ibb.co Open in urlscan Pro
213.174.132.224 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ibb.co/WH5LQFj
Submission: On December 11 via api (December 11th 2023, 7:18:45 am UTC) from CZ — Scanned from DE

Summary HTTP 124 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 41 IPs in 4 countries across 29 domains to perform 124 HTTP transactions. The main IP is 213.174.132.224, located in Ashburn, United States and belongs to ADVANCEDHOSTERS-AS, NL. The main domain is ibb.co. The Cisco Umbrella rank of the primary domain is 11877.
TLS certificate: Issued by R3 on December 9th 2023. Valid for: 3 months.

This is the only time ibb.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	213.174.132.224 213.174.132.224	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
5	2606:4700:303... 2606:4700:3032::ac43:83fb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 14	2606:4700:10:... 2606:4700:10::6816:3ac7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	162.19.58.157 162.19.58.157	16276 (OVH) (OVH)
3	93.93.51.191 93.93.51.191	34655 (DOCLER-AS) (DOCLER-AS)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:1::... 2606:4700:1::6813:854c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	93.93.51.200 93.93.51.200	34655 (DOCLER-AS) (DOCLER-AS)
2	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
4	93.93.51.190 93.93.51.190	34655 (DOCLER-AS) (DOCLER-AS)
1	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
3	13.32.22.213 13.32.22.213	16509 (AMAZON-02) (AMAZON-02)
1	99.86.4.39 99.86.4.39	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	18.239.64.29 18.239.64.29	16509 (AMAZON-02) (AMAZON-02)
13	2606:4700:303... 2606:4700:3037::ac43:9e3b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:23::a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:3556	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
1	162.19.138.117 162.19.138.117	16276 (OVH) (OVH)
1 3	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
10	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:46::45 2620:1ec:46::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2.19.244.218 2.19.244.218	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:ea7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::ac43:4b40	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 8	2a02:26f0:350... 2a02:26f0:3500:1b::1724:a38e	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	185.89.210.153 185.89.210.153	29990 (ASN-APPNEX) (ASN-APPNEX)
1	146.75.118.132 146.75.118.132	54113 (FASTLY) (FASTLY)
2	2.19.245.134 2.19.245.134	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2.18.161.178 2.18.161.178	16625 (AKAMAI-AS) (AKAMAI-AS)
2	70.42.32.63 70.42.32.63	13789 (INTERNAP-...) (INTERNAP-BLK3)
124	41

1 213.174.132.224 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

ibb.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3032::ac43:83fb (United States)

ASN13335 (CLOUDFLARENET, US)

simgbb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.usefulcontentsites.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.usefulcontentsites.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700:10::6816:3ac7 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

services.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsp.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.19.58.157 (France)

ASN16276 (OVH, FR)
PTR: ns3096589.ip-162-19-58.eu

i.ibb.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 93.93.51.191 (Luxembourg)

ASN34655 (DOCLER-AS, LU)

pt.protoawe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:1::6813:854c (United States)

ASN13335 (CLOUDFLARENET, US)

cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 93.93.51.200 (Luxembourg)

ASN34655 (DOCLER-AS, LU)

pt-static5.awepsljan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pt-static4.awepsljan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pt-static3.awepsljan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pt-static1.awepsljan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 93.93.51.190 (Luxembourg)

ASN34655 (DOCLER-AS, LU)

galleryn2.vcmdiawe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
galleryn3.vcmdiawe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.22.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-22-213.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-39.fra6.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.239.64.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-64-29.ams58.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:3037::ac43:9e3b (United States)

ASN13335 (CLOUDFLARENET, US)

px.vliplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.vliplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

redirector.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:23::a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r5---sn-4g5edndk.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

c5e39ac91de2ad8f710b6bb01a006177.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.117 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:46::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

adsdk.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.19.244.218 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-244-218.deploy.static.akamaitechnologies.com

cdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:ea7 (United States)

ASN13335 (CLOUDFLARENET, US)

adsystem.pocpoc.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4b40 (United States)

ASN13335 (CLOUDFLARENET, US)

px.pocpoc.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:26f0:3500:1b::1724:a38e (Frankfurt am Main, Germany) 3 redirects

ASN20940 (AKAMAI-ASN1, NL)

www.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.89.210.153 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ams3-ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.118.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

odb.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.19.245.134 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-245-134.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.161.178 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-161-178.deploy.static.akamaitechnologies.com

images.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 70.42.32.63 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

log.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mcdp-nydc1.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 c5e39ac91de2ad8f710b6bb01a006177.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 148	88 KB
14	vlitag.com 1 redirects services.vlitag.com — Cisco Umbrella Rank: 40308 assets.vlitag.com — Cisco Umbrella Rank: 49048 media.vlitag.com — Cisco Umbrella Rank: 79301 dsp.vlitag.com — Cisco Umbrella Rank: 63386	1 MB
13	vliplatform.com px.vliplatform.com — Cisco Umbrella Rank: 35885 static.vliplatform.com — Cisco Umbrella Rank: 99516	14 KB
8	bing.com 3 redirects www.bing.com — Cisco Umbrella Rank: 60	35 KB
8	adnxs.com cdn.adnxs.com — Cisco Umbrella Rank: 1605 ams3-ib.adnxs.com — Cisco Umbrella Rank: 6997	58 KB
8	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 306 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 614 aax.amazon-adsystem.com — Cisco Umbrella Rank: 410	72 KB
7	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196	231 KB
5	simgbb.com simgbb.com — Cisco Umbrella Rank: 207329	139 KB
4	outbrain.com odb.outbrain.com — Cisco Umbrella Rank: 4021 widgets.outbrain.com — Cisco Umbrella Rank: 2138 mcdp-nydc1.outbrain.com — Cisco Umbrella Rank: 7106	9 KB
4	vcmdiawe.com galleryn2.vcmdiawe.com — Cisco Umbrella Rank: 35425 galleryn3.vcmdiawe.com — Cisco Umbrella Rank: 34552	98 KB
4	awepsljan.com pt-static5.awepsljan.com pt-static4.awepsljan.com pt-static3.awepsljan.com pt-static1.awepsljan.com	122 KB
4	ibb.co ibb.co — Cisco Umbrella Rank: 11877 i.ibb.co — Cisco Umbrella Rank: 12045	433 KB
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 424 mug.criteo.com — Cisco Umbrella Rank: 2811	7 KB
3	protoawe.com pt.protoawe.com	9 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29 imasdk.googleapis.com — Cisco Umbrella Rank: 487	128 KB
2	outbrainimg.com images.outbrainimg.com — Cisco Umbrella Rank: 2858 log.outbrainimg.com — Cisco Umbrella Rank: 3044	7 KB
2	pocpoc.io adsystem.pocpoc.io — Cisco Umbrella Rank: 59400 px.pocpoc.io — Cisco Umbrella Rank: 61081	1 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	128 KB
2	microsoft.com adsdk.microsoft.com — Cisco Umbrella Rank: 4453	75 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 893 id5-sync.com — Cisco Umbrella Rank: 425	34 KB
2	googlevideo.com 1 redirects redirector.googlevideo.com — Cisco Umbrella Rank: 1163 r5---sn-4g5edndk.googlevideo.com — Cisco Umbrella Rank: 609557	952 B
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 313	3 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	159 KB
2	usefulcontentsites.com cdn.usefulcontentsites.com — Cisco Umbrella Rank: 137705 c.usefulcontentsites.com — Cisco Umbrella Rank: 65158	3 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 631	13 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
1	mgid.com cm.mgid.com — Cisco Umbrella Rank: 1303	413 B
1	gstatic.com fonts.gstatic.com	48 KB
124	29

	Domain	Requested by
12	px.vliplatform.com
10	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com ibb.co c5e39ac91de2ad8f710b6bb01a006177.safeframe.googlesyndication.com
8	www.bing.com	3 redirects c5e39ac91de2ad8f710b6bb01a006177.safeframe.googlesyndication.com
8	assets.vlitag.com	services.vlitag.com
7	securepubads.g.doubleclick.net	services.vlitag.com securepubads.g.doubleclick.net c5e39ac91de2ad8f710b6bb01a006177.safeframe.googlesyndication.com
6	ams3-ib.adnxs.com	c5e39ac91de2ad8f710b6bb01a006177.safeframe.googlesyndication.com cdn.adnxs.com
5	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
5	simgbb.com	ibb.co simgbb.com
4	aax.amazon-adsystem.com	c.amazon-adsystem.com
4	services.vlitag.com	ibb.co services.vlitag.com
3	c5e39ac91de2ad8f710b6bb01a006177.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	c.amazon-adsystem.com	services.vlitag.com c.amazon-adsystem.com
3	pt.protoawe.com	ibb.co
3	i.ibb.co	ibb.co
2	widgets.outbrain.com	ibb.co
2	www.googletagservices.com	ibb.co c5e39ac91de2ad8f710b6bb01a006177.safeframe.googlesyndication.com
2	cdn.adnxs.com	ibb.co c5e39ac91de2ad8f710b6bb01a006177.safeframe.googlesyndication.com
2	adsdk.microsoft.com	ibb.co c5e39ac91de2ad8f710b6bb01a006177.safeframe.googlesyndication.com
2	gum.criteo.com	1 redirects static.criteo.net
2	cdn.jsdelivr.net	assets.vlitag.com securepubads.g.doubleclick.net
2	galleryn3.vcmdiawe.com	pt.protoawe.com
2	galleryn2.vcmdiawe.com	pt.protoawe.com
2	www.googletagmanager.com	pt.protoawe.com www.googletagmanager.com
2	fonts.googleapis.com	ibb.co c5e39ac91de2ad8f710b6bb01a006177.safeframe.googlesyndication.com
1	mcdp-nydc1.outbrain.com
1	log.outbrainimg.com
1	images.outbrainimg.com	ibb.co
1	odb.outbrain.com	static.vliplatform.com
1	static.vliplatform.com	dsp.vlitag.com
1	px.pocpoc.io	ibb.co
1	adsystem.pocpoc.io	dsp.vlitag.com
1	dsp.vlitag.com	services.vlitag.com
1	www.google.com	tpc.googlesyndication.com
1	mug.criteo.com
1	id5-sync.com	cdn.id5-sync.com
1	static.criteo.net	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	r5---sn-4g5edndk.googlevideo.com
1	redirector.googlevideo.com	1 redirects
1	media.vlitag.com	1 redirects
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
1	imasdk.googleapis.com	services.vlitag.com
1	c.usefulcontentsites.com
1	www.google-analytics.com	www.googletagmanager.com
1	pt-static1.awepsljan.com	pt.protoawe.com
1	pt-static3.awepsljan.com	pt.protoawe.com
1	pt-static4.awepsljan.com	pt.protoawe.com
1	pt-static5.awepsljan.com	pt.protoawe.com
1	cm.mgid.com	cdn.usefulcontentsites.com
1	fonts.gstatic.com	fonts.googleapis.com
1	cdn.usefulcontentsites.com	ibb.co
1	ibb.co
124	52

This site contains links to these domains. Also see Links.

Domain
undefined
imgbb.com
api.imgbb.com
i.ibb.co

Subject Issuer	Validity	Valid
ibb.co R3	`2023-12-09` - `2024-03-08`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
simgbb.com GTS CA 1P5	`2023-12-08` - `2024-03-07`	3 months	crt.sh
usefulcontentsites.com GTS CA 1P5	`2023-10-23` - `2024-01-21`	3 months	crt.sh
vlitag.com GTS CA 1P5	`2023-11-26` - `2024-02-24`	3 months	crt.sh
pt.aweproto.com R3	`2023-11-19` - `2024-02-17`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-11` - `2024-04-10`	a year	crt.sh
pt-static1.awepsljan.com R3	`2023-10-26` - `2024-01-24`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.vcmdiawe.com Sectigo RSA Domain Validation Secure Server CA	`2023-05-02` - `2024-05-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2023-02-20` - `2024-03-20`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
*.id5-sync.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
adsdk.microsoft.com Microsoft Azure TLS Issuing CA 02	`2023-10-11` - `2024-04-08`	6 months	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2023-08-24` - `2024-08-24`	a year	crt.sh
pocpoc.io GTS CA 1P5	`2023-11-19` - `2024-02-17`	3 months	crt.sh
r.bing.com Microsoft Azure ECC TLS Issuing CA 05	`2023-10-18` - `2024-06-27`	8 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.outbrain.com R3	`2023-11-21` - `2024-02-19`	3 months	crt.sh
*.outbrainimg.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-02` - `2024-03-02`	a year	crt.sh

This page contains 12 frames:

Primary Page: https://ibb.co/WH5LQFj
Frame ID: 147DDA97ECE75C1AFA150C800C1F791A
Requests: 63 HTTP requests in this frame

Frame: https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1
Frame ID: 647AF80CD8B3675F8A1EB5B4E255E3FA
Requests: 13 HTTP requests in this frame

Frame: https://c5e39ac91de2ad8f710b6bb01a006177.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 75AEAA17A29F03242C69001811AAD3C4
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=ibb.co
Frame ID: 4927FB325864CE9286930C51E8B6E58E
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 29D26198C3AFE2530815CC42F8FA4133
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1C75F66C940B0FD7324073EACC070CD4
Requests: 2 HTTP requests in this frame

Frame: https://c5e39ac91de2ad8f710b6bb01a006177.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 12568A9F4F495D2D1AE72E6F7116C7B5
Requests: 1 HTTP requests in this frame

Frame: https://dsp.vlitag.com/js/v1/adtag.js
Frame ID: 168EB7CCA1F188D5AC4BEC4DF01D42B0
Requests: 7 HTTP requests in this frame

Frame: https://c5e39ac91de2ad8f710b6bb01a006177.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8E79B64DCE74B32ADE0B9232D5FEF82D
Requests: 3 HTTP requests in this frame

Frame: https://adsdk.microsoft.com/native-to-display/sdk.js
Frame ID: 41F087B0DBE7B0F0FF4385F2EB75D538
Requests: 10 HTTP requests in this frame

Frame: https://c5e39ac91de2ad8f710b6bb01a006177.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F8C3FEB2F1B8527B8FC03FD919075D08
Requests: 17 HTTP requests in this frame

Frame: https://widgets.outbrain.com/images/widgetIcons/ob_logo_16x16.svg
Frame ID: F730B627BBD16823C8E6FF623428BD75
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

IMG-0085 hosted at ImgBB — ImgBB

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

124
Requests

95 %
HTTPS

63 %
IPv6

29
Domains

52
Subdomains

41
IPs

4
Countries

2971 kB
Transfer

6911 kB
Size

12
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://undefined/?ref=ibb.co
Title: Valueimpression

Search URL Search Domain Scan URL

URL: https://imgbb.com/

Search URL Search Domain Scan URL

URL: https://imgbb.com/plugin
Title: Plugin

Search URL Search Domain Scan URL

URL: https://api.imgbb.com/
Title: API

Search URL Search Domain Scan URL

URL: https://imgbb.com/tos
Title: Terms of service

Search URL Search Domain Scan URL

URL: https://imgbb.com/privacy
Title: Privacy

Search URL Search Domain Scan URL

URL: https://imgbb.com/contact
Title: Contact

Search URL Search Domain Scan URL

URL: https://imgbb.com/upload
Title: Hochladen

Search URL Search Domain Scan URL

URL: https://imgbb.com/login
Title: Anmelden

Search URL Search Domain Scan URL

URL: https://i.ibb.co/j8fSdGs/IMG-0085.jpg

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 57

https://media.vlitag.com/vid/?id=6Fk_i-JDmbY&t=y HTTP 302
https://redirector.googlevideo.com/videoplayback?expire=1702290470&ei=xo92ZffHDMrFsfIPnYar0AQ&ip=184.164.141.146&id=o-ACyCnb7nTM6IXIaduEn2icW6aFf1iHRdB-2gJIihTEaH&itag=18&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=d6&mm=31%2C29&mn=sn-2puupm-2pue%2Csn-p5qs7nzr&ms=au%2Crdu&mv=u&mvi=1&pl=21&spc=UWF9f7jL-sha3MmuqkQeeZ_dhGdmFW6pm_e7qleVqg&vprv=1&svpuc=1&mime=video%2Fmp4&ns=8Rh2zbaYJVs9_LiUqPFwW7wP&cnr=14&ratebypass=yes&dur=200.968&lmt=1685781175523295&mt=1702268307&fvip=3&fexp=24007246&c=WEB&txp=6219224&n=2hOTBWBrTUxcMn-B8&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=ANLwegAwRQIhAN4wxFxatNBYzz_gtC8eWqd0rrVmF_H-QlQjlwGhe5w9AiA5Wz_kX5buZN8NFoeW9rLrVYVoRW_vjUDZpnpdaJKrsg%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AM8Gb2swRQIgdAc5-LV1IGux8xiDbTgRfZdOaebYBNN0hicY4HGcEb4CIQCnW7PBZLDsJePCEnu4p7qJ4zGAykOGENhUP9FFxYv63A%3D%3D HTTP 302
https://r5---sn-4g5edndk.googlevideo.com/videoplayback?expire=1702290470&ei=xo92ZffHDMrFsfIPnYar0AQ&ip=184.164.141.146&id=o-ACyCnb7nTM6IXIaduEn2icW6aFf1iHRdB-2gJIihTEaH&itag=18&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&spc=UWF9f7jL-sha3MmuqkQeeZ_dhGdmFW6pm_e7qleVqg&vprv=1&svpuc=1&mime=video%2Fmp4&ns=8Rh2zbaYJVs9_LiUqPFwW7wP&cnr=14&ratebypass=yes&dur=200.968&lmt=1685781175523295&fexp=24007246&c=WEB&txp=6219224&n=2hOTBWBrTUxcMn-B8&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=ANLwegAwRQIhAN4wxFxatNBYzz_gtC8eWqd0rrVmF_H-QlQjlwGhe5w9AiA5Wz_kX5buZN8NFoeW9rLrVYVoRW_vjUDZpnpdaJKrsg%3D%3D&cms_redirect=yes&mh=d6&mip=2a01:4a0:5a::9&mm=31&mn=sn-4g5edndk&ms=au&mt=1702278777&mv=m&mvi=5&pl=29&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AM8Gb2swRAIgCW_kwjBZC6AqpDjpCGFT-sZNR4eQyKvzfmKcqDGctK0CIERW7rO-8s5sfGulaWO9CEjHA8bfl6ONzu8q2YJXFOe1

