GMT cf-cache-status HIT last-modified Thu, 02 Feb 2023 10:55:40 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 6495 etag "63db96ac-3aa" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bh6mIneWv5uH74OdOkSGSeoL85JA90bylx9oi3rF1IVUk0VBPHsy2%2B4CL0RtVZZZGjWkLSFkALexOX%2FCqgwplpuEUeuzQ2iPfdTt8n6oRgOQ2Fh1Fu%2FC24GRTF2Joizjk%2BEoaQcK97iu"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=31536000 accept-ranges bytes cf-ray 8221777dcb049030-FRA alt-svc h3=":443"; ma=86400 content-length 938
GET H2	200	uniswphack.png i.ibb.co/5vtZ4Xw/	93 KB 94 KB	80ms 22ms	Image image/png	162.19.58.158 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://i.ibb.co/5vtZ4Xw/uniswphack.png Requested by Host: ibb.co URL: https://ibb.co/XpNHLfM Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.19.58.158 , France, ASN16276 (OVH, FR), Reverse DNS ns3096590.ip-162-19-58.eu Software nginx / Resource Hash 5c43420bf3d7520dcd1ed8da53952b1343bf053935c45ed8a1d904d7ec1e02c9 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 00:30:17 GMT last-modified Mon, 06 Nov 2023 21:59:21 GMT server nginx access-control-allow-methods GET, OPTIONS content-type image/png access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 95639 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	jquery2.js Show response simgbb.com/2801/	114 KB 41 KB	17ms 16ms	Script application/javascript	2606:4700:3037::6815:468 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://simgbb.com/2801/jquery2.js Requested by Host: ibb.co URL: https://ibb.co/XpNHLfM Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:468 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ff3ec271ef20383e3c4fd7f8a8bbab3610c6bd52fa7ca3a52059b97faf148b24 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 00:30:17 GMT content-encoding br cf-cache-status HIT last-modified Thu, 02 Feb 2023 10:55:40 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 6163 etag W/"63db96ac-1c65d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=biJcnAOTuEQH1RECuLRB80xtl0MWG5uF5tKOC9hTEihPTRz6L4WNVj18BSeAVeBURimv7rL22qgRQjZMn1vZbkVR9vdBLYH0QWJwlpQ9WXbHvIGuwSeT0ZLX4duxSLys1QKwb3ofI%2Boa"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control max-age=31536000 cf-ray 8221777dcb059030-FRA alt-svc h3=":443"; ma=86400
GET H2	200	ibb.js Show response simgbb.com/2801/	215 KB 62 KB	20ms 19ms	Script application/javascript	2606:4700:3037::6815:468 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://simgbb.com/2801/ibb.js Requested by Host: ibb.co URL: https://ibb.co/XpNHLfM Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:468 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 45906ccf25c34566708e3c7b29332f2d567c6fa53c72a64b2523928343be6cd1 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 00:30:17 GMT content-encoding br cf-cache-status HIT last-modified Tue, 01 Aug 2023 17:15:28 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 6495 etag W/"64c93db0-35a95" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h7WA8ByudHEuFkiKybN2wjtSNAna049mAtqKKs2QAUkZAqc1dp%2FWwJ8df0V00bLC0ClYb9vSHu4s87Iko5Gu5UnnsZ4tmnuMOvQ6NBGxFNjgnDKucxyRlGGiZunvhb0%2BiYQg0Tvy%2BU3F"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control max-age=31536000 cf-ray 8221777dcb079030-FRA alt-svc h3=":443"; ma=86400
GET H2	200	imgbb.woff2 simgbb.com/fonts/	8 KB 9 KB	38ms 17ms	Font font/woff2	2606:4700:3037::6815:468 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://simgbb.com/fonts/imgbb.woff2 Requested by Host: simgbb.com URL: https://simgbb.com/2801/ibb.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:468 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f46bf0c1c79af4187878ef33dc72a02a554013f943f2eaeb9ad5e88c246b6b13 Request headers Referer https://simgbb.com/2801/ibb.css Origin https://ibb.co accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 00:30:17 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 6002 alt-svc h3=":443"; ma=86400 content-length 8468 last-modified Thu, 02 Feb 2023 10:55:40 GMT server cloudflare etag "63db96ac-2114" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qPUz4lBAAmLJpI%2F1wIPMI8Gqj%2BXkZBCsMgZ1VDY57wrj91LBQcXoqN9H%2Fd%2F%2FXf6vAYMZ2wtl3GUL7zSoyTTx%2Bpvk5EVvarT8z2KMDYTgsCDu5gh8fypm%2FZWN9anRJGAHEY3Zvu8j%2FYVU"}],"group":"cf-nel","max_age":604800} content-type font/woff2 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes cf-ray 8221777de98e9a11-FRA
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 fonts.gstatic.com/s/opensans/v36/	47 KB 48 KB	53ms 14ms	Font font/woff2	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://ibb.co accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Thu, 02 Nov 2023 18:16:19 GMT x-content-type-options nosniff age 368038 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 48432 x-xss-protection 0 last-modified Thu, 14 Sep 2023 00:40:31 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 01 Nov 2024 18:16:19 GMT
GET H2	200	js-cookie-muidn Show response cm.mgid.com/	0 412 B	65ms 27ms	Script application/javascript	2606:4700:1::6813:844c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cm.mgid.com/js-cookie-muidn Requested by Host: cdn.usefulcontentsites.com URL: https://cdn.usefulcontentsites.com/js/push/subscribe.js?v=7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:1::6813:844c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Tue, 07 Nov 2023 00:30:17 GMT strict-transport-security max-age=15552000; includeSubDomains; preload cf-cache-status DYNAMIC server cloudflare content-type application/javascript cache-control no-store, no-cache, must-revalidate, max-age=0 cf-ray 8221777e7a5f1c83-AMS alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	8e6637b4f4f57cc6ca9a8b8db5bcdcb1.json Show response services.vlitag.com/cli/	42 B 344 B	160ms 142ms	XHR application/json	2606:4700:10::ac43:15e3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://services.vlitag.com/cli/8e6637b4f4f57cc6ca9a8b8db5bcdcb1.json?hn=https://ibb.co Requested by Host: services.vlitag.com URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0a9de07a4c83c63ef5505828083a361e05f0b1d109eefec490382bbe0d004551 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Tue, 07 Nov 2023 00:30:17 GMT cf-cache-status BYPASS server cloudflare vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin https://ibb.co cache-control private, no-cache, no-store, must-revalidate accept-ranges bytes x-robots-tag noindex, nofollow, noarchive, nosnippet cf-ray 8221777f48398fe3-FRA content-length 42 alt-svc h3=":443"; ma=86400 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	push-event-counter c.usefulcontentsites.com/	43 B 461 B	261ms 251ms	Image image/gif	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://c.usefulcontentsites.com/push-event-counter?permission=default&domain=ibb.co Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 00:30:17 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-mg-request-uuid b4ad0246-463d-4509-b02c-8e599499dcf8 server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FjY85fjUYWJ2E0i09xKQgf5gtp99oKv3HPFd1yxRAmMDMyqDyS70wowykFdOkMRtQS8Y%2Bd55eIksp7bdDs9h6FoytywWBnwyBtrR8IbJ%2Fbl9%2F0PmtqFlG3Y9snytC%2BqvE6wC5BSVJvD2EeCrrhWTHOJy3EZerVw%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-methods POST, OPTIONS access-control-allow-origin https://ibb.co content-type image/gif cf-ray 8221777fbd339b3a-FRA access-control-allow-headers * alt-svc h3=":443"; ma=86400
GET H3	200	vl.json Show response services.vlitag.com/vld/1699246986/	13 B 270 B	18ms 17ms	XHR application/json	2606:4700:10::ac43:15e3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://services.vlitag.com/vld/1699246986/vl.json?page_url=https%3A%2F%2Fibb.co%2FXpNHLfM Requested by Host: services.vlitag.com URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 00:30:17 GMT cf-cache-status HIT last-modified Mon, 06 Nov 2023 22:34:26 GMT server cloudflare age 6951 vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin https://ibb.co cache-control public, immutable, max-age=31536000 accept-ranges bytes x-robots-tag noindex, nofollow, noarchive, nosnippet cf-ray 822177802b649b95-FRA content-length 13 alt-svc h3=":443"; ma=86400
GET H3	200	8e6637b4f4f57cc6ca9a8b8db5bcdcb1.json Show response services.vlitag.com/obj/1699246986/	44 KB 5 KB	16ms 16ms	XHR application/json	2606:4700:10::ac43:15e3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://services.vlitag.com/obj/1699246986/8e6637b4f4f57cc6ca9a8b8db5bcdcb1.json?cc=DE&hn=https://ibb.co Requested by Host: services.vlitag.com URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6d8a5b0e52187aca719499e699cd013ddd4661d691c1820483dd543d5cb6ca2f Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 00:30:17 GMT content-encoding br cf-cache-status HIT last-modified Mon, 06 Nov 2023 05:03:27 GMT server cloudflare age 69855 vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin https://ibb.co cache-control public, immutable, max-age=31536000 x-robots-tag noindex, nofollow, noarchive, nosnippet cf-ray 822177802b659b95-FRA alt-svc h3=":443"; ma=86400
GET H2	200	prebid-8.21.0.js Show response assets.vlitag.com/prebid/default/	615 KB 187 KB	37ms 28ms	Script application/javascript	2606:4700:10::ac43:15e3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://assets.vlitag.com/prebid/default/prebid-8.21.0.js Requested by Host: services.vlitag.com URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a3531c1a6993ccc3e7b0f3e1495768e3464aecd55193ef112cb5555422ae6c90 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 00:30:17 GMT content-encoding br cf-cache-status HIT cf-bgj minify last-modified Fri, 03 Nov 2023 08:25:02 GMT server cloudflare age 317095 cf-polished origSize=630565 etag W/"6544ae5e-99f25" vary Accept-Encoding content-type application/javascript cache-control max-age=16070400 cf-ray 822177806e572bf3-FRA alt-svc h3=":443"; ma=86400 expires Fri, 03 Nov 2023 08:55:08 GMT
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	99 KB 31 KB	88ms 47ms	Script text/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: services.vlitag.com URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 65c0147effcb3743af69d8e6aad235098682409304dfd7817bfed806aeb5d4e6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 00:30:17 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31155 x-xss-protection 0 server cafe etag 457 / 19668 / m202310310101 / config-hash: 14006379532634456263 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * expires Tue, 07 Nov 2023 00:30:17 GMT
GET H2	200	ima3.js Show response imasdk.googleapis.com/js/sdkloader/	364 KB 126 KB	74ms 23ms	Script text/javascript	2a00:1450:4001:80f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://imasdk.googleapis.com/js/sdkloader/ima3.js Requested by Host: services.vlitag.com URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ea01cc5a36881eef76d3cedd65fcc872e566a6758917a0a31763202d6c6684b0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 00:30:17 GMT content-encoding gzip x-content-type-options nosniff server sffe cross-origin-opener-policy same-origin; report-to="ads-doubleclick-instream-static" vary Accept-Encoding report-to {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]} content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 128004 x-xss-protection 0 expires Tue, 07 Nov 2023 00:30:17 GMT
GET H2	200	sf_host.min.js Show response assets.vlitag.com/plugins/safeframe/src/js/	38 KB 17 KB	25ms 17ms	Script application/javascript	2606:4700:10::ac43:15e3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://assets.vlitag.com/plugins/safeframe/src/js/sf_host.min.js Requested by Host: services.vlitag.com URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 00:30:17 GMT content-encoding br cf-cache-status HIT last-modified Fri, 01 Nov 2019 05:04:50 GMT server cloudflare age 2642432 etag W/"5dbbbcf2-9806" vary Accept-Encoding content-type application/javascript cache-control max-age=16070400 cf-ray 822177806e592bf3-FRA alt-svc h3=":443"; ma=86400 expires Sat, 07 Oct 2023 10:59:23 GMT
GET H2	200	apstag.js Show response c.amazon-adsystem.com/aax2/	265 KB 65 KB	39ms 12ms	Script application/javascript	13.224.192.181 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/aax2/apstag.js Requested by Host: services.vlitag.com URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.192.181 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-192-181.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 6a15af42dcf8e6705a1ecea1dc8a864ce0c050b8c2dc5365d760f6f8b2477825 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 00:23:23 GMT content-encoding gzip via 1.1 1877c1d3c1c0435e896415d580d52c52.cloudfront.net (CloudFront), 1.1 5076c8187f430eebe5e26fc594d6125a.cloudfront.net (CloudFront) last-modified Wed, 01 Nov 2023 21:46:15 GMT server AmazonS3 x-amz-cf-pop FRA60-P1, FRA2-C1 age 415 x-amz-server-side-encryption AES256 etag W/"952090f32d44601808d121a61e707826" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=3600 x-amz-cf-id 5dMy3Ws7svj8RhMG53iGqObIDKAFF5skYJatONVHvCKRumJcP2At1A==
GET H2	200	aps_csm.js Show response c.amazon-adsystem.com/bao-csm/aps-comm/	6 KB 3 KB	26ms 9ms	XHR application/javascript	13.224.192.181 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.192.181 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-192-181.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers x-amz-version-id 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog content-encoding gzip via 1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront) date Mon, 06 Nov 2023 03:40:28 GMT x-amz-cf-pop FRA2-C1 age 74990 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Tue, 29 Aug 2023 08:30:37 GMT server AmazonS3 etag W/"a4d296427fc806b21335359e398c025c" access-control-max-age 3000 access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control public, max-age=86400 vary Accept-Encoding,Origin x-amz-cf-id 0tt33A3rZJFqa_uZaLYl9J2w3r4Hsh2fSYxgolTAHwFqvxCBCCvlbg==
GET H2	200	pubads_impl.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/	425 KB 133 KB	14ms 13ms	Script text/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e8cf20f6e98c91ff5a877209649b0839bb06e5751793babfb0dbbbb60a9e811a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Mon, 06 Nov 2023 22:02:20 GMT content-encoding br x-content-type-options nosniff age 8877 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 136288 x-xss-protection 0 server cafe etag 17302374607849014435 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 timing-allow-origin * expires Tue, 05 Nov 2024 22:02:20 GMT
GET H2	200	9cf0c4f1-7630-476b-9141-f4472e005192 Show response config.aps.amazon-adsystem.com/configs/	537 B 802 B	32ms 7ms	Script application/javascript	99.86.4.128 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://config.aps.amazon-adsystem.com/configs/9cf0c4f1-7630-476b-9141-f4472e005192 Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.128 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-128.fra6.r.cloudfront.net Software CloudFront / Resource Hash 8cb19dd370d8a0dd9ee570e546a789c88840bd443082943f099e4c87cdfff2bf Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Mon, 06 Nov 2023 23:32:34 GMT via 1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop FRA6-C1 age 3463 x-cache Hit from cloudfront content-type application/javascript cache-control max-age=3600 content-length 537 x-amz-cf-id 12i13UBYjFdbqNrPylJFx8LUPdfPmF1MdM0e3mke6OiCp8jpgGQVrQ==
GET H2	204	config Show response c.amazon-adsystem.com/cdn/prod/	0 303 B	9ms 8ms	XHR text/plain	13.224.192.181 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fibb.co&pubid=9cf0c4f1-7630-476b-9141-f4472e005192 Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.192.181 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-192-181.fra2.r.cloudfront.net Software Server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Mon, 06 Nov 2023 21:34:05 GMT via 1.1 5076c8187f430eebe5e26fc594d6125a.cloudfront.net (CloudFront) server Server x-amz-cf-pop FRA2-C1 age 10571 x-cache Hit from cloudfront access-control-allow-origin https://ibb.co cache-control max-age=21550, s-maxage=21600 access-control-allow-credentials true x-amz-cf-id dFrpXe4bUkdxsRUa2kI7nASSoDg4GoJSKAcj-Zq-GlXDuln1JJZEwA==
GET H2	200	latest.json Show response cdn.jsdelivr.net/gh/prebid/currency-file@1/	2 KB 2 KB	32ms 13ms	Fetch application/json	2606:4700::6810:5814 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231107 Requested by Host: assets.vlitag.com URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5bee226f60cc50dcf362ba1007c883b2c594dd0b852072c7dd8a26c238d343c7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://ibb.co/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 content-type text/plain Response headers date Tue, 07 Nov 2023 00:30:17 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 30569 x-jsd-version 1.0.1865 content-encoding br x-cache HIT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-served-by cache-fra-eddf8230067-FRA x-jsd-version-type version server cloudflare etag W/"63f-YvZJs++Y7HOt/pZMVOBCGDIDjo0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x2B5Ru%2FhCtysuQ5bDSNqK9Ut3T1Ea7wl5hZOAx%2Bous%2BuuZuVTypl03U4zr%2B56IfcRfXo3FhVhamznbCJhnNG98W5Av29KZqQ15HsfwEAltRfVk4Yo1NMbYhdXjZ90SCnN15APl8vUd%2FNpE17GWM%3D"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 timing-allow-origin * cf-ray 822177817adb9b64-FRA