Request Chain 73

https://gum.criteo.com/sid/json?origin=publishertagids&domain=ibb.co&sn=ChromeSyncframe&so=0&topUrl=ibb.co&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=NvfYRHxuekNCb2ZNVVFtSVpFMzZ5R20zeHJaMEVJVFh3cHh1RFd2eTdxZ3VBWWcrZ3I1Y3c2QXc4ZVptOGUzWC9VRzc1R0lWU3BnVjJSWFRuYkQ0SXlpaGl1aDhpd3pUUzQxWjhSa2k0UkJOZkRYcWhTV2NlWjBIcDRQc2ZZcDJtZHhacXNGVWFvWGVpQlNXdng0T2EvVExJT2xvckNWaVdtb1hkWGFwUTY5RXU1R2ttUFluM2hBMDAySnNZU1NHc3A0MDhRZFo4dHc2dXo4aXZjbS9SOUJsRVpTemdtVjNlQVFRcURTMWx0LzFlNEFMdEdLRGdvdGhJNjRwdXYzcUt5M1kxdm9SeXEzZm5Zeko0RlhHeE1JRkN4QT09fA&cppv=2

Request Chain 101

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=b17032bb-8d6c-4580-be1c-13812334a29a&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=0e72c845-3b61-4fc3-a611-4e4377cc30b8&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3D9e4e21f797734d16b5021970251ddab3%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=6933&trafficGroup=knaqe_3c&trafficSubGroup=pbageby&aid=1904560765467004151 HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=9e4e21f797734d16b5021970251ddab3&SNR=1&GV=2&med=10

Request Chain 104

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=42f18213-eefc-4bcf-bccf-05bda5f0350c&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=307da587-68a8-4bef-9a20-b202caa3815a&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3D2ff2e1df44ce4e0690fd140525eb74d7%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=6933&trafficGroup=knaqe_3c&trafficSubGroup=zzf%3Aknaqe_3c_syvtugrq_a2q&aid=1716373270945678157 HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=2ff2e1df44ce4e0690fd140525eb74d7&SNR=1&GV=2&med=10

Request Chain 122

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=42f18213-eefc-4bcf-bccf-05bda5f0350c&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=307da587-68a8-4bef-9a20-b202caa3815a&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3D2ff2e1df44ce4e0690fd140525eb74d7%26tids%3D15000%26med%3D10&rtype=mvFeedbackURL&tagId=6933&trafficGroup=knaqe_3c&trafficSubGroup=zzf%3Aknaqe_3c_syvtugrq_a2q&aid=1716373270945678157 HTTP 303
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=2ff2e1df44ce4e0690fd140525eb74d7&tids=15000&med=10

124 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request WH5LQFj Show response
ibb.co/ 21 KB
6 KB 336ms
130ms Document
text/html 213.174.132.224
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ibb.co/WH5LQFj

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

213.174.132.224 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

c0fddcccf39ea7aba5f4a79ad038df3b64aae55936217e31bdbe6379c96f9106

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload max-age=63072000; includeSubDomains; preload
X-Frame-Options	DENY DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 11 Dec 2023 07:18:39 GMT
server: nginx
strict-transport-security: max-age=63072000; includeSubDomains; preload max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-frame-options: DENY DENY

GET
H2 200 css2
fonts.googleapis.com/ 9 KB
1 KB 56ms
16ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500&display=swap

Requested by

Host: ibb.co
URL: https://ibb.co/WH5LQFj

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b5aacc837f3866c139e24a9c447f8ecc672b3e718536585ac1fd0ce9cc0e4e8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 11 Dec 2023 07:18:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 07:11:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 11 Dec 2023 07:18:39 GMT

GET
H2 200 ibb.css
simgbb.com/2801/ 115 KB
26 KB 59ms
18ms Stylesheet
text/css 2606:4700:3032::ac43:83fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://simgbb.com/2801/ibb.css
Requested by: Host: ibb.co
URL: https://ibb.co/WH5LQFj
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:83fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d192a5e1527c429f7e465e41ecbf501e491bbb33365f4870a332ff497c4b12e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 07:18:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 09 Dec 2023 12:35:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6816
etag: W/"65745f1d-1cd5c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fi1l2iZca92JRebjjuKuVCgG8529dPfGGW6JVY35m%2FAGi0p9zxBOBhfY1mMrh1bX9eRb2BqHJB3pQwb9ul88PHCaEfQ73Nhse9GLwddSNYlSDgCdJqtNeyTNBZ5ScsrS55vDEvttmTpB"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 833bf46ebd073a60-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 subscribe.js Show response
cdn.usefulcontentsites.com/js/push/ 5 KB
2 KB 62ms
19ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.usefulcontentsites.com/js/push/subscribe.js?v=7
Requested by: Host: ibb.co
URL: https://ibb.co/WH5LQFj
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c598d6dc2f040f82c608cb1ef063629ad52ade976a354e578cfab5f2fbb428d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc35
date: Mon, 11 Dec 2023 07:18:39 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 1WBW4NJBVST6EEXY
age: 6731
x-cached-since: 2023-12-01T05:31:36+00:00
x-id-fe: fr5-hw-edge-gc35
alt-svc: h3=":443"; ma=86400
x-amz-id-2: uuhYgA/HDCQv+pn7YKONdA005196F3Z52MMkouU1RHFfyIgRmVvpPcG5bemlFt5Ap8d2f0OV12k=
last-modified: Wed, 30 Mar 2022 12:06:36 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1648641987/ctime:1648641987/gid:0/gname:root/md5:531a7e657aea171bbfa47a0c45adfede/mode:33206/mtime:1648641987/uid:0/uname:root
etag: W/"531a7e657aea171bbfa47a0c45adfede"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=26f08y9oFld3%2FODCItiyrSeTZ99E2YmwKWNvddF7wXsMC%2FwFnFQUcRMZYOGdwkxFJ%2BZIn2I%2Fsn2XO9CWeQfi5EczpuICPtHlsddaRSY8PK6XxOjwH4CYQKvRfAiWhXE3Z8jUR4xeDOmLxqJprCocNd42nRYsAHVlcg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cache: STALE
cf-ray: 833bf46f1850921f-FRA

GET
H2 200 / Show response
services.vlitag.com/adv1/ 573 KB
147 KB 83ms
44ms Script
application/javascript 2606:4700:10::6816:3ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1
Requested by: Host: ibb.co
URL: https://ibb.co/WH5LQFj
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da11fea14aa373ea068726762d9842ac4129e659d436ae4f34b71db803046e3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 07:18:39 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 186
cf-polished: origSize=586945
etag: W/"8e6637b4f4f57cc6ca9a8b8db5bcdcb1 2023-12-07T22:46:21 v1 default"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, stale-while-revalidate=3600
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 833bf46f1db9922f-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 logo.png
simgbb.com/images/ 938 B
1 KB 30ms
29ms Image
image/png 2606:4700:3032::ac43:83fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simgbb.com/images/logo.png
Requested by: Host: ibb.co
URL: https://ibb.co/WH5LQFj
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:83fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80329d457bd68a89b53ca393d3ba5f1c7b4f944c3c60ef8244a6969e10647c55

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 07:18:39 GMT
cf-cache-status: HIT
last-modified: Sat, 09 Dec 2023 12:35:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6668
etag: "65745f1d-3aa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k1xOIMPB%2B43%2FsPoLt3VALf3FaTMu9ncDu4kP3oAewgzezJynZLwDObc%2BbCnmdDheCg2Vy9ezqYg%2BMzpaXWFuvwwpdFeguW9sJdFhbQLljoA8vidj6TRV%2BwFBm7UmA6iJhTFjbbGaTSOh"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 833bf46eed2c3a60-FRA
alt-svc: h3=":443"; ma=86400
content-length: 938

GET
H2 200 IMG-0085.jpg
i.ibb.co/8msHJ2t/ 87 KB
87 KB 93ms
35ms Image
image/jpeg 162.19.58.157
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/8msHJ2t/IMG-0085.jpg
Requested by: Host: ibb.co
URL: https://ibb.co/WH5LQFj
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.157 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096589.ip-162-19-58.eu
Software: nginx /
Resource Hash: d66673d789efa519d934345d72e1f9c6b4c57d6269032f124cfe65bb419b9340

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 07:18:39 GMT
last-modified: Mon, 04 Dec 2023 02:48:16 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 89112
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 script Show response
pt.protoawe.com/cifra/ 2 KB
2 KB 86ms
26ms Script
application/javascript 93.93.51.191
DOCLER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pt.protoawe.com/cifra/script?id=awe-customiframe-container&row=1&column=4&border=0&wide=0&padding=8px&model=0&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&legacyRedirect=1
Requested by: Host: ibb.co
URL: https://ibb.co/WH5LQFj
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.93.51.191 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software: unknown /
Resource Hash: 3b5c79fa6438eb8abbfc5dbde134a7f49a7f5920a1099a47b5ffed5222b495f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 07:17:56 GMT
cache-control: no-cache
x-ud-id: 6kBsz/P8h
server: unknown
x-cache-status: R-HIT
content-type: application/javascript

GET
H2 200 jquery2.js Show response
simgbb.com/2801/ 114 KB
41 KB 31ms
31ms Script
application/javascript 2606:4700:3032::ac43:83fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://simgbb.com/2801/jquery2.js
Requested by: Host: ibb.co
URL: https://ibb.co/WH5LQFj
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:83fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff3ec271ef20383e3c4fd7f8a8bbab3610c6bd52fa7ca3a52059b97faf148b24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 07:18:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 09 Dec 2023 12:35:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5780
etag: W/"65745f1d-1c65d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZTCp0d4Ic0zsgCM2LUF1QwjUb18g4jbSDkGt%2BBY%2BryoEF248ccKXZ0Li%2FE5deeVIx5WMCboqp0q%2BJs1Rf%2BD3qh%2Brm1vR7EGXl2ko64QhzYj9E9QiN7rE4ZQ%2FOnYQ%2FWW7yjNCJQrhmFND"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 833bf46eed2e3a60-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 ibb.js Show response
simgbb.com/2801/ 215 KB
62 KB 33ms
33ms Script
application/javascript 2606:4700:3032::ac43:83fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://simgbb.com/2801/ibb.js
Requested by: Host: ibb.co
URL: https://ibb.co/WH5LQFj
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:83fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45906ccf25c34566708e3c7b29332f2d567c6fa53c72a64b2523928343be6cd1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 07:18:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 09 Dec 2023 12:35:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6667
etag: W/"65745f1d-35a95"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uTjFoDWZ4XiqZlYjoLB51qm%2BRy7o7Wcf0v0s8U7cbvN8HzG12qApVSL%2BMQFu%2Bb3tNV4QB4%2BHUwINg4AFOxk67zMMXFydyv4LxDacb1NOKE3w1JoH2txUFijVcnDsVOtbBkcKlIM59gMo"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 833bf46eed2f3a60-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 cifra Show response
pt.protoawe.com/ Frame 647A 28 KB
7 KB 180ms
120ms Document
text/html 93.93.51.191
DOCLER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1
Requested by: Host: ibb.co
URL: https://ibb.co/WH5LQFj
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.93.51.191 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software: unknown /
Resource Hash: cf0490b4b021c6d98aa66e8bc00e4d1e5dd121abb9cd7c472f6e9ec66e825775

Request headers

Referer: https://ibb.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=300, public
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 11 Dec 2023 07:18:39 GMT
server: unknown
vary: Accept-Encoding
x-cache-status: R-EXPIRED
x-ud-id: Y7dQJ/aNY

GET
H2 200 imgbb.woff2
simgbb.com/fonts/ 8 KB
9 KB 70ms
31ms Font
font/woff2 2606:4700:3032::ac43:83fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://simgbb.com/fonts/imgbb.woff2
Requested by: Host: simgbb.com
URL: https://simgbb.com/2801/ibb.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:83fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f46bf0c1c79af4187878ef33dc72a02a554013f943f2eaeb9ad5e88c246b6b13

Request headers

Referer: https://simgbb.com/2801/ibb.css
Origin: https://ibb.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 07:18:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5877
alt-svc: h3=":443"; ma=86400
content-length: 8468
last-modified: Sat, 09 Dec 2023 12:35:41 GMT
server: cloudflare
etag: "65745f1d-2114"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UBvW7%2BKGIUnrIqmn8pL2w%2BnM6e9QZGtVxroJ%2BsqhhpFR9Kk1qkK0EaP5P2G8%2FGdsJqABWR5EAq%2FiWgdxbSyy4wA6QlwRQxcnF13AqyaAMiX8ttDqTa1omHXrkstopR9pyg47Y2QfI6RI"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 833bf46f2d59bbdf-FRA

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ 47 KB
48 KB 49ms
9ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ibb.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:08:30 GMT
x-content-type-options: nosniff
age: 238209
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48432
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Dec 2024 13:08:30 GMT

GET
H2 200 IMG-0085.jpg
i.ibb.co/j8fSdGs/ 169 KB
170 KB 29ms
29ms Image
image/jpeg 162.19.58.157
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/j8fSdGs/IMG-0085.jpg
Requested by: Host: ibb.co
URL: https://ibb.co/WH5LQFj
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.157 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096589.ip-162-19-58.eu
Software: nginx /
Resource Hash: 4883205d54fe1aab104eb7b25a2309ced437ac482c2db2e0580921696b8c24ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 07:18:39 GMT
last-modified: Mon, 04 Dec 2023 02:48:16 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 173438
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js-cookie-muidn Show response
cm.mgid.com/ 0
413 B 95ms
53ms Script
application/javascript 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.mgid.com/js-cookie-muidn

Requested by

Host: cdn.usefulcontentsites.com
URL: https://cdn.usefulcontentsites.com/js/push/subscribe.js?v=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 07:18:39 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 833bf46fbde1c31c-VIE
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 8e6637b4f4f57cc6ca9a8b8db5bcdcb1.json Show response
services.vlitag.com/cli/ 42 B
357 B 562ms
534ms XHR
application/json 2606:4700:10::6816:3ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://services.vlitag.com/cli/8e6637b4f4f57cc6ca9a8b8db5bcdcb1.json?hn=https://ibb.co
Requested by: Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:3ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c8d7e8de674f8d083eaa5c822b7c51aa055767dd7673e8e4f33bb9a5fd053f16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 07:18:39 GMT
cf-cache-status: BYPASS
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ibb.co
cache-control: private, no-cache, no-store, must-revalidate
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 833bf46fca9792a5-FRA
content-length: 42
alt-svc: h3=":443"; ma=86400
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 di.min-v715370.js Show response
pt-static5.awepsljan.com/npe/_common/script/incognito/ Frame 647A 3 KB
2 KB 48ms
11ms Script
application/javascript 93.93.51.200
DOCLER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pt-static5.awepsljan.com/npe/_common/script/incognito/di.min-v715370.js
Requested by: Host: pt.protoawe.com
URL: https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software: unknown /
Resource Hash: 7d71a852775aba4b8dc1944e102cb58b344c544fe55e69da4caa73e8ccc1d2cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.protoawe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-cdn-node: defra
date: Mon, 11 Dec 2023 07:18:39 GMT
content-encoding: gzip
last-modified: Fri, 08 Dec 2023 10:38:18 GMT
server: unknown
etag: W/"6572f21a-d47"
x-cache-status: R-HIT
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
expires: Mon, 25 Dec 2023 07:18:39 GMT

GET
H2 200 advertisement-v715370.js Show response
pt-static4.awepsljan.com/npe/_common/script/adblock/ Frame 647A 21 B
277 B 47ms
10ms Script
application/javascript 93.93.51.200
DOCLER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pt-static4.awepsljan.com/npe/_common/script/adblock/advertisement-v715370.js
Requested by: Host: pt.protoawe.com
URL: https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software: unknown /
Resource Hash: e97a9988dce8067f81f57557b349dd481e0335e75175179b6b01322be2ff13a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.protoawe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-cdn-node: defra
date: Mon, 11 Dec 2023 07:18:39 GMT
last-modified: Fri, 08 Dec 2023 10:38:18 GMT
server: unknown
etag: "6572f21a-15"
x-cache-status: R-HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 21
expires: Mon, 25 Dec 2023 07:18:39 GMT

GET
H2 200 cifra-v715370.css
pt-static3.awepsljan.com/npe/cifra/styles/ Frame 647A 18 KB
4 KB 48ms
11ms Stylesheet
text/css 93.93.51.200
DOCLER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pt-static3.awepsljan.com/npe/cifra/styles/cifra-v715370.css
Requested by: Host: pt.protoawe.com
URL: https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software: unknown /
Resource Hash: 089eb8245e3b54ba7ec782bf62126667c21b7d050e5fe8a50c3c221969eed9fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.protoawe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-cdn-node: defra
date: Mon, 11 Dec 2023 07:18:39 GMT
content-encoding: gzip
last-modified: Fri, 08 Dec 2023 10:38:19 GMT
server: unknown
etag: W/"6572f21b-4645"
x-cache-status: R-HIT
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=1209600
expires: Mon, 25 Dec 2023 07:18:39 GMT