GET H2	200	bid Show response aax.amazon-adsystem.com/e/dtb/	23 B 454 B	75ms 48ms	XHR text/javascript	18.66.96.174 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fibb.co%2FXpNHLfM&pr=https%3A%2F%2Ft.co%2F&pid=5nBkN4066Og1F&cb=0&ws=1600x1200&v=23.1027.1921&t=1500&slots=%5B%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A1%2C%22id%22%3A%22Interdog_Media_RON_Instream%22%2C%22mt%22%3A%22v%22%2C%22s%22%3A%5B%22640x480%22%5D%7D%2C%7B%22sd%22%3A%22vi_22154111431_banner%22%2C%22s%22%3A%5B%22336x280%22%2C%22300x250%22%5D%2C%22sn%22%3A111431%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!pubpower.io%2C467%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22no-cmp%22%7D Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.96.174 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-96-174.fra56.r.cloudfront.net Software Server / Resource Hash 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8 Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 00:30:17 GMT strict-transport-security max-age=47474747; includeSubDomains; preload via 1.1 03ffca0f67e3596b9a0c92342fe91598.cloudfront.net (CloudFront) server Server x-amz-cf-pop FRA56-P2 x-amz-rid 0KPX40TFCKTBYCQ0E36D vary Accept-Encoding,User-Agent x-cache Miss from cloudfront content-type text/javascript;charset=UTF-8 access-control-allow-origin https://ibb.co access-control-allow-credentials true timing-allow-origin * content-length 23 x-amz-cf-id tur3GJjw2jxSYTcX7u58aObpVCWlvPzfSD0oaiV8cms3S20dMdnjoA==
GET H2	200	tf-v1.jpeg px.vliplatform.com/	0 270 B	166ms 134ms	Image image/jpeg	2606:4700:3030::6815:5286 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://px.vliplatform.com/tf-v1.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNMArytMTq-APtU-PZyP-MMMT-aqqKYyaaUrrKRzyzNhqut_cotvRws0NA Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 00:30:18 GMT cf-cache-status MISS last-modified Tue, 07 Nov 2023 00:30:18 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SbMryNr%2FIZa6FMOoYDoHNI8MBoa7pwGRKC3sh3FKVxSuNDA2sYJmRXKL%2BuHbhu9M%2FEyjdLROCazTRP8iTq10ZzoozHDD1UgOUzkE0Lvrz4wM4h9E1ybqsj2oJnaGHrgAiT7YpduvJrpIRq8TRXYx7g%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=864000, immutable accept-ranges bytes x-robots-tag noindex, nofollow, noarchive, nosnippet cf-ray 82217781b95c3834-FRA content-length 0 alt-svc h3=":443"; ma=86400
GET H2	200	cc.jpeg px.vliplatform.com/bi-v4/	0 529 B	164ms 132ms	Image image/jpeg	2606:4700:3030::6815:5286 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNZBTaaaAe-eaUw-PAKa-MMtK-UAaAaaBtyBTBRdzNcortg%20oflzktqdRlmNUPAbPMARwlNqdqmgfRkjmNUPAbPMARrdzNqdqmgfRwkjNARmNTTTPBTRleNplR_yszuNyqsltRedhNgyy Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 00:30:18 GMT cf-cache-status MISS last-modified Tue, 07 Nov 2023 00:30:18 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3AzLMrmZAAMvkKsw0y0SICaxrQ7kC%2BC8SOgs8%2FoRNz78Nq%2FMw1eHDkCrT1cn1rggxmifMHndw91tK1USGM7w%2BixG7SNMrS6d%2FJSJIvQY%2FdXUzlTiY2ekqVpmukSvmmHx5pJxw1VNOD6uyr6nUDrHQA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=864000, immutable accept-ranges bytes x-robots-tag noindex, nofollow, noarchive, nosnippet cf-ray 82217781b95a3834-FRA content-length 0 alt-svc h3=":443"; ma=86400
GET H2	200	cc.jpeg px.vliplatform.com/bi-v4/	0 272 B	164ms 132ms	Image image/jpeg	2606:4700:3030::6815:5286 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNYBBBreeB-UeZM-PqYM-wMqt-ewyMqUMTrwKyRdzNwqfftkRlmNBBUbPMARwlNqdqmgfRkjmNBBUbYMA,BAAbYZARrdzNqdqmgfRwkjNARmNTTTPBTRleNplR_yszuNyqsltRedhNgyy Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 00:30:18 GMT cf-cache-status MISS last-modified Tue, 07 Nov 2023 00:30:18 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vQ7LD%2FD35RrKRGMkxJFnrYcrssT40hBh33oa%2FD3qIEFMiM7zyqbz9xO76w2B0tVQ4LgOiccfQi5njkrMyx1sX6WM%2BYm6KFUH3yz1ONZDxjEKdMjVwa2aYCD3Ji%2FAWR7GKkmIWVd0Xc4pIGa%2FfchXIg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=864000, immutable accept-ranges bytes x-robots-tag noindex, nofollow, noarchive, nosnippet cf-ray 82217781b95b3834-FRA content-length 0 alt-svc h3=":443"; ma=86400
GET H2	200	bid Show response aax.amazon-adsystem.com/e/dtb/	23 B 456 B	57ms 49ms	XHR text/javascript	18.66.96.174 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fibb.co%2FXpNHLfM&pr=https%3A%2F%2Ft.co%2F&pid=5nBkN4066Og1F&cb=1&ws=1600x1200&v=23.1027.1921&t=1500&slots=%5B%7B%22sd%22%3A%22vi_22154111432%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A111432%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!pubpower.io%2C467%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22no-cmp%22%7D Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.96.174 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-96-174.fra56.r.cloudfront.net Software Server / Resource Hash 89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4 Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 00:30:17 GMT strict-transport-security max-age=47474747; includeSubDomains; preload via 1.1 03ffca0f67e3596b9a0c92342fe91598.cloudfront.net (CloudFront) server Server x-amz-cf-pop FRA56-P2 x-amz-rid JAW7KWJ1RB9XBKF8C8V7 vary Accept-Encoding,User-Agent x-cache Miss from cloudfront content-type text/javascript;charset=UTF-8 access-control-allow-origin https://ibb.co access-control-allow-credentials true timing-allow-origin * content-length 23 x-amz-cf-id WGQ8himqvpRmmZWPPsiqREgCr_p_SqBSyvqmhOe6Vje-axwGhDVT6g==
GET H2	200	cc.jpeg px.vliplatform.com/bi-v4/	0 275 B	152ms 139ms	Image image/jpeg	2606:4700:3030::6815:5286 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNyqUUUeTw-eYYw-PMaB-wBKY-qAryaAKBeYwKRdzNwqfftkRlmNKYMbaARwlNqdqmgfRkjmNKYMbaARrdzNqdqmgfRwkjNARmNTTTPBYRleNplR_yszuNyqsltRedhNgyy Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 00:30:18 GMT cf-cache-status MISS last-modified Tue, 07 Nov 2023 00:30:18 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QGTYEOEqV1hDmvzAzpr00%2FpWnC0II2ymDjGskwgF4DSv%2FppdCz%2F1B3dOGntq%2BSqA6R6b6lzIClwsxoLSU02QthimY%2BkLqDgZwYdiRigQfBXNnEa8i4UAPIFKjMY%2FPXJRy4avHPRDKqpPQCPVl25ymA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=864000, immutable accept-ranges bytes x-robots-tag noindex, nofollow, noarchive, nosnippet cf-ray 82217781b9603834-FRA content-length 0 alt-svc h3=":443"; ma=86400
GET H2	200	uniswphack.png i.ibb.co/5vtZ4Xw/	93 KB 94 KB	21ms 20ms	Image image/png	162.19.58.158 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://i.ibb.co/5vtZ4Xw/uniswphack.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.19.58.158 , France, ASN16276 (OVH, FR), Reverse DNS ns3096590.ip-162-19-58.eu Software nginx / Resource Hash 5c43420bf3d7520dcd1ed8da53952b1343bf053935c45ed8a1d904d7ec1e02c9 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 00:30:17 GMT last-modified Mon, 06 Nov 2023 21:59:21 GMT server nginx access-control-allow-methods GET, OPTIONS content-type image/png access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 95639 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	bid Show response aax.amazon-adsystem.com/e/dtb/	23 B 456 B	47ms 45ms	XHR text/javascript	18.66.96.174 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fibb.co%2FXpNHLfM&pr=https%3A%2F%2Ft.co%2F&pid=5nBkN4066Og1F&cb=2&ws=1600x1200&v=23.1027.1921&t=1500&slots=%5B%7B%22sd%22%3A%22vi_22154111430_7%22%2C%22s%22%3A%5B%22970x90%22%5D%2C%22sn%22%3A111430%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%2C%7B%22sd%22%3A%22vi_22154111430_8%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A111430%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!pubpower.io%2C467%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22no-cmp%22%7D Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.96.174 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-96-174.fra56.r.cloudfront.net Software Server / Resource Hash 5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5 Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 00:30:17 GMT strict-transport-security max-age=47474747; includeSubDomains; preload via 1.1 03ffca0f67e3596b9a0c92342fe91598.cloudfront.net (CloudFront) server Server x-amz-cf-pop FRA56-P2 x-amz-rid CRNCTG19BQ7BJHM8HXNS vary Accept-Encoding,User-Agent x-cache Miss from cloudfront content-type text/javascript;charset=UTF-8 access-control-allow-origin https://ibb.co access-control-allow-credentials true timing-allow-origin * content-length 23 x-amz-cf-id U1Er8nLI4UyJnQYIqJH-cHwUt0JBGtndDD79Y6qaho_ik-ZHnqfA7g==
GET H2	200	cc.jpeg px.vliplatform.com/bi-v4/	0 267 B	140ms 135ms	Image image/jpeg	2606:4700:3030::6815:5286 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNeYyaMTtr-TeeP-PeAa-aaTw-MryweTBMaPeBRdzNwqfftkRlmNaKAbaARwlNqdqmgfRkjmNaKAbaARrdzNqdqmgfRwkjNARmNTTTPBARleNplR_yszuNyqsltRedhNgyy Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 00:30:18 GMT cf-cache-status MISS last-modified Tue, 07 Nov 2023 00:30:18 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NoXRpWX1LyB7ZMD0fzcFAs3C7BOki90vd2wrdsCJmaaOO1LjfRHiABB14wjb16H4kw0BQnrmTFJyoqMMXEFcRVUtK0Mp0VDKz17qqG9qwITgdytYJaM5AVd%2FY9AASJ4oeA4Dpn%2Fvvp8rDEHtLsz4gg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=864000, immutable accept-ranges bytes x-robots-tag noindex, nofollow, noarchive, nosnippet cf-ray 82217781b95f3834-FRA content-length 0 alt-svc h3=":443"; ma=86400
GET H2	200	cc.jpeg px.vliplatform.com/bi-v4/	0 269 B	139ms 135ms	Image image/jpeg	2606:4700:3030::6815:5286 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNBTUyKZBK-BBZt-PYBr-qYTt-AryrrAZwMaUYRdzNwqfftkRlmNKYMbaARwlNqdqmgfRkjmNKYMbaARrdzNqdqmgfRwkjNARmNTTTPBARleNplR_yszuNyqsltRedhNgyy Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 00:30:18 GMT cf-cache-status MISS last-modified Tue, 07 Nov 2023 00:30:18 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F%2FSgzqhx1f1mS9cfiLIPsipRjDpO2aia8VDZsww7ru%2Booe5P6RTBck1QVrCQ1WD5HyNjcvpt4hqXOq9Vlafa%2FuFszqWjGjUda5j9B1cquGkG77lclQz8x5iTdJJ8%2FYgoXTbSMb1cp2x2a7gtGj9n1Q%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=864000, immutable accept-ranges bytes x-robots-tag noindex, nofollow, noarchive, nosnippet cf-ray 82217781b95e3834-FRA content-length 0 alt-svc h3=":443"; ma=86400
GET H2	200	bid Show response aax.amazon-adsystem.com/e/dtb/	23 B 456 B	45ms 45ms	XHR text/javascript	18.66.96.174 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fibb.co%2FXpNHLfM&pr=https%3A%2F%2Ft.co%2F&pid=5nBkN4066Og1F&cb=3&ws=1600x1200&v=23.1027.1921&t=1500&slots=%5B%7B%22sd%22%3A%22vi_2215494532_1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A94532%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!pubpower.io%2C467%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22no-cmp%22%7D Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.96.174 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-96-174.fra56.r.cloudfront.net Software Server / Resource Hash 1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3 Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 00:30:17 GMT strict-transport-security max-age=47474747; includeSubDomains; preload via 1.1 03ffca0f67e3596b9a0c92342fe91598.cloudfront.net (CloudFront) server Server x-amz-cf-pop FRA56-P2 x-amz-rid E4C4Q79KRWNDDQJ91EEX vary Accept-Encoding,User-Agent x-cache Miss from cloudfront content-type text/javascript;charset=UTF-8 access-control-allow-origin https://ibb.co access-control-allow-credentials true timing-allow-origin * content-length 23 x-amz-cf-id 9xXyuUmkAKaMBTIi7mJgHOrM4-FsuoRkG0_QMgyrPvpxCzvHtDzHAQ==
GET H2	200	1679645040.png assets.vlitag.com/widget/2023/03/24/	98 KB 99 KB	18ms 15ms	Image image/webp	2606:4700:10::ac43:15e3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.vlitag.com/widget/2023/03/24/1679645040.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c43f2cfd502f8404bf58060207dfd8294ad0c7f1bc08e69db75713552f915795 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 00:30:17 GMT cf-cache-status HIT age 597391 cf-polished origFmt=png, origSize=323185 content-disposition inline; filename="1679645040.webp" alt-svc h3=":443"; ma=86400 content-length 100856 cf-bgj imgq:85,h2pri last-modified Fri, 24 Mar 2023 08:04:00 GMT server cloudflare etag "641d5970-4ee71" vary Accept content-type image/webp cache-control max-age=16070400 accept-ranges bytes cf-ray 8221778218842bf3-FRA expires Tue, 24 Oct 2023 16:22:00 GMT
GET H2	200	1648753545.jpg assets.vlitag.com/widget/2022/03/31/	97 KB 97 KB	25ms 23ms	Image image/webp	2606:4700:10::ac43:15e3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.vlitag.com/widget/2022/03/31/1648753545.jpg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 191a98003e98b429276e8f3daefd3849a1603a4ddee78efc0168ba41a131a5bb Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 00:30:17 GMT cf-cache-status HIT age 408105 cf-polished qual=85, origFmt=jpeg, origSize=133932 content-disposition inline; filename="1648753545.webp" alt-svc h3=":443"; ma=86400 content-length 99048 cf-bgj imgq:85,h2pri last-modified Thu, 31 Mar 2022 19:05:45 GMT server cloudflare etag "6245fb89-20b2c" vary Accept content-type image/webp cache-control max-age=16070400 accept-ranges bytes cf-ray 8221778218852bf3-FRA expires Wed, 04 Oct 2023 08:20:21 GMT
GET H2	200	1572962830.jpg assets.vlitag.com/widget/2019/11/05/	170 KB 171 KB	24ms 22ms	Image image/jpeg	2606:4700:10::ac43:15e3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.vlitag.com/widget/2019/11/05/1572962830.jpg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a24a1cdd313ab6fa435e1a0f9f4f0395f864a11c9a5ff9610beafe91548d1a8d Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 00:30:17 GMT cf-cache-status HIT age 417136 cf-polished degrade=85, origSize=227959, status=webp_bigger alt-svc h3=":443"; ma=86400 content-length 174276 cf-bgj imgq:85,h2pri last-modified Tue, 05 Nov 2019 14:07:11 GMT server cloudflare etag "5dc1820f-37a77" vary Accept-Encoding content-type image/jpeg cache-control max-age=16070400 accept-ranges bytes cf-ray 8221778218892bf3-FRA expires Wed, 01 Nov 2023 15:47:05 GMT
GET H2	200	1592801729.jpg assets.vlitag.com/widget/2020/06/22/	74 KB 74 KB	18ms 17ms	Image image/webp	2606:4700:10::ac43:15e3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.vlitag.com/widget/2020/06/22/1592801729.jpg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b8341f341848ee9eec71870d976b0895ef1084190c2e0b0349d2ba1c9b9ef64e Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 00:30:17 GMT cf-cache-status HIT age 2642431 cf-polished qual=85, origFmt=jpeg, origSize=103053 content-disposition inline; filename="1592801729.webp" alt-svc h3=":443"; ma=86400 content-length 75514 cf-bgj imgq:85,h2pri last-modified Mon, 22 Jun 2020 04:55:29 GMT server cloudflare etag "5ef039c1-1928d" vary Accept content-type image/webp cache-control max-age=16070400 accept-ranges bytes cf-ray 82217782188a2bf3-FRA expires Thu, 05 Oct 2023 05:40:00 GMT
GET H2	200	1572962870.jpg assets.vlitag.com/widget/2019/11/05/	107 KB 107 KB	26ms 25ms	Image image/webp	2606:4700:10::ac43:15e3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.vlitag.com/widget/2019/11/05/1572962870.jpg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 45fe766308841d0d4a2068ef014d83df899ef6623f6bb4bde509431657b1c707 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 00:30:17 GMT cf-cache-status HIT age 2642431 cf-polished qual=85, origFmt=jpeg, origSize=151033 content-disposition inline; filename="1572962870.webp" alt-svc h3=":443"; ma=86400 content-length 109336 cf-bgj imgq:85,h2pri last-modified Tue, 05 Nov 2019 14:07:50 GMT server cloudflare etag "5dc18236-24df9" vary Accept content-type image/webp cache-control max-age=16070400 accept-ranges bytes cf-ray 82217782288b2bf3-FRA expires Thu, 05 Oct 2023 12:36:18 GMT
GET H2	200	1596163502.jpg assets.vlitag.com/widget/2020/07/30/	104 KB 105 KB	21ms 20ms	Image image/webp	2606:4700:10::ac43:15e3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.vlitag.com/widget/2020/07/30/1596163502.jpg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5db53bf6a77148dae0aece6b6512e4a6bf94603af72e449a0f23ed03e8b96ff3 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 00:30:17 GMT cf-cache-status HIT age 503332 cf-polished qual=85, origFmt=jpeg, origSize=140376 content-disposition inline; filename="1596163502.webp" alt-svc h3=":443"; ma=86400 content-length 106784 cf-bgj imgq:85,h2pri last-modified Fri, 31 Jul 2020 02:45:02 GMT server cloudflare etag "5f2385ae-22458" vary Accept content-type image/webp cache-control max-age=16070400 accept-ranges bytes cf-ray 82217782288d2bf3-FRA expires Tue, 24 Oct 2023 19:35:41 GMT
GET H2	200	cc.jpeg px.vliplatform.com/bi-v4/	0 275 B	137ms 137ms	Image image/jpeg	2606:4700:3030::6815:5286 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNaeAZMZAU-yAAt-PwZU-wate-ePtTKUrYtMUtRdzNwqfftkRlmNBAAbYZARwlNqdqmgfRkjmNBAAbYZARrdzNqdqmgfRwkjNARmNaPZBYRleNplR_yszuNyqsltRedhNgyy Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 00:30:18 GMT cf-cache-status MISS last-modified Tue, 07 Nov 2023 00:30:18 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bno3KoFXZQ93u0wk8lqC22%2FIYVJGnRICOvQFsWBiH0JiZIqgsUY%2F4YC%2FKH3FAH4m5t2CCIZjWdrCyXU8C%2Fv%2BrBfgPb8nEgQ0x4hltsDF%2FIRWzQqqXmHVoMAELnuqgpa26z2IzHabBIZBxRhaw3K5SQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=864000, immutable accept-ranges bytes x-robots-tag noindex, nofollow, noarchive, nosnippet cf-ray 82217782199a3834-FRA content-length 0 alt-svc h3=":443"; ma=86400