GET
H2 200 cifrafk-v715370.js Show response
pt-static1.awepsljan.com/npe/cifra/script/ Frame 647A 324 KB
116 KB 46ms
10ms Script
application/javascript 93.93.51.200
DOCLER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pt-static1.awepsljan.com/npe/cifra/script/cifrafk-v715370.js
Requested by: Host: pt.protoawe.com
URL: https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software: unknown /
Resource Hash: 2dc37eeeb346edd7286ac5fbd4d78aed9c22129d81fce5b3c06ddc069d2cc08c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.protoawe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-cdn-node: defra
date: Mon, 11 Dec 2023 07:18:39 GMT
content-encoding: gzip
last-modified: Fri, 08 Dec 2023 10:38:19 GMT
server: unknown
etag: W/"6572f21b-50e9f"
x-cache-status: R-HIT
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
expires: Mon, 25 Dec 2023 07:18:39 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 647A 230 KB
77 KB 48ms
17ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WXTGF28

Requested by

Host: pt.protoawe.com
URL: https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

39ad9af61b05dd96903647c297c5486ff4a8924df0c9073f6828994f268a7202

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.protoawe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 07:18:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78657
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 11 Dec 2023 07:18:39 GMT

GET
H2 200 3e550c0fe6f32b1d1e5377b6cd35d399_glamour_460x345.jpg
galleryn2.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f13/ Frame 647A 19 KB
19 KB 55ms
23ms Image
image/jpeg 93.93.51.190
DOCLER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galleryn2.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f13/3e550c0fe6f32b1d1e5377b6cd35d399_glamour_460x345.jpg?cno=ab8b

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.93.51.190 , Luxembourg, ASN34655 (DOCLER-AS, LU),

Reverse DNS

Software

unknown /

Resource Hash

0025ee230b186cf9d87269bb59f59dea577de89dcd1026aeb3b7c6b5d6e8e1c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.protoawe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 07:18:39 GMT
x-content-type-options: nosniff
x-cache-status: R-HIT
x-cache-source: Origin
content-length: 19348
x-cdn-node: defra
last-modified: Sun, 24 Sep 2023 11:13:52 GMT
server: unknown
etag: "43d7cf5032e9336cdf8ee87fc0ac8f66"
content-type: image/jpeg
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: max-age=1209600
x-real-source: -
accept-ranges: bytes
expires: Mon, 25 Dec 2023 07:18:39 GMT

GET
H2 200 a5821b54df3937c02fa7c6e02c3cdcfe_glamour_460x345.jpg
galleryn3.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f1a/ Frame 647A 22 KB
22 KB 31ms
9ms Image
image/jpeg 93.93.51.190
DOCLER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galleryn3.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f1a/a5821b54df3937c02fa7c6e02c3cdcfe_glamour_460x345.jpg?cno=f7c9

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.93.51.190 , Luxembourg, ASN34655 (DOCLER-AS, LU),

Reverse DNS

Software

unknown /

Resource Hash

62b6c7693c102386c9ade23b6bd66748603cc14f4666d507a45e7cb3a5755f0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.protoawe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 07:18:39 GMT
x-content-type-options: nosniff
x-cache-status: R-HIT
x-cache-source: Origin
content-length: 22267
x-cdn-node: defra
last-modified: Wed, 25 Oct 2023 11:22:48 GMT
server: unknown
etag: "e86f2c0c3a302e6ee8de59fee0effabc"
content-type: image/jpeg
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: max-age=1209600
x-real-source: -
accept-ranges: bytes
expires: Mon, 25 Dec 2023 07:18:39 GMT

GET
H2 200 e822c3fcef3c2db04e463e8a991dc285_glamour_460x345.jpg
galleryn2.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f1e/ Frame 647A 30 KB
30 KB 42ms
10ms Image
image/jpeg 93.93.51.190
DOCLER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galleryn2.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f1e/e822c3fcef3c2db04e463e8a991dc285_glamour_460x345.jpg?cno=d91d

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.93.51.190 , Luxembourg, ASN34655 (DOCLER-AS, LU),

Reverse DNS

Software

unknown /

Resource Hash

4791043221b68d0405ffd236de8304d44b0fef042f0d9087e86f363c86971896

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.protoawe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 07:18:39 GMT
x-content-type-options: nosniff
x-cache-status: R-HIT
x-cache-source: Origin
content-length: 30806
x-cdn-node: defra
last-modified: Sun, 15 Jan 2023 07:18:16 GMT
server: unknown
etag: "e6061ce5bf1b84c620c17795d0e6e818"
content-type: image/jpeg
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: max-age=1209600
x-real-source: -
accept-ranges: bytes
expires: Mon, 25 Dec 2023 07:18:39 GMT

GET
H2 200 5b0eec2e1cd52f8f9076303dcf56288b_glamour_460x345.jpg
galleryn3.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f15/ Frame 647A 26 KB
26 KB 37ms
15ms Image
image/jpeg 93.93.51.190
DOCLER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galleryn3.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f15/5b0eec2e1cd52f8f9076303dcf56288b_glamour_460x345.jpg?cno=7150

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.93.51.190 , Luxembourg, ASN34655 (DOCLER-AS, LU),

Reverse DNS

Software

unknown /

Resource Hash

eec443d0e659b9c8560f637392aa4682c448b1a19db1a6c7af7c6b84f2180221

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.protoawe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 07:18:39 GMT
x-content-type-options: nosniff
x-cache-status: R-HIT
x-cache-source: Origin
content-length: 26356
x-cdn-node: defra
last-modified: Fri, 08 Dec 2023 11:34:45 GMT
server: unknown
etag: "ea128b9ef7c363d9949c96d0fb653516"
content-type: image/jpeg
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: max-age=1209600
x-real-source: -
accept-ranges: bytes
expires: Mon, 25 Dec 2023 07:18:39 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 647A 52 KB
21 KB 39ms
17ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WXTGF28

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.protoawe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 11 Dec 2023 05:22:30 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6969
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 11 Dec 2023 07:22:30 GMT

GET
H2 200 push-event-counter
c.usefulcontentsites.com/ 43 B
461 B 253ms
253ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.usefulcontentsites.com/push-event-counter?permission=default&domain=ibb.co
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 07:18:39 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-mg-request-uuid: 1539a847-baa7-4473-b07a-84ae8f08a40c
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zANQtkkujDI%2FGFZTwM7tl0%2F8zaPW0te%2By06lOu%2Bb2ppfC1UJ4lVMSeSu84vnEpzps3sjwmlI8eQCRjovYjWrIBNowufsv3C%2FfCci96PJln%2BPyVibJbYFGvShnjKFLSDT4LC3S61SGseIyy3Cqk04h1T3e8rcwFc%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: https://ibb.co
content-type: image/gif
cf-ray: 833bf471297f921f-FRA
access-control-allow-headers: *
alt-svc: h3=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 647A 234 KB
81 KB 43ms
42ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-H7LMNP6Q9N&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WXTGF28

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f9d445913021603e0270624f1e21608691108c3a856a6963f3edb0244445dddb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.protoawe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 07:18:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83280
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 11 Dec 2023 07:18:39 GMT

GET
H2 200 b9J.gif
pt.protoawe.com/p68KJ/ Frame 647A 43 B
295 B 36ms
36ms Image
image/gif 93.93.51.191
DOCLER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pt.protoawe.com/p68KJ/b9J.gif?psprogram=revs&pstool=212_1&site=jsm&campaign_id=&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&psid=mesaction&categoryName=girl&vp%5BautoPlay%5D=1&vp%5BshowChat%5D=0&vp%5BchatAutoHide%5D=0&im=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.93.51.191 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software: unknown /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 07:18:39 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: unknown
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
content-length: 43
expires: Mon, 11 Dec 2023 07:18:38 GMT

GET
H3 200 vl.json Show response
services.vlitag.com/vld/1702270984/ 13 B
265 B 508ms
508ms XHR
application/json 2606:4700:10::6816:3ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://services.vlitag.com/vld/1702270984/vl.json?page_url=https%3A%2F%2Fibb.co%2FWH5LQFj
Requested by: Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:3ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 07:18:40 GMT
cf-cache-status: HIT
last-modified: Mon, 11 Dec 2023 06:23:18 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ibb.co
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 833bf4731c9e92a5-FRA
content-length: 13
alt-svc: h3=":443"; ma=86400

GET
H3 200 8e6637b4f4f57cc6ca9a8b8db5bcdcb1.json Show response
services.vlitag.com/obj/1702270984/ 44 KB
5 KB 28ms
28ms XHR
application/json 2606:4700:10::6816:3ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://services.vlitag.com/obj/1702270984/8e6637b4f4f57cc6ca9a8b8db5bcdcb1.json?cc=DE&hn=https://ibb.co
Requested by: Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:3ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6873b6283618b5566d46946a8346018f75834560e07c6c041fd35c5482aac982

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 07:18:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 11 Dec 2023 05:03:29 GMT
server: cloudflare
age: 7234
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ibb.co
cache-control: public, immutable, max-age=31536000
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 833bf4731ca292a5-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 prebid-8.21.0.js Show response
assets.vlitag.com/prebid/default/ 615 KB
187 KB 42ms
40ms Script
application/javascript 2606:4700:10::6816:3ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Requested by: Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3531c1a6993ccc3e7b0f3e1495768e3464aecd55193ef112cb5555422ae6c90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 07:18:39 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 03 Nov 2023 08:25:02 GMT
server: cloudflare
age: 949337
cf-polished: origSize=630565
etag: W/"6544ae5e-99f25"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=16070400
cf-ray: 833bf4735886922f-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 11 Nov 2023 09:19:28 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 89 KB
29 KB 136ms
83ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df6206894a90422702868d2569c44a230a128e12c714535c82f2630fd92d6d15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 07:18:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29209
x-xss-protection: 0
server: cafe
etag: 391 / 19702 / 31080020 / config-hash: 18041799505519846586
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 11 Dec 2023 07:18:39 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 367 KB
126 KB 63ms
40ms Script
text/javascript 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bda9ec230e9fd779256cde4a4b7687c6fbfab102624bed226faca3e27d255716

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 07:18:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128901
x-xss-protection: 0
expires: Mon, 11 Dec 2023 07:18:39 GMT

GET
H2 200 sf_host.min.js Show response
assets.vlitag.com/plugins/safeframe/src/js/ 38 KB
17 KB 21ms
20ms Script
application/javascript 2606:4700:10::6816:3ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vlitag.com/plugins/safeframe/src/js/sf_host.min.js
Requested by: Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 07:18:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 01 Nov 2019 05:04:50 GMT
server: cloudflare
age: 1048225
etag: W/"5dbbbcf2-9806"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=16070400
cf-ray: 833bf4735885922f-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 09 Nov 2023 16:40:48 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 270 KB
66 KB 57ms
19ms Script
application/javascript 13.32.22.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.22.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-22-213.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9969c20b05385e44eef49078bb0fbffd8dd6081b90adf392fbcad9a894fa549a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 06:50:31 GMT
content-encoding: gzip
via: 1.1 06a27d66e25d02ebcfb014b9d194016a.cloudfront.net (CloudFront), 1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
last-modified: Tue, 05 Dec 2023 22:47:11 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-C2
age: 1689
x-amz-server-side-encryption: AES256
etag: W/"aaba284d2b2910b9a4f56befae1e2e69"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: Q5NJkla2YbRv1-uOP38q_DZVB5sssrhqV7fKKQkJuHcGnEV4DfPsAQ==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 37ms
18ms XHR
application/javascript 13.32.22.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.22.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-22-213.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 0d4b487d54766de7560aa02de852bbf8.cloudfront.net (CloudFront)
date: Mon, 11 Dec 2023 07:02:28 GMT
x-amz-cf-pop: FRA56-C2
age: 9713
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: ES-oDCtLh3gST7efSDb54pwH8OIVFfhXidLFZJgb246HUNx3VreT8w==

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/ 431 KB
135 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31080020

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba014b41e87e2deda011cf92146d1b1842133b416d5ce0be02719670c0d46e10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 23:48:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27039
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138171
x-xss-protection: 0
server: cafe
etag: 7807444821274263820
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 09 Dec 2024 23:48:01 GMT

GET
H2 200 9cf0c4f1-7630-476b-9141-f4472e005192 Show response
config.aps.amazon-adsystem.com/configs/ 537 B
802 B 45ms
8ms Script
application/javascript 99.86.4.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/9cf0c4f1-7630-476b-9141-f4472e005192
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-39.fra6.r.cloudfront.net
Software: CloudFront /
Resource Hash: 8cb19dd370d8a0dd9ee570e546a789c88840bd443082943f099e4c87cdfff2bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 06:38:49 GMT
via: 1.1 21da0a66bafe2c8de8be4a4d8039346a.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA6-C1
age: 2391
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 537
x-amz-cf-id: U9DpGLADlBl-SytVWFwdtqbcnfatK3WPEu016Nf1iG3JStUS-LOA5Q==

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
303 B 10ms
10ms XHR
text/plain 13.32.22.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fibb.co&pubid=9cf0c4f1-7630-476b-9141-f4472e005192
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.22.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-22-213.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 03:52:49 GMT
via: 1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-C2
age: 12351
x-cache: Hit from cloudfront
access-control-allow-origin: https://ibb.co
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: 4Z_BiaGT21usCdDG0SYd3CuNQ96eidhRT61Zs--H8EgL555AAFOuFA==

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
2 KB 45ms
23ms Fetch
application/json 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231211

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb46a46f643895746cfe3e2e199278b0154edfb75cecb1132df74f47b84d67b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ibb.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 11 Dec 2023 07:18:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 11868
x-jsd-version: 1.0.1900
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230125-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"636-0aixPJ+F9iGhoT5ok/tLvIFCVz0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c%2FORjZEq0CahklBlLbmsSAksyW76fZyEKdKBoXvBFxaqdPhrvQkiGRH6fnlrLG7skBLOEN5H2CBPgqWe8eL7fpawuBdEQws3HucL1uur5yr4npok2ieMkryFeWIpH%2BmA4yAgiit%2BiC7L2oemkpc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 833bf4747b4637d7-FRA

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
454 B 105ms
57ms XHR
text/javascript 18.239.64.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fibb.co%2FWH5LQFj&pid=CzHqd3jqYCZzz&cb=0&ws=1600x1200&v=23.1129.2055&t=1500&slots=%5B%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A1%2C%22id%22%3A%22Interdog_Media_RON_Instream%22%2C%22mt%22%3A%22v%22%2C%22s%22%3A%5B%22640x480%22%5D%7D%2C%7B%22sd%22%3A%22vi_22154111431_banner%22%2C%22s%22%3A%5B%22336x280%22%2C%22300x250%22%5D%2C%22sn%22%3A111431%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!pubpower.io%2C467%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.64.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-64-29.ams58.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 07:18:40 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 e2415f0dddb9778029172ab73eec1388.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: AMS58-P4
x-amz-rid: T2EHDGMKN7KYJ9WTMAMD
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://ibb.co
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: IritoMQSPys04y3LNnBk4iaPFdmsBSpOIPKttkm6Cr8owi-qY-TJqw==

GET
H2 200 cc.jpeg
px.vliplatform.com/bi-v4/ 0
524 B 160ms
140ms Image
image/jpeg 2606:4700:3037::ac43:9e3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNBAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNAaqBYqra-UAAw-PAPZ-MrrM-ZTYKYtBTTKBYRdzNcortg%20oflzktqdRlmNUPAbPMARwlNqdqmgfRkjmNUPAbPMARrdzNqdqmgfRwkjNARmNTTTPBTRleNplR_yszuNyqsltRedhNgyy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 07:18:40 GMT
cf-cache-status: MISS
last-modified: Mon, 11 Dec 2023 07:18:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PGOueIJCOW23a6jGo1pBNqmSdAQUU7a4wZi7rqeLeYJduaqafNOCVy4ZwgrgiuOq%2F0ubsgsQuZXw5evWoeepzu1QZaksMVWmCqHIAzXNlVeUDrfF4UOX7kKGXYQJH2E0SJWtMWxYMQFmxS9MDxR%2FcA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 833bf4748ddd3a64-FRA
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 cc.jpeg
px.vliplatform.com/bi-v4/ 0
269 B 163ms
143ms Image
image/jpeg 2606:4700:3037::ac43:9e3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNBAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNeKZPYKAt-TMPT-PwBA-Mqer-UtUYeMyTewUaRdzNwqfftkRlmNBBUbPMARwlNqdqmgfRkjmNBBUbYMA,BAAbYZARrdzNqdqmgfRwkjNARmNTTTPBTRleNplR_yszuNyqsltRedhNgyy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 07:18:40 GMT
cf-cache-status: MISS
last-modified: Mon, 11 Dec 2023 07:18:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nCptGz5EZX%2FclllGMzAfvwSjjw5RTIAsojRLzyh%2FH84byvTcZvCVM65Ynxi4NJnQatI92OWGUmeTW1lXZh8tz7gc2TOeFIfEeKwuw5RvILJImWv8E7fOsVhLJ8KB74A6RdU4mxyzJmeayMVlqBNX5w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 833bf4748de43a64-FRA
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
456 B 99ms
56ms XHR
text/javascript 18.239.64.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fibb.co%2FWH5LQFj&pid=CzHqd3jqYCZzz&cb=1&ws=1600x1200&v=23.1129.2055&t=1500&slots=%5B%7B%22sd%22%3A%22vi_22154111432%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A111432%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!pubpower.io%2C467%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.64.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-64-29.ams58.r.cloudfront.net

Software

Server /

Resource Hash

89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 07:18:40 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 e2415f0dddb9778029172ab73eec1388.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: AMS58-P4
x-amz-rid: PPDXW7R3DGYZQEVW18RQ
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://ibb.co
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 2IMDzdOA1_3jkjQsDLUXP7AbBXz9Mn9PpAmURsOgTQfzall1m-YSng==

GET
H2 200 cc.jpeg
px.vliplatform.com/bi-v4/ 0
271 B 158ms
145ms Image
image/jpeg 2606:4700:3037::ac43:9e3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNBAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNqeZKAyrK-eUMB-PaaP-MeMZ-TyawetUeAKAARdzNwqfftkRlmNKYMbaARwlNqdqmgfRkjmNKYMbaARrdzNqdqmgfRwkjNARmNTTTPBYRleNplR_yszuNyqsltRedhNgyy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 07:18:40 GMT
cf-cache-status: MISS
last-modified: Mon, 11 Dec 2023 07:18:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LumyVGe7UPvC4o1znb%2Fu81GA2iCYX79WEdKNtdodRW3VPoIX9rfiTvYrEPIM8FswCFWH%2BeoSXAfIAd8DBpr1tNafUSh5xmDBnePBLgGOgVNBnZZZL0hNfD7M2C2%2BkbwJ%2BdYrES3k8Ad81XtlNqjpCA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 833bf4748de63a64-FRA
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 IMG-0085.jpg
i.ibb.co/j8fSdGs/ 169 KB
170 KB 18ms
17ms Image
image/jpeg 162.19.58.157
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/j8fSdGs/IMG-0085.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.157 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096589.ip-162-19-58.eu
Software: nginx /
Resource Hash: 4883205d54fe1aab104eb7b25a2309ced437ac482c2db2e0580921696b8c24ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 07:18:40 GMT
last-modified: Mon, 04 Dec 2023 02:48:16 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 173438
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
455 B 91ms
55ms XHR
text/javascript 18.239.64.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fibb.co%2FWH5LQFj&pid=CzHqd3jqYCZzz&cb=2&ws=1600x1200&v=23.1129.2055&t=1500&slots=%5B%7B%22sd%22%3A%22vi_22154111430_7%22%2C%22s%22%3A%5B%22970x90%22%5D%2C%22sn%22%3A111430%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%2C%7B%22sd%22%3A%22vi_22154111430_8%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A111430%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!pubpower.io%2C467%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.64.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-64-29.ams58.r.cloudfront.net

Software

Server /

Resource Hash

5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 07:18:40 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 e2415f0dddb9778029172ab73eec1388.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: AMS58-P4
x-amz-rid: 07TJW1DBSCVKTZA61D58
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://ibb.co
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: _MRl9hAqsSoK_IecHQ6olYNZAZil11c3K8WsSfVBx1L2lXqJb-SpOA==

GET
H2 200 cc.jpeg
px.vliplatform.com/bi-v4/ 0
270 B 152ms
144ms Image
image/jpeg 2606:4700:3037::ac43:9e3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNBAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNAAweUZUa-YAZq-PKKY-MeMM-wKqKaBMraYTBRdzNwqfftkRlmNaKAbaARwlNqdqmgfRkjmNaKAbaARrdzNqdqmgfRwkjNARmNTTTPBARleNplR_yszuNyqsltRedhNgyy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 07:18:40 GMT
cf-cache-status: MISS
last-modified: Mon, 11 Dec 2023 07:18:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h7LOgOutFpz55M%2FUIILaL7eV25SczeSvq69vfDTroZuuwFIuHzMd1MVTfXQLneL6H8rSucWxZlHpxAvgYRIpuerPtDIZeqhXLwwp7nYCWi9hF1%2FyOdpOZHiEUWJUXw5DSxNOlyy%2BiqB5fQpTEs0irQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 833bf4748de23a64-FRA
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 cc.jpeg
px.vliplatform.com/bi-v4/ 0
280 B 149ms
141ms Image
image/jpeg 2606:4700:3037::ac43:9e3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNBAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNUMAqAUPa-aByT-PrKB-MaPq-tryZyPUeqTZrRdzNwqfftkRlmNKYMbaARwlNqdqmgfRkjmNKYMbaARrdzNqdqmgfRwkjNARmNTTTPBARleNplR_yszuNyqsltRedhNgyy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 07:18:40 GMT
cf-cache-status: MISS
last-modified: Mon, 11 Dec 2023 07:18:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2%2Buzy85NGA%2BSbZrTVum%2F6e9TzblnRMkoSq6FLZ%2BwCBLEC9%2B7S4HRcZ%2BNk1cn%2B5uvmuOuORdWIRRB7YuXh7%2F07Hds%2FwCA7%2Fc1D1icYhlLTLm8CM1uHP6gU9eRS4SsBJ6nAjv93iift3A8HvOxDNaLdA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 833bf4748ddf3a64-FRA
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
457 B 71ms
56ms XHR
text/javascript 18.239.64.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fibb.co%2FWH5LQFj&pid=CzHqd3jqYCZzz&cb=3&ws=1600x1200&v=23.1129.2055&t=1500&slots=%5B%7B%22sd%22%3A%22vi_2215494532_1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A94532%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!pubpower.io%2C467%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.64.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-64-29.ams58.r.cloudfront.net

Software

Server /

Resource Hash

1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 07:18:40 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 e2415f0dddb9778029172ab73eec1388.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: AMS58-P4
x-amz-rid: P1HXXZZR1HKTC8FDFM67
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://ibb.co
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: YQHcdfpkvtW3jMfydSXAeBO7bK3vbmQdZVQNsMzYxjJkg4nDfJjRJA==

GET
H2 200 1679645040.png
assets.vlitag.com/widget/2023/03/24/ 98 KB
99 KB 18ms
17ms Image
image/webp 2606:4700:10::6816:3ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.vlitag.com/widget/2023/03/24/1679645040.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c43f2cfd502f8404bf58060207dfd8294ad0c7f1bc08e69db75713552f915795

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 07:18:40 GMT
cf-cache-status: HIT
age: 950798
cf-polished: origFmt=png, origSize=323185
content-disposition: inline; filename="1679645040.webp"
alt-svc: h3=":443"; ma=86400
content-length: 100856
cf-bgj: imgq:85,h2pri
last-modified: Fri, 24 Mar 2023 08:04:00 GMT
server: cloudflare
etag: "641d5970-4ee71"
vary: Accept
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 833bf4749952922f-FRA
expires: Tue, 21 Nov 2023 21:34:52 GMT

GET
H2 200 1648753545.jpg
assets.vlitag.com/widget/2022/03/31/ 97 KB
97 KB 24ms
23ms Image
image/webp 2606:4700:10::6816:3ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.vlitag.com/widget/2022/03/31/1648753545.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 191a98003e98b429276e8f3daefd3849a1603a4ddee78efc0168ba41a131a5bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 07:18:40 GMT
cf-cache-status: HIT
age: 2344461
cf-polished: qual=85, origFmt=jpeg, origSize=133932
content-disposition: inline; filename="1648753545.webp"
alt-svc: h3=":443"; ma=86400
content-length: 99048
cf-bgj: imgq:85,h2pri
last-modified: Thu, 31 Mar 2022 19:05:45 GMT
server: cloudflare
etag: "6245fb89-20b2c"
vary: Accept
content-type: image/webp
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 833bf4749953922f-FRA
expires: Sat, 11 Nov 2023 11:16:32 GMT

GET
H2 200 1572962830.jpg
assets.vlitag.com/widget/2019/11/05/ 170 KB
171 KB 31ms
31ms Image
image/jpeg 2606:4700:10::6816:3ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.vlitag.com/widget/2019/11/05/1572962830.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a24a1cdd313ab6fa435e1a0f9f4f0395f864a11c9a5ff9610beafe91548d1a8d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 07:18:40 GMT
cf-cache-status: HIT
age: 2430266
cf-polished: degrade=85, origSize=227959, status=webp_bigger
alt-svc: h3=":443"; ma=86400
content-length: 174276
cf-bgj: imgq:85,h2pri
last-modified: Tue, 05 Nov 2019 14:07:11 GMT
server: cloudflare
etag: "5dc1820f-37a77"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 833bf4749954922f-FRA
expires: Wed, 01 Nov 2023 15:47:05 GMT

GET
H2 200 1592801729.jpg
assets.vlitag.com/widget/2020/06/22/ 74 KB
74 KB 31ms
30ms Image
image/webp 2606:4700:10::6816:3ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.vlitag.com/widget/2020/06/22/1592801729.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8341f341848ee9eec71870d976b0895ef1084190c2e0b0349d2ba1c9b9ef64e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 07:18:40 GMT
cf-cache-status: HIT
age: 173185
cf-polished: qual=85, origFmt=jpeg, origSize=103053
content-disposition: inline; filename="1592801729.webp"
alt-svc: h3=":443"; ma=86400
content-length: 75514
cf-bgj: imgq:85,h2pri
last-modified: Mon, 22 Jun 2020 04:55:29 GMT
server: cloudflare
etag: "5ef039c1-1928d"
vary: Accept
content-type: image/webp
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 833bf4749955922f-FRA
expires: Thu, 07 Dec 2023 18:07:07 GMT

GET
H2 200 1572962870.jpg
assets.vlitag.com/widget/2019/11/05/ 107 KB
107 KB 32ms
31ms Image
image/webp 2606:4700:10::6816:3ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.vlitag.com/widget/2019/11/05/1572962870.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45fe766308841d0d4a2068ef014d83df899ef6623f6bb4bde509431657b1c707

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 07:18:40 GMT
cf-cache-status: HIT
age: 1040910
cf-polished: qual=85, origFmt=jpeg, origSize=151033
content-disposition: inline; filename="1572962870.webp"
alt-svc: h3=":443"; ma=86400
content-length: 109336
cf-bgj: imgq:85,h2pri
last-modified: Tue, 05 Nov 2019 14:07:50 GMT
server: cloudflare
etag: "5dc18236-24df9"
vary: Accept
content-type: image/webp
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 833bf4749956922f-FRA
expires: Thu, 02 Nov 2023 12:03:01 GMT

GET
H2 200 1596163502.jpg
assets.vlitag.com/widget/2020/07/30/ 104 KB
105 KB 31ms
31ms Image
image/webp 2606:4700:10::6816:3ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.vlitag.com/widget/2020/07/30/1596163502.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5db53bf6a77148dae0aece6b6512e4a6bf94603af72e449a0f23ed03e8b96ff3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 07:18:40 GMT
cf-cache-status: HIT
age: 1136416
cf-polished: qual=85, origFmt=jpeg, origSize=140376
content-disposition: inline; filename="1596163502.webp"
alt-svc: h3=":443"; ma=86400
content-length: 106784
cf-bgj: imgq:85,h2pri
last-modified: Fri, 31 Jul 2020 02:45:02 GMT
server: cloudflare
etag: "5f2385ae-22458"
vary: Accept
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 833bf4749957922f-FRA
expires: Tue, 21 Nov 2023 18:35:53 GMT

GET
H2 200 cc.jpeg
px.vliplatform.com/bi-v4/ 0
275 B 131ms
131ms Image
image/jpeg 2606:4700:3037::ac43:9e3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNBAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNTtYMyTqA-qAKY-PtwA-awUe-tAUyBBYeYrqyRdzNwqfftkRlmNBAAbYZARwlNqdqmgfRkjmNBAAbYZARrdzNqdqmgfRwkjNARmNaPZBYRleNplR_yszuNyqsltRedhNgyy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 07:18:40 GMT
cf-cache-status: MISS
last-modified: Mon, 11 Dec 2023 07:18:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6iXnw5tiehrJVsR%2B0KJ1u1yY7ptQSNyLjiVqt1iNvk3%2Fw5W2OqyTEhyRyJqVEhqyj8RK%2FSLxZ8p%2FA%2By6OcUeeo0WaZYlRKedHC%2BAeo7iM2W0upcdjjYB0G8xdU3FgM%2FW4MM7aL1WBOj9PqWGhFRmTw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 833bf4749dfb3a64-FRA
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H3

206

videoplayback
r5---sn-4g5edndk.googlevideo.com/
Redirect Chain

https://media.vlitag.com/vid/?id=6Fk_i-JDmbY&t=y
https://redirector.googlevideo.com/videoplayback?expire=1702290470&ei=xo92ZffHDMrFsfIPnYar0AQ&ip=184.164.141.146&id=o-ACyCnb7nTM6IXIaduEn2icW6aFf1iHRdB-2gJIihTEaH&itag=18&source=youtube&requiressl=...
https://r5---sn-4g5edndk.googlevideo.com/videoplayback?expire=1702290470&ei=xo92ZffHDMrFsfIPnYar0AQ&ip=184.164.141.146&id=o-ACyCnb7nTM6IXIaduEn2icW6aFf1iHRdB-2gJIihTEaH&itag=18&source=youtube&requi...

314 KB
0

30ms
11ms

Media
video/mp4

2a00:1450:4001:23::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-4g5edndk.googlevideo.com/videoplayback?expire=1702290470&ei=xo92ZffHDMrFsfIPnYar0AQ&ip=184.164.141.146&id=o-ACyCnb7nTM6IXIaduEn2icW6aFf1iHRdB-2gJIihTEaH&itag=18&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&spc=UWF9f7jL-sha3MmuqkQeeZ_dhGdmFW6pm_e7qleVqg&vprv=1&svpuc=1&mime=video%2Fmp4&ns=8Rh2zbaYJVs9_LiUqPFwW7wP&cnr=14&ratebypass=yes&dur=200.968&lmt=1685781175523295&fexp=24007246&c=WEB&txp=6219224&n=2hOTBWBrTUxcMn-B8&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=ANLwegAwRQIhAN4wxFxatNBYzz_gtC8eWqd0rrVmF_H-QlQjlwGhe5w9AiA5Wz_kX5buZN8NFoeW9rLrVYVoRW_vjUDZpnpdaJKrsg%3D%3D&cms_redirect=yes&mh=d6&mip=2a01:4a0:5a::9&mm=31&mn=sn-4g5edndk&ms=au&mt=1702278777&mv=m&mvi=5&pl=29&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AM8Gb2swRAIgCW_kwjBZC6AqpDjpCGFT-sZNR4eQyKvzfmKcqDGctK0CIERW7rO-8s5sfGulaWO9CEjHA8bfl6ONzu8q2YJXFOe1

Protocol

Server

2a00:1450:4001:23::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

client-protocol: quic
date: Mon, 11 Dec 2023 07:18:40 GMT
x-content-type-options: nosniff
last-modified: Sat, 03 Jun 2023 08:32:55 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
Content-Range: bytes 0-14185952/14185953
cache-control: private, max-age=11050
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 14185953
expires: Mon, 11 Dec 2023 07:18:40 GMT

Redirect headers

pragma: no-cache
date: Mon, 11 Dec 2023 07:18:40 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r5---sn-4g5edndk.googlevideo.com/videoplayback?expire=1702290470&ei=xo92ZffHDMrFsfIPnYar0AQ&ip=184.164.141.146&id=o-ACyCnb7nTM6IXIaduEn2icW6aFf1iHRdB-2gJIihTEaH&itag=18&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&spc=UWF9f7jL-sha3MmuqkQeeZ_dhGdmFW6pm_e7qleVqg&vprv=1&svpuc=1&mime=video%2Fmp4&ns=8Rh2zbaYJVs9_LiUqPFwW7wP&cnr=14&ratebypass=yes&dur=200.968&lmt=1685781175523295&fexp=24007246&c=WEB&txp=6219224&n=2hOTBWBrTUxcMn-B8&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=ANLwegAwRQIhAN4wxFxatNBYzz_gtC8eWqd0rrVmF_H-QlQjlwGhe5w9AiA5Wz_kX5buZN8NFoeW9rLrVYVoRW_vjUDZpnpdaJKrsg%3D%3D&cms_redirect=yes&mh=d6&mip=2a01:4a0:5a::9&mm=31&mn=sn-4g5edndk&ms=au&mt=1702278777&mv=m&mvi=5&pl=29&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AM8Gb2swRAIgCW_kwjBZC6AqpDjpCGFT-sZNR4eQyKvzfmKcqDGctK0CIERW7rO-8s5sfGulaWO9CEjHA8bfl6ONzu8q2YJXFOe1
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1257
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 27ms
16ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31080020

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 07:18:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 11924
x-jsd-version: master
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230065-FRA
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WNwhCOZyBNyAiG5FIou4d1MPuaC5EnjjVaJISRHvAMrvztzrIOBO%2BYg4Wv99hBwCvxVmO0SfaK8k%2B8t%2FpJPJfUzhJAC173zCsW9Lqe%2Bma7YWFidKp0b6QJT7tYhSsaMpNYETZ49XBd2W%2F5ONNzs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 833bf4754d6465a6-FRA

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 152 KB
33 KB 41ms
20ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31080020

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65d03eb82a79a732d7c0180593c4f5dc98a8fac5c20c3a5446c4f14bf93d280a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 07:18:40 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 07 Dec 2023 12:57:20 GMT
server: cloudflare
x-amz-request-id: 9JHR6V2MZW057XZ5
age: 1312
etag: W/"5fcefeebf5ddc7b2ddf2435967e63de9"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 833bf4755ef82be4-FRA
x-amz-id-2: sFapmuy1dCo6js0+14MdAviJM1ezDflwE2q1Wp3U+vLKWuLY/50t9Zl+Me1oEzk2zd19rZ9iG3g=

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 43 KB
13 KB 52ms
24ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31080020