GET H3	206	videoplayback r4---sn-5go7ynld.googlevideo.com/ Redirect Chain https://media.vlitag.com/vid/?id=6Fk_i-JDmbY&t=y https://redirector.googlevideo.com/videoplayback?expire=1699338260&ei=tINJZbnaDMqQsfIPi-Cy8Ag&ip=184.164.141.146&id=o-AGzMjlyPtl3sh-T5Zsj2PREhpJW9sZOdn1PuDiI6GuXe&itag=18&source=youtube&requiressl=... https://r4---sn-5go7ynld.googlevideo.com/videoplayback?expire=1699338260&ei=tINJZbnaDMqQsfIPi-Cy8Ag&ip=184.164.141.146&id=o-AGzMjlyPtl3sh-T5Zsj2PREhpJW9sZOdn1PuDiI6GuXe&itag=18&source=youtube&requi...	279 KB 0	111ms 39ms	Media video/mp4	2a00:1450:400f:3::9 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://r4---sn-5go7ynld.googlevideo.com/videoplayback?expire=1699338260&ei=tINJZbnaDMqQsfIPi-Cy8Ag&ip=184.164.141.146&id=o-AGzMjlyPtl3sh-T5Zsj2PREhpJW9sZOdn1PuDiI6GuXe&itag=18&source=youtube&requiressl=yes&spc=UWF9f_c0GHhL4qrjfNXVrCkJ3e_1dmniFeoRXf3RhQ&vprv=1&svpuc=1&mime=video%2Fmp4&ns=EAYK6z4TqoMigzyfx6F19W4P&cnr=14&ratebypass=yes&dur=200.968&lmt=1685781175523295&fexp=24007246&beids=24350018&c=WEB&txp=6219224&n=Vm3PtDAAe-D_uz&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=ANLwegAwRQIgdg0CJmVNYwX_Is4p2rDzxHCnade7fhrImfZhEqcanLcCIQDfoaPqRxvfOf-zIWMObl8si_wIstQ5GmLETUq-gx2qSg%3D%3D&cms_redirect=yes&mh=d6&mip=2a00:c98:2050:a007:2::14&mm=31&mn=sn-5go7ynld&ms=au&mt=1699316699&mv=m&mvi=4&pl=60&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AM8Gb2swRQIhALXqnpZVcTWfx-7w-wPtRxfYwML2PS_vgoDh6MxNdDNwAiAXJwTkBQHVO561rBAvgE03BpOQYOE7xfDgw5Wso4Vxkw%3D%3D Protocol H3 Server 2a00:1450:400f:3::9 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software gvs 1.0 / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers client-protocol quic date Tue, 07 Nov 2023 00:30:18 GMT x-content-type-options nosniff last-modified Sat, 03 Jun 2023 08:32:55 GMT server gvs 1.0 vary Origin content-type video/mp4 Content-Range bytes 0-14185952/14185953 cache-control private, max-age=20942 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46" Content-Length 14185953 expires Tue, 07 Nov 2023 00:30:18 GMT Redirect headers pragma no-cache date Tue, 07 Nov 2023 00:30:18 GMT x-content-type-options nosniff server ClientMapServer x-frame-options SAMEORIGIN content-type text/html; charset=UTF-8 location https://r4---sn-5go7ynld.googlevideo.com/videoplayback?expire=1699338260&ei=tINJZbnaDMqQsfIPi-Cy8Ag&ip=184.164.141.146&id=o-AGzMjlyPtl3sh-T5Zsj2PREhpJW9sZOdn1PuDiI6GuXe&itag=18&source=youtube&requiressl=yes&spc=UWF9f_c0GHhL4qrjfNXVrCkJ3e_1dmniFeoRXf3RhQ&vprv=1&svpuc=1&mime=video%2Fmp4&ns=EAYK6z4TqoMigzyfx6F19W4P&cnr=14&ratebypass=yes&dur=200.968&lmt=1685781175523295&fexp=24007246&beids=24350018&c=WEB&txp=6219224&n=Vm3PtDAAe-D_uz&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=ANLwegAwRQIgdg0CJmVNYwX_Is4p2rDzxHCnade7fhrImfZhEqcanLcCIQDfoaPqRxvfOf-zIWMObl8si_wIstQ5GmLETUq-gx2qSg%3D%3D&cms_redirect=yes&mh=d6&mip=2a00:c98:2050:a007:2::14&mm=31&mn=sn-5go7ynld&ms=au&mt=1699316699&mv=m&mvi=4&pl=60&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AM8Gb2swRQIhALXqnpZVcTWfx-7w-wPtRxfYwML2PS_vgoDh6MxNdDNwAiAXJwTkBQHVO561rBAvgE03BpOQYOE7xfDgw5Wso4Vxkw%3D%3D cache-control no-cache, must-revalidate alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1260 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	adtag.js Show response dsp.vlitag.com/js/v1/ Frame E2A7	102 KB 26 KB	35ms 21ms	Script application/javascript	2606:4700:10::ac43:15e3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dsp.vlitag.com/js/v1/adtag.js Requested by Host: services.vlitag.com URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 44d1c878ee2c022361cfcae57d526f0c92c2c42f553973579c07fcebeac26502 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 00:30:18 GMT content-encoding br cf-cache-status HIT cf-bgj minify server cloudflare age 138 cf-polished origSize=104022 etag W/"2023-10-17T03:40:56" vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control public, max-age=300, stale-while-revalidate=3600 x-robots-tag noindex, nofollow, noarchive, nosnippet cf-ray 8221778298d12bf3-FRA alt-svc h3=":443"; ma=86400
GET H3	200	pubcid.min.js Show response cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/	732 B 1 KB	36ms 18ms	Script application/javascript	2606:4700::6810:5814 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 00:30:18 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 30103 x-jsd-version master content-encoding br x-cache HIT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-served-by cache-fra-eddf8230066-FRA x-jsd-version-type branch server cloudflare etag W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s%2BUlBthub8WrxctnypKWRbC3bgkhpz9EL%2FV8sjLTeuOQDjhvQQBIcm2gkfeoIK%2FxhhD55uj0lCk%2BhndsLg9BI3ierQRo1Gp7ae8tRTUlwDSzKSREzgdMr4hxUD95LGjPJ60UcI3F2blvm9F%2B3VQ%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 timing-allow-origin * cf-ray 822177830bda18da-FRA
GET H2	200	esp.js Show response cdn.id5-sync.com/api/1.0/	143 KB 31 KB	60ms 20ms	Script text/javascript	2606:4700:10::ac43:266a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.id5-sync.com/api/1.0/esp.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash af1a77e7360b28cb730e0f5e56566b51a4d620f2cc411f8e32e5581ddf546e09 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 00:30:18 GMT strict-transport-security max-age=15552000; includeSubDomains; preload content-encoding gzip cf-cache-status HIT last-modified Mon, 06 Nov 2023 12:11:14 GMT server cloudflare x-amz-request-id TJ45015RSNCT8XS4 age 1902 etag W/"a8dc95d1ffeb5ca5c8e29b69dd9f17dd" x-amz-server-side-encryption AES256 vary Accept-Encoding content-type text/javascript;charset=utf-8 cache-control public, max-age=3600 cf-ray 82217783386f1cc1-FRA x-amz-id-2 8HKwwTxg/1F/JqCMTJh235YbAZfTGe5hwz1+duGPU70eCTGM5n7FfxPUplcEAu9e9bMexhzUzPi7v6Vh/LWhmg==
GET H2	200	publishertag.ids.js Show response static.criteo.net/js/ld/	42 KB 13 KB	63ms 19ms	Script text/javascript	2a02:2638:3::3 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/js/ld/publishertag.ids.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 00:30:18 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Fri, 27 Oct 2023 06:43:26 GMT server nginx etag W/"653b5c0e-a9a7" content-type text/javascript access-control-allow-origin * cache-control max-age=86400, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Wed, 08 Nov 2023 00:30:18 GMT
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	181 KB 51 KB	374ms 367ms	Fetch text/plain	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=530399455745623&correlator=2909239870742207&eid=31079470%2C44807747%2C31079468&output=ldjh&gdfp_req=1&vrg=202310310101&ptt=17&impl=fifs&iu_parts=21724377464%3A22155214454%2Cibb.co_vli111431&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&fsfs=1&ists=1&fas=8&fsapi=1&ifs=%5B%5B%5B2%2C1%5D%5D%5D&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1699317018054&lmt=1699317018&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fibb.co%2FXpNHLfM&ref=https%3A%2F%2Ft.co%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1754093970.1699317018&ga_sid=1699317018&ga_hid=1429802189&ga_fc=false&a3p=EhkKCnB1YmNpZC5vcmcYwdu_uboxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGMLbv7m6MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Ywtu_uboxSABSAghk&dlt=1699317017173&idt=837&prev_scp=vli_adslot%3D111431%26vli_acc%3D152media%26vli_adtype%3Ddisplay%26hb_width%3D336%26hb_height%3D280%26vli_sf%3D1%26vli_slot%3Dvi_22154111431_banner%26pw_tagid%3D111431%26pw_network%3Dtrue%26vli_ad_type%3Dpassback%26pw_pb%3D0.01&cust_params=hb_domain%3Dibb.co&adks=988992857&frm=20 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9f99b23708e8387cc15dec04ff07dbb1e5e23a3d3ffe3f22ba5add193a040e50 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 00:30:18 GMT content-encoding br x-content-type-options nosniff observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 52075 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://ibb.co cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	cc.jpeg px.vliplatform.com/bi-v4/	0 271 B	140ms 133ms	Image image/jpeg	2606:4700:3030::6815:5286 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNqwtZZTZq-aKwT-PZwy-wPqZ-tKMeeawAMtwKRdzNwqfftkRwlNqrb_TZYdtroqRkjmNBYAbPMA,BBUbYMA,BAAbYZARrdzNuggustRwkjNTRmNTTTPBTRleNplR_yszuNyqsltRedhNgyy Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 00:30:18 GMT cf-cache-status MISS last-modified Tue, 07 Nov 2023 00:30:18 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vOica8adDnI2HLvHcPmYMOTA5YHf%2FPKyNVaeaz3LK64ELCkGZ%2FrHx90HTyvd6MQpie5ar5NsB8saP2PrfukJHCRA%2BZI1Y9OLinbiCxPNPfQXNzU%2BYH2zuOez0kYTbFIaxMsqyUBoX63zLeFlY9TT0Q%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=864000, immutable accept-ranges bytes x-robots-tag noindex, nofollow, noarchive, nosnippet cf-ray 82217782fa193834-FRA content-length 0 alt-svc h3=":443"; ma=86400
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/	16 KB 12 KB	74ms 29ms	XHR application/json	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310310101&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 6f01f56daf9adc23005f3b39cdf46b2e2997acce4714ea5f728a38d5262b8e13 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 00:30:18 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12294 x-xss-protection 0
GET H2	200	container.html Show response 360c05391acf73760fa897b7cd7ff680.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6D40	6 KB 3 KB	111ms 22ms	Document text/html	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://360c05391acf73760fa897b7cd7ff680.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ibb.co/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Tue, 07 Nov 2023 00:30:18 GMT expires Wed, 06 Nov 2024 00:30:18 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	pubads_impl_page_level_ads.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/	39 KB 13 KB	30ms 27ms	Script text/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl_page_level_ads.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash f7b8af9b735073ec39e38018ae49ba7396286cd7e2cb2c4d457885ff41ad755f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Mon, 06 Nov 2023 15:07:59 GMT content-encoding br x-content-type-options nosniff age 33739 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13740 x-xss-protection 0 server cafe etag 11733316767131186006 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 timing-allow-origin * expires Tue, 05 Nov 2024 15:07:59 GMT
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	24 KB 11 KB	266ms 266ms	Fetch text/plain	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=530399455745623&correlator=3564962802185248&eid=31079470%2C44807747%2C31079468&output=ldjh&gdfp_req=1&vrg=202310310101&ptt=17&impl=fifs&iu_parts=21724377464%3A22155214454%2Cibb.co_vli111430&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90&ifi=2&sfv=1-0-40&fsfs=1&ifs=%5B%5B%5B2%2C1%5D%5D%5D&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1699317018110&lmt=1699317018&adxs=436&adys=1226&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fibb.co%2FXpNHLfM&ref=https%3A%2F%2Ft.co%2F&vis=1&psz=1600x-1&msz=728x-1&fws=512&ohw=0&ga_vid=1754093970.1699317018&ga_sid=1699317018&ga_hid=1429802189&ga_fc=false&a3p=EhkKCnB1YmNpZC5vcmcYwdu_uboxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGMLbv7m6MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Ywtu_uboxSABSAghk&dlt=1699317017173&idt=837&prev_scp=vli_adslot%3D111430%26vli_acc%3D152media%26vli_adtype%3Ddisplay%26hb_width%3D970%26hb_height%3D90%26pw_tagid%3D111430%26vli_sf%3D1%26pw_network%3Dtrue%26vli_ad_type%3Dpassback%26pw_pb%3D0.01&cust_params=hb_domain%3Dibb.co&adks=3672933460&frm=20 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 61c1c3a8d0f93e8dcc2b73ef4d0e6e0a565898fe7d15c1ac3208dfe2d64fa1d1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 00:30:18 GMT content-encoding br x-content-type-options nosniff observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11128 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://ibb.co cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	cc.jpeg px.vliplatform.com/bi-v4/	0 533 B	134ms 134ms	Image image/jpeg	2606:4700:3030::6815:5286 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNYPZeTrya-wAeT-Perq-qMet-YAMTMUAPrYYaRdzNwqfftkRwlNqrb_TZYdtroqRkjmNKYMbaA,aKAbaARrdzNuggustRwkjNTRmNTTTPBARleNplR_yszuNyqsltRedhNgyy Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 00:30:18 GMT cf-cache-status MISS last-modified Tue, 07 Nov 2023 00:30:18 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A9GoEdA%2FvdP8cTuP0Wk1iw2x0lMfWQE%2FeeRkmdsKcW4%2FJkPofwzsRbqGV38E5VFlQ1cQVYnkyk3bmh4LeRSjI6b9qRLQZj97Jsi2keM49OsPuwoAZQeJRbhzIzdWHZEYjcv0xBQhdpMF6B8WyHQqQw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=864000, immutable accept-ranges bytes x-robots-tag noindex, nofollow, noarchive, nosnippet cf-ray 82217783380c1c38-FRA content-length 0 alt-svc h3=":443"; ma=86400
GET H2	200	bidding Show response adsystem.pocpoc.io/adv/v1/ Frame E2A7	2 B 587 B	169ms 136ms	XHR application/json	2606:4700:20::681a:fa7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://adsystem.pocpoc.io/adv/v1/bidding?dv=desktop&dm=ibb.co&tid=VLI1-94532&sz=1&asz=300x250&at=native,banner Requested by Host: dsp.vlitag.com URL: https://dsp.vlitag.com/js/v1/adtag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:fa7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 00:30:18 GMT cf-cache-status BYPASS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 content-length 2 pragma no-cache server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T9JXDCasWp9koKiyL7vjg03M2SsQfqbp6MGN82cFAKlb3Zlqg2PlRXH5NN3DO9ZrolFOxoYcg9FvW3wpS5xn33d%2BXgjtCErocWaCBRK47TZcy68dHOFcGMguBnOdpqokn5021BYTy%2FZBz13DaDry%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 access-control-allow-origin https://ibb.co cache-control no-cache, no-store, must-revalidate accept-ranges bytes x-robots-tag noindex, nofollow, noarchive, nosnippet cf-ray 822177839be8907c-FRA expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	tfa.jpeg px.pocpoc.io/v1/ Frame E2A7	0 524 B	173ms 137ms	Image image/jpeg	2606:4700:20::681a:fa7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://px.pocpoc.io/v1/tfa.jpeg?e=rtNrtl0zghRzdNPAPMMqqA-ZwwU-PZwU-wyUq-MyZMeBeZrYrMRrdNowwGegRzorNcsoT-aPZBYRleNpl Requested by Host: ibb.co URL: https://ibb.co/XpNHLfM Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:fa7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 00:30:18 GMT cf-cache-status MISS last-modified Tue, 07 Nov 2023 00:30:18 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oMZT2iITnTkLppRxFGxb4NjR2GKSalxEOijZqU%2B2jhZbREz%2FUDOTyNTSzDyhgWUOy7ocUW0eDpb44W8Xv9PN7rM0E%2FICP8%2FbXwCNABDDE0ACwXfNfAox8qp%2Bqm%2B9bcAVv9UQzLshMMtw3w%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, immutable, max-age=864000 accept-ranges bytes x-robots-tag noindex, nofollow, noarchive, nosnippet cf-ray 822177839d9b39c7-FRA content-length 0 alt-svc h3=":443"; ma=86400
GET H2	200	syncframe Show response gum.criteo.com/ Frame AD54	15 KB 6 KB	45ms 15ms	Document text/html	2a02:2638:3::c ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=ibb.co Requested by Host: static.criteo.net URL: https://static.criteo.net/js/ld/publishertag.ids.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://ibb.co/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control private, max-age=3600 content-encoding gzip content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Tue, 07 Nov 2023 00:30:17 GMT server Kestrel server-processing-duration-in-ticks 345256 strict-transport-security max-age=31536000; preload; vary Accept-Encoding
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 7 KB	77ms 25ms	Script text/javascript	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 00:30:18 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Tue, 07 Nov 2023 00:30:18 GMT
GET H2	204	increment Show response id5-sync.com/api/esp/	0 222 B	72ms 21ms	XHR text/plain	162.19.138.119 OVH
General Check archive.org Show headers Download Go to Full URL https://id5-sync.com/api/esp/increment?counter=no-config Requested by Host: cdn.id5-sync.com URL: https://cdn.id5-sync.com/api/1.0/esp.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR), Reverse DNS ns31533570.ip-162-19-138.eu Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Referer https://ibb.co/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://ibb.co date Tue, 07 Nov 2023 00:30:17 GMT strict-transport-security max-age=63072000; includeSubDomains; preload access-control-allow-credentials true vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
GET H2	200	sid Show response mug.criteo.com/ Frame AD54 Redirect Chain https://gum.criteo.com/sid/json?origin=publishertagids&domain=ibb.co&sn=ChromeSyncframe&so=0&topUrl=ibb.co&cw=1&lsw=1&topicsavail=0&fledgeavail=0 https://mug.criteo.com/sid?cpp=aulTK3w0VmM2dDZLVHBWajZtRTA0MVYzYU42bGhOaGtFTjdFNm5selZ5K2tYMGp0ZjhHbWlCUDIvODhGMEE0TzBCWWJGMnQrRmZiQ3g4SjR2LzNlVkc1REcrSjZkYmcvdmNzcjZEb3FQekdZTzAva2FwcExiQTJvbityN1...	428 B 668 B	18ms 15ms	Fetch application/json	2a02:2638:3::c ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://mug.criteo.com/sid?cpp=aulTK3w0VmM2dDZLVHBWajZtRTA0MVYzYU42bGhOaGtFTjdFNm5selZ5K2tYMGp0ZjhHbWlCUDIvODhGMEE0TzBCWWJGMnQrRmZiQ3g4SjR2LzNlVkc1REcrSjZkYmcvdmNzcjZEb3FQekdZTzAva2FwcExiQTJvbityN1lLVGhVei9JQWRucXhPQ2VqbnRwL1JsSjNIajhlQzlrYnFjMkRaeTRmWjFPeHpQKzNGUHhnWkhLeFFxVmRNVjZsMVcrdnE2ZGN4OE1QSG5Sbi9wVTBOK1RZekk5cGptN0tpTGVhbVZ6a2h5U0Yva241V0ZYd09QVkt4VE5pY0NpSU5LOUxlNWtCZnBVQnZxdG5TaG5zOFk5L0RLYklhZz09fA&cppv=2 Protocol H2 Server 2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 3846543dca45a383d6210f6edb5e43ac53e3bf3e5faf56de8f7bfc86acd67f14 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://gum.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Tue, 07 Nov 2023 00:30:17 GMT strict-transport-security max-age=31536000; preload; content-encoding gzip server Kestrel vary Accept-Encoding access-control-allow-methods GET content-type application/json; charset=utf-8 access-control-allow-origin https://gum.criteo.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 1130220 expires 0 Redirect headers pragma no-cache date Tue, 07 Nov 2023 00:30:17 GMT strict-transport-security max-age=31536000; preload; server Kestrel location https://mug.criteo.com/sid?cpp=aulTK3w0VmM2dDZLVHBWajZtRTA0MVYzYU42bGhOaGtFTjdFNm5selZ5K2tYMGp0ZjhHbWlCUDIvODhGMEE0TzBCWWJGMnQrRmZiQ3g4SjR2LzNlVkc1REcrSjZkYmcvdmNzcjZEb3FQekdZTzAva2FwcExiQTJvbityN1lLVGhVei9JQWRucXhPQ2VqbnRwL1JsSjNIajhlQzlrYnFjMkRaeTRmWjFPeHpQKzNGUHhnWkhLeFFxVmRNVjZsMVcrdnE2ZGN4OE1QSG5Sbi9wVTBOK1RZekk5cGptN0tpTGVhbVZ6a2h5U0Yva241V0ZYd09QVkt4VE5pY0NpSU5LOUxlNWtCZnBVQnZxdG5TaG5zOFk5L0RLYklhZz09fA&cppv=2 cache-control no-cache, no-store, must-revalidate server-processing-duration-in-ticks 249458 content-length 0 expires 0
GET H2	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame 074C	13 KB 5 KB	16ms 13ms	Document text/html	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ibb.co/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 8726 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Mon, 06 Nov 2023 22:04:52 GMT expires Tue, 05 Nov 2024 22:04:52 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	aframe Show response www.google.com/recaptcha/api2/ Frame C9EA	829 B 1 KB	62ms 23ms	Document text/html	2a00:1450:4001:831::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 6f48727c207afa5f83b71a5b84ff6bedbeb0ca4b7f05fd5493bb3deba4f09dd7 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-NGIUyDghpQwnXfGLx_9urg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://ibb.co/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-NGIUyDghpQwnXfGLx_9urg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Tue, 07 Nov 2023 00:30:18 GMT expires Tue, 07 Nov 2023 00:30:18 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H2	200	creative.min.js Show response static.vliplatform.com/plugins/pbnative/ Frame E2A7	36 KB 9 KB	24ms 15ms	Script application/javascript	2606:4700:3030::6815:5286 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.vliplatform.com/plugins/pbnative/creative.min.js?v=1.05 Requested by Host: dsp.vlitag.com URL: https://dsp.vlitag.com/js/v1/adtag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 03a4b8eeed06bd5b9c5a4a3f160407a0417175cc2068df1a2a37b67b821c0e8c Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 00:30:18 GMT content-encoding br cf-cache-status HIT last-modified Tue, 29 Aug 2023 09:09:42 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 658593 etag W/"64edb5d6-8eb1" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=POT%2FFwB6dSzUsWXC9n2Mp0ovx9iGdCwhMe06LymlDD%2BSGWvn57RaRO5OhDbLqMFeycy7B566%2BbAzMxik%2B1HePv06UA%2F5DHWRJ3eh%2BBTDNg0WfCxrXS%2BC2ZUG1qfGl42YNVzTmBa%2F4VsYAqRkoqpoSNTcZUc%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=31536000 cf-ray 822177848b113834-FRA alt-svc h3=":443"; ma=86400 expires Mon, 30 Oct 2023 10:03:45 GMT
GET H3	200	4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js Show response pagead2.googlesyndication.com/bg/ Frame 074C	38 KB 15 KB	43ms 13ms	Script text/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Mon, 06 Nov 2023 20:13:02 GMT content-encoding br x-content-type-options nosniff age 15436 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15096 x-xss-protection 0 last-modified Tue, 31 Oct 2023 13:58:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 05 Nov 2024 20:13:02 GMT
GET H2	200	platforms Show response odb.outbrain.com/utils/ Frame E2A7	4 KB 3 KB	370ms 174ms	XHR application/json	146.75.118.132 FASTLY
General Check archive.org Show headers Download Go to Full URL https://odb.outbrain.com/utils/platforms?contentUrl=https://ibb.co/XpNHLfM&widgetJSId=APP_1&key=INTER1JBG3BD8Q2B763PIB4G3&idx=0&format=vjnc&cors=true&extid=vli-94532 Requested by Host: static.vliplatform.com URL: https://static.vliplatform.com/plugins/pbnative/creative.min.js?v=1.05 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 146.75.118.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 3a149923b43238d06275998f818444288f585ba80a1d1ea3445546038fee6dd9 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers x-cache-hits 0, 0 date Tue, 07 Nov 2023 00:30:18 GMT content-encoding br via 1.1 varnish, 1.1 varnish traffic-path NYDC1, LGA, FRA, Europe1 x-cache MISS, MISS x-traceid cf40acc7ed4638769029bb180b6bd788 content-length 2741 x-served-by cache-lga21922-LGA, cache-fra-eddf8230049-FRA x-timer S1699317019.538731,VS0,VE166 vary Accept-Encoding, User-Agent content-type application/json; charset=UTF-8 access-control-allow-origin https://ibb.co access-control-allow-credentials true accept-ranges bytes expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	container.html Show response 360c05391acf73760fa897b7cd7ff680.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 09F0	6 KB 3 KB	27ms 14ms	Document text/html	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://360c05391acf73760fa897b7cd7ff680.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ibb.co/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Tue, 07 Nov 2023 00:30:18 GMT expires Wed, 06 Nov 2024 00:30:18 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	cc.jpeg px.vliplatform.com/imp-v4/	0 499 B	133ms 133ms	Image image/jpeg	2606:4700:3030::6815:5286 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://px.vliplatform.com/imp-v4/cc.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNPAatBeKw-rPaT-PMMe-qewe-BPeZTKYwYerwRqxeNRwNqrb_TZYdtroqRhNARlmNxfrtyoftrbxfrtyoftrRdzNwqfftkRrdzNuggustRwkhNzkxtRmNTTTPBARleNplR_yszuNyqsltRedhNgyy Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 00:30:18 GMT cf-cache-status MISS last-modified Tue, 07 Nov 2023 00:30:18 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OIEDmfwg%2BAHJPqhtm69YbnPL1TITGCp2V%2B8gQMJtvonv4Z9ZfKtE03LnT%2BlNY5zdB1HqQ7%2FCpOutLaaaaKbL7PvPj82Ijsi2g1dZMgN16uIfvgcekr6AMUg87yuilViQqhrtXoge%2FDbwLpDJBaDSIQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=864000, immutable accept-ranges bytes x-robots-tag noindex, nofollow, noarchive, nosnippet cf-ray 8221778529cc1c38-FRA content-length 0 alt-svc h3=":443"; ma=86400
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame 074C	0 10 B	15ms 15ms	Image text/plain	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?J-XCJA Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 00:30:18 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	container.html Show response 360c05391acf73760fa897b7cd7ff680.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6851	6 KB 3 KB	24ms 15ms	Document text/html	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://360c05391acf73760fa897b7cd7ff680.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ibb.co/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Tue, 07 Nov 2023 00:30:18 GMT expires Wed, 06 Nov 2024 00:30:18 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame EB7F	624 B 672 B	67ms 27ms	Document text/html	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNXfmMb34c_cnHYHdn6v9wM8Ne3lwLnsyc7k8ws1ZDEyBUyRDxNDosWjdSfSRlI3gg18jK6uDIJeDDg2Z87f3B9n66YCn2mxVfHH7dT1vkrtl50IvYWwK2BB421HqJtU9dFNmf70QXbVYmUS5DjNVS67xr1f39_iFT58du5Az5QJGbtubIc Requested by Host: 360c05391acf73760fa897b7cd7ff680.safeframe.googlesyndication.com URL: https://360c05391acf73760fa897b7cd7ff680.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://360c05391acf73760fa897b7cd7ff680.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 222 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 07 Nov 2023 00:30:18 GMT expires Tue, 07 Nov 2023 00:30:18 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	dv3.js Show response pagead2.googlesyndication.com/pagead/js/ Frame 09F0	89 KB 31 KB	43ms 41ms	Script text/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/dv3.js Requested by Host: 360c05391acf73760fa897b7cd7ff680.safeframe.googlesyndication.com URL: https://360c05391acf73760fa897b7cd7ff680.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://360c05391acf73760fa897b7cd7ff680.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 00:30:18 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31491 x-xss-protection 0 server cafe etag 6167930392490353973 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=600 timing-allow-origin * expires Tue, 07 Nov 2023 00:30:18 GMT
GET H3	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame 09F0	42 B 63 B	59ms 57ms	Image image/gif	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BA3ehCpcs6g_kA8H78Nd9-JemMaw098Etd-1PXCxZ8TkgGgmSdbccgzxfPtNWIs4Pg_-t-FX_1m4CjUffVjz9E4HFNrTpPuWoR9jnYuoCHJHXx1dY Requested by Host: 360c05391acf73760fa897b7cd7ff680.safeframe.googlesyndication.com URL: https://360c05391acf73760fa897b7cd7ff680.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://360c05391acf73760fa897b7cd7ff680.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Tue, 07 Nov 2023 00:30:18 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 09F0	0 20 B	58ms 56ms	Image image/gif	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=12595442522985720426&x=1&ct=77 Requested by Host: 360c05391acf73760fa897b7cd7ff680.safeframe.googlesyndication.com URL: https://360c05391acf73760fa897b7cd7ff680.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://360c05391acf73760fa897b7cd7ff680.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Tue, 07 Nov 2023 00:30:18 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/ Frame 09F0	3 KB 1 KB	15ms 14ms	Script text/javascript	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/window_focus_fy2021.js Requested by Host: 360c05391acf73760fa897b7cd7ff680.safeframe.googlesyndication.com URL: https://360c05391acf73760fa897b7cd7ff680.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://360c05391acf73760fa897b7cd7ff680.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Mon, 06 Nov 2023 22:02:22 GMT content-encoding br x-content-type-options nosniff age 8876 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 20 Nov 2023 22:02:22 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/ Frame 09F0	20 KB 8 KB	16ms 14ms	Script text/javascript	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/qs_click_protection_fy2021.js Requested by Host: 360c05391acf73760fa897b7cd7ff680.safeframe.googlesyndication.com URL: https://360c05391acf73760fa897b7cd7ff680.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://360c05391acf73760fa897b7cd7ff680.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Mon, 06 Nov 2023 13:56:36 GMT content-encoding br x-content-type-options nosniff age 38022 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8543 x-xss-protection 0 server cafe etag 18034338113832500900 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 20 Nov 2023 13:56:36 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 09F0	190 KB 60 KB	95ms 22ms	Script text/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: 360c05391acf73760fa897b7cd7ff680.safeframe.googlesyndication.com URL: https://360c05391acf73760fa897b7cd7ff680.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6a67d82954e869f63863c01de1404e74d89722d7774b105176d253292b75b6aa Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://360c05391acf73760fa897b7cd7ff680.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 00:30:18 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 61127 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1699274420466708" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Tue, 07 Nov 2023 00:30:18 GMT
GET H2	200	css2 fonts.googleapis.com/ Frame 6851	4 KB 767 B	23ms 22ms	Stylesheet text/css	2a00:1450:4001:80b::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap Requested by Host: 360c05391acf73760fa897b7cd7ff680.safeframe.googlesyndication.com URL: https://360c05391acf73760fa897b7cd7ff680.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://360c05391acf73760fa897b7cd7ff680.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Tue, 07 Nov 2023 00:30:18 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 07 Nov 2023 00:18:12 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 07 Nov 2023 00:30:18 GMT
GET H2	200	css fonts.googleapis.com/ Frame 0CCA	14 KB 1 KB	24ms 24ms	Stylesheet text/css	2a00:1450:4001:80b::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Requested by Host: t.co URL: https://t.co/HzblRj9eRJ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://360c05391acf73760fa897b7cd7ff680.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Tue, 07 Nov 2023 00:30:18 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 07 Nov 2023 00:14:51 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 07 Nov 2023 00:30:18 GMT
GET H3	200	load_preloaded_resource_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/ Frame 0CCA	2 KB 822 B	16ms 15ms	Script text/javascript	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/load_preloaded_resource_fy2021.js Requested by Host: t.co URL: https://t.co/HzblRj9eRJ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://360c05391acf73760fa897b7cd7ff680.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Mon, 06 Nov 2023 14:05:39 GMT content-encoding br x-content-type-options nosniff age 37479 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 795 x-xss-protection 0 server cafe etag 4925184154378345226 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 20 Nov 2023 14:05:39 GMT
GET H3	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231102/r20110914/ Frame 0CCA	23 KB 9 KB	16ms 15ms	Script text/javascript	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231102/r20110914/abg_lite_fy2021.js Requested by Host: t.co URL: https://t.co/HzblRj9eRJ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 8b1cd2613a5b066023f3aee22ea0cd501c2fb10eccaece8de94114f659c0d61f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://360c05391acf73760fa897b7cd7ff680.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Mon, 06 Nov 2023 13:53:59 GMT content-encoding br x-content-type-options nosniff age 38179 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9286 x-xss-protection 0 server cafe etag 5170786266788330719 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 20 Nov 2023 13:53:59 GMT
GET H2	200	s Show response googleads.g.doubleclick.net/pagead/drt/ Frame 52E3	143 B 383 B	16ms 14ms	Document text/html	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Requested by Host: t.co URL: https://t.co/HzblRj9eRJ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://360c05391acf73760fa897b7cd7ff680.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 380 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=3600 content-encoding gzip content-length 145 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 07 Nov 2023 00:23:58 GMT server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/ Frame 0CCA	3 KB 1 KB	17ms 16ms	Script text/javascript	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/window_focus_fy2021.js Requested by Host: t.co URL: https://t.co/HzblRj9eRJ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://360c05391acf73760fa897b7cd7ff680.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Mon, 06 Nov 2023 22:02:22 GMT content-encoding br x-content-type-options nosniff age 8876 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 20 Nov 2023 22:02:22 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/ Frame 0CCA	20 KB 8 KB	18ms 17ms	Script text/javascript	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/qs_click_protection_fy2021.js Requested by Host: t.co URL: https://t.co/HzblRj9eRJ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://360c05391acf73760fa897b7cd7ff680.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Mon, 06 Nov 2023 13:56:36 GMT content-encoding br x-content-type-options nosniff age 38022 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8543 x-xss-protection 0 server cafe etag 18034338113832500900 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 20 Nov 2023 13:56:36 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 0CCA	190 KB 60 KB	84ms 45ms	Script text/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: t.co URL: https://t.co/HzblRj9eRJ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6a67d82954e869f63863c01de1404e74d89722d7774b105176d253292b75b6aa Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://360c05391acf73760fa897b7cd7ff680.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 00:30:18 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 61127 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1699274420466708" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Tue, 07 Nov 2023 00:30:18 GMT