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

2f1ad4ec7176f493b16e0d186f222e3484248cbb48f82289c736a0877f2d5894

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 07:18:40 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 05 Dec 2023 05:12:22 GMT
server: nginx
etag: W/"656eb136-aa2f"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 12 Dec 2023 07:18:40 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 29 KB
13 KB 286ms
286ms Fetch
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3425266382736354&correlator=1741376866214953&eid=31078987%2C31079828%2C31080020&output=ldjh&gdfp_req=1&vrg=202312050101&ptt=17&impl=fifs&iu_parts=21724377464%3A22155214454%2Cibb.co_vli94532&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&sfv=1-0-40&fsfs=1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1702279120187&lmt=1702279120&adxs=985&adys=265&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fibb.co%2FWH5LQFj&vis=1&psz=300x-1&msz=300x-1&fws=0&ohw=0&ga_vid=251698700.1702279120&ga_sid=1702279120&ga_hid=1723718145&ga_fc=false&a3p=EhkKCnB1YmNpZC5vcmcYuYr4vcUxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGLmK-L3FMUgAUgIIZBIbCgxpZDUtc3luYy5jb20YuYr4vcUxSABSAghk&dlt=1702279119110&idt=1042&prev_scp=vli_adslot%3D94532%26vli_acc%3D152media%26vli_adtype%3Ddisplay%26hb_width%3D300%26hb_height%3D250%26pw_tagid%3D94532%26vli_sf%3D1%26pw_network%3Dtrue%26vli_ad_type%3Dpassback%26pw_pb%3D0.01&cust_params=hb_domain%3Dibb.co&adks=902507607&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31080020

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

51f225019c0693f0484dc04b2570bec54773423c97a2f4b7ff6378e457d8d3b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 07:18:40 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12939
x-xss-protection: 0
google-lineitem-id: 5877303303
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138377370657
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ibb.co
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cc.jpeg
px.vliplatform.com/bi-v4/ 0
269 B 132ms
132ms Image
image/jpeg 2606:4700:3037::ac43:9e3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNBAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNqaZqBtTr-BeyY-PqwY-qeyT-MUBAqPqKaKABRdzNwqfftkRwlNqrb_TZYdtroqRkjmNBAAbYZARrdzNuggustRwkjNTRmNaPZBYRleNplR_yszuNyqsltRedhNgyy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 07:18:40 GMT
cf-cache-status: MISS
last-modified: Mon, 11 Dec 2023 07:18:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qKQsGRbwNsW%2B0QQ7l0gfSPkUq38QLKCEYdprjmcDeyFpIUFFKaw1r8NGvCaF%2BcxVBY8ql2AD2tYytsGIRibrtYL9F2lwAGtketqPGXuCs3hSidgB16QDHqgQiII59%2FJGXm4yRELrQm44P1GCvIf0Pw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 833bf4753e973a64-FRA
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 84ms
62ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312050101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31080020

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1c992fd00b4e07e48a9aa9c345a706a78783e9db2344a873187d0d54b044ce67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 07:18:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12333
x-xss-protection: 0

GET
H2 200 container.html Show response
c5e39ac91de2ad8f710b6bb01a006177.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 75AE 6 KB
3 KB 103ms
43ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c5e39ac91de2ad8f710b6bb01a006177.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31080020

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ibb.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 07:18:40 GMT
expires: Tue, 10 Dec 2024 07:18:40 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 78 KB
23 KB 319ms
319ms Fetch
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3425266382736354&correlator=11840016152312&eid=31078987%2C31079828%2C31080020&output=ldjh&gdfp_req=1&vrg=202312050101&ptt=17&impl=fifs&iu_parts=21724377464%3A22155214454%2Cibb.co_vli111431&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=2&sfv=1-0-40&fsfs=1&ists=1&fas=8&ifs=%5B%5B%5B2%2C1%5D%5D%5D&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1702279120204&lmt=1702279120&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fibb.co%2FWH5LQFj&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=251698700.1702279120&ga_sid=1702279120&ga_hid=1723718145&ga_fc=false&a3p=EhkKCnB1YmNpZC5vcmcYuYr4vcUxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGLmK-L3FMUgAUgIIZBIbCgxpZDUtc3luYy5jb20YuYr4vcUxSABSAghk&dlt=1702279119110&idt=1042&prev_scp=vli_adslot%3D111431%26vli_acc%3D152media%26vli_adtype%3Ddisplay%26hb_width%3D336%26hb_height%3D280%26vli_sf%3D1%26vli_slot%3Dvi_22154111431_banner%26pw_tagid%3D111431%26pw_network%3Dtrue%26vli_ad_type%3Dpassback%26pw_pb%3D0.01&cust_params=hb_domain%3Dibb.co&adks=988992857&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31080020

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00b2dfbe4066902157f564d031dc83ef612e228247de79fc43181598ecb5f16a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 07:18:40 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23335
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ibb.co
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cc.jpeg
px.vliplatform.com/bi-v4/ 0
276 B 129ms
129ms Image
image/jpeg 2606:4700:3037::ac43:9e3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNBAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNKyraMtrw-eqta-PqrY-qTtB-PytKAAMrqrrBRdzNwqfftkRwlNqrb_TZYdtroqRkjmNBYAbPMA,BBUbYMA,BAAbYZARrdzNuggustRwkjNTRmNTTTPBTRleNplR_yszuNyqsltRedhNgyy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 07:18:40 GMT
cf-cache-status: MISS
last-modified: Mon, 11 Dec 2023 07:18:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MqqTMWbJ1xKOObzlrnV3OU%2FbytOjU%2Bj6AfUgushUsJMXICGIh5Adp606JZuUL7rJjTJrFDa28lFzBz%2B7eyeuqrnDK8E0Dtbk2%2F773cHm2SeQf9U%2F8XPUKjECQUQ62gb%2FG7%2FL6OwSkD9sYRNToPzNLg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 833bf4754ea13a64-FRA
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/ 39 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl_page_level_ads.js?cb=31080020

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31080020

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

395a036b18c09f33407f1a29a3fe592e7e43a41b14234980dfbf05c7fdd55ade

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 19:44:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41677
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13835
x-xss-protection: 0
server: cafe
etag: 11693141498105903443
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 09 Dec 2024 19:44:03 GMT

GET
H2 204 increment Show response
id5-sync.com/api/esp/ 0
222 B 45ms
10ms XHR
text/plain 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://ibb.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ibb.co
date: Mon, 11 Dec 2023 07:18:40 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 4927 15 KB
6 KB 44ms
14ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=ibb.co

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4563823fd629a48517c7feb8bf33640e12440e08bdde7a172ce477c2ddfc9c4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ibb.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 07:18:39 GMT
server: Kestrel
server-processing-duration-in-ticks: 321624
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 46 KB
18 KB 314ms
313ms Fetch
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3425266382736354&correlator=1834751559603569&eid=31078987%2C31079828%2C31080020&output=ldjh&gdfp_req=1&vrg=202312050101&ptt=17&impl=fifs&iu_parts=21724377464%3A22155214454%2Cibb.co_vli111430&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90&ifi=3&sfv=1-0-40&fsfs=1&ifs=%5B%5B%5B2%2C1%5D%5D%5D&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1702279120279&lmt=1702279120&adxs=436&adys=1226&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fibb.co%2FWH5LQFj&vis=1&psz=1600x-1&msz=728x-1&fws=512&ohw=0&ga_vid=251698700.1702279120&ga_sid=1702279120&ga_hid=1723718145&ga_fc=false&a3p=EhkKCnB1YmNpZC5vcmcY34r4vcUxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGLmK-L3FMUgAUgIIZBIbCgxpZDUtc3luYy5jb20YuYr4vcUxSABSAghk&dlt=1702279119110&idt=1042&prev_scp=vli_adslot%3D111430%26vli_acc%3D152media%26vli_adtype%3Ddisplay%26hb_width%3D970%26hb_height%3D90%26pw_tagid%3D111430%26vli_sf%3D1%26pw_network%3Dtrue%26vli_ad_type%3Dpassback%26pw_pb%3D0.01&cust_params=hb_domain%3Dibb.co&adks=3672933460&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31080020

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d48c5108f26317d2b7b537c0a59d717a48d9c91d5938188c266ec884f522705

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 07:18:40 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18697
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ibb.co
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cc.jpeg
px.vliplatform.com/bi-v4/ 0
273 B 142ms
141ms Image
image/jpeg 2606:4700:3037::ac43:9e3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNBAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNTPPMePPA-BPTt-PraY-MyZM-MartPKUYqratRdzNwqfftkRwlNqrb_TZYdtroqRkjmNKYMbaA,aKAbaARrdzNuggustRwkjNTRmNTTTPBARleNplR_yszuNyqsltRedhNgyy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 07:18:40 GMT
cf-cache-status: MISS
last-modified: Mon, 11 Dec 2023 07:18:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vs70eqWxmD%2F8QzLkkka5EErR9PpCRI7SntRAQNIKe83uNLuliEcKUvMYfCfRwMsUunKXYecmFHzXEzKYEzVmQziqjeD1KRu%2BFPl36T9%2Bp7oIFM6IN2t3oUKI2hBxJB%2B7iE1RKcTkw%2BMwL6MUWSrffw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 833bf475cf0c3a64-FRA
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 76ms
53ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31080020

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 07:18:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 11 Dec 2023 07:18:40 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 4927
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=ibb.co&sn=ChromeSyncframe&so=0&topUrl=ibb.co&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=NvfYRHxuekNCb2ZNVVFtSVpFMzZ5R20zeHJaMEVJVFh3cHh1RFd2eTdxZ3VBWWcrZ3I1Y3c2QXc4ZVptOGUzWC9VRzc1R0lWU3BnVjJSWFRuYkQ0SXlpaGl1aDhpd3pUUzQxWjhSa2k0UkJOZkRYcWhTV2NlWjBIcDRQc2...

425 B
648 B

17ms
16ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=NvfYRHxuekNCb2ZNVVFtSVpFMzZ5R20zeHJaMEVJVFh3cHh1RFd2eTdxZ3VBWWcrZ3I1Y3c2QXc4ZVptOGUzWC9VRzc1R0lWU3BnVjJSWFRuYkQ0SXlpaGl1aDhpd3pUUzQxWjhSa2k0UkJOZkRYcWhTV2NlWjBIcDRQc2ZZcDJtZHhacXNGVWFvWGVpQlNXdng0T2EvVExJT2xvckNWaVdtb1hkWGFwUTY5RXU1R2ttUFluM2hBMDAySnNZU1NHc3A0MDhRZFo4dHc2dXo4aXZjbS9SOUJsRVpTemdtVjNlQVFRcURTMWx0LzFlNEFMdEdLRGdvdGhJNjRwdXYzcUt5M1kxdm9SeXEzZm5Zeko0RlhHeE1JRkN4QT09fA&cppv=2

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

b99ba83b909ac23a5f68054122ddba7cf82da18de370731899546f24104b5247

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 07:18:40 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2410585
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 11 Dec 2023 07:18:40 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=NvfYRHxuekNCb2ZNVVFtSVpFMzZ5R20zeHJaMEVJVFh3cHh1RFd2eTdxZ3VBWWcrZ3I1Y3c2QXc4ZVptOGUzWC9VRzc1R0lWU3BnVjJSWFRuYkQ0SXlpaGl1aDhpd3pUUzQxWjhSa2k0UkJOZkRYcWhTV2NlWjBIcDRQc2ZZcDJtZHhacXNGVWFvWGVpQlNXdng0T2EvVExJT2xvckNWaVdtb1hkWGFwUTY5RXU1R2ttUFluM2hBMDAySnNZU1NHc3A0MDhRZFo4dHc2dXo4aXZjbS9SOUJsRVpTemdtVjNlQVFRcURTMWx0LzFlNEFMdEdLRGdvdGhJNjRwdXYzcUt5M1kxdm9SeXEzZm5Zeko0RlhHeE1JRkN4QT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 287870
content-length: 0
expires: 0

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 29D2 13 KB
5 KB 18ms
17ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ibb.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 44270
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 10 Dec 2023 19:00:50 GMT
expires: Mon, 09 Dec 2024 19:00:50 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1C75 829 B
1 KB 66ms
29ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

36d43acc4e1e01e4decfafce0a71875b76f00724cb836ed8957f0f2fff22fd91

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-icRfR91iGiLuQy--Zf9xwA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ibb.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-icRfR91iGiLuQy--Zf9xwA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 07:18:40 GMT
expires: Mon, 11 Dec 2023 07:18:40 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 tf-v1.jpeg
px.vliplatform.com/ 0
532 B 145ms
145ms Image
image/jpeg 2606:4700:3037::ac43:9e3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/tf-v1.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNBAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNMAPrAPZt-AMBK-PBAA-wTAM-wrYKwTyYYtBURzyzNhqut_cotvRws0NA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 07:18:40 GMT
cf-cache-status: MISS
last-modified: Mon, 11 Dec 2023 07:18:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=25PwhhFoJktKSPTG9XvpJHpsgy8QquySu4WunGUxEvKzTTnUWdN3G0pdTw8CMA1jXvRWorB88LvVheFMWjAfGBbOF9Rak2lpRyuq2SRaF3pFOaKmzssPT8CdnXQwOEj%2FTunM17KKJHFpLddKPBs0KQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 833bf4764c783730-FRA
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 29D2 39 KB
15 KB 46ms
19ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 09:21:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79016
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 09 Dec 2024 09:21:44 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1C75 0
0 41ms
41ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312050101&jk=3425266382736354&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 29D2 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?D9B6GA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 07:18:40 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET container.html
c5e39ac91de2ad8f710b6bb01a006177.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1256 0
0

GET
H2 200 adtag.js Show response
dsp.vlitag.com/js/v1/ Frame 168E 102 KB
26 KB 27ms
18ms Script
application/javascript 2606:4700:10::6816:3ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dsp.vlitag.com/js/v1/adtag.js
Requested by: Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e00cb88738adfce7ad329a09432c6bb494decc964b1b1c311c34d2f180e56b65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 07:18:40 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 145
cf-polished: origSize=104022
etag: W/"2023-11-17T05:03:23"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=300, stale-while-revalidate=3600
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 833bf4774b11922f-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 container.html Show response
c5e39ac91de2ad8f710b6bb01a006177.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8E79 6 KB
3 KB 8ms
8ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c5e39ac91de2ad8f710b6bb01a006177.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31080020

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ibb.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 07:18:40 GMT
expires: Tue, 10 Dec 2024 07:18:40 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 8E79 4 KB
767 B 48ms
48ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: c5e39ac91de2ad8f710b6bb01a006177.safeframe.googlesyndication.com
URL: https://c5e39ac91de2ad8f710b6bb01a006177.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c5e39ac91de2ad8f710b6bb01a006177.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 11 Dec 2023 07:18:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 05:32:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 11 Dec 2023 07:18:40 GMT

GET
H2 200 sdk.js Show response
adsdk.microsoft.com/native-to-display/ Frame 41F0 94 KB
38 KB 90ms
23ms Script
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by: Host: ibb.co
URL: https://ibb.co/WH5LQFj
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e24bd806e3ac18f6b8cc61bbcd7a899ef8de8c91f85840f4ab4ad0eb97cb1204

Request headers

Referer: https://c5e39ac91de2ad8f710b6bb01a006177.safeframe.googlesyndication.com/
Origin: https://c5e39ac91de2ad8f710b6bb01a006177.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 11 Dec 2023 07:18:40 GMT
content-encoding: br
last-modified: Fri, 08 Dec 2023 16:51:51 GMT
vary: Accept-Encoding
x-azure-ref: 20231211T071840Z-rnweb0y2yx4m907qkzudqsentw00000000pg00000000b9u5
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: d67479ca-e01e-00ed-24f7-29a0d2000000
cache-control: private, max-age=3600
x-cache: TCP_HIT
x-ms-version: 2009-09-19

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/240/ Frame 41F0 80 KB
27 KB 123ms
27ms Script
application/x-javascript 2.19.244.218
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/240/trk.js
Requested by: Host: ibb.co
URL: https://ibb.co/WH5LQFj
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.244.218 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-244-218.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c5e39ac91de2ad8f710b6bb01a006177.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Mon, 11 Dec 2023 07:18:40 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Nov 2023 14:06:46 GMT
Server: AkamaiNetStorage
ETag: "ccac3ab7f323b8743d099010fcce15a4:1700057206.383562"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27680
Expires: Tue, 10 Dec 2024 07:18:40 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 41F0 3 KB
1 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Host: ibb.co
URL: https://ibb.co/WH5LQFj

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c5e39ac91de2ad8f710b6bb01a006177.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 17:08:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50986
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Dec 2023 17:08:54 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 41F0 20 KB
8 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: ibb.co
URL: https://ibb.co/WH5LQFj

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c5e39ac91de2ad8f710b6bb01a006177.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:42:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38189
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Dec 2023 20:42:11 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 41F0 24 KB
6 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: ibb.co
URL: https://ibb.co/WH5LQFj

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c5e39ac91de2ad8f710b6bb01a006177.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 00:37:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 196875
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 08 Dec 2024 00:37:25 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 41F0 202 KB
64 KB 99ms
37ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: ibb.co
URL: https://ibb.co/WH5LQFj

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c5e39ac91de2ad8f710b6bb01a006177.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 07:18:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 11 Dec 2023 07:18:40 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/ Frame 8E79 22 KB
9 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: c5e39ac91de2ad8f710b6bb01a006177.safeframe.googlesyndication.com
URL: https://c5e39ac91de2ad8f710b6bb01a006177.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7612ff33976166c9617f119403de9d0eae9e553ce8e06a265f5a02039cb05fc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c5e39ac91de2ad8f710b6bb01a006177.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 12:33:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67537
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9231
x-xss-protection: 0
server: cafe
etag: 9385233705467680479
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Dec 2023 12:33:03 GMT

GET
H2 200 bidding Show response
adsystem.pocpoc.io/adv/v1/ Frame 168E 2 B
590 B 198ms
141ms XHR
application/json 2606:4700:20::681a:ea7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adsystem.pocpoc.io/adv/v1/bidding?dv=desktop&dm=ibb.co&tid=VLI1-94532&sz=1&asz=300x250&at=native,banner
Requested by: Host: dsp.vlitag.com
URL: https://dsp.vlitag.com/js/v1/adtag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ea7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 07:18:40 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 2
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sO3CAxfmUtWCKZdyf32ORe%2F88saEsQ1LknZcepu4xP%2FPubRqcIQvav0LPFNV6%2Bsn3I8BP5YrfhORdNL%2B1HuZ9XiMY3U3V2LhIMgPL1LKFj%2FwvNgb0XEevRSbtvWGqeXPQ43N2dDOGGCaPPHVEc7LnA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ibb.co
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 833bf477dce92bde-FRA
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tfa.jpeg
px.pocpoc.io/v1/ Frame 168E 0
520 B 199ms
141ms Image
image/jpeg 2606:4700:20::ac43:4b40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.pocpoc.io/v1/tfa.jpeg?e=rtNrtl0zghRzdNaTqUMKMt-wUPM-PUYe-arUU-ZZwtaUZPqTZqRrdNowwGegRzorNcsoT-aPZBYRleNpl
Requested by: Host: ibb.co
URL: https://ibb.co/WH5LQFj
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 07:18:40 GMT
cf-cache-status: MISS
last-modified: Mon, 11 Dec 2023 07:18:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FwHJyygYiHR3fB%2BOpZJG%2Fg692%2FfIXvUDn5hHRN7pTRRzKjyWX7CJXH18SZvancoUPhRWOfPicSc9cj0hrfeEc4ZgqR7FMcqRH6hfD2GffN6aazSti9RpRcWWRDcH6LZNKKt6Vl%2FSj1WCfw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, immutable, max-age=864000
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 833bf477dbbf9b22-FRA
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H3 200 container.html Show response
c5e39ac91de2ad8f710b6bb01a006177.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F8C3 6 KB
3 KB 13ms
13ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c5e39ac91de2ad8f710b6bb01a006177.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31080020

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ibb.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 07:18:40 GMT
expires: Tue, 10 Dec 2024 07:18:40 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cc.jpeg
px.vliplatform.com/imp-v4/ 0
496 B 135ms
135ms Image
image/jpeg 2606:4700:3037::ac43:9e3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/imp-v4/cc.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNBAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNTtrweary-wwaw-PTtr-qrAq-eATtUMYwYYetRqxeNRwNqrb_TZYdtroqRhNARlmNxfrtyoftrbxfrtyoftrRdzNwqfftkRrdzNuggustRwkhNzkxtRmNTTTPBARleNplR_yszuNyqsltRedhNgyy
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 07:18:40 GMT
cf-cache-status: MISS
last-modified: Mon, 11 Dec 2023 07:18:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gpXQGDTBHmmNaXGHR3V5mwoMRwqi0ximWxmlotKAqgA4Z515Ji5pmqds9aMGIqnkv4oRwnQExNYXHCUoJNKdD%2B03QpsIJ%2BwZvPIJmH7ww1wffcS5iXsWL0eQLyPftwPPhVRv8gh2UJn4IN5KVhfhbw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 833bf477ce333730-FRA
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 sdk.js Show response
adsdk.microsoft.com/native-to-display/ Frame F8C3 94 KB
38 KB 25ms
23ms Script
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by: Host: c5e39ac91de2ad8f710b6bb01a006177.safeframe.googlesyndication.com
URL: https://c5e39ac91de2ad8f710b6bb01a006177.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e24bd806e3ac18f6b8cc61bbcd7a899ef8de8c91f85840f4ab4ad0eb97cb1204

Request headers

Referer: https://c5e39ac91de2ad8f710b6bb01a006177.safeframe.googlesyndication.com/
Origin: https://c5e39ac91de2ad8f710b6bb01a006177.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 11 Dec 2023 07:18:40 GMT
content-encoding: br
last-modified: Fri, 08 Dec 2023 16:51:51 GMT
vary: Accept-Encoding
x-azure-ref: 20231211T071840Z-rnweb0y2yx4m907qkzudqsentw00000000pg00000000b9u6
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: d67479ca-e01e-00ed-24f7-29a0d2000000
cache-control: private, max-age=3600
x-cache: TCP_HIT
x-ms-version: 2009-09-19

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/240/ Frame F8C3 80 KB
27 KB 97ms
25ms Script
application/x-javascript 2.19.244.218
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/240/trk.js
Requested by: Host: c5e39ac91de2ad8f710b6bb01a006177.safeframe.googlesyndication.com
URL: https://c5e39ac91de2ad8f710b6bb01a006177.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.244.218 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-244-218.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c5e39ac91de2ad8f710b6bb01a006177.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Mon, 11 Dec 2023 07:18:40 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Nov 2023 14:06:46 GMT
Server: AkamaiNetStorage
ETag: "ccac3ab7f323b8743d099010fcce15a4:1700057206.383562"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27680
Expires: Tue, 10 Dec 2024 07:18:40 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame F8C3 3 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Host: c5e39ac91de2ad8f710b6bb01a006177.safeframe.googlesyndication.com
URL: https://c5e39ac91de2ad8f710b6bb01a006177.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c5e39ac91de2ad8f710b6bb01a006177.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 17:08:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50986
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Dec 2023 17:08:54 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame F8C3 20 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: c5e39ac91de2ad8f710b6bb01a006177.safeframe.googlesyndication.com
URL: https://c5e39ac91de2ad8f710b6bb01a006177.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c5e39ac91de2ad8f710b6bb01a006177.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:42:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38189
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Dec 2023 20:42:11 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame F8C3 24 KB
6 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: c5e39ac91de2ad8f710b6bb01a006177.safeframe.googlesyndication.com
URL: https://c5e39ac91de2ad8f710b6bb01a006177.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c5e39ac91de2ad8f710b6bb01a006177.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 00:37:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 196875
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 08 Dec 2024 00:37:25 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame F8C3 202 KB
64 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: c5e39ac91de2ad8f710b6bb01a006177.safeframe.googlesyndication.com
URL: https://c5e39ac91de2ad8f710b6bb01a006177.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c5e39ac91de2ad8f710b6bb01a006177.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 07:18:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 11 Dec 2023 07:18:40 GMT

GET
H2

200

c.gif
www.bing.com/aes/ Frame 41F0
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=b17032bb-8d6c-4580-be1c-13812334a29a&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=0e72c845-3b61-4fc3...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=9e4e21f797734d16b5021970251ddab3&SNR=1&GV=2&med=10

0
545 B

56ms
56ms

Image
text/plain

2a02:26f0:3500:1b::1724:a38e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=9e4e21f797734d16b5021970251ddab3&SNR=1&GV=2&med=10
Requested by: Host: c5e39ac91de2ad8f710b6bb01a006177.safeframe.googlesyndication.com
URL: https://c5e39ac91de2ad8f710b6bb01a006177.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2a02:26f0:3500:1b::1724:a38e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c5e39ac91de2ad8f710b6bb01a006177.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 07:18:40 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 953127C119724E7FB538032A4B581F65 Ref B: FRA31EDGE0208 Ref C: 2023-12-11T07:18:40Z
x-cdn-traceid: 0.8ea12417.1702279120.52ee62a9
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Mon, 11 Dec 2023 07:18:40 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: ABC67421AB5C4883ACE60F7443E6B41E Ref B: FRAEDGE1715 Ref C: 2023-12-11T07:18:40Z
x-cdn-traceid: 0.8ea12417.1702279120.52ee61ad
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=9e4e21f797734d16b5021970251ddab3&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 154
expires: 0

GET
H2 200 th
www.bing.com/ Frame 41F0 24 KB
25 KB 64ms
14ms Image
image/jpeg 2a02:26f0:3500:1b::1724:a38e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OADD2.7215958199395_1NKTCI262SI0MKDOK0&pid=21.2&c=16&roil=0&roit=0.0633&roir=1&roib=0.9333&w=379&h=198&qlt=90
Requested by: Host: c5e39ac91de2ad8f710b6bb01a006177.safeframe.googlesyndication.com
URL: https://c5e39ac91de2ad8f710b6bb01a006177.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:1b::1724:a38e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 3839aa4adfaef2648ff2d729a01e02a240277feb5cf11a29e6f1be16165b3fd9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c5e39ac91de2ad8f710b6bb01a006177.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 07:18:40 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.8ea12417.1702279120.52ee61ac
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-type: image/jpeg
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 24755
alt-svc: h3=":443"; ma=93600

GET
H2 200 rd_log Show response
ams3-ib.adnxs.com/ Frame 41F0 0
531 B 65ms
16ms Script
text/html 185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fibb.co%2FWH5LQFj&e=wqT_3QLoA-joAQAAAwDWAAUBCNDv2qsGEPeZurbO_Za3GhgAKjYJUHEHxL2rpD8Rf5Y3r2MmpD8ZAAAAgML1EEAhfw0SACkRJMgxAAAAIIXr0T8wlTY4tQFAtV5I4wNQuomKtgFY0ccBYABoqTF4g_UFgAEBigEDVVNEkgEBBvQFAZgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2ALwBuACZuoCFmh0dHBzOi8vaWJiLmNvL1dINUxRRmqAAwCIAwGQAwCYAwmgAwGqAwDAA9gEyAMA2AOri8EB4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAFwcXY8cak45AjwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFvfMp-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBsKNBNoGFgoQAAAAAAAAAAAAAAAFCHAQABgA4AYB8gYCCACABwGIBwCgBwHIB4P1BdIHDRVlASYI2gcGCbqc4AcA6gcCCADwB5P5A4oIAhAAlQgAAIA_mAgBwAjwBtIIBggAEAAYAA..&s=a8b1a2c1793279213f4b7cb54dd3d74ed50e5294&bdref=https%3A%2F%2Fibb.co%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fibb.co%2F,https%3A%2F%2Fc5e39ac91de2ad8f710b6bb01a006177.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html,https%3A%2F%2Fc5e39ac91de2ad8f710b6bb01a006177.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&

Requested by

Host: c5e39ac91de2ad8f710b6bb01a006177.safeframe.googlesyndication.com
URL: https://c5e39ac91de2ad8f710b6bb01a006177.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c5e39ac91de2ad8f710b6bb01a006177.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 07:18:40 GMT
an-x-request-uuid: 2c33795b-b525-4c4c-a38a-bf4f331cfb97
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.10.201; 80.255.10.201; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

c.gif
www.bing.com/aes/ Frame F8C3
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=42f18213-eefc-4bcf-bccf-05bda5f0350c&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=307da587-68a8-4bef...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=2ff2e1df44ce4e0690fd140525eb74d7&SNR=1&GV=2&med=10

0
546 B

82ms
81ms

Image
text/plain

2a02:26f0:3500:1b::1724:a38e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=2ff2e1df44ce4e0690fd140525eb74d7&SNR=1&GV=2&med=10
Requested by: Host: c5e39ac91de2ad8f710b6bb01a006177.safeframe.googlesyndication.com
URL: https://c5e39ac91de2ad8f710b6bb01a006177.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2a02:26f0:3500:1b::1724:a38e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c5e39ac91de2ad8f710b6bb01a006177.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 07:18:40 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F801AC9D411F413D853C31203CFBAE2D Ref B: DUS30EDGE0308 Ref C: 2023-12-11T07:18:40Z
x-cdn-traceid: 0.8ea12417.1702279120.52ee625f
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Mon, 11 Dec 2023 07:18:40 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A8D740EFC9AC48B1B4976A6F8EE1BC94 Ref B: FRA31EDGE0516 Ref C: 2023-12-11T07:18:40Z
x-cdn-traceid: 0.8ea12417.1702279120.52ee61ae
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=2ff2e1df44ce4e0690fd140525eb74d7&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 154
expires: 0

GET
H2 200 th
www.bing.com/ Frame F8C3 7 KB
7 KB 62ms
21ms Image
image/jpeg 2a02:26f0:3500:1b::1724:a38e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OADD2.7215953304485_1FNWZ0YZLBP9LADWEH&pid=21.2&c=17&roil=0&roit=0.0633&roir=1&roib=0.9367&w=200&h=105&qlt=90
Requested by: Host: c5e39ac91de2ad8f710b6bb01a006177.safeframe.googlesyndication.com
URL: https://c5e39ac91de2ad8f710b6bb01a006177.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:1b::1724:a38e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: d38619a36961d91bd068ca42573331e3cc6331bdb22ce946083f584163d0639a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c5e39ac91de2ad8f710b6bb01a006177.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 07:18:40 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.8ea12417.1702279120.52ee61ab
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-type: image/jpeg
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 7043
alt-svc: h3=":443"; ma=93600

GET
H2 200 rd_log Show response
ams3-ib.adnxs.com/ Frame F8C3 0
530 B 56ms
17ms Script
text/html 185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fibb.co%2FWH5LQFj&e=wqT_3QLoA-joAQAAAwDWAAUBCNDv2qsGEM2GxeXWjPLoFxgAKjYJ8qQqzow6oz8RU2Jdc4C-oj8ZAAAAoEfhyj8hUw0SACkRJMgxAAAAIIXrsT8wlTY4tQFAtV5I4wNQuomKtgFY0ccBYABoqTF4-PEFgAEBigEDVVNEkgEBBvQFAZgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2ALwBuACZuoCFmh0dHBzOi8vaWJiLmNvL1dINUxRRmqAAwCIAwGQAwCYAwmgAwGqAwDAA9gEyAMA2AOri8EB4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAFg_aLxKrT7pMvwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFzJoP-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBsKNBNoGFgoQAAAAAAAAAAAAAAAFCHAQABgA4AYB8gYCCACABwGIBwCgBwHIB_jxBdIHDRVlASYI2gcGCbqc4AcA6gcCCADwB5P5A4oIAhAAlQgAAIA_mAgBwAjwBtIIBggAEAAYAA..&s=ca580f93239c8a2dd302bb3c174015debb4c2087&bdref=https%3A%2F%2Fibb.co%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fibb.co%2F,https%3A%2F%2Fc5e39ac91de2ad8f710b6bb01a006177.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&

Requested by

Host: c5e39ac91de2ad8f710b6bb01a006177.safeframe.googlesyndication.com
URL: https://c5e39ac91de2ad8f710b6bb01a006177.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c5e39ac91de2ad8f710b6bb01a006177.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 07:18:40 GMT
an-x-request-uuid: ed7a35d1-d66a-4fbb-9098-3b6b6a186065
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.10.201; 80.255.10.201; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame 41F0 0
579 B 23ms
23ms Ping
text/html 185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fibb.co%2FWH5LQFj&e=wqT_3QKDB-iDAwAAAwDWAAUBCNDv2qsGEPeZurbO_Za3GhgAKjYJUHEHxL2rpD8Rf5Y3r2MmpD8ZAAAAgML1EEAhfw0SACkRJMgxAAAAIIXr0T8wlTY4tQFAtV5I4wNQuomKtgFY0ccBYABoqTF4g_UFgAEBigEDVVNEkgEBBvBYmAHKB6AB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAvAG4AJm6gIWaHR0cHM6Ly9pYmIuY28vV0g1TFFGaoADAIgDAZADAJgDCaADAaoDlwMKrQIRLPCGd3d3LmJpbmcuY29tL2FwaS92MS9tZWRpYXRpb24vdHJhY2tpbmc_YWRVbml0PTM5MTQ2NiZhdUlkPTBlNzJjODQ1LTNiNjEtNGZjMy1hNjExLTRlNDM3N2NjMzBiOCZiaWRJZD0xNTAwMCZiaWRkZXJJZD00JmNtRXhwSWQ9TFYyJm9BZFVuGVwgcHVibGlzaGVyATggNjI2NDUzMzAmAQ4AMI5xAKhydHlwZT1udXJsJnRhZ0lkPTY5MzMmdHJhZmZpY0dyb3VwPWtuYXFlXzNjERYIU3ViCRn0UwFwYmFnZWJ5JmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTMTkwNDU2MDc2NTQ2NzAwNDE1MSIJMzgxODQ2NzE0KgRiaW5nOjhVMlZoY21Ob1FXUWpOekk0TkRJNU9EVXpOVEk1TURNak1qTXlORFkwTWpRMU9UUTNOak14Tnc9PcAD2ATIAwDYA6uLwQHgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAXBxdjxxqTjkCPABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AW98yn6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGwo0E2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcByAeD9QXSBw0JESkBsQzaBwYIBQmo4AcA6gcCCADwB5P5A4oIAhAAlQgAAIA_mAgBwAjwBtIICQj___8_EAIYAA..&s=f50e5d9ff9a310af59200a2ff010c7cfd2fafe6f&type=nv&nvt=5&jm=1003&px=0&py=0&bw=379&bh=198&sid=4400521381769888868&vd=ct~0|rr~0&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6933&sw=1600&sh=1200&pw=0&ph=0&ww=0&wh=0&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c5e39ac91de2ad8f710b6bb01a006177.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 07:18:40 GMT
an-x-request-uuid: 4e8606ff-17cc-404b-991a-541639eacf51
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://c5e39ac91de2ad8f710b6bb01a006177.safeframe.googlesyndication.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.10.201; 80.255.10.201; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 creative.min.js Show response
static.vliplatform.com/plugins/pbnative/ Frame 168E 36 KB
9 KB 33ms
24ms Script
application/javascript 2606:4700:3037::ac43:9e3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.vliplatform.com/plugins/pbnative/creative.min.js?v=1.06
Requested by: Host: dsp.vlitag.com
URL: https://dsp.vlitag.com/js/v1/adtag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f1b8610e956324918230ac2715a40b0b09f6668dda455871f11924a15a53fa9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 07:18:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2063549
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 17 Nov 2023 09:53:08 GMT
server: cloudflare
etag: W/"65573804-8ec5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CHYhCwwAx72Zes8pza4laftaXXEEKneujmZ9K5skL%2F0dMoG2tMdLqLXb4v9o7eZRkS2Y0k90cGE2wZXkhMPTVkRQ3eRyNfViLV09lMfi5DPdDg2Je6OFu2B3Nf3XY0xv11OjsD35xuADoZ508WLNA5sLxuI%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 833bf478ea313a64-FRA
expires: Fri, 17 Nov 2023 10:36:11 GMT