GET H2	200	ac1dbca482530a26bafc7a8c1241173a.js Show response www.gstatic.com/mysidia/ Frame 0CCA	36 KB 15 KB	68ms 26ms	Script text/javascript	2a00:1450:4001:806::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/ac1dbca482530a26bafc7a8c1241173a.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: t.co URL: https://t.co/HzblRj9eRJ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cddb42bd69440699ae8fe758dac4d5f52911fa67b2a7a637d5d1bcfa2d88b0d3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://360c05391acf73760fa897b7cd7ff680.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Mon, 06 Nov 2023 06:26:06 GMT content-encoding gzip x-content-type-options nosniff age 65052 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15099 x-xss-protection 0 last-modified Wed, 01 Nov 2023 17:23:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Sun, 04 Feb 2024 06:26:06 GMT
GET H3	200	fullscreen_api_adapter_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231102/r20110914/elements/html/ Frame 6851	16 KB 7 KB	18ms 18ms	Script text/javascript	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231102/r20110914/elements/html/fullscreen_api_adapter_fy2021.js Requested by Host: 360c05391acf73760fa897b7cd7ff680.safeframe.googlesyndication.com URL: https://360c05391acf73760fa897b7cd7ff680.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 87cb3f981317ccf5ad632f64e531aa7da8d49571127cfa1f142483a085f89d82 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://360c05391acf73760fa897b7cd7ff680.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Mon, 06 Nov 2023 13:06:54 GMT content-encoding br x-content-type-options nosniff age 41004 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6758 x-xss-protection 0 server cafe etag 15318980762987274547 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 20 Nov 2023 13:06:54 GMT
GET H2	200	feedback_grey600_24dp.png www.gstatic.com/images/icons/material/system/2x/ Frame 6851	205 B 520 B	64ms 30ms	Image image/png	2a00:1450:4001:806::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png Requested by Host: 360c05391acf73760fa897b7cd7ff680.safeframe.googlesyndication.com URL: https://360c05391acf73760fa897b7cd7ff680.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://360c05391acf73760fa897b7cd7ff680.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Sun, 05 Nov 2023 15:16:22 GMT x-content-type-options nosniff age 119636 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 205 x-xss-protection 0 last-modified Thu, 20 Jul 2023 22:48:00 GMT server sffe vary Origin report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Mon, 04 Nov 2024 15:16:22 GMT
GET H2	200	settings_grey600_24dp.png www.gstatic.com/images/icons/material/system/2x/ Frame 6851	604 B 695 B	65ms 30ms	Image image/png	2a00:1450:4001:806::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png Requested by Host: 360c05391acf73760fa897b7cd7ff680.safeframe.googlesyndication.com URL: https://360c05391acf73760fa897b7cd7ff680.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://360c05391acf73760fa897b7cd7ff680.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Fri, 03 Nov 2023 12:18:27 GMT x-content-type-options nosniff age 303111 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 604 x-xss-protection 0 last-modified Thu, 20 Jul 2023 22:48:00 GMT server sffe vary Origin report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Sat, 02 Nov 2024 12:18:27 GMT
GET H3	200	interstitial_ad_frame_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231102/r20110914/elements/html/ Frame 6851	21 KB 9 KB	17ms 14ms	Script text/javascript	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231102/r20110914/elements/html/interstitial_ad_frame_fy2021.js Requested by Host: 360c05391acf73760fa897b7cd7ff680.safeframe.googlesyndication.com URL: https://360c05391acf73760fa897b7cd7ff680.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash bfd4745fee7e2635754df4ff32e620ff7356b538283d881968cf48255db8eebc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://360c05391acf73760fa897b7cd7ff680.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Mon, 06 Nov 2023 18:59:05 GMT content-encoding br x-content-type-options nosniff age 19873 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8785 x-xss-protection 0 server cafe etag 17726888854999048520 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 20 Nov 2023 18:59:05 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame C9EA	0 0	50ms 47ms	Image text/html	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310310101&jk=530399455745623&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 09F0	0 20 B	47ms 47ms	Ping image/gif	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4304786260509&version=m202309260101 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://360c05391acf73760fa897b7cd7ff680.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Tue, 07 Nov 2023 00:30:18 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 09F0	0 20 B	49ms 47ms	Ping image/gif	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4304786260509&version=m202309260101&ct=77&x=1&cor=12595442522985720000 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://360c05391acf73760fa897b7cd7ff680.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Tue, 07 Nov 2023 00:30:18 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame 09F0	16 KB 12 KB	47ms 46ms	Script text/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DtA7N7ZnBsjj8SwvTCpUnHuneZvx20vjXR37Xp57FHyKmul8e5xMkuH11Lu3H96C1beGXaU_XChEyfs3GuRFt11KNN161CMF32wmwFx052Xn8Pf7UCV8QqWTXFKHKvOg6Ew85fDMNbU04V8fAbyiuTH1kru063EZF-4bwlSnSWx2SlmyM&cry=1&dbm_d=AKAmf-BGHMvuDkoND5O7Phj2GF_yknfKWUva10KWzQFuFPFkPUjhKzQ2Ba62WSne1kCrkahzyGJonJHAK2kkHd_UO-3FEbAGCZTDRxgchkmNXHyJO9eRtQqQZm8Y7fh6lVP7dYooIZSCzflhRxnKZrx2X4JnmblxMu2Advv6_JmET-gYQL9TZYn7jNCMnQ3uGkyTWvUIrOXxjBfDfli35x4R6066wml-uzP_-tKtw8jEx-y5Dzx8ttorEflKLPI-HDOn7Kwy_lamwLajmhL2RHEZ4bo-2SZRTePAxLW7GqFA1aBFeMiZVTAerd-9dyVtXGKViKx4nXgNE3O6WO24LOULHRxYbqof0l7AzMcJg9227P7t9Si7-rKOI7wEJhH7ofa1wxA135ETy5c4p91pyHm7oqBdu7m4tHDVJVJ1InPYMsfBNsCHQH0_bm32w6UtcNI6ULPifHn8wp_0-nhT2Q_NPnbnmw1xBjCP1xxlU-9ZEUMRLdZijmLnUBNItrV-Pbx8ClI28cYqrsnX040HkT75EueqQDC9_aX3msHjHUoWhl1yMsHAaTGsq7dHtcVU6Zde0JhdJ098oxGeJby912dng6pSfp3ftF6JsnEMKz2hH_ucf8g_2fZ0t19BruB9VcWIKgArL_9JceltbEVbEdMqV89e1Rbzd7pArsI9ljCb8sghHJYmsbcF2oV2wgmMRbEHKBkFjD23uZMwv-QNf8k_rqi34KkjVkdc4lwLGAnSlna2RY5P7FcvdnJ4TGnMnMVmfDihwtTCHDmMhfNF-e3869epxaeE81eMW02pz8eX3y6wxovZ8UDN2booKbTPZnxVbet745l9NsuVpov3o1D6boeulSQ9Gi3fCxu7iFMETJoH80kDYIvvMJCrAIU4Q1uD9LsvB4E4KReGpJdrl1ZDtQ58ZbCldrRamG6KuQk3nwc94zNXCFVUUOvcTc_98ysnVoCrwPayPS5OnbVgWYs5w0abPLFUqpMdBfFy3JC80aYWW7HzkGczVrpEhxaXBB7gI5z5mrkz5wKf37O2Ry7inqSYLslQq-j8mqIS2lJL9Fc-_82KNjFtaF4BVxPLtmarfc_jvUVp3gcwd8jAzPqTtC2-XjtKtvuSAKrAkRSRFJdFdtMihkE7hv2wN5RScA766Cz7UCR464JVz4vD1w8A1Taj4VJGZrNdA9_krbmJTuylKH7esi4aX0tMKAnlk1Ghe8P1M_eUtIHQTz6yye0N1SudlemSBLOvhmFfXWUutfS2ydXrzZMmDPOpfzxP-hH1LQZU6PKfem1fjMgPUDxodcGLWl5GIRalQKEWI1gejpoiLt7EmWsYnZxD-caTKL9d0APtl47UnEHSkBvOJb5EBu8I4ty2MqD2QsCTMDB--eWb_AQpJ97vx8xYTENNoMFiJpcOYCu1e25z8NsnqikSEN7fraQj0ZAzQ0SxNBT_FzGU-4dZUpMhar6TOADT-e5AtppVMBTMNkknSNgtaRwTm3uMvx62KVChpLm1Pki1pU9GwFwoLbGk8_TXNGrZ9JCExewFFZ07DazituCjsVuKL-Z4TGjYZ2JJaMRfj97FxSHIUcNnMBDfuwjWuw4XFHrkdKvPaTp4b8oo4-qT8iG347Hf9JhErCwzR3S4eHK2da9ywf0mkTWj38-31qskAqkMz5qr7DFC9od-laeO54hSG-3pjf-rD9dDlsnZ7IkChFQkD3w6RE4kGG5mEv2ZQW4m2V5Ohafm90qZhNvLvqXtdfQdXH4Uzg5waKfrJRTqh4K6C5SmIVV0g8GLftrUIkyMt9QTqUgDM5bQZiz29M181GX6MeBM79vVVcdpgz74_-XUFBs2WmEvt27vS3oXnxxT5tfOiBeuoxOiKft3zVgBNjVYFjSvmjy1XeXbt5ib8Y-Rf2firzjrN5_uvn6r0biFZqKMWr8cf1bkmKNruEWVjVPQ3Trzs3x7UZ6ysBqVQVSUVU--cbV_XyMYCplf2ur_HOcMkoiW5MUyEaSSOohEloERCBEUP1XgYumIzT-2BaBnvPYTHZWcjYKuoIND8WcHgmjk6XgEnlSD2G3Mye-pscgeIK4CAQ9kd-k8j7P0LB2preiQQM8l9CFiLSzg0jequ8Yg57R_3xM-2aprO-Hm479i4vMvD7vVhgoEQT8opOZzbpz25dlApfIv-TbjNNjCaUpHL1P3mJXj1XRu3sbb8Mzm_IF73elcFeU-63Ol3JrqY4S-6xp70QZD-u_oCIxuA8CvQPzD6OThpjFmBMb6DKZu-tRMEGzRwQBqgpQOcTHug_lbphY7bGPGin5TaeN62hbswQiqAZxYS5HmHpwuZ2lFwrT5R2QLD3AxMeiLL8oM-QMM14M5jFS2DDEx-qPS-VCyxGj4lnQWseRCLMu4ypDNaSccdqOZKLK__5SP7uYvatNQMw1Ar3d6uUeKFEAl2J_uq-mZTy4LDOqtQ1r_26nWuUzQWu6XQr4yqQJGDIeNwC4ZFlvpuHpMsK8vFHVZhQKGdKxt303saKNXWhUUlAUoclpRo54zCk8CZ4Xs3hedDR3IeUvdmJy3hrhlffDccWJ9w85nZalPci14WCzxV_Qr3keai3APno-TWiQBsdhdaQzmTtFSKrX4MET84gAkSdARzimXEjbBPCeotJHGdyH4HuxRg9kC-e3-5FZro1k4P3yXAddtPh4257XBCPdmxZZAPHHT2YhfP8t7ROjccOLr34Ry4zL1UXealIGo0CQPy9K37vTmKIslq84K6pcvgI8kW766zhtpBR_DbfAAg_IT1VFO5qm9mlJw1Ugg09DIkJ3MOrNr2f3uKvS59eFurPN1AZyWVUqIf-3v45seZ5-YuYf6opQrBNcg7gkOtWWiSysYWtgSY_1V1-BQFUPH-oz-mwbdirR-NFSCiPoreEOgSE9YNBIFQ1rKy7j4zU_zpJ953C9GHSoWdh6F31qaHQlQW3CYPjBzYXNkvq6cLpOfXyja7O2zL76OdSYtBShA3S9C5WbJK0cwkp2uB1tbTjhWDry8atQWZQzXdqnY2cQyb9c1NwL_oIrccY1OFGipSrloeT_EwNhfGtlcxsEuC1IpQ3FzZU7SgKO7mOaYUD5ONjMHbBhm8dMGzkkls8oMLUIdoeGcaa-SnM7yDpHOjs5Z0JgrVMSBEHy9F0D9I97ua2fDHCLDDHMgFHxZQ4LYikx965cNyLTlKIDSlnqlQ00Z_DkmR6eHqGtET5L_9dsM-Qg1anya8CDuH3_XIPPMhx98GRSD4rHuheeCUCQSjuaGeKkWwDFRJ4QQXpVzC1_-8sT2PEb_ptZ0a1wS7COGFcKc7FlJiuQLyA3PpVDrL20dob_ExnCa_3kUl4CL_KxRPDfTtV_56hwcwSzsh0s_cN5waqD5-n-Mz6nRbTD5e35AWMqDYNZ2s9sXCh8hPGgFyg8scIQcmbli9PuB0fUw4sXbUIl8ePviRd_aKZvjg8tsS5Bm4Ym-vNiU9vGz9q9DKOBJHB6sAw_BZZ5RUsue8cuwiHF6qQTgnmmmwtURoz4fjcTc1RUYQUXXWVJcyKEyyykF44iOB8qu3cLFNUxqf1ngxVX_pXZ980L1jQwl3KjSF-29wD5EsSwLgG0RpUba8WjAvTaOROetapmweH4ew8oXs5dwkRCp6niQS2DYAx_qDr15VBsk2VAj2s0XjS_rJqXvicrUp_NiqP_tlGVycKfH-_FzfFcstNRHD4qbX9DqK-ba4EQCV0tOMswGjRH3owtuWw&cid=CAQSTADICaaNSwsSUZ77mWBZ7qgfv2QTsiAfc3A0ksUK7h-GbPW1lSNLB9ZWQcZjO1TkdUYbe9HgouPRQ-It3IiSCI2m49kfnVHxYWmR4nQYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fibb.co%2F&ds=l&xdt=1&iif=1&cor=12595442522985720000&adk=943508955&idt=58&cac=0&dtd=25 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 276e8f9b3788fc43027450690a22780cdfef015ca656d896184dd8989b547e38 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://360c05391acf73760fa897b7cd7ff680.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Tue, 07 Nov 2023 00:30:18 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12408 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	rum dsum-sec.casalemedia.com/ Frame EB7F Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMPUkibG2mz2UaEd6kBAlf0&google_cver=1	43 B 340 B	20ms 18ms	Image image/gif	104.18.36.155 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMPUkibG2mz2UaEd6kBAlf0&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNXfmMb34c_cnHYHdn6v9wM8Ne3lwLnsyc7k8ws1ZDEyBUyRDxNDosWjdSfSRlI3gg18jK6uDIJeDDg2Z87f3B9n66YCn2mxVfHH7dT1vkrtl50IvYWwK2BB421HqJtU9dFNmf70QXbVYmUS5DjNVS67xr1f39_iFT58du5Az5QJGbtubIc Protocol H2 Server 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Tue, 07 Nov 2023 00:30:18 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J8knIcNvpQsmIguUtR1GYlTDuVjjonjlg2RlJfUiGbDCmfDjkC6It1XvGJYsDho3M9mPJ6hBeg8Bl3qGrxpkIgqTWDyt9%2FWsuWxd%2FruJ%2FzXZm2sB9iysLyN5CXLI%2Bq5kBa%2BsT3hM1yW4tQ%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 82217787ff325c98-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Tue, 07 Nov 2023 00:30:18 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMPUkibG2mz2UaEd6kBAlf0&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	rum dsum-sec.casalemedia.com/ Frame EB7F Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUmFGrKxm2PLoIRFMMkUlwAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMPUkibG2mz2UaEd6kBAlf0&google_cver=1	43 B 768 B	23ms 22ms	Image image/gif	104.18.36.155 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMPUkibG2mz2UaEd6kBAlf0&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNXfmMb34c_cnHYHdn6v9wM8Ne3lwLnsyc7k8ws1ZDEyBUyRDxNDosWjdSfSRlI3gg18jK6uDIJeDDg2Z87f3B9n66YCn2mxVfHH7dT1vkrtl50IvYWwK2BB421HqJtU9dFNmf70QXbVYmUS5DjNVS67xr1f39_iFT58du5Az5QJGbtubIc Protocol H3 Server 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Tue, 07 Nov 2023 00:30:18 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=444VVk90EXhvGWmbQXOKieUEhtPhLRb6kmEnXlj1lLzrGY4fjkQOG9V0Bq%2BbMP573k9N6v94LCO884G9mOLlftAVLWis2wdeb5tBiJOx4gYagUx7VTuXlEVR5qSaPkmOoSSCXNaVZNnu%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 822177884ae41d86-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Tue, 07 Nov 2023 00:30:18 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMPUkibG2mz2UaEd6kBAlf0&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	setuid ib.adnxs.com/ Frame EB7F Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESEKK0oNGCR0LtdW_gD5dNbs8&google_cver=1	43 B 843 B	15ms 13ms	Image image/gif	185.89.210.212 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/setuid?entity=101&code=CAESEKK0oNGCR0LtdW_gD5dNbs8&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNXfmMb34c_cnHYHdn6v9wM8Ne3lwLnsyc7k8ws1ZDEyBUyRDxNDosWjdSfSRlI3gg18jK6uDIJeDDg2Z87f3B9n66YCn2mxVfHH7dT1vkrtl50IvYWwK2BB421HqJtU9dFNmf70QXbVYmUS5DjNVS67xr1f39_iFT58du5Az5QJGbtubIc Protocol H2 Server 185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.21.3 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Tue, 07 Nov 2023 00:30:18 GMT an-x-request-uuid 302877b6-6385-4591-ad82-04c1268ed32d server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type image/gif cache-control no-store, no-cache, private x-proxy-origin 178.162.209.134; 178.162.209.134; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 43 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Tue, 07 Nov 2023 00:30:18 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://ib.adnxs.com/setuid?entity=101&code=CAESEKK0oNGCR0LtdW_gD5dNbs8&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 290 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pixel cm.g.doubleclick.net/ Frame EB7F Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzkzMzc0NzgzOTc1NjgxMzA0Ng%3D%3D	170 B 243 B	29ms 28ms	Image image/png	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzkzMzc0NzgzOTc1NjgxMzA0Ng%3D%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNXfmMb34c_cnHYHdn6v9wM8Ne3lwLnsyc7k8ws1ZDEyBUyRDxNDosWjdSfSRlI3gg18jK6uDIJeDDg2Z87f3B9n66YCn2mxVfHH7dT1vkrtl50IvYWwK2BB421HqJtU9dFNmf70QXbVYmUS5DjNVS67xr1f39_iFT58du5Az5QJGbtubIc Protocol H2 Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Tue, 07 Nov 2023 00:30:18 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Tue, 07 Nov 2023 00:30:18 GMT an-x-request-uuid eaca0e0d-0520-415b-9dc5-1863a7c93889 server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzkzMzc0NzgzOTc1NjgxMzA0Ng%3D%3D x-proxy-origin 178.162.209.134; 178.162.209.134; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	ob_logo_16x16.svg widgets.outbrain.com/images/widgetIcons/ Frame A94F	13 KB 14 KB	53ms 8ms	Image image/svg+xml	23.35.237.86 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://widgets.outbrain.com/images/widgetIcons/ob_logo_16x16.svg Requested by Host: ibb.co URL: https://ibb.co/XpNHLfM Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-35-237-86.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash c3c89d5295be3c6415416b83a9e4c0fc67a790e55713ddc3f2d0c07185779acf Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers expires Thu, 07 Dec 2023 00:30:18 GMT date Tue, 07 Nov 2023 00:30:18 GMT last-modified Tue, 10 Jan 2023 16:40:08 GMT server AkamaiNetStorage etag "af7be0711fb1cf2f41bb793256c8f148:1673369412.559449" access-control-allow-methods GET,POST content-type image/svg+xml access-control-allow-origin * cache-control max-age=2592000 access-control-allow-credentials false accept-ranges bytes timing-allow-origin *, * content-length 13687 access-control-request-headers X-OB-STG,X-OB-PRD
GET H2	200	achoice.svg widgets.outbrain.com/images/widgetIcons/ Frame A94F	990 B 1 KB	52ms 7ms	Image image/svg+xml	23.35.237.86 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://widgets.outbrain.com/images/widgetIcons/achoice.svg Requested by Host: ibb.co URL: https://ibb.co/XpNHLfM Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-35-237-86.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash 9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers expires Thu, 07 Dec 2023 00:30:18 GMT date Tue, 07 Nov 2023 00:30:18 GMT last-modified Tue, 10 Jan 2023 16:40:08 GMT server AkamaiNetStorage etag "5ab8e16b5f46213840bcd403e349419c:1673369393.880194" access-control-allow-methods GET,POST content-type image/svg+xml access-control-allow-origin * cache-control max-age=2592000 access-control-allow-credentials false accept-ranges bytes timing-allow-origin *, * content-length 990 access-control-request-headers X-OB-STG,X-OB-PRD
GET H2	200	eyJpdSI6ImZiMTMzM2E1OTVjNDJhZjNlNTdkMzI0OGIwOWNmZWNiMjcyNmI1YjU4ZjQ0MDg3OTEzZGNjZjFmODM3ZDE1NTkiLCJ3IjozMjAsImgiOjE4MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp images.outbrainimg.com/transform/v3/ Frame A94F	22 KB 22 KB	65ms 7ms	Image image/webp	2.18.161.178 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://images.outbrainimg.com/transform/v3/eyJpdSI6ImZiMTMzM2E1OTVjNDJhZjNlNTdkMzI0OGIwOWNmZWNiMjcyNmI1YjU4ZjQ0MDg3OTEzZGNjZjFmODM3ZDE1NTkiLCJ3IjozMjAsImgiOjE4MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp Requested by Host: ibb.co URL: https://ibb.co/XpNHLfM Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.18.161.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-161-178.deploy.static.akamaitechnologies.com Software / Resource Hash fe8fc20576ba5b9a68a0648b03df864f1e1236e230ef77ff13be6998871d978a Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 00:30:18 GMT last-modified Fri, 15 Sep 2023 16:23:44 GMT access-control-allow-methods GET,POST content-type image/webp access-control-allow-origin * cache-control max-age=1816065 access-control-allow-credentials false x-traceid 79804db46e080fc5df3d5b3c38826898 timing-allow-origin *, * content-length 22436
GET H/1.1	200 OK	l mcdp-nydc1.outbrain.com/ Frame E2A7	2 B 278 B	362ms 87ms	Image text/plain	70.42.32.95 AS-OUTBRAIN