GET
DATA 200
OK truncated
/ Frame F8C3 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7518709dc620fc56e3318bd2cd4c9d4895afd950916f40201d63442aa4bd1c5b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame F8C3 0
579 B 17ms
17ms Ping
text/html 185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fibb.co%2FWH5LQFj&e=wqT_3QKWB-iWAwAAAwDWAAUBCNDv2qsGEM2GxeXWjPLoFxgAKjYJ8qQqzow6oz8RU2Jdc4C-oj8ZAAAAoEfhyj8hUw0SACkRJMgxAAAAIIXrsT8wlTY4tQFAtV5I4wNQuomKtgFY0ccBYABoqTF4-PEFgAEBigEDVVNEkgEBBvBYmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAmbqAhZodHRwczovL2liYi5jby9XSDVMUUZqgAMAiAMBkAMAmAMJoAMBqgOrAwrBAmgNLPCGd3d3LmJpbmcuY29tL2FwaS92MS9tZWRpYXRpb24vdHJhY2tpbmc_YWRVbml0PTM5MTQ2NiZhdUlkPTMwN2RhNTg3LTY4YTgtNGJlZi05YTIwLWIyMDJjYWEzODE1YSZiaWRJZD0xNTAwMCZiaWRkZXJJZD00JmNtRXhwSWQ9TFYyJm9BZFVuGVwgcHVibGlzaGVyATggNjI2NDUzMzAmAQ4AM45xAKhydHlwZT1udXJsJnRhZ0lkPTY5MzMmdHJhZmZpY0dyb3VwPWtuYXFlXzNjERYIU3ViCRkUenpmJTNBER_0NAFfc3l2dHVncnFfYTJxJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTMTcxNjM3MzI3MDk0NTY3ODE1NyIJMzgxODQ2NzE0KgRiaW5nOjhVMlZoY21Ob1FXUWpOekk0TkRJNU56Z3hOVGczT1RVak1qTXlORFkwTWpRMU9UUTNOak14Tnc9PcAD2ATIAwDYA6uLwQHgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAWD9ovEqtPuky_ABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AXMmg_6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGwo0E2gYWChAAAAAAAAAAAAANPwGLZOAGAfIGAggAgAcBiAcAoAcByAf48QXSBw0JDSUFJgzaBwYIBQmo4AcA6gcCCADwB5P5A4oIAhAAlQgAAIA_mAgBwAjwBtIICQj___8_EAIYAA..&s=fee3c1dbdd310cd9cbd669db4f39b230fd024fa9&type=nv&nvt=5&jm=1140|1141|1003&px=0&py=0&bw=182&bh=90&sid=4400521381769888868&vd=ct~0|rr~0&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6933&sw=1600&sh=1200&pw=728&ph=126&ww=728&wh=90&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c5e39ac91de2ad8f710b6bb01a006177.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 07:18:40 GMT
an-x-request-uuid: 06eb90a7-5ed9-444a-96a9-832505450c01
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://c5e39ac91de2ad8f710b6bb01a006177.safeframe.googlesyndication.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.10.201; 80.255.10.201; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame F8C3 0
0 57ms
57ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CrCyt0Ld2ZbbIE8Ln3gPalYmIBNLg1-Buj6S2k5MKwI23ARABIABglcKDgpgHggEXY2EtcHViLTM5NjAwOTU3MDk5MzAxMzTIAQngAgCoAwHIAwKqBOgBT9C9PFsXMiMCXsTIu-w7SWjRFl5lVu2TRManGEcrrZIiBi6w-cYj5Guh69bJHEtva5HC-SkJHJL9zCmdfvRzJRs1ZXGwYq0b5rHZ3FeU8vMJXHJOBs6UeXP9BPVYzPhoKSiBbgbcTrzVJlKvBnVcNnpl38cUI80wphqIddTSAi3iNFk3eSMlBdER074GU5-vgbslPFREunAsv8f6Y6rQQFesuxrZz3zlFfHjz5wIFqVCnoUwVnTdsgUyo7k_-iyQMOACxB4F6iR0lBGEm40rU8OdE7-iuaakLvb6zcZqVju4uI_RGpqNU-AEAYAGwNKfhsi4sfjxAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliElJjy64aDA4AKA_oLAggBgAwB4g0TCNnMmPLrhoMDFcKzdwod2koCQdAVAYAXAbIXHAoaEhRwdWItMzk2MDA5NTcwOTkzMDEzNBjSrm0&sigh=8eYTRN-RSck&uach_m=%5BUACH%5D&cid=CAQSTwDICaaNkF54cVH5EVa_W-L7Fq7cS_U1o17bmBFPp5Vas--XzJ3zLWHnwsCtZAqHl7Ykijla3zoC9JS-_bY-QDWmofoezrboRrVFl0peinIYAQ&cbvp=2&vis=1
Requested by: Host: c5e39ac91de2ad8f710b6bb01a006177.safeframe.googlesyndication.com
URL: https://c5e39ac91de2ad8f710b6bb01a006177.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c5e39ac91de2ad8f710b6bb01a006177.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H2 200 it
ams3-ib.adnxs.com/ Frame F8C3 0
530 B 15ms
15ms Image
text/html 185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fibb.co%2FWH5LQFj&e=wqT_3QKWB-iWAwAAAwDWAAUBCNDv2qsGEM2GxeXWjPLoFxgAKjYJ8qQqzow6oz8RU2Jdc4C-oj8ZAAAAoEfhyj8hUw0SACkRJMgxAAAAIIXrsT8wlTY4tQFAtV5I4wNQuomKtgFY0ccBYABoqTF4-PEFgAEBigEDVVNEkgEBBvBYmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAmbqAhZodHRwczovL2liYi5jby9XSDVMUUZqgAMAiAMBkAMAmAMJoAMBqgOrAwrBAmgNLPCGd3d3LmJpbmcuY29tL2FwaS92MS9tZWRpYXRpb24vdHJhY2tpbmc_YWRVbml0PTM5MTQ2NiZhdUlkPTMwN2RhNTg3LTY4YTgtNGJlZi05YTIwLWIyMDJjYWEzODE1YSZiaWRJZD0xNTAwMCZiaWRkZXJJZD00JmNtRXhwSWQ9TFYyJm9BZFVuGVwgcHVibGlzaGVyATggNjI2NDUzMzAmAQ4AM45xAKhydHlwZT1udXJsJnRhZ0lkPTY5MzMmdHJhZmZpY0dyb3VwPWtuYXFlXzNjERYIU3ViCRkUenpmJTNBER_0NAFfc3l2dHVncnFfYTJxJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTMTcxNjM3MzI3MDk0NTY3ODE1NyIJMzgxODQ2NzE0KgRiaW5nOjhVMlZoY21Ob1FXUWpOekk0TkRJNU56Z3hOVGczT1RVak1qTXlORFkwTWpRMU9UUTNOak14Tnc9PcAD2ATIAwDYA6uLwQHgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAWD9ovEqtPuky_ABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AXMmg_6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGwo0E2gYWChAAAAAAAAAAAAANPwGLZOAGAfIGAggAgAcBiAcAoAcByAf48QXSBw0JDSUFJgzaBwYIBQmo4AcA6gcCCADwB5P5A4oIAhAAlQgAAIA_mAgBwAjwBtIICQj___8_EAIYAA..&s=fee3c1dbdd310cd9cbd669db4f39b230fd024fa9&pp=ZXa30AAE5DYKd7PCAAJK2k_DbPp3erLzt4bu_g&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7PWI0Ld2ZbbIE8Ln3gPalYmIBNLg1-Buj6S2k5MKwI23ARABIABglcKDgpgHggEXY2EtcHViLTM5NjAwOTU3MDk5MzAxMzTIAQngAgCoAwHIAwKqBOsBT9C9PFsXMiMCXsTIu-w7SWjRFl5lVu2TRManGEcrrZIiBi6w-cYj5Guh69bJHEtva5HC-SkJHJL9zCmdfvRzJRs1ZXGwYq0b5rHZ3FeU8vMJXHJOBs6UeXP9BPVYzPhoKSiBbgbcTrzVJlKvBnVcNnpl38cUI80wphqIddTSAi3iNFk3eSMlBdER074GU5-vgbslPFREunAsv8f6Y6rQQFesuxrZz3zlFfHjz5wIFqVCnoUwVnTdsgUyo7k_-iyQMOBAxj-XKICO-YV-7zi1CkcrF5yoPa-KNi9YS5_u6ruSlJcRm3jgx_-wZeAEAYAGwNKfhsi4sfjxAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliElJjy64aDA_oLAggBgAwB4g0TCNnMmPLrhoMDFcKzdwod2koCQdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2CePpB294mfVnHHFnkc9-pIw2rBg%26client%3Dca-pub-3960095709930134%26adurl%3D&cbvp=2

Requested by

Host: c5e39ac91de2ad8f710b6bb01a006177.safeframe.googlesyndication.com
URL: https://c5e39ac91de2ad8f710b6bb01a006177.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c5e39ac91de2ad8f710b6bb01a006177.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 07:18:40 GMT
an-x-request-uuid: 34f38c4e-978a-4be0-b20a-5a949d3c6235
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.10.201; 80.255.10.201; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 platforms Show response
odb.outbrain.com/utils/ Frame 168E 4 KB
3 KB 200ms
162ms XHR
application/json 146.75.118.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/platforms?contentUrl=https%3A%2F%2Fibb.co%2FWH5LQFj&widgetJSId=APP_1&key=INTER1JBG3BD8Q2B763PIB4G3&idx=0&format=vjnc&cors=true&extid=vli-94532
Requested by: Host: static.vliplatform.com
URL: https://static.vliplatform.com/plugins/pbnative/creative.min.js?v=1.06
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.118.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5ca7bb3012f6b20f0e1d1cabbb01135f09919a74b4c8035b4d8f122987429d3a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-cache-hits: 0, 0
date: Mon, 11 Dec 2023 07:18:41 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, FRA, Europe1
x-cache: MISS, MISS
x-traceid: fd61658b71058cb3e52d64f9547b2ecf
content-length: 2670
x-served-by: cache-lga21942-LGA, cache-fra-eddf8230060-FRA
x-timer: S1702279121.846114,VS0,VE156
vary: Accept-Encoding, User-Agent
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://ibb.co
access-control-allow-credentials: true
accept-ranges: bytes
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 ob_logo_16x16.svg
widgets.outbrain.com/images/widgetIcons/ Frame F730 4 KB
4 KB 108ms
17ms Image
image/svg+xml 2.19.245.134
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/ob_logo_16x16.svg
Requested by: Host: ibb.co
URL: https://ibb.co/WH5LQFj
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.245.134 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-245-134.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 9764f6ea10d17a29553a666699d2a12bbbf6805ec29f539084c051285d86c516

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires: Wed, 10 Jan 2024 07:18:41 GMT
date: Mon, 11 Dec 2023 07:18:41 GMT
last-modified: Tue, 05 Dec 2023 07:28:21 GMT
server: AkamaiNetStorage
etag: "1415406c6886077dae89bf474cd6c146:1701762093.651712"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 4128
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ Frame F730 990 B
1 KB 109ms
18ms Image
image/svg+xml 2.19.245.134
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by: Host: ibb.co
URL: https://ibb.co/WH5LQFj
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.245.134 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-245-134.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires: Wed, 10 Jan 2024 07:18:41 GMT
date: Mon, 11 Dec 2023 07:18:41 GMT
last-modified: Tue, 05 Dec 2023 07:28:21 GMT
server: AkamaiNetStorage
etag: "5ab8e16b5f46213840bcd403e349419c:1701762077.100249"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 990
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H2 200 eyJpdSI6ImFhYjRhYjNkMjk1M2FkMzRjNTZhNjlkZmU4NDg5ZGZlYzBjZDMwYTBhNWMyN2FmYzEzNmI2YTEzMDgzYzFjYWMiLCJ3IjozMjAsImgiOjE4MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ Frame F730 7 KB
7 KB 105ms
10ms Image
image/webp 2.18.161.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImFhYjRhYjNkMjk1M2FkMzRjNTZhNjlkZmU4NDg5ZGZlYzBjZDMwYTBhNWMyN2FmYzEzNmI2YTEzMDgzYzFjYWMiLCJ3IjozMjAsImgiOjE4MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: ibb.co
URL: https://ibb.co/WH5LQFj
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.161.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-161-178.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f43bd1b6da2e4b792b3f33c44444e2938b45ed56e4ebd259cfa037ed48289249

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 07:18:41 GMT
last-modified: Wed, 27 Sep 2023 16:42:35 GMT
access-control-allow-methods: GET,POST
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=948620
access-control-allow-credentials: false
x-traceid: a118f3606c77300d8bb445d7958fcbe2
timing-allow-origin: *, *
content-length: 6950

GET
H/1.1 200
OK log-viewability
log.outbrainimg.com/loggerServices/ Frame 168E 4 B
325 B 383ms
89ms Image
application/json 70.42.32.63
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.outbrainimg.com/loggerServices/log-viewability?requestId=35df6ae62457ed0c1b4ce58d81bc1b63&position=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.63 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 11 Dec 2023 07:18:41 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 5f369f4ef5d6a292d3748fc4069dd3aa
Content-Length: 4
Expires: 0

GET
H/1.1 200
OK l
mcdp-nydc1.outbrain.com/ Frame 168E 2 B
278 B 382ms
89ms Image
text/plain 70.42.32.63
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mcdp-nydc1.outbrain.com/l?token=35df6ae62457ed0c1b4ce58d81bc1b63_198067_1702279120949
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.63 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Mon, 11 Dec 2023 07:18:41 GMT
content-encoding: br
X-TraceId: a942b31442eb2c9f9bf8e14b5c7c2c84
Content-Length: 6
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: text/plain; charset=UTF-8

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 78ms
78ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312050101&jk=3425266382736354&bg=!8vGl8b7NAAY3kmNgF5I7ADQBe5WfOLTrYsqMQWIb41LekhwAIOn7O1jyj5oTu7wMliJ4C6BBEsLUszXNx4LHejTgubhEAgAAAEdSAAAAAmgBB5kC1ot8rZI3RpahHmZ1HIFcEgULW-VrZKfFI9l8cUOudv9nqzeWnTNZl3e_1lER83cW3wHmLV8P-HzIne8-p1Z4RqHqrwr_nB28fc_QGBj5uoXiwwADwZ58NJ4GcsS2zzMC8zrKy1bK1EyDH8pD-7CadILlalz-E28UfndXO4d1_BxheD4lUCGr5vQobOGCnKTAXitp3NgcqIelHS3m61x4xvmIXQ9Ck1oOTwQJf5ir3d90Aj8l49mTwsuUDeX4ndb9X94aWg-NLa2p3bOF-ZZzfiMtmf_8in4nQWIVERlQPaKEArC6vgpjPpE0REVhcj3IkTdPJsP9I_vRFRPpZdHD-TJGDqo2_J1jaXIhv2qTMXnjeV-DNnIJl-cwFxYWWHQo8WD7aoeI1fyiE7PSPxCBLMaOAku5F6Q05qH684X3RK58etMRo_DR1YPxnKWv3ryMqrGrR2FXEcRLFVfeKSmGkqymkDylGqwLEeGpx_WtGnSZMC9TNeirW8l3nAzhzek0nqSZZ_2jKI9_2bLGVWcUtH6eD0qVWnz0bZULb6CCD5NtyJFFxUBeIhRzCxF8Wo9D26hxOPA06E_HQqDxPSo2_6ooP11oMUYQ5BjqOLRsvmZdmexLWIrR0vAT73lTD_U6LfLGJeLPRU3BbyUW9aydWKkHrG9jkwKr9XVX2LnsOTiBnodGhjnrT3tiRZq3NS5LxoqO_ygva3T5vFE1pqpX1GELbXRNXe6HUuQ3MIoAI6wesBnBEkC2_KmPMPRLTuQVzT9Pk3CGuiU4AHgxp4cMouM2N5gkOWDx-2BA6MiSmlE7nb-k14Nx2aixvy0aPZgrZpu0tf-f_iTCLp9RBQevlTULlOrP1BniRWr6gmlM9n60DRTHw4Vt29KTux2z2spTtypG-SktqCGB5s9tnWdUUprWP1Ly0WyNH4jlO-hxBuam3i7KlVqTwOwCZKS-RaQ8EEuB0ht7MQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F8C3 42 B
174 B 46ms
45ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssihyk6dZQPx5vNnI_UyFBkIRS9WS7KrxST_bS7xf7U3b7ACBrW0kjZTuiyIbMDJPe4OBpw0UUQOIE1AKwcGlh7XbzaLy1qwMI9HobvR5dOCx7mQkzXug&sig=Cg0ArKJSzDcnjwQ2QSL1EAE&id=lidar2&mcvt=1001&p=1160,435,1250,1163&mtos=717,917,1001,1011,1011&tos=717,200,84,10,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3672933460&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702279120601&rpt=182&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c5e39ac91de2ad8f710b6bb01a006177.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 07:18:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cc.jpeg
px.vliplatform.com/iv-v4/ 0
502 B 130ms
130ms Image
image/jpeg 2606:4700:3037::ac43:9e3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/iv-v4/cc.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNBAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNoc-Ttrweary-wwaw-PTtr-qrAq-eATtUMYwYYetRqxeNRwNqrb_TZYdtroqRlmNxfrtyoftrbxfrtyoftrRdzNwqfftkRrdzNuggustRmNTTTPBARleNplR_yszuNyqslt
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 07:18:41 GMT
cf-cache-status: MISS
last-modified: Mon, 11 Dec 2023 07:18:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FOuP8pw1yTMR%2BQYaCi84gDi8OL9AxNn0%2FQCNtQwqfosrB5dm%2B7dGATtX5cTquzqtkI%2F6AecH8M%2B%2FRBewzekxpf2wL8y5bnClV8BqLAEAw1IUih0yIRMBhxqv9Sow0q2rXPzo9h4J2Uu9VMXasgUmJA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 833bf47f4e103730-FRA
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H3

200

c.gif
www.bing.com/aes/ Frame F8C3
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=42f18213-eefc-4bcf-bccf-05bda5f0350c&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=307da587-68a8-4bef...
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=2ff2e1df44ce4e0690fd140525eb74d7&tids=15000&med=10

0
18 B

53ms
53ms

Image
text/plain

2a02:26f0:3500:1b::1724:a38e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=2ff2e1df44ce4e0690fd140525eb74d7&tids=15000&med=10
Protocol: H3
Server: 2a02:26f0:3500:1b::1724:a38e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c5e39ac91de2ad8f710b6bb01a006177.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 07:18:41 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2781BB8E379C49EBAD3EA12C9720A91F Ref B: FRAEDGE1719 Ref C: 2023-12-11T07:18:41Z
x-cdn-traceid: 0.8ea12417.1702279121.52ee6f57
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0
quic-version: 0x00000001

Redirect headers

expires: 0
pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Mon, 11 Dec 2023 07:18:41 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 498E7998AB90417FAC97962048B13A52 Ref B: FRA31EDGE0512 Ref C: 2023-12-11T07:18:41Z
x-cdn-traceid: 0.8ea12417.1702279121.52ee6ee4
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=2ff2e1df44ce4e0690fd140525eb74d7&tids=15000&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 146
quic-version: 0x00000001

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame F8C3 0
580 B 22ms
21ms Ping
text/html 185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fibb.co%2FWH5LQFj&e=wqT_3QKWB-iWAwAAAwDWAAUBCNDv2qsGEM2GxeXWjPLoFxgAKjYJ8qQqzow6oz8RU2Jdc4C-oj8ZAAAAoEfhyj8hUw0SACkRJMgxAAAAIIXrsT8wlTY4tQFAtV5I4wNQuomKtgFY0ccBYABoqTF4-PEFgAEBigEDVVNEkgEBBvBYmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAmbqAhZodHRwczovL2liYi5jby9XSDVMUUZqgAMAiAMBkAMAmAMJoAMBqgOrAwrBAmgNLPCGd3d3LmJpbmcuY29tL2FwaS92MS9tZWRpYXRpb24vdHJhY2tpbmc_YWRVbml0PTM5MTQ2NiZhdUlkPTMwN2RhNTg3LTY4YTgtNGJlZi05YTIwLWIyMDJjYWEzODE1YSZiaWRJZD0xNTAwMCZiaWRkZXJJZD00JmNtRXhwSWQ9TFYyJm9BZFVuGVwgcHVibGlzaGVyATggNjI2NDUzMzAmAQ4AM45xAKhydHlwZT1udXJsJnRhZ0lkPTY5MzMmdHJhZmZpY0dyb3VwPWtuYXFlXzNjERYIU3ViCRkUenpmJTNBER_0NAFfc3l2dHVncnFfYTJxJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTMTcxNjM3MzI3MDk0NTY3ODE1NyIJMzgxODQ2NzE0KgRiaW5nOjhVMlZoY21Ob1FXUWpOekk0TkRJNU56Z3hOVGczT1RVak1qTXlORFkwTWpRMU9UUTNOak14Tnc9PcAD2ATIAwDYA6uLwQHgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAWD9ovEqtPuky_ABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AXMmg_6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGwo0E2gYWChAAAAAAAAAAAAANPwGLZOAGAfIGAggAgAcBiAcAoAcByAf48QXSBw0JDSUFJgzaBwYIBQmo4AcA6gcCCADwB5P5A4oIAhAAlQgAAIA_mAgBwAjwBtIICQj___8_EAIYAA..&s=fee3c1dbdd310cd9cbd669db4f39b230fd024fa9&type=pv&jm=1140|1141|1003&px=0&py=0&bw=182&bh=90&sf=1&sid=4400521381769888868&vd=ct~0|rr~5&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6933&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c5e39ac91de2ad8f710b6bb01a006177.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 07:18:42 GMT
an-x-request-uuid: bdb88645-66f9-45ab-bdd1-4a53df9e8084
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://c5e39ac91de2ad8f710b6bb01a006177.safeframe.googlesyndication.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.10.201; 80.255.10.201; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: c5e39ac91de2ad8f710b6bb01a006177.safeframe.googlesyndication.com
URL: https://c5e39ac91de2ad8f710b6bb01a006177.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Verdicts & Comments Add Verdict or Comment

108 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
pt.protoawe.com/	1970-01-20 17:34:31	Name: psui Value: fc86a6f77e4b6ce03290be211cf49edf
.mgid.com/	1970-01-20 16:51:20	Name: __cf_bm Value: ILX9DV2Jcer9wBuhdLF_uPEIN.KwJaOwf7RpI2cyhn8-1702279119-0-AVjrbz+bzXLAQ0Jy05K67H4rXgSa/YfFf8L/DOQcKpyFUUa5m4M3Ic298LtqsntGhKaiUZDn98dDdazDUJEF/ZE=
ibb.co/	1970-01-20 18:17:43	Name: __ppIdCC Value: ivv_xo2179667.11.88.
.ibb.co/	1970-01-20 17:31:38	Name: sharedid Value: e2c921b2-41e5-4379-ba80-5839a0527e2e
.ibb.co/	1970-01-20 17:31:38	Name: sharedid_cst Value: zix7LPQsHA%3D%3D
.criteo.com/	1970-01-21 02:12:55	Name: uid Value: e106ecdc-3180-4f2d-a463-a3852b3d3e31
.criteo.com/	1970-01-21 02:12:55	Name: receive-cookie-deprecation Value: 1
.ibb.co/	1970-01-21 02:12:55	Name: cto_bundle Value: Ex1cSV90YmYwMkkxNWVnMWdsWUVFVUJEMWhnRk94aSUyRjdiaGFkZktUc21tUWs0MnNzcnlLV2kxZmFEQ0praHpSdXYxVnNBTEhoYUhvWTdMSzRvYklaJTJCMyUyQndoeFBJbzQ0QmViVnAxTkQxN3VFTTdDSW1TeU9yVU9xaEFIaWNJS2ZHcHNpTldBbE5xeGtCRzV1R3FKNFo4V1J2RHclM0QlM0Q
.ibb.co/	1970-01-21 02:12:55	Name: __gads Value: ID=d2fea3cbe1884ab9:T=1702279120:RT=1702279120:S=ALNI_MZutGG7px00_cfqm87Y4PMmwJPeBA
.ibb.co/	1970-01-21 02:12:55	Name: __gpi Value: UID=00000d1371dfc94f:T=1702279120:RT=1702279120:S=ALNI_Ma668VvARYt7zwVQMvwH75gLP2iCA
.bing.com/	1970-01-21 02:12:55	Name: MUID Value: 2908F02193E4686D0C7FE3C592E4694E
.doubleclick.net/	1970-01-21 02:12:55	Name: IDE Value: AHWqTUmuR5ccamAVh4HVNB5dcYenpR63Skg0T80CGPvZ95r3L8p0hY_x4xbtST4lX8Q

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1(Line 6) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload max-age=63072000; includeSubDomains; preload
X-Frame-Options	DENY DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax.amazon-adsystem.com
adsdk.microsoft.com
adsystem.pocpoc.io
ams3-ib.adnxs.com
assets.vlitag.com
c.amazon-adsystem.com
c.usefulcontentsites.com
c5e39ac91de2ad8f710b6bb01a006177.safeframe.googlesyndication.com
cdn.adnxs.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.usefulcontentsites.com
cm.mgid.com
config.aps.amazon-adsystem.com
dsp.vlitag.com
fonts.googleapis.com
fonts.gstatic.com
galleryn2.vcmdiawe.com
galleryn3.vcmdiawe.com
gum.criteo.com
i.ibb.co
ibb.co
id5-sync.com
images.outbrainimg.com
imasdk.googleapis.com
log.outbrainimg.com
mcdp-nydc1.outbrain.com
media.vlitag.com
mug.criteo.com
odb.outbrain.com
pagead2.googlesyndication.com
pt-static1.awepsljan.com
pt-static3.awepsljan.com
pt-static4.awepsljan.com
pt-static5.awepsljan.com
pt.protoawe.com
px.pocpoc.io
px.vliplatform.com
r5---sn-4g5edndk.googlevideo.com
redirector.googlevideo.com
securepubads.g.doubleclick.net
services.vlitag.com
simgbb.com
static.criteo.net
static.vliplatform.com
tpc.googlesyndication.com
widgets.outbrain.com
www.bing.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
c5e39ac91de2ad8f710b6bb01a006177.safeframe.googlesyndication.com
13.32.22.213
146.75.118.132
162.19.138.117
162.19.58.157
18.239.64.29
185.89.210.153
2.18.161.178
2.19.244.218
2.19.245.134
213.174.132.224
2606:4700:10::6816:3556
2606:4700:10::6816:3ac7
2606:4700:1::6813:854c
2606:4700:20::681a:ea7
2606:4700:20::ac43:4b40
2606:4700:3032::ac43:83fb
2606:4700:3037::ac43:9e3b
2606:4700::6810:5514
2620:1ec:46::45
2a00:1450:4001:23::a
2a00:1450:4001:809::200a
2a00:1450:4001:80b::2001
2a00:1450:4001:810::2002
2a00:1450:4001:811::2008
2a00:1450:4001:812::200a
2a00:1450:4001:813::2003
2a00:1450:4001:813::2004
2a00:1450:4001:81c::2001
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::200e
2a02:2638:3::3
2a02:2638:3::c
2a02:26f0:3500:1b::1724:a38e
2a06:98c1:3121::3
70.42.32.63
93.93.51.190
93.93.51.191
93.93.51.200
99.86.4.39
0025ee230b186cf9d87269bb59f59dea577de89dcd1026aeb3b7c6b5d6e8e1c7
00b2dfbe4066902157f564d031dc83ef612e228247de79fc43181598ecb5f16a
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
089eb8245e3b54ba7ec782bf62126667c21b7d050e5fe8a50c3c221969eed9fd
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0
191a98003e98b429276e8f3daefd3849a1603a4ddee78efc0168ba41a131a5bb
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
1c992fd00b4e07e48a9aa9c345a706a78783e9db2344a873187d0d54b044ce67
21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2d48c5108f26317d2b7b537c0a59d717a48d9c91d5938188c266ec884f522705
2dc37eeeb346edd7286ac5fbd4d78aed9c22129d81fce5b3c06ddc069d2cc08c
2f1ad4ec7176f493b16e0d186f222e3484248cbb48f82289c736a0877f2d5894
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
36d43acc4e1e01e4decfafce0a71875b76f00724cb836ed8957f0f2fff22fd91
3839aa4adfaef2648ff2d729a01e02a240277feb5cf11a29e6f1be16165b3fd9
395a036b18c09f33407f1a29a3fe592e7e43a41b14234980dfbf05c7fdd55ade
39ad9af61b05dd96903647c297c5486ff4a8924df0c9073f6828994f268a7202
3b5c79fa6438eb8abbfc5dbde134a7f49a7f5920a1099a47b5ffed5222b495f0
4563823fd629a48517c7feb8bf33640e12440e08bdde7a172ce477c2ddfc9c4d
45906ccf25c34566708e3c7b29332f2d567c6fa53c72a64b2523928343be6cd1
45fe766308841d0d4a2068ef014d83df899ef6623f6bb4bde509431657b1c707
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4791043221b68d0405ffd236de8304d44b0fef042f0d9087e86f363c86971896
4883205d54fe1aab104eb7b25a2309ced437ac482c2db2e0580921696b8c24ae
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4
51f225019c0693f0484dc04b2570bec54773423c97a2f4b7ff6378e457d8d3b6
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5ca7bb3012f6b20f0e1d1cabbb01135f09919a74b4c8035b4d8f122987429d3a
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5db53bf6a77148dae0aece6b6512e4a6bf94603af72e449a0f23ed03e8b96ff3
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62b6c7693c102386c9ade23b6bd66748603cc14f4666d507a45e7cb3a5755f0c
65d03eb82a79a732d7c0180593c4f5dc98a8fac5c20c3a5446c4f14bf93d280a
6873b6283618b5566d46946a8346018f75834560e07c6c041fd35c5482aac982
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7518709dc620fc56e3318bd2cd4c9d4895afd950916f40201d63442aa4bd1c5b
7612ff33976166c9617f119403de9d0eae9e553ce8e06a265f5a02039cb05fc3
76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554
7c598d6dc2f040f82c608cb1ef063629ad52ade976a354e578cfab5f2fbb428d
7d71a852775aba4b8dc1944e102cb58b344c544fe55e69da4caa73e8ccc1d2cb
80329d457bd68a89b53ca393d3ba5f1c7b4f944c3c60ef8244a6969e10647c55
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8cb19dd370d8a0dd9ee570e546a789c88840bd443082943f099e4c87cdfff2bf
8f1b8610e956324918230ac2715a40b0b09f6668dda455871f11924a15a53fa9
9764f6ea10d17a29553a666699d2a12bbbf6805ec29f539084c051285d86c516
9969c20b05385e44eef49078bb0fbffd8dd6081b90adf392fbcad9a894fa549a
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
a24a1cdd313ab6fa435e1a0f9f4f0395f864a11c9a5ff9610beafe91548d1a8d
a3531c1a6993ccc3e7b0f3e1495768e3464aecd55193ef112cb5555422ae6c90
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
b5aacc837f3866c139e24a9c447f8ecc672b3e718536585ac1fd0ce9cc0e4e8c
b8341f341848ee9eec71870d976b0895ef1084190c2e0b0349d2ba1c9b9ef64e
b99ba83b909ac23a5f68054122ddba7cf82da18de370731899546f24104b5247
ba014b41e87e2deda011cf92146d1b1842133b416d5ce0be02719670c0d46e10
bda9ec230e9fd779256cde4a4b7687c6fbfab102624bed226faca3e27d255716
c0fddcccf39ea7aba5f4a79ad038df3b64aae55936217e31bdbe6379c96f9106
c43f2cfd502f8404bf58060207dfd8294ad0c7f1bc08e69db75713552f915795
c8d7e8de674f8d083eaa5c822b7c51aa055767dd7673e8e4f33bb9a5fd053f16
cf0490b4b021c6d98aa66e8bc00e4d1e5dd121abb9cd7c472f6e9ec66e825775
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d192a5e1527c429f7e465e41ecbf501e491bbb33365f4870a332ff497c4b12e8
d38619a36961d91bd068ca42573331e3cc6331bdb22ce946083f584163d0639a
d66673d789efa519d934345d72e1f9c6b4c57d6269032f124cfe65bb419b9340
da11fea14aa373ea068726762d9842ac4129e659d436ae4f34b71db803046e3b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df6206894a90422702868d2569c44a230a128e12c714535c82f2630fd92d6d15
e00cb88738adfce7ad329a09432c6bb494decc964b1b1c311c34d2f180e56b65
e24bd806e3ac18f6b8cc61bbcd7a899ef8de8c91f85840f4ab4ad0eb97cb1204
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e97a9988dce8067f81f57557b349dd481e0335e75175179b6b01322be2ff13a5
eb46a46f643895746cfe3e2e199278b0154edfb75cecb1132df74f47b84d67b5
eec443d0e659b9c8560f637392aa4682c448b1a19db1a6c7af7c6b84f2180221
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f43bd1b6da2e4b792b3f33c44444e2938b45ed56e4ebd259cfa037ed48289249
f46bf0c1c79af4187878ef33dc72a02a554013f943f2eaeb9ad5e88c246b6b13
f9d445913021603e0270624f1e21608691108c3a856a6963f3edb0244445dddb
ff3ec271ef20383e3c4fd7f8a8bbab3610c6bd52fa7ca3a52059b97faf148b24

ibb.co Open in urlscan Pro 213.174.132.224 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

124 Requests

95 %HTTPS

63 %IPv6

29 Domains

52 Subdomains

41 IPs

4 Countries

2971 kBTransfer

6911 kBSize

12 Cookies

10 Outgoing links

Redirected requests

124 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ibb.co Open in urlscan Pro
213.174.132.224 Public Scan

Screenshot
Live screenshot

Full Image

124
Requests

95 %
HTTPS

63 %
IPv6

29
Domains

52
Subdomains

41
IPs

4
Countries

2971 kB
Transfer

6911 kB
Size

12
Cookies

124 HTTP transactions
1 data transactions