General Check archive.org Show headers Download Go to Show image Full URL https://mcdp-nydc1.outbrain.com/l?token=eb27d4bdd530f8a913fb615b71b29f59_198067_1699317018659 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 70.42.32.95 , United States, ASN22075 (AS-OUTBRAIN, US), Reverse DNS ny.outbrain.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers Date Tue, 07 Nov 2023 00:30:19 GMT content-encoding br X-TraceId 5ad0e0cbc270a40433e81c8f1cd31487 Content-Length 6 Vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers Content-Type text/plain; charset=UTF-8
GET H/1.1	200 OK	log-viewability log.outbrainimg.com/loggerServices/ Frame E2A7	4 B 325 B	373ms 87ms	Image application/json	70.42.32.95 AS-OUTBRAIN
General Check archive.org Show headers Download Go to Show image Full URL https://log.outbrainimg.com/loggerServices/log-viewability?requestId=eb27d4bdd530f8a913fb615b71b29f59&position=0 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 70.42.32.95 , United States, ASN22075 (AS-OUTBRAIN, US), Reverse DNS ny.outbrain.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers Pragma no-cache Date Tue, 07 Nov 2023 00:30:19 GMT Access-Control-Allow-Methods GET,POST Content-Type application/json; charset=UTF-8 Access-Control-Allow-Origin * Cache-Control no-cache, no-store, must-revalidate X-TraceId 0cab2a410f2bbfa4fdcc1a6030ae83a8 Content-Length 4 Expires 0
GET H3	200	si Show response googleads.g.doubleclick.net/pagead/drt/ Frame 52E3 Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 17 B	30ms 29ms	Document text/html	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA Requested by Host: 360c05391acf73760fa897b7cd7ff680.safeframe.googlesyndication.com URL: https://360c05391acf73760fa897b7cd7ff680.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 07 Nov 2023 00:30:18 GMT expires Tue, 07 Nov 2023 00:30:18 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 07 Nov 2023 00:30:18 GMT location https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	Q12zgMmT.js Show response tpc.googlesyndication.com/sodar/ Frame 09F0	41 KB 14 KB	16ms 16ms	Script text/javascript	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Q12zgMmT.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DtA7N7ZnBsjj8SwvTCpUnHuneZvx20vjXR37Xp57FHyKmul8e5xMkuH11Lu3H96C1beGXaU_XChEyfs3GuRFt11KNN161CMF32wmwFx052Xn8Pf7UCV8QqWTXFKHKvOg6Ew85fDMNbU04V8fAbyiuTH1kru063EZF-4bwlSnSWx2SlmyM&cry=1&dbm_d=AKAmf-BGHMvuDkoND5O7Phj2GF_yknfKWUva10KWzQFuFPFkPUjhKzQ2Ba62WSne1kCrkahzyGJonJHAK2kkHd_UO-3FEbAGCZTDRxgchkmNXHyJO9eRtQqQZm8Y7fh6lVP7dYooIZSCzflhRxnKZrx2X4JnmblxMu2Advv6_JmET-gYQL9TZYn7jNCMnQ3uGkyTWvUIrOXxjBfDfli35x4R6066wml-uzP_-tKtw8jEx-y5Dzx8ttorEflKLPI-HDOn7Kwy_lamwLajmhL2RHEZ4bo-2SZRTePAxLW7GqFA1aBFeMiZVTAerd-9dyVtXGKViKx4nXgNE3O6WO24LOULHRxYbqof0l7AzMcJg9227P7t9Si7-rKOI7wEJhH7ofa1wxA135ETy5c4p91pyHm7oqBdu7m4tHDVJVJ1InPYMsfBNsCHQH0_bm32w6UtcNI6ULPifHn8wp_0-nhT2Q_NPnbnmw1xBjCP1xxlU-9ZEUMRLdZijmLnUBNItrV-Pbx8ClI28cYqrsnX040HkT75EueqQDC9_aX3msHjHUoWhl1yMsHAaTGsq7dHtcVU6Zde0JhdJ098oxGeJby912dng6pSfp3ftF6JsnEMKz2hH_ucf8g_2fZ0t19BruB9VcWIKgArL_9JceltbEVbEdMqV89e1Rbzd7pArsI9ljCb8sghHJYmsbcF2oV2wgmMRbEHKBkFjD23uZMwv-QNf8k_rqi34KkjVkdc4lwLGAnSlna2RY5P7FcvdnJ4TGnMnMVmfDihwtTCHDmMhfNF-e3869epxaeE81eMW02pz8eX3y6wxovZ8UDN2booKbTPZnxVbet745l9NsuVpov3o1D6boeulSQ9Gi3fCxu7iFMETJoH80kDYIvvMJCrAIU4Q1uD9LsvB4E4KReGpJdrl1ZDtQ58ZbCldrRamG6KuQk3nwc94zNXCFVUUOvcTc_98ysnVoCrwPayPS5OnbVgWYs5w0abPLFUqpMdBfFy3JC80aYWW7HzkGczVrpEhxaXBB7gI5z5mrkz5wKf37O2Ry7inqSYLslQq-j8mqIS2lJL9Fc-_82KNjFtaF4BVxPLtmarfc_jvUVp3gcwd8jAzPqTtC2-XjtKtvuSAKrAkRSRFJdFdtMihkE7hv2wN5RScA766Cz7UCR464JVz4vD1w8A1Taj4VJGZrNdA9_krbmJTuylKH7esi4aX0tMKAnlk1Ghe8P1M_eUtIHQTz6yye0N1SudlemSBLOvhmFfXWUutfS2ydXrzZMmDPOpfzxP-hH1LQZU6PKfem1fjMgPUDxodcGLWl5GIRalQKEWI1gejpoiLt7EmWsYnZxD-caTKL9d0APtl47UnEHSkBvOJb5EBu8I4ty2MqD2QsCTMDB--eWb_AQpJ97vx8xYTENNoMFiJpcOYCu1e25z8NsnqikSEN7fraQj0ZAzQ0SxNBT_FzGU-4dZUpMhar6TOADT-e5AtppVMBTMNkknSNgtaRwTm3uMvx62KVChpLm1Pki1pU9GwFwoLbGk8_TXNGrZ9JCExewFFZ07DazituCjsVuKL-Z4TGjYZ2JJaMRfj97FxSHIUcNnMBDfuwjWuw4XFHrkdKvPaTp4b8oo4-qT8iG347Hf9JhErCwzR3S4eHK2da9ywf0mkTWj38-31qskAqkMz5qr7DFC9od-laeO54hSG-3pjf-rD9dDlsnZ7IkChFQkD3w6RE4kGG5mEv2ZQW4m2V5Ohafm90qZhNvLvqXtdfQdXH4Uzg5waKfrJRTqh4K6C5SmIVV0g8GLftrUIkyMt9QTqUgDM5bQZiz29M181GX6MeBM79vVVcdpgz74_-XUFBs2WmEvt27vS3oXnxxT5tfOiBeuoxOiKft3zVgBNjVYFjSvmjy1XeXbt5ib8Y-Rf2firzjrN5_uvn6r0biFZqKMWr8cf1bkmKNruEWVjVPQ3Trzs3x7UZ6ysBqVQVSUVU--cbV_XyMYCplf2ur_HOcMkoiW5MUyEaSSOohEloERCBEUP1XgYumIzT-2BaBnvPYTHZWcjYKuoIND8WcHgmjk6XgEnlSD2G3Mye-pscgeIK4CAQ9kd-k8j7P0LB2preiQQM8l9CFiLSzg0jequ8Yg57R_3xM-2aprO-Hm479i4vMvD7vVhgoEQT8opOZzbpz25dlApfIv-TbjNNjCaUpHL1P3mJXj1XRu3sbb8Mzm_IF73elcFeU-63Ol3JrqY4S-6xp70QZD-u_oCIxuA8CvQPzD6OThpjFmBMb6DKZu-tRMEGzRwQBqgpQOcTHug_lbphY7bGPGin5TaeN62hbswQiqAZxYS5HmHpwuZ2lFwrT5R2QLD3AxMeiLL8oM-QMM14M5jFS2DDEx-qPS-VCyxGj4lnQWseRCLMu4ypDNaSccdqOZKLK__5SP7uYvatNQMw1Ar3d6uUeKFEAl2J_uq-mZTy4LDOqtQ1r_26nWuUzQWu6XQr4yqQJGDIeNwC4ZFlvpuHpMsK8vFHVZhQKGdKxt303saKNXWhUUlAUoclpRo54zCk8CZ4Xs3hedDR3IeUvdmJy3hrhlffDccWJ9w85nZalPci14WCzxV_Qr3keai3APno-TWiQBsdhdaQzmTtFSKrX4MET84gAkSdARzimXEjbBPCeotJHGdyH4HuxRg9kC-e3-5FZro1k4P3yXAddtPh4257XBCPdmxZZAPHHT2YhfP8t7ROjccOLr34Ry4zL1UXealIGo0CQPy9K37vTmKIslq84K6pcvgI8kW766zhtpBR_DbfAAg_IT1VFO5qm9mlJw1Ugg09DIkJ3MOrNr2f3uKvS59eFurPN1AZyWVUqIf-3v45seZ5-YuYf6opQrBNcg7gkOtWWiSysYWtgSY_1V1-BQFUPH-oz-mwbdirR-NFSCiPoreEOgSE9YNBIFQ1rKy7j4zU_zpJ953C9GHSoWdh6F31qaHQlQW3CYPjBzYXNkvq6cLpOfXyja7O2zL76OdSYtBShA3S9C5WbJK0cwkp2uB1tbTjhWDry8atQWZQzXdqnY2cQyb9c1NwL_oIrccY1OFGipSrloeT_EwNhfGtlcxsEuC1IpQ3FzZU7SgKO7mOaYUD5ONjMHbBhm8dMGzkkls8oMLUIdoeGcaa-SnM7yDpHOjs5Z0JgrVMSBEHy9F0D9I97ua2fDHCLDDHMgFHxZQ4LYikx965cNyLTlKIDSlnqlQ00Z_DkmR6eHqGtET5L_9dsM-Qg1anya8CDuH3_XIPPMhx98GRSD4rHuheeCUCQSjuaGeKkWwDFRJ4QQXpVzC1_-8sT2PEb_ptZ0a1wS7COGFcKc7FlJiuQLyA3PpVDrL20dob_ExnCa_3kUl4CL_KxRPDfTtV_56hwcwSzsh0s_cN5waqD5-n-Mz6nRbTD5e35AWMqDYNZ2s9sXCh8hPGgFyg8scIQcmbli9PuB0fUw4sXbUIl8ePviRd_aKZvjg8tsS5Bm4Ym-vNiU9vGz9q9DKOBJHB6sAw_BZZ5RUsue8cuwiHF6qQTgnmmmwtURoz4fjcTc1RUYQUXXWVJcyKEyyykF44iOB8qu3cLFNUxqf1ngxVX_pXZ980L1jQwl3KjSF-29wD5EsSwLgG0RpUba8WjAvTaOROetapmweH4ew8oXs5dwkRCp6niQS2DYAx_qDr15VBsk2VAj2s0XjS_rJqXvicrUp_NiqP_tlGVycKfH-_FzfFcstNRHD4qbX9DqK-ba4EQCV0tOMswGjRH3owtuWw&cid=CAQSTADICaaNSwsSUZ77mWBZ7qgfv2QTsiAfc3A0ksUK7h-GbPW1lSNLB9ZWQcZjO1TkdUYbe9HgouPRQ-It3IiSCI2m49kfnVHxYWmR4nQYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fibb.co%2F&ds=l&xdt=1&iif=1&cor=12595442522985720000&adk=943508955&idt=58&cac=0&dtd=25 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://360c05391acf73760fa897b7cd7ff680.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Mon, 06 Nov 2023 06:26:22 GMT content-encoding br x-content-type-options nosniff age 65036 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13937 x-xss-protection 0 last-modified Fri, 25 Aug 2023 23:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 05 Nov 2024 06:26:22 GMT
GET H/1.1	200 OK	g72h7lz2c4az Show response hal9000.redintelligence.net/zone/ Frame 09F0	11 KB 4 KB	52ms 13ms	Script text/html	78.46.111.106 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal9000.redintelligence.net/zone/g72h7lz2c4az?subid=&gdpr=&gdpr_consent=&rnd=1699317018154748&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCkcOLGoVJZfy4CcSYgQexpLuABablvaBphZWcp8kP8C4QASCdwq1pYJWCgICwB8gBCakCLozSnqf6sT6oAwHIA5sEqgTTAU_QRutfvC2Dlyp6s7ulqIIvVZMKccN_QeXixTQ91SoWk7LTKgTlT9CnnSWYZqKSgrPJzP7KknrSn1iryVTnTk1kFJtZQO620V8d7QE_tr7rrYOse2FINaksoGmoO3eDoAowfZtJlZ09ahBe2OLnLMFCgrcxsteU4g2yjIz6gjiBg9j1Bu3VaMs98rFz-2l8IY_I2cOzzQ7KBkWx8FYLHuSwG98cyEZ5Kitwg20edPJzPn3FHSmIxgKTb_dUliJVaUgQEKudIYD4SExxxzVNTM197d7ABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgGYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJEReINEwimtuiZ0bCCAxVETOAKHTHSDlCwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26num%3D1%26cid%3DCAQSTADICaaNSwsSUZ77mWBZ7qgfv2QTsiAfc3A0ksUK7h-GbPW1lSNLB9ZWQcZjO1TkdUYbe9HgouPRQ-It3IiSCI2m49kfnVHxYWmR4nQYAQ%26sig%3DAOD64_20LXBg2fCBYuDkBuykQNUWxI_joQ%26client%3Dca-pub-8278416939377896%26dbm_c%3DAKAmf-C_AVgqnoZyCosq-07WJeCdPXIulwzLFFpVK04yJiL0NaAZ20K8x3rtaRWDRtg1QF6HJDaqOLdja3fX4lJgVXL9xsEEzV7azXUDa2mHRdpiXsF0MmvFmUIHRkfLEDiU-RxnZF2QY5as3roffdq2SliAovYnx3dCgGKYyws9oMErVD_YG0w%26cry%3D1%26dbm_d%3DAKAmf-AmHuPajiQ-61kCluKzeu-4ZWe4lgzVotBefx5uqbhiebx-C8DrW4guvN6LlmDD7_SUF5s4CQombcFGvtP9MeJvmRh6zOteWoIH0xJ2cZbK6DnjwHI5Qgflx8P4hIY84ZX0_C9op9stXq-qIJzKU3dG0cv8WV68pT0SoVqH59ZEwjH4ZDLRbJvXwMrCr4IZL35ZMD5zJ4jt7cqoH2y9LpxRp5IX-mPy72vfe4oy0kXjQkn3PaCT5BncQtnJBx2IAA3bJeyPINld1UBPqipDhAqLYYBDsNzw0UuIka17a7Ndd6UYR25SuWgAbXwqN9JhCZHv6IdEoe6AMQTztKd4pwlSl7r6qbpJb13E6quE8sPX9S_yRiMLKA3dcEI6UFpHmuWak-9kV_fE1QumUgd8xKFnn3jp99CpCIUQmYPZEmRw8vQHUPqEoAClI4J2d4xZQ8r_oGFfkFau2YJ296HBUzQ7wj0gSocUB8H71y3m9KCqpY69FTopHQWrB_PyBMbvDRuvb_M1nE2CG6XqHapah4V-o59pAYx26hBcNYf5uVjNYeSxIcU%26adurl%3D Requested by Host: 360c05391acf73760fa897b7cd7ff680.safeframe.googlesyndication.com URL: https://360c05391acf73760fa897b7cd7ff680.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 78.46.111.106 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.106.111.46.78.clients.your-server.de Software Apache / Resource Hash 615761c943686a086ca6a66f3bef33b84adbb8567067e0875e2ec12312742d4f Request headers accept-language de-DE,de;q=0.9 Referer https://360c05391acf73760fa897b7cd7ff680.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers Date Tue, 07 Nov 2023 00:30:18 GMT Content-Encoding gzip Server Apache Connection close Content-Length 4147 Vary Accept-Encoding Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	request.php Show response hal900030.redintelligence.net/ Frame 09F0 Redirect Chain https://hal900030.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=c48a88d773&subid=&uid=f5cff2fcd87495d6&screenSize=1600x1200&screenSizeAvail=1600x1200&cl... https://hal900030.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=c48a88d773&subid=&uid=f5cff2fcd87495d6&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...	3 KB 2 KB	108ms 85ms	Script application/x-javascript	136.243.149.243 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal900030.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=c48a88d773&subid=&uid=f5cff2fcd87495d6&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCkcOLGoVJZfy4CcSYgQexpLuABablvaBphZWcp8kP8C4QASCdwq1pYJWCgICwB8gBCakCLozSnqf6sT6oAwHIA5sEqgTTAU_QRutfvC2Dlyp6s7ulqIIvVZMKccN_QeXixTQ91SoWk7LTKgTlT9CnnSWYZqKSgrPJzP7KknrSn1iryVTnTk1kFJtZQO620V8d7QE_tr7rrYOse2FINaksoGmoO3eDoAowfZtJlZ09ahBe2OLnLMFCgrcxsteU4g2yjIz6gjiBg9j1Bu3VaMs98rFz-2l8IY_I2cOzzQ7KBkWx8FYLHuSwG98cyEZ5Kitwg20edPJzPn3FHSmIxgKTb_dUliJVaUgQEKudIYD4SExxxzVNTM197d7ABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgGYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJEReINEwimtuiZ0bCCAxVETOAKHTHSDlCwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26num%3D1%26cid%3DCAQSTADICaaNSwsSUZ77mWBZ7qgfv2QTsiAfc3A0ksUK7h-GbPW1lSNLB9ZWQcZjO1TkdUYbe9HgouPRQ-It3IiSCI2m49kfnVHxYWmR4nQYAQ%26sig%3DAOD64_20LXBg2fCBYuDkBuykQNUWxI_joQ%26client%3Dca-pub-8278416939377896%26dbm_c%3DAKAmf-C_AVgqnoZyCosq-07WJeCdPXIulwzLFFpVK04yJiL0NaAZ20K8x3rtaRWDRtg1QF6HJDaqOLdja3fX4lJgVXL9xsEEzV7azXUDa2mHRdpiXsF0MmvFmUIHRkfLEDiU-RxnZF2QY5as3roffdq2SliAovYnx3dCgGKYyws9oMErVD_YG0w%26cry%3D1%26dbm_d%3DAKAmf-AmHuPajiQ-61kCluKzeu-4ZWe4lgzVotBefx5uqbhiebx-C8DrW4guvN6LlmDD7_SUF5s4CQombcFGvtP9MeJvmRh6zOteWoIH0xJ2cZbK6DnjwHI5Qgflx8P4hIY84ZX0_C9op9stXq-qIJzKU3dG0cv8WV68pT0SoVqH59ZEwjH4ZDLRbJvXwMrCr4IZL35ZMD5zJ4jt7cqoH2y9LpxRp5IX-mPy72vfe4oy0kXjQkn3PaCT5BncQtnJBx2IAA3bJeyPINld1UBPqipDhAqLYYBDsNzw0UuIka17a7Ndd6UYR25SuWgAbXwqN9JhCZHv6IdEoe6AMQTztKd4pwlSl7r6qbpJb13E6quE8sPX9S_yRiMLKA3dcEI6UFpHmuWak-9kV_fE1QumUgd8xKFnn3jp99CpCIUQmYPZEmRw8vQHUPqEoAClI4J2d4xZQ8r_oGFfkFau2YJ296HBUzQ7wj0gSocUB8H71y3m9KCqpY69FTopHQWrB_PyBMbvDRuvb_M1nE2CG6XqHapah4V-o59pAYx26hBcNYf5uVjNYeSxIcU%26adurl%3D&documentReferer=https%3A%2F%2Fibb.co%2F&ancestorOrigins=https%3A%2F%2Fibb.co&random=872430427933&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1 Requested by Host: 360c05391acf73760fa897b7cd7ff680.safeframe.googlesyndication.com URL: https://360c05391acf73760fa897b7cd7ff680.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol HTTP/1.1 Server 136.243.149.243 Sindelfingen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.243.149.243.136.clients.your-server.de Software Apache / Resource Hash c59dea4bd3a1be72fa902249f201d176f168db06a6e29ac9205f5e7d66cec946 Request headers accept-language de-DE,de;q=0.9 Referer https://360c05391acf73760fa897b7cd7ff680.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers Pragma no-cache Date Tue, 07 Nov 2023 00:30:19 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Content-Type application/x-javascript; charset=utf-8 Cache-Control no-store, no-cache, must-revalidate, max-age=0 X-NEORY-SubId 20846500005084504444550012501030 Connection close Content-Length 1113 Expires Tue, 07 Nov 2023 00:30:19 +0100 Redirect headers Pragma no-cache Date Tue, 07 Nov 2023 00:30:18 GMT Server Apache P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Location request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=c48a88d773&subid=&uid=f5cff2fcd87495d6&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCkcOLGoVJZfy4CcSYgQexpLuABablvaBphZWcp8kP8C4QASCdwq1pYJWCgICwB8gBCakCLozSnqf6sT6oAwHIA5sEqgTTAU_QRutfvC2Dlyp6s7ulqIIvVZMKccN_QeXixTQ91SoWk7LTKgTlT9CnnSWYZqKSgrPJzP7KknrSn1iryVTnTk1kFJtZQO620V8d7QE_tr7rrYOse2FINaksoGmoO3eDoAowfZtJlZ09ahBe2OLnLMFCgrcxsteU4g2yjIz6gjiBg9j1Bu3VaMs98rFz-2l8IY_I2cOzzQ7KBkWx8FYLHuSwG98cyEZ5Kitwg20edPJzPn3FHSmIxgKTb_dUliJVaUgQEKudIYD4SExxxzVNTM197d7ABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgGYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJEReINEwimtuiZ0bCCAxVETOAKHTHSDlCwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26num%3D1%26cid%3DCAQSTADICaaNSwsSUZ77mWBZ7qgfv2QTsiAfc3A0ksUK7h-GbPW1lSNLB9ZWQcZjO1TkdUYbe9HgouPRQ-It3IiSCI2m49kfnVHxYWmR4nQYAQ%26sig%3DAOD64_20LXBg2fCBYuDkBuykQNUWxI_joQ%26client%3Dca-pub-8278416939377896%26dbm_c%3DAKAmf-C_AVgqnoZyCosq-07WJeCdPXIulwzLFFpVK04yJiL0NaAZ20K8x3rtaRWDRtg1QF6HJDaqOLdja3fX4lJgVXL9xsEEzV7azXUDa2mHRdpiXsF0MmvFmUIHRkfLEDiU-RxnZF2QY5as3roffdq2SliAovYnx3dCgGKYyws9oMErVD_YG0w%26cry%3D1%26dbm_d%3DAKAmf-AmHuPajiQ-61kCluKzeu-4ZWe4lgzVotBefx5uqbhiebx-C8DrW4guvN6LlmDD7_SUF5s4CQombcFGvtP9MeJvmRh6zOteWoIH0xJ2cZbK6DnjwHI5Qgflx8P4hIY84ZX0_C9op9stXq-qIJzKU3dG0cv8WV68pT0SoVqH59ZEwjH4ZDLRbJvXwMrCr4IZL35ZMD5zJ4jt7cqoH2y9LpxRp5IX-mPy72vfe4oy0kXjQkn3PaCT5BncQtnJBx2IAA3bJeyPINld1UBPqipDhAqLYYBDsNzw0UuIka17a7Ndd6UYR25SuWgAbXwqN9JhCZHv6IdEoe6AMQTztKd4pwlSl7r6qbpJb13E6quE8sPX9S_yRiMLKA3dcEI6UFpHmuWak-9kV_fE1QumUgd8xKFnn3jp99CpCIUQmYPZEmRw8vQHUPqEoAClI4J2d4xZQ8r_oGFfkFau2YJ296HBUzQ7wj0gSocUB8H71y3m9KCqpY69FTopHQWrB_PyBMbvDRuvb_M1nE2CG6XqHapah4V-o59pAYx26hBcNYf5uVjNYeSxIcU%26adurl%3D&documentReferer=https%3A%2F%2Fibb.co%2F&ancestorOrigins=https%3A%2F%2Fibb.co&random=872430427933&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1 Content-Type text/html; charset=UTF-8 Cache-Control no-store, no-cache, must-revalidate, max-age=0 Connection close Content-Length 0 Expires Tue, 07 Nov 2023 00:30:18 +0100
GET H3	200	62bHydCX.html Show response tpc.googlesyndication.com/sodar/ Frame 1C20	38 KB 13 KB	16ms 14ms	Document text/html	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/62bHydCX.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://360c05391acf73760fa897b7cd7ff680.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 65036 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding br content-length 13045 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Mon, 06 Nov 2023 06:26:22 GMT expires Tue, 05 Nov 2024 06:26:22 GMT last-modified Fri, 25 Aug 2023 23:48:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	hxCSxfMv2iBFhjrGrLs7kA8KHsgt38HzDym5Fkm1vio.js Show response pagead2.googlesyndication.com/bg/ Frame B324	50 KB 19 KB	16ms 16ms	Script text/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/hxCSxfMv2iBFhjrGrLs7kA8KHsgt38HzDym5Fkm1vio.js Requested by Host: t.co URL: https://t.co/HzblRj9eRJ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 871092c5f32fda2045863ac6acbb3b900f0a1ec82ddfc1f30f29b91649b5be2a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://360c05391acf73760fa897b7cd7ff680.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Wed, 01 Nov 2023 19:28:50 GMT content-encoding br x-content-type-options nosniff age 450088 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 19628 x-xss-protection 0 last-modified Tue, 31 Oct 2023 13:58:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 31 Oct 2024 19:28:50 GMT
GET H3	200	4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js Show response pagead2.googlesyndication.com/bg/ Frame 1C20	38 KB 15 KB	15ms 15ms	Script text/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Mon, 06 Nov 2023 20:13:02 GMT content-encoding br x-content-type-options nosniff age 15437 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15096 x-xss-protection 0 last-modified Tue, 31 Oct 2023 13:58:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 05 Nov 2024 20:13:02 GMT
GET H2	200	view.aspx Show response pb.media01.eu/ Frame 1E5D Redirect Chain https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=20846500005084504444550012501030&t=htlp&gdpr=1&consent=1&gdpr_consent= https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=20846500005084504444550012501030&actionid=879111&produktid=ratenkredit&dt_url=	0 629 B	68ms 21ms	Document text/html	88.198.250.30 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=20846500005084504444550012501030&actionid=879111&produktid=ratenkredit&dt_url= Requested by Host: hal900030.redintelligence.net URL: https://hal900030.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=c48a88d773&subid=&uid=f5cff2fcd87495d6&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCkcOLGoVJZfy4CcSYgQexpLuABablvaBphZWcp8kP8C4QASCdwq1pYJWCgICwB8gBCakCLozSnqf6sT6oAwHIA5sEqgTTAU_QRutfvC2Dlyp6s7ulqIIvVZMKccN_QeXixTQ91SoWk7LTKgTlT9CnnSWYZqKSgrPJzP7KknrSn1iryVTnTk1kFJtZQO620V8d7QE_tr7rrYOse2FINaksoGmoO3eDoAowfZtJlZ09ahBe2OLnLMFCgrcxsteU4g2yjIz6gjiBg9j1Bu3VaMs98rFz-2l8IY_I2cOzzQ7KBkWx8FYLHuSwG98cyEZ5Kitwg20edPJzPn3FHSmIxgKTb_dUliJVaUgQEKudIYD4SExxxzVNTM197d7ABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgGYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJEReINEwimtuiZ0bCCAxVETOAKHTHSDlCwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26num%3D1%26cid%3DCAQSTADICaaNSwsSUZ77mWBZ7qgfv2QTsiAfc3A0ksUK7h-GbPW1lSNLB9ZWQcZjO1TkdUYbe9HgouPRQ-It3IiSCI2m49kfnVHxYWmR4nQYAQ%26sig%3DAOD64_20LXBg2fCBYuDkBuykQNUWxI_joQ%26client%3Dca-pub-8278416939377896%26dbm_c%3DAKAmf-C_AVgqnoZyCosq-07WJeCdPXIulwzLFFpVK04yJiL0NaAZ20K8x3rtaRWDRtg1QF6HJDaqOLdja3fX4lJgVXL9xsEEzV7azXUDa2mHRdpiXsF0MmvFmUIHRkfLEDiU-RxnZF2QY5as3roffdq2SliAovYnx3dCgGKYyws9oMErVD_YG0w%26cry%3D1%26dbm_d%3DAKAmf-AmHuPajiQ-61kCluKzeu-4ZWe4lgzVotBefx5uqbhiebx-C8DrW4guvN6LlmDD7_SUF5s4CQombcFGvtP9MeJvmRh6zOteWoIH0xJ2cZbK6DnjwHI5Qgflx8P4hIY84ZX0_C9op9stXq-qIJzKU3dG0cv8WV68pT0SoVqH59ZEwjH4ZDLRbJvXwMrCr4IZL35ZMD5zJ4jt7cqoH2y9LpxRp5IX-mPy72vfe4oy0kXjQkn3PaCT5BncQtnJBx2IAA3bJeyPINld1UBPqipDhAqLYYBDsNzw0UuIka17a7Ndd6UYR25SuWgAbXwqN9JhCZHv6IdEoe6AMQTztKd4pwlSl7r6qbpJb13E6quE8sPX9S_yRiMLKA3dcEI6UFpHmuWak-9kV_fE1QumUgd8xKFnn3jp99CpCIUQmYPZEmRw8vQHUPqEoAClI4J2d4xZQ8r_oGFfkFau2YJ296HBUzQ7wj0gSocUB8H71y3m9KCqpY69FTopHQWrB_PyBMbvDRuvb_M1nE2CG6XqHapah4V-o59pAYx26hBcNYf5uVjNYeSxIcU%26adurl%3D&documentReferer=https%3A%2F%2Fibb.co%2F&ancestorOrigins=https%3A%2F%2Fibb.co&random=872430427933&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.88-198-250-30.clients.your-server.de Software Microsoft-IIS/10.0 / ASP.NET Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 1; mode=block Request headers Referer https://360c05391acf73760fa897b7cd7ff680.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-credentials true access-control-allow-headers Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location access-control-allow-methods GET,POST access-control-allow-origin * cache-control no-cache, must-revalidate content-length 0 content-type text/html; charset=UTF-8 date Tue, 07 Nov 2023 00:30:18 GMT expires Mon, 26 Jul 1997 05:00:00 GMT last-modified Tue, 07 Nov 2023 01:30:19 GMT p3p policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA" pragma no-cache server Microsoft-IIS/10.0 x-aspnet-version 4.0.30319 x-powered-by ASP.NET x-xss-protection 1; mode=block Redirect headers access-control-allow-credentials true access-control-allow-origin * access-control-expose-headers X-Request-ID attribution-reporting-register-source {"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}} content-length 0 content-type application/javascript date Tue, 07 Nov 2023 00:30:19 GMT host pv.medialead.de keep-alive timeout=20 location https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=20846500005084504444550012501030&actionid=879111&produktid=ratenkredit&dt_url= proxy-host pv.medialead.de server nginx/1.17.5 strict-transport-security max-age=15768000 vary Origin x-iplb-instance 40028 x-iplb-request-id B2A2D186:DD22_91EFC182:01BB_6549851B_1CB53A6:1A428
GET H2	200	view.aspx Show response pb.media01.eu/ Frame 0CBA Redirect Chain https://pv.medialead.de/trck/epv/89f7480c0afa0150827cf163f8728151?subid=20846500005084504444550012501030&t=htlp&gdpr=1&consent=1&gdpr_consent= https://pb.media01.eu/view.aspx?trackid=FCAFEED7E361667AB6C39756DB56E118&dt_subid1=6549851b22d4c960ab320087&dt_subid2=&actionid=56481&produktid=&bannerID=FYRSTDisplay&dt_url=	0 202 B	56ms 25ms	Document text/html	88.198.250.30 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://pb.media01.eu/view.aspx?trackid=FCAFEED7E361667AB6C39756DB56E118&dt_subid1=6549851b22d4c960ab320087&dt_subid2=&actionid=56481&produktid=&bannerID=FYRSTDisplay&dt_url= Requested by Host: hal900030.redintelligence.net URL: https://hal900030.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=c48a88d773&subid=&uid=f5cff2fcd87495d6&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCkcOLGoVJZfy4CcSYgQexpLuABablvaBphZWcp8kP8C4QASCdwq1pYJWCgICwB8gBCakCLozSnqf6sT6oAwHIA5sEqgTTAU_QRutfvC2Dlyp6s7ulqIIvVZMKccN_QeXixTQ91SoWk7LTKgTlT9CnnSWYZqKSgrPJzP7KknrSn1iryVTnTk1kFJtZQO620V8d7QE_tr7rrYOse2FINaksoGmoO3eDoAowfZtJlZ09ahBe2OLnLMFCgrcxsteU4g2yjIz6gjiBg9j1Bu3VaMs98rFz-2l8IY_I2cOzzQ7KBkWx8FYLHuSwG98cyEZ5Kitwg20edPJzPn3FHSmIxgKTb_dUliJVaUgQEKudIYD4SExxxzVNTM197d7ABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgGYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJEReINEwimtuiZ0bCCAxVETOAKHTHSDlCwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26num%3D1%26cid%3DCAQSTADICaaNSwsSUZ77mWBZ7qgfv2QTsiAfc3A0ksUK7h-GbPW1lSNLB9ZWQcZjO1TkdUYbe9HgouPRQ-It3IiSCI2m49kfnVHxYWmR4nQYAQ%26sig%3DAOD64_20LXBg2fCBYuDkBuykQNUWxI_joQ%26client%3Dca-pub-8278416939377896%26dbm_c%3DAKAmf-C_AVgqnoZyCosq-07WJeCdPXIulwzLFFpVK04yJiL0NaAZ20K8x3rtaRWDRtg1QF6HJDaqOLdja3fX4lJgVXL9xsEEzV7azXUDa2mHRdpiXsF0MmvFmUIHRkfLEDiU-RxnZF2QY5as3roffdq2SliAovYnx3dCgGKYyws9oMErVD_YG0w%26cry%3D1%26dbm_d%3DAKAmf-AmHuPajiQ-61kCluKzeu-4ZWe4lgzVotBefx5uqbhiebx-C8DrW4guvN6LlmDD7_SUF5s4CQombcFGvtP9MeJvmRh6zOteWoIH0xJ2cZbK6DnjwHI5Qgflx8P4hIY84ZX0_C9op9stXq-qIJzKU3dG0cv8WV68pT0SoVqH59ZEwjH4ZDLRbJvXwMrCr4IZL35ZMD5zJ4jt7cqoH2y9LpxRp5IX-mPy72vfe4oy0kXjQkn3PaCT5BncQtnJBx2IAA3bJeyPINld1UBPqipDhAqLYYBDsNzw0UuIka17a7Ndd6UYR25SuWgAbXwqN9JhCZHv6IdEoe6AMQTztKd4pwlSl7r6qbpJb13E6quE8sPX9S_yRiMLKA3dcEI6UFpHmuWak-9kV_fE1QumUgd8xKFnn3jp99CpCIUQmYPZEmRw8vQHUPqEoAClI4J2d4xZQ8r_oGFfkFau2YJ296HBUzQ7wj0gSocUB8H71y3m9KCqpY69FTopHQWrB_PyBMbvDRuvb_M1nE2CG6XqHapah4V-o59pAYx26hBcNYf5uVjNYeSxIcU%26adurl%3D&documentReferer=https%3A%2F%2Fibb.co%2F&ancestorOrigins=https%3A%2F%2Fibb.co&random=872430427933&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.88-198-250-30.clients.your-server.de Software Microsoft-IIS/10.0 / ASP.NET Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 1; mode=block Request headers Referer https://360c05391acf73760fa897b7cd7ff680.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-credentials true access-control-allow-headers Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location access-control-allow-methods GET,POST access-control-allow-origin * cache-control no-cache, must-revalidate content-length 0 content-type text/html; charset=UTF-8 date Tue, 07 Nov 2023 00:30:18 GMT expires Mon, 26 Jul 1997 05:00:00 GMT last-modified Tue, 07 Nov 2023 01:30:19 GMT p3p policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA" pragma no-cache server Microsoft-IIS/10.0 x-aspnet-version 4.0.30319 x-powered-by ASP.NET x-xss-protection 1; mode=block Redirect headers access-control-allow-credentials true access-control-allow-origin * access-control-expose-headers X-Request-ID attribution-reporting-register-source {"source_event_id":"25200521800103636","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}} content-length 0 content-type application/javascript date Tue, 07 Nov 2023 00:30:19 GMT host pv.medialead.de keep-alive timeout=20 location https://pb.media01.eu/view.aspx?trackid=FCAFEED7E361667AB6C39756DB56E118&dt_subid1=6549851b22d4c960ab320087&dt_subid2=&actionid=56481&produktid=&bannerID=FYRSTDisplay&dt_url= proxy-host pv.medialead.de server nginx/1.17.5 strict-transport-security max-age=15768000 vary Origin x-iplb-instance 40027 x-iplb-request-id B2A2D186:DD20_91EFC182:01BB_6549851B_1C90F35:1E878
GET H2	200	/ Show response adv.office-partner.de/ Frame E00A	930 B 923 B	46ms 7ms	Document text/html	2a0b:4d07:102::1 PROINITY PROINITY
General Check archive.org Show headers Download Go to Full URL https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains Requested by Host: hal900030.redintelligence.net URL: https://hal900030.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=c48a88d773&subid=&uid=f5cff2fcd87495d6&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCkcOLGoVJZfy4CcSYgQexpLuABablvaBphZWcp8kP8C4QASCdwq1pYJWCgICwB8gBCakCLozSnqf6sT6oAwHIA5sEqgTTAU_QRutfvC2Dlyp6s7ulqIIvVZMKccN_QeXixTQ91SoWk7LTKgTlT9CnnSWYZqKSgrPJzP7KknrSn1iryVTnTk1kFJtZQO620V8d7QE_tr7rrYOse2FINaksoGmoO3eDoAowfZtJlZ09ahBe2OLnLMFCgrcxsteU4g2yjIz6gjiBg9j1Bu3VaMs98rFz-2l8IY_I2cOzzQ7KBkWx8FYLHuSwG98cyEZ5Kitwg20edPJzPn3FHSmIxgKTb_dUliJVaUgQEKudIYD4SExxxzVNTM197d7ABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgGYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJEReINEwimtuiZ0bCCAxVETOAKHTHSDlCwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26num%3D1%26cid%3DCAQSTADICaaNSwsSUZ77mWBZ7qgfv2QTsiAfc3A0ksUK7h-GbPW1lSNLB9ZWQcZjO1TkdUYbe9HgouPRQ-It3IiSCI2m49kfnVHxYWmR4nQYAQ%26sig%3DAOD64_20LXBg2fCBYuDkBuykQNUWxI_joQ%26client%3Dca-pub-8278416939377896%26dbm_c%3DAKAmf-C_AVgqnoZyCosq-07WJeCdPXIulwzLFFpVK04yJiL0NaAZ20K8x3rtaRWDRtg1QF6HJDaqOLdja3fX4lJgVXL9xsEEzV7azXUDa2mHRdpiXsF0MmvFmUIHRkfLEDiU-RxnZF2QY5as3roffdq2SliAovYnx3dCgGKYyws9oMErVD_YG0w%26cry%3D1%26dbm_d%3DAKAmf-AmHuPajiQ-61kCluKzeu-4ZWe4lgzVotBefx5uqbhiebx-C8DrW4guvN6LlmDD7_SUF5s4CQombcFGvtP9MeJvmRh6zOteWoIH0xJ2cZbK6DnjwHI5Qgflx8P4hIY84ZX0_C9op9stXq-qIJzKU3dG0cv8WV68pT0SoVqH59ZEwjH4ZDLRbJvXwMrCr4IZL35ZMD5zJ4jt7cqoH2y9LpxRp5IX-mPy72vfe4oy0kXjQkn3PaCT5BncQtnJBx2IAA3bJeyPINld1UBPqipDhAqLYYBDsNzw0UuIka17a7Ndd6UYR25SuWgAbXwqN9JhCZHv6IdEoe6AMQTztKd4pwlSl7r6qbpJb13E6quE8sPX9S_yRiMLKA3dcEI6UFpHmuWak-9kV_fE1QumUgd8xKFnn3jp99CpCIUQmYPZEmRw8vQHUPqEoAClI4J2d4xZQ8r_oGFfkFau2YJ296HBUzQ7wj0gSocUB8H71y3m9KCqpY69FTopHQWrB_PyBMbvDRuvb_M1nE2CG6XqHapah4V-o59pAYx26hBcNYf5uVjNYeSxIcU%26adurl%3D&documentReferer=https%3A%2F%2Fibb.co%2F&ancestorOrigins=https%3A%2F%2Fibb.co&random=872430427933&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH), Reverse DNS Software keycdn / Resource Hash 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7 Request headers Referer https://360c05391acf73760fa897b7cd7ff680.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * cache-control max-age=604800 content-encoding gzip content-length 552 content-type text/html date Tue, 07 Nov 2023 00:30:19 GMT etag "3a2-5c1ab16b3be00-gzip" expires Tue, 14 Nov 2023 00:30:19 GMT last-modified Thu, 06 May 2021 15:37:28 GMT link <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical" server keycdn vary Accept-Encoding x-accel-version 0.01 x-cache HIT x-edge-location defr
GET H2	200	view.aspx Show response pb.media01.eu/ Frame 09F0 Redirect Chain https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=20846500005084504444550012501030&t=htlp&gdpr=1&consent=1&gdpr_consent= https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=20846500005084504444550012501030&actionid=879111&produktid=ratenkredit&dt_url=	0 201 B	21ms 19ms	Script text/html	88.198.250.30 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=20846500005084504444550012501030&actionid=879111&produktid=ratenkredit&dt_url= Requested by Host: 360c05391acf73760fa897b7cd7ff680.safeframe.googlesyndication.com URL: https://360c05391acf73760fa897b7cd7ff680.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Server 88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.88-198-250-30.clients.your-server.de Software Microsoft-IIS/10.0 / ASP.NET Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://360c05391acf73760fa897b7cd7ff680.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 00:30:18 GMT x-aspnet-version 4.0.30319 x-powered-by ASP.NET p3p policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA" content-length 0 x-xss-protection 1; mode=block pragma no-cache last-modified Tue, 07 Nov 2023 01:30:19 GMT server Microsoft-IIS/10.0 access-control-allow-methods GET,POST content-type text/html; charset=UTF-8 access-control-allow-origin * cache-control no-cache, must-revalidate access-control-allow-credentials true access-control-allow-headers Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location expires Mon, 26 Jul 1997 05:00:00 GMT Redirect headers date Tue, 07 Nov 2023 00:30:19 GMT strict-transport-security max-age=15768000 x-iplb-instance 40028 content-length 0 proxy-host pv.medialead.de attribution-reporting-register-source {"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}} server nginx/1.17.5 host pv.medialead.de x-iplb-request-id B2A2D186:DD26_91EFC182:01BB_6549851B_1CB35A3:1A42A vary Origin content-type application/javascript access-control-allow-origin * location https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=20846500005084504444550012501030&actionid=879111&produktid=ratenkredit&dt_url= access-control-expose-headers X-Request-ID access-control-allow-credentials true keep-alive timeout=20
GET H/1.1	200 OK	e99aace94e6e58733936cdd965d03e75 pv.medialead.de/trck/eview/ Frame 09F0	43 B 666 B	274ms 93ms	Image image/gif	145.239.193.130 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://pv.medialead.de/trck/eview/e99aace94e6e58733936cdd965d03e75?subid=20846500005084504444550012501030&t=htlp&gdpr=1&consent=1&gdpr_consent= Requested by Host: hal900030.redintelligence.net URL: https://hal900030.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=c48a88d773&subid=&uid=f5cff2fcd87495d6&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCkcOLGoVJZfy4CcSYgQexpLuABablvaBphZWcp8kP8C4QASCdwq1pYJWCgICwB8gBCakCLozSnqf6sT6oAwHIA5sEqgTTAU_QRutfvC2Dlyp6s7ulqIIvVZMKccN_QeXixTQ91SoWk7LTKgTlT9CnnSWYZqKSgrPJzP7KknrSn1iryVTnTk1kFJtZQO620V8d7QE_tr7rrYOse2FINaksoGmoO3eDoAowfZtJlZ09ahBe2OLnLMFCgrcxsteU4g2yjIz6gjiBg9j1Bu3VaMs98rFz-2l8IY_I2cOzzQ7KBkWx8FYLHuSwG98cyEZ5Kitwg20edPJzPn3FHSmIxgKTb_dUliJVaUgQEKudIYD4SExxxzVNTM197d7ABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgGYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJEReINEwimtuiZ0bCCAxVETOAKHTHSDlCwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26num%3D1%26cid%3DCAQSTADICaaNSwsSUZ77mWBZ7qgfv2QTsiAfc3A0ksUK7h-GbPW1lSNLB9ZWQcZjO1TkdUYbe9HgouPRQ-It3IiSCI2m49kfnVHxYWmR4nQYAQ%26sig%3DAOD64_20LXBg2fCBYuDkBuykQNUWxI_joQ%26client%3Dca-pub-8278416939377896%26dbm_c%3DAKAmf-C_AVgqnoZyCosq-07WJeCdPXIulwzLFFpVK04yJiL0NaAZ20K8x3rtaRWDRtg1QF6HJDaqOLdja3fX4lJgVXL9xsEEzV7azXUDa2mHRdpiXsF0MmvFmUIHRkfLEDiU-RxnZF2QY5as3roffdq2SliAovYnx3dCgGKYyws9oMErVD_YG0w%26cry%3D1%26dbm_d%3DAKAmf-AmHuPajiQ-61kCluKzeu-4ZWe4lgzVotBefx5uqbhiebx-C8DrW4guvN6LlmDD7_SUF5s4CQombcFGvtP9MeJvmRh6zOteWoIH0xJ2cZbK6DnjwHI5Qgflx8P4hIY84ZX0_C9op9stXq-qIJzKU3dG0cv8WV68pT0SoVqH59ZEwjH4ZDLRbJvXwMrCr4IZL35ZMD5zJ4jt7cqoH2y9LpxRp5IX-mPy72vfe4oy0kXjQkn3PaCT5BncQtnJBx2IAA3bJeyPINld1UBPqipDhAqLYYBDsNzw0UuIka17a7Ndd6UYR25SuWgAbXwqN9JhCZHv6IdEoe6AMQTztKd4pwlSl7r6qbpJb13E6quE8sPX9S_yRiMLKA3dcEI6UFpHmuWak-9kV_fE1QumUgd8xKFnn3jp99CpCIUQmYPZEmRw8vQHUPqEoAClI4J2d4xZQ8r_oGFfkFau2YJ296HBUzQ7wj0gSocUB8H71y3m9KCqpY69FTopHQWrB_PyBMbvDRuvb_M1nE2CG6XqHapah4V-o59pAYx26hBcNYf5uVjNYeSxIcU%26adurl%3D&documentReferer=https%3A%2F%2Fibb.co%2F&ancestorOrigins=https%3A%2F%2Fibb.co&random=872430427933&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 145.239.193.130 , France, ASN16276 (OVH, FR), Reverse DNS Software nginx/1.17.5 / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers accept-language de-DE,de;q=0.9 Referer https://360c05391acf73760fa897b7cd7ff680.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 00:30:19 GMT strict-transport-security max-age=15768000 attribution-reporting-register-source {"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}} server nginx/1.17.5 host pv.medialead.de x-iplb-request-id B2A2D186:DD24_91EFC182:01BB_6549851B_1C90F37:1E878 x-iplb-instance 40027 vary Origin content-type image/gif access-control-allow-origin * access-control-expose-headers X-Request-ID access-control-allow-credentials true keep-alive timeout=20 content-length 43 proxy-host pv.medialead.de
GET H3	204	sodar pagead2.googlesyndication.com/pagead/	0 0	50ms 50ms	Image text/html	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310310101&jk=530399455745623&bg=!NDelN3jNAAb4oU7C2KE7ADQBe5WfOIuQnHWruBF1YE1MqL--dPqntKjMWsHcN1tBAAQtpx5F13TLXOCpujeTYJsCfmFWAgAAAQVSAAAACmgBB5kC7zdFMJkOpkin4BKmT2O2Ptr2nCfEdFnIBiDAxsLp5jMPGW3dJbZFSsfJlBs36hHkBSzHfZMclKf1h620kmkR6KiB1XjaESDg_H65D20NeHHQEkTGHAysQ4-qZnJar7Z73GYkBd9YBcC7lL4ZjKhqilLvwqhtW3gamfuXb92kouUTRogpVqJkVh0w8STiiDdwlettUjohLjAHFPwZCORS4F4Vgdt8zCSQMVgjqwHm-qR-KNuBoixiY1RYLk4cF1ZomABHgw1gLh_HuZH0C7TFNANPYfLvTKheZCfI4r4Q0GSmMJ7aLvR5OD91HTCuA8wNTU10XKgJAN0mPODUtNmsvNK2EJhgE52SmcWVeo55M1jJPxk9j81QtpOCh4Yw7AmCDsNYMBfk4W4yDQEkzfTTODWxYeVc6nSk6ERg-tWkCJfx0TkEztHeqO7NWTKK1IhKpqJTAO5G3MsWpmqxm4CVvkFY0YZrLBt4-RbQ3jInwdztu9b0-ApJ3tc5DkPvG8AwkV-V7UY3mbjqB6ORLPoajPWoAD_LVI1-DHDrHmnZl60mgj0CEX-OVHzsIMWpfgtlT74PUM0puDPYtLALcKX7B39QlJ-vkKGeJMRVgYx0kN05heeTvh7OZG6uG4h3SqMZL2NPqzcnpV585dztAXAqaSc0INuq1Y2tV8r8-kXkMqD9LWiv6CNX33BPeEJe21OD8QJwuaJvbi0GqpZsVtqvzUWw55WYNmuk1nWV1GLM-FDnRoUE565RonqmWSYX8Xc176teHR3he_WUM-IzsOS29eThixdSaOeSxZWKeP9a9Zk7mcrny1OLgP1bzY3CuwqMcneF-8PDKFYO18Wp-mvSSxPZE1-Dede44NANjPzNGZUeaMC3edKM-6NguYKjOj0HhR8jhPTEXLkix-kIyGL0CJIQVnLmZ8wgzWOP6olgboFUVd-dUN5zUP4hLkQtjvVgZLYXBwQY55eIAD_jpfNwhZqSaClxAw4TORi1sOn1SSI Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 1C20	0 20 B	51ms 50ms	Image image/gif	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BqDHKGoVJZb71LdTx3wOn9brgCQAAAAA4AeAEAg&bg=!0dKl0p3NAAb4oU7C2KE7ADQBe5WfOKeK57m-P-gb5L2bXwwKyMv0Vw0InQK22Au6DuD_CepFYzTZAuEAAC1i_-GyiXZJAgAAAJNSAAAAC2gBB5kDRzYsSd6RWXpyA2wScFW-dPy6yLYFSouKx5HOqUikJsmX07VMi8hr8CvnOnT_5fnk6tYOvdU0C9weKOLczNONIDdo_A_meAX9W0OaYFnH5YzADI4ImiUfUYmbPfeyzixwBRlwY4ybLUcXHM36X1GjqAW2gO15paCv8eh0vVqJVlBx1WGwSKvsJxOEKuy6e0egX-9LyhtmfkOiW38E_YeLlwOn_VBywTDMm8kPuVAT8V5j6GyTmbYhKcjNX-beSa3X-Ar5JI99VOnTHVEp_zntOf8ShV0NwP9tMSBDjXONjhXyeP_wFtLakuIfdfYbIMl30kIPwycqvQlrsoxjpGLVKD5tr0Nb8HnSvEPVxLWTRG3yzNt0G-1qq9dqEykIbqjl9zCssMNnBDRhhgv4C4Kvm05J9ARUVlRR4vGHGomSQuKu9KcvuBnaBBGO-KvAMflX12TWM2jssr0W3RaJlKBQi8QTNlLMAyylINvzklDdtw2fJuel42wxjFGzvqHG5T7-18A0jNirdBgwvTMqp3pL71TqLofZtywV5B2xt97KCWieb6OXKdWSWpbyY8wOdtTW54a8-vRopFfKKzaVF9tbNXuZAckAVbFIuNOmLn7wbQg7NL3N78tEvosOpuGdmFpze9k2hLvy2592qX2aX3XJ9om7McgsvEgGmsKgv_YybbYUf9UCBfSrqGHwhdzR9nRkMLJJgh_DizjLF3Dx4VAT5GPWmsAQmI18LGPYUmC3pxzBG9quSEKmOzIdsAI1LqVRzp8jFRtc4SnPINdfbAU9Pyd5tzg1xcMnrlBoGo4Wp-4IjQyLk80DsvkxcwexDh290_11whL5NaRW89rPEHfL67gB8QZ0YSZXjEzcgmyZA0jNegp9jTlRx2m3BrWTKIiMgUpXZS7r3np4f2nmKWm78l07TuriT1mXgNs4yFZF9voeefutqfWaQVxaDx1h51KBe4-8GzorjE7Dk6XcUMzMuIdcNx1NSMH4UChB6CDVoa0qcSdFGEupJRX-JfWGvT5ZILMT-h8uXin3op7r1icARsPQOTzHG5HX79bVUWI_SjLB1ZRZt3xlIEc2u2xFJGFhAz0yjBsa_FKsySNxkuVhLqAjkrpoBRBF Requested by Host: 360c05391acf73760fa897b7cd7ff680.safeframe.googlesyndication.com URL: https://360c05391acf73760fa897b7cd7ff680.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Tue, 07 Nov 2023 00:30:19 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/ Frame E00A	174 KB 63 KB	73ms 33ms	Script application/javascript	2a00:1450:4001:812::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF Requested by Host: adv.office-partner.de URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 988ff5450acea9d26283cd71cdb873d544f48b69cf831cd2d6cf081b4071d8fb Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://adv.office-partner.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 00:30:19 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 63847 x-xss-protection 0 last-modified Tue, 07 Nov 2023 00:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 07 Nov 2023 00:30:19 GMT
GET H2	200	link.html Show response track.webgains.com/ Frame 09F0	2 KB 2 KB	159ms 76ms	Script text/html	18.169.160.74 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=20846500005084504444550012501030&nw=1 Requested by Host: 360c05391acf73760fa897b7cd7ff680.safeframe.googlesyndication.com URL: https://360c05391acf73760fa897b7cd7ff680.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.169.160.74 London, United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-169-160-74.eu-west-2.compute.amazonaws.com Software nginx / PHP/7.4.26 Resource Hash d596e623ca0a03057d1c22225d331cdd4b3cf20876b58bf5f5d9a54a90c638d0 Request headers accept-language de-DE,de;q=0.9 Referer https://360c05391acf73760fa897b7cd7ff680.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 00:30:19 GMT last-modified Tue, 07 Nov 2023 00:30:19 GMT server nginx x-powered-by PHP/7.4.26 access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS content-type text/html; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=60 access-control-allow-headers Authorization expires Tue, 07 Nov 2023 00:31:19 GMT
GET H/1.1	200 OK	request_content.php Show response hal900030.redintelligence.net/ Frame B422	7 KB 2 KB	38ms 15ms	Document text/html	136.243.149.243 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal900030.redintelligence.net/request_content.php?s=20846500005084504444550012501030&a=eef1de06 Requested by Host: 360c05391acf73760fa897b7cd7ff680.safeframe.googlesyndication.com URL: https://360c05391acf73760fa897b7cd7ff680.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 136.243.149.243 Sindelfingen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.243.149.243.136.clients.your-server.de Software Apache / Resource Hash 58c9e960e772ac1a2d74b1fd2fe74559e910bcceffca73a713a94401454e8f8e Request headers Referer https://360c05391acf73760fa897b7cd7ff680.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control no-store, no-cache, must-revalidate, max-age=0 Connection close Content-Encoding gzip Content-Length 2078 Content-Type text/html; charset=utf-8 Date Tue, 07 Nov 2023 00:30:19 GMT Expires Tue, 07 Nov 2023 00:30:19 +0100 P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Pragma no-cache Server Apache Vary Accept-Encoding
GET DATA	200 OK	truncated / Frame 09F0	212 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 5348394b0b6edd1cbc2735a5d6ba8a0d1e8ccae3a408b39698cf991dff865b25 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers Content-Type image/png
GET H3	200	css fonts.googleapis.com/ Frame B422	2 KB 434 B	30ms 23ms	Stylesheet text/css	2a00:1450:4001:80b::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Titillium+Web:400,700 Requested by Host: hal900030.redintelligence.net URL: https://hal900030.redintelligence.net/request_content.php?s=20846500005084504444550012501030&a=eef1de06 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash bf5b911ce6645add415b3dbf40d50dc8cda426f38f5300525bf4793c4131b2c2 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://hal900030.redintelligence.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Tue, 07 Nov 2023 00:30:19 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Mon, 06 Nov 2023 22:58:43 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 07 Nov 2023 00:30:19 GMT
GET H/1.1	200 OK	/ hal9000.redintelligence.net/scale/ Frame B422	17 KB 17 KB	148ms 116ms	Image image/png	78.46.111.106 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/produkte-kredite-privatkredit-mann-auf-pferd-teaser-logout-1200x627.jpg Requested by Host: hal900030.redintelligence.net URL: https://hal900030.redintelligence.net/request_content.php?s=20846500005084504444550012501030&a=eef1de06 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 78.46.111.106 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.106.111.46.78.clients.your-server.de Software Apache / Resource Hash 35afd00e6190a8b84d37d8fc9e9df80eb93b2dae20dc261dd57fb970d17b15b0 Request headers accept-language de-DE,de;q=0.9 Referer https://hal900030.redintelligence.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers Date Tue, 07 Nov 2023 00:30:19 GMT Content-Encoding gzip Server Apache Connection close Content-Length 16983 Vary Accept-Encoding Content-Type image/png
GET H/1.1	200 OK	/ hal9000.redintelligence.net/scale/ Frame B422	13 KB 13 KB	48ms 21ms	Image image/png	78.46.111.106 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/50502/creativesup/Fyrst-1200x627.jpg Requested by Host: hal900030.redintelligence.net URL: https://hal900030.redintelligence.net/request_content.php?s=20846500005084504444550012501030&a=eef1de06 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 78.46.111.106 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.106.111.46.78.clients.your-server.de Software Apache / Resource Hash 97a4bb4d924b27a71409657470c93d10d4e466e43bd6f669e7d2dd08c8dfef06 Request headers accept-language de-DE,de;q=0.9 Referer https://hal900030.redintelligence.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers Date Tue, 07 Nov 2023 00:30:19 GMT Content-Encoding gzip Server Apache Connection close Content-Length 13283 Vary Accept-Encoding Content-Type image/png
GET H/1.1	200 OK	/ hal9000.redintelligence.net/scale/ Frame B422	16 KB 16 KB	43ms 14ms	Image image/png	78.46.111.106 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg Requested by Host: hal900030.redintelligence.net URL: https://hal900030.redintelligence.net/request_content.php?s=20846500005084504444550012501030&a=eef1de06 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 78.46.111.106 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.106.111.46.78.clients.your-server.de Software Apache / Resource Hash 16f171fb8ea34ce28988ddb993769039f311a40d1be443769063435e960d1e34 Request headers accept-language de-DE,de;q=0.9 Referer https://hal900030.redintelligence.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers Date Tue, 07 Nov 2023 00:30:19 GMT Content-Encoding gzip Server Apache Connection close Content-Length 16511 Vary Accept-Encoding Content-Type image/png
GET H2	200	js Show response www.googletagmanager.com/gtag/ Frame E00A	273 KB 91 KB	24ms 23ms	Script application/javascript	2a00:1450:4001:812::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-Q7C756EV6G&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 33127c19d83efe5a540041e7fc223764671e4376ff456fc22e21485a1ebfb1c0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://adv.office-partner.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 00:30:19 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 92756 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 07 Nov 2023 00:30:19 GMT
GET H/1.1	200 OK	viewability Show response hal900030.redintelligence.net/ Frame B422	0 150 B	42ms 13ms	Script text/html	136.243.149.243 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal900030.redintelligence.net/viewability?s=20846500005084504444550012501030&a=8a0b4c71&vb=m Requested by Host: hal900030.redintelligence.net URL: https://hal900030.redintelligence.net/request_content.php?s=20846500005084504444550012501030&a=eef1de06 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 136.243.149.243 Sindelfingen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.243.149.243.136.clients.your-server.de Software Apache / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://hal900030.redintelligence.net/request_content.php?s=20846500005084504444550012501030&a=eef1de06 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers Date Tue, 07 Nov 2023 00:30:19 GMT Server Apache Connection close Content-Length 0 Content-Type text/html; charset=UTF-8
GET H2	200	pvClk.min.js Show response analytics.webgains.io/ Frame 09F0	53 KB 19 KB	73ms 8ms	Script application/javascript	18.66.147.120 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://analytics.webgains.io/pvClk.min.js Requested by Host: track.webgains.com URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=20846500005084504444550012501030&nw=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.147.120 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-147-120.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 75b11328827bb635b369ee1f4c8e9dad82b7b609d5bfc736d8ce1994a6f4c03b Request headers accept-language de-DE,de;q=0.9 Referer https://360c05391acf73760fa897b7cd7ff680.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Mon, 06 Nov 2023 18:38:11 GMT content-encoding gzip via 1.1 77517a7f5d9094d359ba5186c3bda1e6.cloudfront.net (CloudFront) last-modified Wed, 01 Nov 2023 16:51:16 GMT server AmazonS3 x-amz-cf-pop FRA60-P4 age 21129 x-amz-server-side-encryption AES256 etag W/"5d5bc5942e2e0a61b44429bb852bdc91" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id W19ZRlrqIJ496FYe-RC1SH1cfmTH8S2q5txnWRjSjxjk7Xcumup2mw==
GET H2	200	1x1.png cdn.track.production.webgains.team/7121/ Frame 09F0	3 KB 3 KB	35ms 7ms	Image image/png	99.86.4.94 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.track.production.webgains.team/7121/1x1.png?Expires=1699317319&Signature=bC3sNoV0Sm2w83YpGufuAqrn4NrDCZIk~NwPAXlbEXntXGqlpLqBJSiZjQGcR6rMCxhQa18M7b1THlWexjHPQgKU9E2zUbUBvdtNn8RFBvl~45u-AHgt4kEKVWG4nH6bDvq0S7~vFuxXkKx4YqXnuQjHYI6v9lDa2jjQfzXbX5GR~7h5ibidDCs9xpZqznOSJi1mlsjx-9ruM8VpXAviIUAktMR75REaPreyXDnjVLEId0BV99QlvQrDNFWlskyuVH5qppzIaz2XvfNLAVQZCGstR~6hKJ~8UjabmoF7~gnBSrmxLwo6Ssu7aCFjIzdsLAdI~MDfRJ4UYQwkd-Z15A__&Key-Pair-Id=K28VXAGA7VWE0O Requested by Host: 360c05391acf73760fa897b7cd7ff680.safeframe.googlesyndication.com URL: https://360c05391acf73760fa897b7cd7ff680.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.94 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-94.fra6.r.cloudfront.net Software AmazonS3 / Resource Hash 232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98 Request headers accept-language de-DE,de;q=0.9 Referer https://360c05391acf73760fa897b7cd7ff680.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers x-amz-version-id null date Mon, 06 Nov 2023 02:05:42 GMT via 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront) last-modified Fri, 06 May 2022 11:40:06 GMT server AmazonS3 x-amz-cf-pop FRA6-C1 age 80678 etag "4e57de0506fbdb487ffcd53b450caee1" vary Accept-Encoding x-cache Hit from cloudfront content-type image/png accept-ranges bytes content-length 2808 x-amz-cf-id dBpu8czD7RDDYIC8IMiKqf_anWFjTxV309pKC5ICRE_0t7eSsG1rOw==
GET H3	200	cc.jpeg px.vliplatform.com/iv-v4/	0 497 B	136ms 134ms	Image image/jpeg	2606:4700:3030::6815:5286 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://px.vliplatform.com/iv-v4/cc.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNoc-PAatBeKw-rPaT-PMMe-qewe-BPeZTKYwYerwRqxeNRwNqrb_TZYdtroqRlmNxfrtyoftrbxfrtyoftrRdzNwqfftkRrdzNuggustRmNTTTPBARleNplR_yszuNyqslt Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 00:30:19 GMT cf-cache-status MISS last-modified Tue, 07 Nov 2023 00:30:19 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I1tljyPLDkVMEujzTzaGGJhshmIVDlLQkw1fLK1Rz3zvqLzgM1xE7M6xGHm3f%2Bch8hrq23EesPGeDKf42ouVi4pIdWIZevWrmtiuoGYmyGZfNwplPNOHJHAvd%2FNGal6fUu1wSQbB7Psmm1oZH8%2BGwQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=864000, immutable accept-ranges bytes x-robots-tag noindex, nofollow, noarchive, nosnippet cf-ray 8221778d59941c38-FRA content-length 0 alt-svc h3=":443"; ma=86400
POST H2	200	tracking-event Show response api.webgains.io/ Frame 09F0	16 B 209 B	70ms 69ms	Fetch application/json	13.43.78.194 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.webgains.io/tracking-event Requested by Host: analytics.webgains.io URL: https://analytics.webgains.io/pvClk.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.43.78.194 London, United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-43-78-194.eu-west-2.compute.amazonaws.com Software nginx / PHP/8.1.14 Resource Hash c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://360c05391acf73760fa897b7cd7ff680.safeframe.googlesyndication.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Content-Type application/json Response headers date Tue, 07 Nov 2023 00:30:20 GMT x-content-type-options nosniff server nginx x-powered-by PHP/8.1.14 content-type application/json access-control-allow-origin * cache-control no-cache, private x-xss-protection 1; mode=block
OPTIONS H2	204	tracking-event api.webgains.io/ Frame	0 0	85ms 21ms	Preflight	13.43.78.194 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.webgains.io/tracking-event Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.43.78.194 London, United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-43-78-194.eu-west-2.compute.amazonaws.com Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://360c05391acf73760fa897b7cd7ff680.safeframe.googlesyndication.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers access-control-allow-headers Authorization, Content-Type access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS access-control-allow-origin * date Tue, 07 Nov 2023 00:30:20 GMT server nginx
GET H2	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 09F0	42 B 174 B	51ms 49ms	Fetch image/gif	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsslSr9falAzC9C7BNNf2j71AxxnDeAHSRwuqkCMd6MaMQ974q2F1y5a-LgvUTtc0Q3wK7BGm1-bgLZKpe4J3YVJBFXF4jm8A9dZ8D5sZ9svUChglhenQa3mY7vhj6l4K78&sai=AMfl-YSqY0lPbdOAJCXfh4aWCnJSYhYAC1BtF8wwFxiU1ezd4DJV37-P0z6O2qszE35zi3MlWFAi1pdRoJ4lRLLIDVg9VUb221f9Kw8XabSiK7o0oijw6ihLqESzVyDSQ03wRNOtFTQupkCymojEbQ&sig=Cg0ArKJSzFFI1IGIYrhaEAE&cid=CAQSTADICaaNSwsSUZ77mWBZ7qgfv2QTsiAfc3A0ksUK7h-GbPW1lSNLB9ZWQcZjO1TkdUYbe9HgouPRQ-It3IiSCI2m49kfnVHxYWmR4nQYAQ&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231106&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3672933460&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699317018412&rpt=1112&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://360c05391acf73760fa897b7cd7ff680.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Tue, 07 Nov 2023 00:30:20 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	viewability Show response hal900030.redintelligence.net/ Frame B422	0 150 B	36ms 13ms	Script text/html	136.243.149.243 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal900030.redintelligence.net/viewability?s=20846500005084504444550012501030&a=8a0b4c71&vb=v Requested by Host: hal900030.redintelligence.net URL: https://hal900030.redintelligence.net/request_content.php?s=20846500005084504444550012501030&a=eef1de06 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 136.243.149.243 Sindelfingen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.243.149.243.136.clients.your-server.de Software Apache / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://hal900030.redintelligence.net/request_content.php?s=20846500005084504444550012501030&a=eef1de06 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers Date Tue, 07 Nov 2023 00:30:20 GMT Server Apache Connection close Content-Length 0 Content-Type text/html; charset=UTF-8
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 09F0	0 20 B	49ms 48ms	Ping image/gif	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4304786260509&version=m202309260101&ct=77&x=1&cor=12595442522985720000 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://360c05391acf73760fa897b7cd7ff680.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Tue, 07 Nov 2023 00:30:20 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT