ibb.co Open in urlscan Pro
213.174.132.224 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ibb.co/54SqStp
Effective URL:
https://ibb.co/54SqStp
Submission: On December 10 via manual (December 10th 2023, 4:57:23 am UTC) from US — Scanned from DE

Summary HTTP 111 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 37 IPs in 5 countries across 26 domains to perform 111 HTTP transactions. The main IP is 213.174.132.224, located in Ashburn, United States and belongs to ADVANCEDHOSTERS-AS, NL. The main domain is ibb.co. The Cisco Umbrella rank of the primary domain is 11877.
TLS certificate: Issued by R3 on December 9th 2023. Valid for: 3 months.

This is the only time ibb.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	213.174.132.224 213.174.132.224	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
5	2606:4700:303... 2606:4700:3032::ac43:83fb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 14	2606:4700:10:... 2606:4700:10::6816:3bc7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	162.19.58.160 162.19.58.160	16276 (OVH) (OVH)
3	93.93.51.191 93.93.51.191	34655 (DOCLER-AS) (DOCLER-AS)
4	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
4	93.93.51.200 93.93.51.200	34655 (DOCLER-AS) (DOCLER-AS)
2	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
4	93.93.51.190 93.93.51.190	34655 (DOCLER-AS) (DOCLER-AS)
7	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
3	108.138.1.25 108.138.1.25	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:1::... 2606:4700:1::6813:834c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	99.86.4.71 99.86.4.71	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	108.138.9.235 108.138.9.235	16509 (AMAZON-02) (AMAZON-02)
13	2606:4700:303... 2606:4700:3030::6815:5286	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400e:2::7	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:3556	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
1 3	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	162.19.138.83 162.19.138.83	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:ea7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::681a:fa7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
1	146.75.118.132 146.75.118.132	54113 (FASTLY) (FASTLY)
2	2.19.106.209 2.19.106.209	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2.18.161.178 2.18.161.178	16625 (AKAMAI-AS) (AKAMAI-AS)
2	64.202.112.223 64.202.112.223	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
5	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
111	37

1 213.174.132.224 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

ibb.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3032::ac43:83fb (United States)

ASN13335 (CLOUDFLARENET, US)

simgbb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.usefulcontentsites.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.usefulcontentsites.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700:10::6816:3bc7 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

services.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsp.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.19.58.160 (France)

ASN16276 (OVH, FR)
PTR: ns3096649.ip-162-19-58.eu

i.ibb.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 93.93.51.191 (Luxembourg)

ASN34655 (DOCLER-AS, LU)

pt.protoawe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 93.93.51.200 (Luxembourg)

ASN34655 (DOCLER-AS, LU)

pt-static5.awepsljan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pt-static4.awepsljan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pt-static3.awepsljan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pt-static1.awepsljan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 93.93.51.190 (Luxembourg)

ASN34655 (DOCLER-AS, LU)

galleryn2.vcmdiawe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
galleryn3.vcmdiawe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
galleryn0.vcmdiawe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.1.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-1-25.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:1::6813:834c (United States)

ASN13335 (CLOUDFLARENET, US)

cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-71.fra6.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 108.138.9.235 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-9-235.fra56.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:3030::6815:5286 (United States)

ASN13335 (CLOUDFLARENET, US)

px.vliplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.vliplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

redirector.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400e:2::7 (Ireland)

ASN15169 (GOOGLE, US)

r2---sn-5hnekn7k.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

f4e8c1e4582a69605647227e946dd6d6.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.83 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532338.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:ea7 (United States)

ASN13335 (CLOUDFLARENET, US)

adsystem.pocpoc.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:fa7 (United States)

ASN13335 (CLOUDFLARENET, US)

px.pocpoc.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.118.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

odb.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.19.106.209 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-106-209.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.161.178 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-161-178.deploy.static.akamaitechnologies.com

images.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.202.112.223 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

mcdp-nydc1.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
log.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	googlesyndication.com f4e8c1e4582a69605647227e946dd6d6.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 148 pagead2.googlesyndication.com — Cisco Umbrella Rank: 102	76 KB
14	vlitag.com 1 redirects services.vlitag.com — Cisco Umbrella Rank: 40308 assets.vlitag.com — Cisco Umbrella Rank: 49048 media.vlitag.com — Cisco Umbrella Rank: 79301 dsp.vlitag.com — Cisco Umbrella Rank: 63386	1 MB
13	vliplatform.com px.vliplatform.com — Cisco Umbrella Rank: 35885 static.vliplatform.com — Cisco Umbrella Rank: 99516	13 KB
8	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 306 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 614 aax.amazon-adsystem.com — Cisco Umbrella Rank: 410	72 KB
7	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196	222 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 428	104 KB
5	simgbb.com simgbb.com — Cisco Umbrella Rank: 207329	139 KB
4	outbrain.com odb.outbrain.com — Cisco Umbrella Rank: 4021 widgets.outbrain.com — Cisco Umbrella Rank: 2138 mcdp-nydc1.outbrain.com — Cisco Umbrella Rank: 7106	9 KB
4	vcmdiawe.com galleryn2.vcmdiawe.com — Cisco Umbrella Rank: 35425 galleryn3.vcmdiawe.com — Cisco Umbrella Rank: 34552 galleryn0.vcmdiawe.com — Cisco Umbrella Rank: 34465	121 KB
4	awepsljan.com pt-static5.awepsljan.com pt-static4.awepsljan.com pt-static3.awepsljan.com pt-static1.awepsljan.com	122 KB
4	gstatic.com fonts.gstatic.com	94 KB
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 424 mug.criteo.com — Cisco Umbrella Rank: 2811	7 KB
3	protoawe.com pt.protoawe.com	9 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29 imasdk.googleapis.com — Cisco Umbrella Rank: 487	128 KB
3	ibb.co ibb.co — Cisco Umbrella Rank: 11877 i.ibb.co — Cisco Umbrella Rank: 12045	702 KB
2	outbrainimg.com images.outbrainimg.com — Cisco Umbrella Rank: 2858 log.outbrainimg.com — Cisco Umbrella Rank: 3044	8 KB
2	pocpoc.io adsystem.pocpoc.io — Cisco Umbrella Rank: 59400 px.pocpoc.io — Cisco Umbrella Rank: 61081	1 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 893 id5-sync.com — Cisco Umbrella Rank: 425	34 KB
2	googlevideo.com 1 redirects redirector.googlevideo.com — Cisco Umbrella Rank: 1163 r2---sn-5hnekn7k.googlevideo.com — Cisco Umbrella Rank: 680656	959 B
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 313	3 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	159 KB
2	usefulcontentsites.com cdn.usefulcontentsites.com — Cisco Umbrella Rank: 137705 c.usefulcontentsites.com — Cisco Umbrella Rank: 65158	3 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 631	13 KB
1	mgid.com cm.mgid.com — Cisco Umbrella Rank: 1303	413 B
111	26

	Domain	Requested by
12	px.vliplatform.com	ibb.co
8	assets.vlitag.com	services.vlitag.com ibb.co
7	tpc.googlesyndication.com	f4e8c1e4582a69605647227e946dd6d6.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com
7	securepubads.g.doubleclick.net	services.vlitag.com securepubads.g.doubleclick.net ibb.co
5	pagead2.googlesyndication.com	ibb.co securepubads.g.doubleclick.net tpc.googlesyndication.com
5	cdn.ampproject.org	f4e8c1e4582a69605647227e946dd6d6.safeframe.googlesyndication.com
5	simgbb.com	ibb.co simgbb.com
4	aax.amazon-adsystem.com	c.amazon-adsystem.com
4	fonts.gstatic.com	fonts.googleapis.com
4	services.vlitag.com	ibb.co services.vlitag.com
3	c.amazon-adsystem.com	services.vlitag.com c.amazon-adsystem.com
3	pt.protoawe.com	ibb.co
2	widgets.outbrain.com	ibb.co
2	gum.criteo.com	1 redirects static.criteo.net
2	f4e8c1e4582a69605647227e946dd6d6.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	cdn.jsdelivr.net	assets.vlitag.com securepubads.g.doubleclick.net
2	galleryn2.vcmdiawe.com	pt.protoawe.com
2	www.googletagmanager.com	pt.protoawe.com www.googletagmanager.com
2	i.ibb.co	ibb.co
2	fonts.googleapis.com	ibb.co f4e8c1e4582a69605647227e946dd6d6.safeframe.googlesyndication.com
1	www.google.com	tpc.googlesyndication.com
1	c.usefulcontentsites.com
1	log.outbrainimg.com	ibb.co
1	mcdp-nydc1.outbrain.com	ibb.co
1	images.outbrainimg.com	ibb.co
1	odb.outbrain.com	static.vliplatform.com
1	static.vliplatform.com	dsp.vlitag.com
1	px.pocpoc.io	ibb.co
1	adsystem.pocpoc.io	dsp.vlitag.com
1	dsp.vlitag.com	services.vlitag.com
1	www.google-analytics.com	www.googletagmanager.com
1	mug.criteo.com	ibb.co
1	id5-sync.com	cdn.id5-sync.com
1	static.criteo.net	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	r2---sn-5hnekn7k.googlevideo.com	ibb.co
1	redirector.googlevideo.com	1 redirects
1	media.vlitag.com	1 redirects
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
1	cm.mgid.com	cdn.usefulcontentsites.com
1	imasdk.googleapis.com	services.vlitag.com
1	galleryn0.vcmdiawe.com	pt.protoawe.com
1	galleryn3.vcmdiawe.com	pt.protoawe.com
1	pt-static1.awepsljan.com	pt.protoawe.com
1	pt-static3.awepsljan.com	pt.protoawe.com
1	pt-static4.awepsljan.com	pt.protoawe.com
1	pt-static5.awepsljan.com	pt.protoawe.com
1	cdn.usefulcontentsites.com	ibb.co
1	ibb.co
111	49

This site contains links to these domains. Also see Links.

Domain
undefined
imgbb.com
api.imgbb.com
i.ibb.co

Subject Issuer	Validity	Valid
ibb.co R3	`2023-12-09` - `2024-03-08`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
simgbb.com GTS CA 1P5	`2023-12-08` - `2024-03-07`	3 months	crt.sh
usefulcontentsites.com GTS CA 1P5	`2023-10-23` - `2024-01-21`	3 months	crt.sh
vlitag.com GTS CA 1P5	`2023-11-26` - `2024-02-24`	3 months	crt.sh
pt.aweproto.com R3	`2023-11-19` - `2024-02-17`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
pt-static1.awepsljan.com R3	`2023-10-26` - `2024-01-24`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.vcmdiawe.com Sectigo RSA Domain Validation Secure Server CA	`2023-05-02` - `2024-05-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-11` - `2024-04-10`	a year	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2023-02-20` - `2024-03-20`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
*.id5-sync.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
pocpoc.io GTS CA 1P5	`2023-11-19` - `2024-02-17`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.outbrain.com R3	`2023-11-21` - `2024-02-19`	3 months	crt.sh
*.outbrainimg.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-02` - `2024-03-02`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 11 frames:

Primary Page: https://ibb.co/54SqStp
Frame ID: 0CFA8BF31E8434B6BAADE9630907E249
Requests: 62 HTTP requests in this frame

Frame: https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1
Frame ID: A913B740FC05CAF923A3D4F0D2B2F862
Requests: 13 HTTP requests in this frame

Frame: https://f4e8c1e4582a69605647227e946dd6d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1B0C7551DB5FE6556BF7259BB2D9AC0C
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=ibb.co
Frame ID: 6F15EFE741378A23791689595E382CC1
Requests: 2 HTTP requests in this frame

Frame: https://f4e8c1e4582a69605647227e946dd6d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 451073BC2E3F08EF92105E6CCD719ABD
Requests: 1 HTTP requests in this frame

Frame: https://f4e8c1e4582a69605647227e946dd6d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1091BB162F9498681AC6C89EFDB61923
Requests: 1 HTTP requests in this frame

Frame: https://dsp.vlitag.com/js/v1/adtag.js
Frame ID: D44FC874D556E133F88286FE033A430A
Requests: 7 HTTP requests in this frame

Frame: https://f4e8c1e4582a69605647227e946dd6d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F5924F3300EC0DE0288155AB6DB093E3
Requests: 17 HTTP requests in this frame

Frame: https://widgets.outbrain.com/images/widgetIcons/ob_logo_16x16.svg
Frame ID: EFE4DC7BAAF755B70C7E2E8FA3D82050
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0AA95E23883A1C9CB293D041FBF16A89
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3B44DDDA7E65254907B3B1D238E04615
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

20231116-184317 hosted at ImgBB — ImgBB

Page URL History Show full URLs

http://ibb.co/54SqStp HTTP 307
https://ibb.co/54SqStp Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

111
Requests

96 %
HTTPS

65 %
IPv6

26
Domains

49
Subdomains

37
IPs

5
Countries

3098 kB
Transfer

6697 kB
Size

11
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://undefined/?ref=ibb.co
Title: Valueimpression

Search URL Search Domain Scan URL

URL: https://imgbb.com/

Search URL Search Domain Scan URL

URL: https://imgbb.com/plugin
Title: Plugin

Search URL Search Domain Scan URL

URL: https://api.imgbb.com/
Title: API

Search URL Search Domain Scan URL

URL: https://imgbb.com/tos
Title: Terms of service

Search URL Search Domain Scan URL

URL: https://imgbb.com/privacy
Title: Privacy

Search URL Search Domain Scan URL

URL: https://imgbb.com/contact
Title: Contact

Search URL Search Domain Scan URL

URL: https://imgbb.com/upload
Title: Hochladen

Search URL Search Domain Scan URL

URL: https://imgbb.com/login
Title: Anmelden

Search URL Search Domain Scan URL

URL: https://i.ibb.co/NCJwJQD/20231116-184317.jpg

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ibb.co/54SqStp HTTP 307
https://ibb.co/54SqStp Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 53

https://media.vlitag.com/vid/?id=6Fk_i-JDmbY&t=y HTTP 302
https://redirector.googlevideo.com/videoplayback?expire=1702204064&ei=QD51ZcziEMGhkgbx9KrACQ&ip=184.164.141.146&id=o-AN2B0dvFDgr-ZBvwr8l9-ZZroTgdZMK2RIMuMQyXEvRu&itag=18&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=d6&mm=31%2C29&mn=sn-2puupm-2pue%2Csn-p5qlsndk&ms=au%2Crdu&mv=u&mvi=1&pl=21&spc=UWF9f46IEfuQ5W7TY79vbfwnRAMKpWYQ8OKuTv_J0w&vprv=1&svpuc=1&mime=video%2Fmp4&ns=NNrnjqjsYpTYbo8njkvoQh4P&cnr=14&ratebypass=yes&dur=200.968&lmt=1685781175523295&mt=1702181247&fvip=3&fexp=24007246&c=WEB&txp=6219224&n=DboN9FmKyXZWP-J7_&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=ANLwegAwRQIhAOyblWyU3-07-c_EoO04g0SMxVcf00kBVfmhLDaovofqAiBzW6K7P7ITZ6dlO4-loDqgBpnYlMw_vf7yV1YmWDemzQ%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AM8Gb2swRAIgN4rcBmIDv3SZKAzGmbCY4rgpF-fCNSNi_4juUsXL_EkCIFkuyrKWROSSj11mOO_ktzLR0SJJ5eui26SleDRAlQdL HTTP 302
https://r2---sn-5hnekn7k.googlevideo.com/videoplayback?expire=1702204064&ei=QD51ZcziEMGhkgbx9KrACQ&ip=184.164.141.146&id=o-AN2B0dvFDgr-ZBvwr8l9-ZZroTgdZMK2RIMuMQyXEvRu&itag=18&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&spc=UWF9f46IEfuQ5W7TY79vbfwnRAMKpWYQ8OKuTv_J0w&vprv=1&svpuc=1&mime=video%2Fmp4&ns=NNrnjqjsYpTYbo8njkvoQh4P&cnr=14&ratebypass=yes&dur=200.968&lmt=1685781175523295&fexp=24007246&c=WEB&txp=6219224&n=DboN9FmKyXZWP-J7_&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=ANLwegAwRQIhAOyblWyU3-07-c_EoO04g0SMxVcf00kBVfmhLDaovofqAiBzW6K7P7ITZ6dlO4-loDqgBpnYlMw_vf7yV1YmWDemzQ%3D%3D&cms_redirect=yes&mh=d6&mip=2a03:1b20:6:f011::4e&mm=31&mn=sn-5hnekn7k&ms=au&mt=1702183966&mv=m&mvi=2&pl=48&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AM8Gb2swRAIgNYdH2nJAKSWV91-PLJOzIJnktPt_vEXi8EQBJU9M228CICxqJ2M_3LfN2kw1_qlr3Sun6UTJQCyHUYZCYE9R-_6I

Request Chain 67

https://gum.criteo.com/sid/json?origin=publishertagids&domain=ibb.co&sn=ChromeSyncframe&so=0&topUrl=ibb.co&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=vEbq2nxEUTdnM00vVi90c1lrQ2N5cnkvVEJ2akxmT0ZOaGRNQ2djYmRCenlFNGdHYXNOQTQzUjR1U0JrR3NyZmt4dzNKUW5ZRytMK1duS21UbTRWNURqV3A4YlI3QnNSbXhPb25mU2RrZ2pNTi93UHJKTlNjUkZtbXZhOEppZWZGVGVLdzRrcElpeE42MWtadUp6V3RjSk9Nb0dWaytxaUNQUit0MDF6RmkxTERBMnU4dnlPck5ma0ljRGlwYXVETTBxV3ZEdnFmcGhhTitBYlFNVmRDN1JYdUxBeG1WNUY5amUySjZMdURwQUk2RXNVWDR6cHlRU1lmbjJZRXZLblFCUzkvUEd6L29KVHZPWDBOSi9UK0hpWG5vUT09fA&cppv=2

111 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 54SqStp Show response
ibb.co/
Redirect Chain

http://ibb.co/54SqStp
https://ibb.co/54SqStp

23 KB
7 KB

316ms
118ms

Document
text/html

213.174.132.224
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ibb.co/54SqStp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

213.174.132.224 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

c3b459c54ecd9f262e2f6f0ea633d1da499ecfe68fb1ff3ec126be0f3bf0b7aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload max-age=63072000; includeSubDomains; preload
X-Frame-Options	DENY DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 10 Dec 2023 04:57:17 GMT
server: nginx
strict-transport-security: max-age=63072000; includeSubDomains; preload max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-frame-options: DENY DENY

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://ibb.co/54SqStp
Non-Authoritative-Reason: HSTS

GET
H2 200 css2
fonts.googleapis.com/ 9 KB
1 KB 171ms
62ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500&display=swap

Requested by

Host: ibb.co
URL: https://ibb.co/54SqStp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b5aacc837f3866c139e24a9c447f8ecc672b3e718536585ac1fd0ce9cc0e4e8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 10 Dec 2023 04:57:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 10 Dec 2023 04:32:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 10 Dec 2023 04:57:17 GMT

GET
H2 200 ibb.css
simgbb.com/2801/ 115 KB
26 KB 71ms
23ms Stylesheet
text/css 2606:4700:3032::ac43:83fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://simgbb.com/2801/ibb.css
Requested by: Host: ibb.co
URL: https://ibb.co/54SqStp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:83fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d192a5e1527c429f7e465e41ecbf501e491bbb33365f4870a332ff497c4b12e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 04:57:17 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 09 Dec 2023 12:35:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5727
etag: W/"65745f1d-1cd5c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OYGFW2b%2Fw%2BOdwIL%2BkGHahH2md%2Bu%2FYkWAA39ZWs4jKiVyaPBWsgzDPEbFHz1dXvvCzxEyU4lf2B7SQKlPldCKl7cpQmPWci6dUG%2F4kDqMSUKgMJUoJpgcFHrRN1HBZIpbQn2xyRC17PFf"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 8332e7fc9c523602-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 subscribe.js Show response
cdn.usefulcontentsites.com/js/push/ 5 KB
2 KB 514ms
175ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.usefulcontentsites.com/js/push/subscribe.js?v=7
Requested by: Host: ibb.co
URL: https://ibb.co/54SqStp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c598d6dc2f040f82c608cb1ef063629ad52ade976a354e578cfab5f2fbb428d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-id: sv5-hw-edge-gc25
date: Sun, 10 Dec 2023 04:57:18 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: MC50XWEDHTKF6HAN
age: 1718
x-cached-since: 2023-11-30T10:03:03+00:00
x-id-fe: sv5-hw-edge-gc25
alt-svc: h3=":443"; ma=86400
x-amz-id-2: +qKDcVrAgX8N1ma1g9T6mV87lnUfREHaEIDNLO3ak6CUuymPuyWceVmAIWKrq5N0KLKa/mtSVxU=
last-modified: Wed, 30 Mar 2022 12:06:36 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1648641987/ctime:1648641987/gid:0/gname:root/md5:531a7e657aea171bbfa47a0c45adfede/mode:33206/mtime:1648641987/uid:0/uname:root
etag: W/"531a7e657aea171bbfa47a0c45adfede"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TMwT6ZzHbPhBpch%2FAEfBUlsUYfKDFgFOvI3RUgErES%2BbjPe7qXauzH%2FWQj2dsDXWlN9gNbrEOQ%2FZpx2%2FSbrz7SaZYnYGU5OeQQ%2BIhuEJER8rArAq2emd034veQ%2F%2BxM8l0I2z233Fg%2BcpSQUASjMdEIDdOUGF7CT%2B3A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cache: STALE
cf-ray: 8332e7ff8dc467cb-SJC

GET
H2 200 / Show response
services.vlitag.com/adv1/ 573 KB
147 KB 78ms
31ms Script
application/javascript 2606:4700:10::6816:3bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1
Requested by: Host: ibb.co
URL: https://ibb.co/54SqStp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3bc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da11fea14aa373ea068726762d9842ac4129e659d436ae4f34b71db803046e3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 04:57:17 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 34
cf-polished: origSize=586945
etag: W/"8e6637b4f4f57cc6ca9a8b8db5bcdcb1 2023-12-07T22:46:21 v1 default"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, stale-while-revalidate=3600
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 8332e7fdaa13380f-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 logo.png
simgbb.com/images/ 938 B
1 KB 23ms
18ms Image
image/png 2606:4700:3032::ac43:83fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simgbb.com/images/logo.png
Requested by: Host: ibb.co
URL: https://ibb.co/54SqStp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:83fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80329d457bd68a89b53ca393d3ba5f1c7b4f944c3c60ef8244a6969e10647c55

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 04:57:17 GMT
cf-cache-status: HIT
last-modified: Sat, 09 Dec 2023 12:35:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5642
etag: "65745f1d-3aa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CiHUzH9yxd53wdasFW4lg5chYB1GBu15ILdLRkGoc6KtfpFtOKGpNyTtlKsFxgeuf9JP%2FtUbqRkc6r8mSIfQYyVhkjshnnmxVmHeBtd5uBk%2BL30M%2FS3VyugUiJ5MkR%2FlHQMC4c9wf3S%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8332e7fd6cce3602-FRA
alt-svc: h3=":443"; ma=86400
content-length: 938

GET
H2 200 20231116-184317.jpg
i.ibb.co/vqT2Tgy/ 105 KB
105 KB 60ms
17ms Image
image/jpeg 162.19.58.160
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/vqT2Tgy/20231116-184317.jpg
Requested by: Host: ibb.co
URL: https://ibb.co/54SqStp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.160 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096649.ip-162-19-58.eu
Software: nginx /
Resource Hash: e752832f4652b23f34221e9684fd64d7538cd8f2c1b53a492ea9ba367cd1418c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 04:57:17 GMT
last-modified: Sun, 10 Dec 2023 04:14:44 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 107124
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 script Show response
pt.protoawe.com/cifra/ 2 KB
2 KB 74ms
31ms Script
application/javascript 93.93.51.191
DOCLER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pt.protoawe.com/cifra/script?id=awe-customiframe-container&row=1&column=4&border=0&wide=0&padding=8px&model=0&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&legacyRedirect=1
Requested by: Host: ibb.co
URL: https://ibb.co/54SqStp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.93.51.191 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software: unknown /
Resource Hash: 3b5c79fa6438eb8abbfc5dbde134a7f49a7f5920a1099a47b5ffed5222b495f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 04:57:17 GMT
cache-control: no-cache
x-ud-id: sdHoz/9pT
server: unknown
x-cache-status: R-EXPIRED
content-type: application/javascript

GET
H2 200 jquery2.js Show response
simgbb.com/2801/ 114 KB
41 KB 28ms
23ms Script
application/javascript 2606:4700:3032::ac43:83fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://simgbb.com/2801/jquery2.js
Requested by: Host: ibb.co
URL: https://ibb.co/54SqStp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:83fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff3ec271ef20383e3c4fd7f8a8bbab3610c6bd52fa7ca3a52059b97faf148b24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 04:57:17 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 09 Dec 2023 12:35:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5408
etag: W/"65745f1d-1c65d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y5%2F1tOw7MPnrtZyrhZTAH3aEJLZHMyn9KX%2BsB017XWSqCSxE68Keonl8%2Fs3Hp9%2BDwfcnu4vDLQRyvfBj7JUeoqa90yAWCRmTrCrnRsadI%2FfrGHI8PtPccV4qOgNJ45KXzHwkKzyG5u14"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 8332e7fd6ccf3602-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 ibb.js Show response
simgbb.com/2801/ 215 KB
62 KB 30ms
25ms Script
application/javascript 2606:4700:3032::ac43:83fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://simgbb.com/2801/ibb.js
Requested by: Host: ibb.co
URL: https://ibb.co/54SqStp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:83fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45906ccf25c34566708e3c7b29332f2d567c6fa53c72a64b2523928343be6cd1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 04:57:17 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 09 Dec 2023 12:35:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5727
etag: W/"65745f1d-35a95"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BGLi3iViy%2BNs%2BZZe7yyQJUhZ4X%2FT6kjNPbnaVZbBnkYHQGNl6572MoJNNiwdjos%2F38%2F7ndmROZ06N9KhEhnh4%2BSE5S0hvUFfe2XkVAOawKvT%2B4exDZRTdw3WHumpWEdjr72xx9EBUIZn"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 8332e7fd6cd03602-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 cifra Show response
pt.protoawe.com/ Frame A913 28 KB
7 KB 49ms
10ms Document
text/html 93.93.51.191
DOCLER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1
Requested by: Host: ibb.co
URL: https://ibb.co/54SqStp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.93.51.191 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software: unknown /
Resource Hash: 75ddc6d9d2c549c62524a182bc3326311a6aedaeb3a4bd726db370f41aff22c2

Request headers

Referer: https://ibb.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=300, public
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 10 Dec 2023 04:56:41 GMT
server: unknown
vary: Accept-Encoding
x-cache-status: R-HIT
x-ud-id: F2XK6/pDn

GET
H2 200 imgbb.woff2
simgbb.com/fonts/ 8 KB
9 KB 50ms
19ms Font
font/woff2 2606:4700:3032::ac43:83fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://simgbb.com/fonts/imgbb.woff2
Requested by: Host: simgbb.com
URL: https://simgbb.com/2801/ibb.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:83fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f46bf0c1c79af4187878ef33dc72a02a554013f943f2eaeb9ad5e88c246b6b13

Request headers

Referer: https://simgbb.com/2801/ibb.css
Origin: https://ibb.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 04:57:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4967
alt-svc: h3=":443"; ma=86400
content-length: 8468
last-modified: Sat, 09 Dec 2023 12:35:41 GMT
server: cloudflare
etag: "65745f1d-2114"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EhLMgZKEzCC%2FnE6Ot4CNM%2FIubmg2L93y9jJ4w0mPdDoP53LKfLMdM%2Bf4B0aRpN67O%2Fbsji8Kxqvn997SNVE%2FHSWXld76Bfg5qcjpp9etdxTDwKH4h4DNLzXKfkm86oUkCo5R9TxgV%2FpR"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8332e7fd9e073673-FRA

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ 47 KB
48 KB 179ms
56ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ibb.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:08:30 GMT
x-content-type-options: nosniff
age: 143327
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48432
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Dec 2024 13:08:30 GMT

GET
H2 200 20231116-184317.jpg
i.ibb.co/NCJwJQD/ 589 KB
590 KB 18ms
18ms Image
image/jpeg 162.19.58.160
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/NCJwJQD/20231116-184317.jpg
Requested by: Host: ibb.co
URL: https://ibb.co/54SqStp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.160 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096649.ip-162-19-58.eu
Software: nginx /
Resource Hash: e28415c44976c45ebd859cec7a9c93561bcd81e696652db69ff2151949865c47

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 04:57:17 GMT
last-modified: Sun, 10 Dec 2023 04:14:44 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 602965
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 di.min-v715370.js Show response
pt-static5.awepsljan.com/npe/_common/script/incognito/ Frame A913 3 KB
2 KB 46ms
8ms Script
application/javascript 93.93.51.200
DOCLER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pt-static5.awepsljan.com/npe/_common/script/incognito/di.min-v715370.js
Requested by: Host: pt.protoawe.com
URL: https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software: unknown /
Resource Hash: 7d71a852775aba4b8dc1944e102cb58b344c544fe55e69da4caa73e8ccc1d2cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.protoawe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-cdn-node: defra
date: Sun, 10 Dec 2023 04:57:17 GMT
content-encoding: gzip
last-modified: Fri, 08 Dec 2023 10:38:18 GMT
server: unknown
etag: W/"6572f21a-d47"
x-cache-status: R-HIT
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
expires: Sun, 24 Dec 2023 04:57:17 GMT

GET
H2 200 advertisement-v715370.js Show response
pt-static4.awepsljan.com/npe/_common/script/adblock/ Frame A913 21 B
277 B 44ms
6ms Script
application/javascript 93.93.51.200
DOCLER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pt-static4.awepsljan.com/npe/_common/script/adblock/advertisement-v715370.js
Requested by: Host: pt.protoawe.com
URL: https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software: unknown /
Resource Hash: e97a9988dce8067f81f57557b349dd481e0335e75175179b6b01322be2ff13a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.protoawe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-cdn-node: defra
date: Sun, 10 Dec 2023 04:57:17 GMT
last-modified: Fri, 08 Dec 2023 10:38:18 GMT
server: unknown
etag: "6572f21a-15"
x-cache-status: R-HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 21
expires: Sun, 24 Dec 2023 04:57:17 GMT

GET
H2 200 cifra-v715370.css
pt-static3.awepsljan.com/npe/cifra/styles/ Frame A913 18 KB
4 KB 35ms
6ms Stylesheet
text/css 93.93.51.200
DOCLER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pt-static3.awepsljan.com/npe/cifra/styles/cifra-v715370.css
Requested by: Host: pt.protoawe.com
URL: https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software: unknown /
Resource Hash: 089eb8245e3b54ba7ec782bf62126667c21b7d050e5fe8a50c3c221969eed9fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.protoawe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-cdn-node: defra
date: Sun, 10 Dec 2023 04:57:17 GMT
content-encoding: gzip
last-modified: Fri, 08 Dec 2023 10:38:19 GMT
server: unknown
etag: W/"6572f21b-4645"
x-cache-status: R-HIT
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=1209600
expires: Sun, 24 Dec 2023 04:57:17 GMT

GET
H2 200 cifrafk-v715370.js Show response
pt-static1.awepsljan.com/npe/cifra/script/ Frame A913 324 KB
116 KB 39ms
6ms Script
application/javascript 93.93.51.200
DOCLER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pt-static1.awepsljan.com/npe/cifra/script/cifrafk-v715370.js
Requested by: Host: pt.protoawe.com
URL: https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software: unknown /
Resource Hash: 2dc37eeeb346edd7286ac5fbd4d78aed9c22129d81fce5b3c06ddc069d2cc08c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.protoawe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-cdn-node: defra
date: Sun, 10 Dec 2023 04:57:17 GMT
content-encoding: gzip
last-modified: Fri, 08 Dec 2023 10:38:19 GMT
server: unknown
etag: W/"6572f21b-50e9f"
x-cache-status: R-HIT
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
expires: Sun, 24 Dec 2023 04:57:17 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame A913 230 KB
77 KB 863ms
754ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WXTGF28

Requested by

Host: pt.protoawe.com
URL: https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a04091bb8479d9ddcef48a5c816dc7ac84fab47ba0d7028c289d8ff76f4a9048

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.protoawe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 04:57:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78649
x-xss-protection: 0
last-modified: Sun, 10 Dec 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 10 Dec 2023 04:57:18 GMT

GET
H3 200 8e6637b4f4f57cc6ca9a8b8db5bcdcb1.json Show response
services.vlitag.com/cli/ 42 B
357 B 181ms
151ms XHR
application/json 2606:4700:10::6816:3bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://services.vlitag.com/cli/8e6637b4f4f57cc6ca9a8b8db5bcdcb1.json?hn=https://ibb.co
Requested by: Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:3bc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37e4f9980a062336a13489cd63e91b7053f19b1999dd1fd11160e91c6ee2cafc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 04:57:17 GMT
cf-cache-status: BYPASS
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ibb.co
cache-control: private, no-cache, no-store, must-revalidate
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 8332e7fe4cd1190b-FRA
content-length: 42
alt-svc: h3=":443"; ma=86400
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 a4ad972b194a2fe049aac08a8dc65be2_glamour_460x345.jpg
galleryn2.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f1a/ Frame A913 33 KB
33 KB 42ms
16ms Image
image/jpeg 93.93.51.190
DOCLER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galleryn2.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f1a/a4ad972b194a2fe049aac08a8dc65be2_glamour_460x345.jpg?cno=b7e0

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.93.51.190 , Luxembourg, ASN34655 (DOCLER-AS, LU),

Reverse DNS

Software

unknown /

Resource Hash

5231e76151c35cc82203824656c357d03e674e6348ad706a9823d11b36fc3e63

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.protoawe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 04:57:17 GMT
x-content-type-options: nosniff
x-cache-status: R-MISS
x-cache-source: Origin
content-length: 33668
x-cdn-node: defra
last-modified: Tue, 21 Nov 2023 16:25:30 GMT
server: unknown
etag: "569c5821141f2570c31547c329b06fd9"
content-type: image/jpeg
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: max-age=1209600
x-real-source: -
accept-ranges: bytes
expires: Sun, 24 Dec 2023 04:57:17 GMT

GET
H2 200 af9929b9d100851b04fbb110291e5e24_glamour_460x345.jpg
galleryn3.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f1a/ Frame A913 15 KB
16 KB 33ms
8ms Image
image/jpeg 93.93.51.190
DOCLER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galleryn3.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f1a/af9929b9d100851b04fbb110291e5e24_glamour_460x345.jpg?cno=f5d5

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.93.51.190 , Luxembourg, ASN34655 (DOCLER-AS, LU),

Reverse DNS

Software

unknown /

Resource Hash

c93010a2d7bf6f81bcedbf39d7fd74a4780fe8c3decba718d9ff4b0fe08fa75d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.protoawe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 04:57:17 GMT
x-content-type-options: nosniff
x-cache-status: R-HIT
x-cache-source: Origin
content-length: 15531
x-cdn-node: defra
last-modified: Mon, 27 Nov 2023 03:06:27 GMT
server: unknown
etag: "3005ffa8812d9a228bea712043083121"
content-type: image/jpeg
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: max-age=1209600
x-real-source: -
accept-ranges: bytes
expires: Sun, 24 Dec 2023 04:57:17 GMT

GET
H2 200 de1f3a7ba2ab44d3d2e1a4c5fa2f71b9_glamour_460x345.jpg
galleryn0.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f1d/ Frame A913 55 KB
56 KB 29ms
8ms Image
image/jpeg 93.93.51.190
DOCLER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galleryn0.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f1d/de1f3a7ba2ab44d3d2e1a4c5fa2f71b9_glamour_460x345.jpg?cno=25b9

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.93.51.190 , Luxembourg, ASN34655 (DOCLER-AS, LU),

Reverse DNS

Software

unknown /

Resource Hash

5207d08d5dd848aaeebe673a7bb88197615d6f1dbe4d1200e44fc8474c7c66ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.protoawe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 04:57:17 GMT
x-content-type-options: nosniff
x-cache-status: R-HIT
x-cache-source: Origin
content-length: 56531
x-cdn-node: defra
last-modified: Wed, 06 Dec 2023 14:26:16 GMT
server: unknown
etag: "931feb0095b5e83ec2cf42042559e4e9"
content-type: image/jpeg
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: max-age=1209600
x-real-source: -
accept-ranges: bytes
expires: Sun, 24 Dec 2023 04:57:17 GMT

GET
H2 200 14a1ee30cd984421a81bf6e428b68a66_glamour_460x345.jpg
galleryn2.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f11/ Frame A913 16 KB
16 KB 33ms
7ms Image
image/jpeg 93.93.51.190
DOCLER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galleryn2.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f11/14a1ee30cd984421a81bf6e428b68a66_glamour_460x345.jpg?cno=e127

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.93.51.190 , Luxembourg, ASN34655 (DOCLER-AS, LU),

Reverse DNS

Software

unknown /

Resource Hash

9b93fc8aee6f502da201af2459e66574e544d66c73c70772680a3b9619539b74

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.protoawe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 04:57:17 GMT
x-content-type-options: nosniff
x-cache-status: R-HIT
x-cache-source: Origin
content-length: 16488
x-cdn-node: defra
last-modified: Mon, 04 Dec 2023 05:54:41 GMT
server: unknown
etag: "f9fb3cf1fbb96d75fa19091d43d58a5f"
content-type: image/jpeg
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: max-age=1209600
x-real-source: -
accept-ranges: bytes
expires: Sun, 24 Dec 2023 04:57:17 GMT

GET
H3 200 vl.json Show response
services.vlitag.com/vld/1702130222/ 13 B
265 B 147ms
147ms XHR
application/json 2606:4700:10::6816:3bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://services.vlitag.com/vld/1702130222/vl.json?page_url=https%3A%2F%2Fibb.co%2F54SqStp
Requested by: Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:3bc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 04:57:18 GMT
cf-cache-status: HIT
last-modified: Sun, 10 Dec 2023 04:19:59 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ibb.co
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 8332e7ff4d71190b-FRA
content-length: 13
alt-svc: h3=":443"; ma=86400

GET
H3 200 8e6637b4f4f57cc6ca9a8b8db5bcdcb1.json Show response
services.vlitag.com/obj/1702130222/ 44 KB
5 KB 23ms
22ms XHR
application/json 2606:4700:10::6816:3bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://services.vlitag.com/obj/1702130222/8e6637b4f4f57cc6ca9a8b8db5bcdcb1.json?cc=DE&hn=https://ibb.co
Requested by: Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:3bc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c54991e96f555b235bce7efd9505c3f04bd2e0b7711059eb075315f22ce206bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 04:57:17 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 09 Dec 2023 13:57:21 GMT
server: cloudflare
age: 53930
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ibb.co
cache-control: public, immutable, max-age=31536000
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 8332e7ff4d72190b-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 prebid-8.21.0.js Show response
assets.vlitag.com/prebid/default/ 615 KB
187 KB 48ms
30ms Script
application/javascript 2606:4700:10::6816:3bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Requested by: Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3bc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3531c1a6993ccc3e7b0f3e1495768e3464aecd55193ef112cb5555422ae6c90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 04:57:18 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 03 Nov 2023 08:25:02 GMT
server: cloudflare
age: 8010
cf-polished: origSize=630565
etag: W/"6544ae5e-99f25"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=16070400
cf-ray: 8332e7ff8bb2380f-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 11 Nov 2023 09:19:28 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 92 KB
30 KB 231ms
115ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c8495a624e981dd104c183455dd71486d9431980e86fb23258d49898f0cb609

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 04:57:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30058
x-xss-protection: 0
server: cafe
etag: 103 / 19701 / 31079991 / config-hash: 18041799505519846586
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 10 Dec 2023 04:57:18 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 367 KB
126 KB 210ms
89ms Script
text/javascript 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bda9ec230e9fd779256cde4a4b7687c6fbfab102624bed226faca3e27d255716

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 04:57:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128901
x-xss-protection: 0
expires: Sun, 10 Dec 2023 04:57:18 GMT

GET
H2 200 sf_host.min.js Show response
assets.vlitag.com/plugins/safeframe/src/js/ 38 KB
17 KB 39ms
22ms Script
application/javascript 2606:4700:10::6816:3bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vlitag.com/plugins/safeframe/src/js/sf_host.min.js
Requested by: Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3bc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 04:57:18 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 01 Nov 2019 05:04:50 GMT
server: cloudflare
age: 8028
etag: W/"5dbbbcf2-9806"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=16070400
cf-ray: 8332e7ff8bb1380f-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 09 Nov 2023 16:40:48 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 270 KB
66 KB 60ms
7ms Script
application/javascript 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9969c20b05385e44eef49078bb0fbffd8dd6081b90adf392fbcad9a894fa549a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 04:23:52 GMT
content-encoding: gzip
via: 1.1 d954dd318e06aa0e69375f36dcd819de.cloudfront.net (CloudFront), 1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
last-modified: Tue, 05 Dec 2023 22:47:11 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P6
age: 2007
etag: W/"aaba284d2b2910b9a4f56befae1e2e69"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: ZNVKNIyZi262CG-afrl6ijFWEJua_05Me4HAFfcOBuTP5omXhRjaqQ==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 24ms
8ms XHR
application/javascript 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
date: Sun, 10 Dec 2023 04:36:48 GMT
x-amz-cf-pop: FRA56-P6
age: 1232
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: 7NDeGLHMQVWWXPxfU2XwmJ15BzUQDwH-SsspBK4p4pfzR12xHIhVKw==

GET
H2 200 js-cookie-muidn Show response
cm.mgid.com/ 0
413 B 59ms
26ms Script
application/javascript 2606:4700:1::6813:834c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.mgid.com/js-cookie-muidn

Requested by

Host: cdn.usefulcontentsites.com
URL: https://cdn.usefulcontentsites.com/js/push/subscribe.js?v=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:834c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 04:57:18 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 8332e8005c80bb73-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/ 432 KB
135 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js?cb=31079991

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c417bdd5756646f7102a004458c6aa90e7a4c7ff04631494f0a9b8099619343d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:42:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29695
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138293
x-xss-protection: 0
server: cafe
etag: 11350998454379829730
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 08 Dec 2024 20:42:23 GMT

GET
H2 200 9cf0c4f1-7630-476b-9141-f4472e005192 Show response
config.aps.amazon-adsystem.com/configs/ 537 B
801 B 36ms
7ms Script
application/javascript 99.86.4.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/9cf0c4f1-7630-476b-9141-f4472e005192
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-71.fra6.r.cloudfront.net
Software: CloudFront /
Resource Hash: 8cb19dd370d8a0dd9ee570e546a789c88840bd443082943f099e4c87cdfff2bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 04:15:50 GMT
via: 1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA6-C1
age: 2488
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 537
x-amz-cf-id: BRBrsamHAvrcBN0Cd5yeqjGg11kXszQg__xcaoLSPjN8YXre2sRfiw==

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
303 B 7ms
7ms XHR
text/plain 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fibb.co&pubid=9cf0c4f1-7630-476b-9141-f4472e005192
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 03:51:40 GMT
via: 1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
age: 3938
x-cache: Hit from cloudfront
access-control-allow-origin: https://ibb.co
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: pJPvIKpHCeYxHmwvYe4apNosVveOFcU9zdJHX2yufPo8QHmrVsx_Ng==

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
2 KB 29ms
14ms Fetch
application/json 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231210

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4e74b74a183216726aec22173ae44d22a759dc1eef72dd6769ce5bf0c712016

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ibb.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type: text/plain

Response headers

date: Sun, 10 Dec 2023 04:57:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3386
x-jsd-version: 1.0.1899
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230095-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"636-cePlx2+0bxas8f1IYFeY0Ke1v9A"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TIIZawpYVXdnb5CdgyHN7ulF%2Bc32zsduGvu7gES0qP7gXI7y5NxP3dWs8ktx78C3czyfINhpIxc%2B56vvM3OsOiPZngafyhex78vIdf3Scndhdllg5xtYcUK6o2Yw2SvDgY0eyRBjVwfDxtmi6fY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 8332e801fb769019-FRA

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 58 B
493 B 103ms
43ms XHR
text/javascript 108.138.9.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fibb.co%2F54SqStp&pid=7h8gswqBcx1XJ&cb=0&ws=1600x1200&v=23.1129.2055&t=1500&slots=%5B%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A1%2C%22id%22%3A%22Interdog_Media_RON_Instream%22%2C%22mt%22%3A%22v%22%2C%22s%22%3A%5B%22640x480%22%5D%7D%2C%7B%22sd%22%3A%22vi_22154111431_banner%22%2C%22s%22%3A%5B%22336x280%22%2C%22300x250%22%5D%2C%22sn%22%3A111431%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!pubpower.io%2C467%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.9.235 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-9-235.fra56.r.cloudfront.net

Software

Server /

Resource Hash

a1467c6ed682df808cf830c429ebaec42c32c2033369aa48446fb9e7f592769d

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 04:57:18 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 dd09b3b5f5b8dc626e1ba6804a73af40.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-amz-rid: ZVZMJTTPM8B8R4EJCK9E
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://ibb.co
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 58
x-amz-cf-id: 3AZUbLKUpbydBDV3zYUrwfBCvsTMbTUD1RYW3aFpS2Z-VS60SujFeQ==

GET
H2 200 tf-v1.jpeg
px.vliplatform.com/ 0
272 B 166ms
133ms Image
image/jpeg 2606:4700:3030::6815:5286
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/tf-v1.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNBAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNeyZwatea-wtaK-PePr-qrTZ-aMrYKewaqqBPRzyzNhqut_cotvRws0NA
Requested by: Host: ibb.co
URL: https://ibb.co/54SqStp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 04:57:18 GMT
cf-cache-status: MISS
last-modified: Sun, 10 Dec 2023 04:57:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KxFhh1opUeY7Elz4S6OD7CTbTsCkHxf%2FwXHp8ZCkvzTn1pPnp7iD%2F505Yzqo4qOw8t62aqNRP9YaenasD7%2BDy5JoHumWc%2BgpTv6uuDPFo3L2kt0m4py%2Ba%2FbwQL3YKcfi4oOjUA0hmxRRjqllkd6d8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 8332e8022b0d18e7-FRA
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 cc.jpeg
px.vliplatform.com/bi-v4/ 0
275 B 162ms
129ms Image
image/jpeg 2606:4700:3030::6815:5286
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNBAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNAeaZTBTa-qUtt-PZPK-MZMY-yMYaBKYeTytKRdzNcortg%20oflzktqdRlmNUPAbPMARwlNqdqmgfRkjmNUPAbPMARrdzNqdqmgfRwkjNARmNTTTPBTRleNplR_yszuNyqsltRedhNgyy
Requested by: Host: ibb.co
URL: https://ibb.co/54SqStp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 04:57:18 GMT
cf-cache-status: MISS
last-modified: Sun, 10 Dec 2023 04:57:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4tXx6%2BMqISkS3ALYC2TJwzsv%2Bp%2BIOMOmO3sGxrMG7FQSHf04m8bWF%2BAhrvmGOilEwnGxrFJ4ubYC6nxvwiVJwoSRbl3yxkjRTWc%2Flu%2FQgJ17oTn7vjDMPjskbUzXN64UV05NvguFVWMniMAgPuQ7hg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 8332e8022b0c18e7-FRA
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 cc.jpeg
px.vliplatform.com/bi-v4/ 0
269 B 165ms
132ms Image
image/jpeg 2606:4700:3030::6815:5286
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNBAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNYwUPUZPr-PKYq-PKPM-aPTM-PaeqtATAyeMTRdzNwqfftkRlmNBBUbPMARwlNqdqmgfRkjmNBBUbYMA,BAAbYZARrdzNqdqmgfRwkjNARmNTTTPBTRleNplR_yszuNyqsltRedhNgyy
Requested by: Host: ibb.co
URL: https://ibb.co/54SqStp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 04:57:18 GMT
cf-cache-status: MISS
last-modified: Sun, 10 Dec 2023 04:57:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QHGOzFVDcCA5LjLaCwxXUs%2BKiFog%2FeBZzJEXwFy3q3gtic11VnHKVFwr8ujsM5i9QpbCpasjAVnkrojS2vahUbiq2qgQASYKhMBZwjBt3Vd4ITIPxWkUrUJ9xQ7XyC4IYWCTxgWXRFGluBBmDAvrAA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 8332e8022b0f18e7-FRA
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
455 B 105ms
49ms XHR
text/javascript 108.138.9.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fibb.co%2F54SqStp&pid=7h8gswqBcx1XJ&cb=1&ws=1600x1200&v=23.1129.2055&t=1500&slots=%5B%7B%22sd%22%3A%22vi_22154111432%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A111432%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!pubpower.io%2C467%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.9.235 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-9-235.fra56.r.cloudfront.net

Software

Server /

Resource Hash

89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 04:57:18 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 dd09b3b5f5b8dc626e1ba6804a73af40.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-amz-rid: V3AKYMCW7DCR2RA74973
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://ibb.co
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: dUnQ-utG5Nu2V-3WnkwRC7sPZDEWAoCMT6xEhhcju7LctUwOfzf-hQ==

GET
H2 200 cc.jpeg
px.vliplatform.com/bi-v4/ 0
527 B 158ms
128ms Image
image/jpeg 2606:4700:3030::6815:5286
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNBAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNKTtTrMUa-ayMt-PYyU-aqAA-eaZKwPyUtywwRdzNwqfftkRlmNKYMbaARwlNqdqmgfRkjmNKYMbaARrdzNqdqmgfRwkjNARmNTTTPBYRleNplR_yszuNyqsltRedhNgyy
Requested by: Host: ibb.co
URL: https://ibb.co/54SqStp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 04:57:18 GMT
cf-cache-status: MISS
last-modified: Sun, 10 Dec 2023 04:57:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xeyf15CbF4BDhZ%2Fmv04F1NKlXhKsm%2BqCBePA4pFByfTBi6rSfnCXD6ds%2BqwMbaz6jSHW5FcZfsmqdB5YXaIcD7fTUsCLSPsCZOXYjPV%2BQyFobdbkyqK06o7RgcSNZ9X0Ydtrswz8ZzVqzHxeX6hifA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 8332e8022b0718e7-FRA
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
455 B 96ms
44ms XHR
text/javascript 108.138.9.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fibb.co%2F54SqStp&pid=7h8gswqBcx1XJ&cb=2&ws=1600x1200&v=23.1129.2055&t=1500&slots=%5B%7B%22sd%22%3A%22vi_22154111430_7%22%2C%22s%22%3A%5B%22970x90%22%5D%2C%22sn%22%3A111430%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%2C%7B%22sd%22%3A%22vi_22154111430_8%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A111430%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!pubpower.io%2C467%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.9.235 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-9-235.fra56.r.cloudfront.net

Software

Server /

Resource Hash

5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 04:57:18 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 dd09b3b5f5b8dc626e1ba6804a73af40.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-amz-rid: Q580SZ1MASFA7KF93A4J
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://ibb.co
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: BvJfd9TP1cIqRYbB_wrtYWrdIB64dPsHgl5kF9kHKNZ6-wY2X3kOhg==

GET
H2 200 cc.jpeg
px.vliplatform.com/bi-v4/ 0
268 B 155ms
130ms Image
image/jpeg 2606:4700:3030::6815:5286
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNBAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNaZPtwKTA-PYaA-PeMU-wrMq-wAYrKAryTqYTRdzNwqfftkRlmNaKAbaARwlNqdqmgfRkjmNaKAbaARrdzNqdqmgfRwkjNARmNTTTPBARleNplR_yszuNyqsltRedhNgyy
Requested by: Host: ibb.co
URL: https://ibb.co/54SqStp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 04:57:18 GMT
cf-cache-status: MISS
last-modified: Sun, 10 Dec 2023 04:57:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r%2Bz7Fa5xNYBZ2PLb%2FaC2rTLim5gW35WjWza487N3Fj0yjQRMS6Xgr%2B99lkfeJ6vi0J0TL5rYuOTVxeh5pHuPUCYZ20Mo2pzAgBWbvb157XPe1CmKscoGCf38eo7fLviXM7cdwud0%2B24p6saPXegSQg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 8332e8022b0918e7-FRA
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 cc.jpeg
px.vliplatform.com/bi-v4/ 0
277 B 159ms
134ms Image
image/jpeg 2606:4700:3030::6815:5286
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNBAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNyKAqBtqA-Ztae-PZTt-MtrU-ttAtMUUtTKZrRdzNwqfftkRlmNKYMbaARwlNqdqmgfRkjmNKYMbaARrdzNqdqmgfRwkjNARmNTTTPBARleNplR_yszuNyqsltRedhNgyy
Requested by: Host: ibb.co
URL: https://ibb.co/54SqStp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 04:57:18 GMT
cf-cache-status: MISS
last-modified: Sun, 10 Dec 2023 04:57:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CV5OhwCCt0NCy4YCayhdMF36WF8%2BEAOaTBFM%2F7mWctygOc3%2FwPoHa1%2F5Pvd%2FRPMkg13dkr%2BDHfNOBBbJJbUaweOCaTFy%2Ffdio7wSk%2FolMiE134XNQBG7mPN14bW4%2FLaQaFeM69YjVVtkdTN8Wz0KBA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 8332e8022b0a18e7-FRA
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
457 B 134ms
104ms XHR
text/javascript 108.138.9.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fibb.co%2F54SqStp&pid=7h8gswqBcx1XJ&cb=3&ws=1600x1200&v=23.1129.2055&t=1500&slots=%5B%7B%22sd%22%3A%22vi_2215494532_1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A94532%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!pubpower.io%2C467%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.9.235 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-9-235.fra56.r.cloudfront.net

Software

Server /

Resource Hash

1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 04:57:18 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 dd09b3b5f5b8dc626e1ba6804a73af40.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-amz-rid: FCMBYPFJJE9DBCGD0VVX
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://ibb.co
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: mmWQGVT9YtHrvaf5Vw1b4hGVr3KN2Jk4K7x9qrR_UK-XQcVIZlMdKA==

GET
H2 200 1679645040.png
assets.vlitag.com/widget/2023/03/24/ 98 KB
99 KB 27ms
25ms Image
image/webp 2606:4700:10::6816:3bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.vlitag.com/widget/2023/03/24/1679645040.png
Requested by: Host: ibb.co
URL: https://ibb.co/54SqStp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3bc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c43f2cfd502f8404bf58060207dfd8294ad0c7f1bc08e69db75713552f915795

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 04:57:18 GMT
cf-cache-status: HIT
age: 949859
cf-polished: origFmt=png, origSize=323185
content-disposition: inline; filename="1679645040.webp"
alt-svc: h3=":443"; ma=86400
content-length: 100856
cf-bgj: imgq:85,h2pri
last-modified: Fri, 24 Mar 2023 08:04:00 GMT
server: cloudflare
etag: "641d5970-4ee71"
vary: Accept
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 8332e8022d3a380f-FRA
expires: Tue, 21 Nov 2023 21:34:52 GMT

GET
H2 200 1648753545.jpg
assets.vlitag.com/widget/2022/03/31/ 97 KB
97 KB 29ms
28ms Image
image/webp 2606:4700:10::6816:3bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.vlitag.com/widget/2022/03/31/1648753545.jpg
Requested by: Host: ibb.co
URL: https://ibb.co/54SqStp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3bc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 191a98003e98b429276e8f3daefd3849a1603a4ddee78efc0168ba41a131a5bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 04:57:18 GMT
cf-cache-status: HIT
age: 2590067
cf-polished: qual=85, origFmt=jpeg, origSize=133932
content-disposition: inline; filename="1648753545.webp"
alt-svc: h3=":443"; ma=86400
content-length: 99048
cf-bgj: imgq:85,h2pri
last-modified: Thu, 31 Mar 2022 19:05:45 GMT
server: cloudflare
etag: "6245fb89-20b2c"
vary: Accept
content-type: image/webp
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 8332e8022d3b380f-FRA
expires: Sat, 04 Nov 2023 08:20:28 GMT

GET
H2 200 1572962830.jpg
assets.vlitag.com/widget/2019/11/05/ 170 KB
171 KB 21ms
20ms Image
image/jpeg 2606:4700:10::6816:3bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.vlitag.com/widget/2019/11/05/1572962830.jpg
Requested by: Host: ibb.co
URL: https://ibb.co/54SqStp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3bc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a24a1cdd313ab6fa435e1a0f9f4f0395f864a11c9a5ff9610beafe91548d1a8d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 04:57:18 GMT
cf-cache-status: HIT
age: 8023
cf-polished: degrade=85, origSize=227959, status=webp_bigger
alt-svc: h3=":443"; ma=86400
content-length: 174276
cf-bgj: imgq:85,h2pri
last-modified: Tue, 05 Nov 2019 14:07:11 GMT
server: cloudflare
etag: "5dc1820f-37a77"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 8332e8022d3c380f-FRA
expires: Thu, 30 Nov 2023 13:45:51 GMT

GET
H2 200 1592801729.jpg
assets.vlitag.com/widget/2020/06/22/ 74 KB
74 KB 27ms
26ms Image
image/webp 2606:4700:10::6816:3bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.vlitag.com/widget/2020/06/22/1592801729.jpg
Requested by: Host: ibb.co
URL: https://ibb.co/54SqStp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3bc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8341f341848ee9eec71870d976b0895ef1084190c2e0b0349d2ba1c9b9ef64e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 04:57:18 GMT
cf-cache-status: HIT
age: 2425833
cf-polished: qual=85, origFmt=jpeg, origSize=103053
content-disposition: inline; filename="1592801729.webp"
alt-svc: h3=":443"; ma=86400
content-length: 75514
cf-bgj: imgq:85,h2pri
last-modified: Mon, 22 Jun 2020 04:55:29 GMT
server: cloudflare
etag: "5ef039c1-1928d"
vary: Accept
content-type: image/webp
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 8332e8022d3d380f-FRA
expires: Thu, 09 Nov 2023 23:32:52 GMT

GET
H2 200 1572962870.jpg
assets.vlitag.com/widget/2019/11/05/ 107 KB
107 KB 23ms
23ms Image
image/webp 2606:4700:10::6816:3bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.vlitag.com/widget/2019/11/05/1572962870.jpg
Requested by: Host: ibb.co
URL: https://ibb.co/54SqStp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3bc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45fe766308841d0d4a2068ef014d83df899ef6623f6bb4bde509431657b1c707

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 04:57:18 GMT
cf-cache-status: HIT
age: 783003
cf-polished: qual=85, origFmt=jpeg, origSize=151033
content-disposition: inline; filename="1572962870.webp"
alt-svc: h3=":443"; ma=86400
content-length: 109336
cf-bgj: imgq:85,h2pri
last-modified: Tue, 05 Nov 2019 14:07:50 GMT
server: cloudflare
etag: "5dc18236-24df9"
vary: Accept
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 8332e8022d3e380f-FRA
expires: Thu, 30 Nov 2023 10:06:37 GMT

GET
H2 200 1596163502.jpg
assets.vlitag.com/widget/2020/07/30/ 104 KB
105 KB 27ms
27ms Image
image/webp 2606:4700:10::6816:3bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.vlitag.com/widget/2020/07/30/1596163502.jpg
Requested by: Host: ibb.co
URL: https://ibb.co/54SqStp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3bc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5db53bf6a77148dae0aece6b6512e4a6bf94603af72e449a0f23ed03e8b96ff3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 04:57:18 GMT
cf-cache-status: HIT
age: 2327423
cf-polished: qual=85, origFmt=jpeg, origSize=140376
content-disposition: inline; filename="1596163502.webp"
alt-svc: h3=":443"; ma=86400
content-length: 106784
cf-bgj: imgq:85,h2pri
last-modified: Fri, 31 Jul 2020 02:45:02 GMT
server: cloudflare
etag: "5f2385ae-22458"
vary: Accept
content-type: image/webp
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 8332e8022d40380f-FRA
expires: Sat, 11 Nov 2023 13:09:07 GMT

GET
H2 200 cc.jpeg
px.vliplatform.com/bi-v4/ 0
270 B 134ms
133ms Image
image/jpeg 2606:4700:3030::6815:5286
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNBAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNrMUareyK-wywy-Pyrw-wPwr-ttYaPayAeKUqRdzNwqfftkRlmNBAAbYZARwlNqdqmgfRkjmNBAAbYZARrdzNqdqmgfRwkjNARmNaPZBYRleNplR_yszuNyqsltRedhNgyy
Requested by: Host: ibb.co
URL: https://ibb.co/54SqStp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 04:57:18 GMT
cf-cache-status: MISS
last-modified: Sun, 10 Dec 2023 04:57:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3b2GT2uGedgqH7CaduNA%2BKW1zsJAhhRs9X9l1mtyklDs4rSquVFmPzKrIHzH6Fwq6ogoI0hsyBFpS6cq0EqJ9rRHJTavSs6psIEs2wTDWzGMdZgqL8WGQ%2FqPZJWSlIXpgV16lt2HbGG9g%2FLoAmml%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 8332e8022b0818e7-FRA
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H3

206

videoplayback
r2---sn-5hnekn7k.googlevideo.com/
Redirect Chain

https://media.vlitag.com/vid/?id=6Fk_i-JDmbY&t=y
https://redirector.googlevideo.com/videoplayback?expire=1702204064&ei=QD51ZcziEMGhkgbx9KrACQ&ip=184.164.141.146&id=o-AN2B0dvFDgr-ZBvwr8l9-ZZroTgdZMK2RIMuMQyXEvRu&itag=18&source=youtube&requiressl=y...
https://r2---sn-5hnekn7k.googlevideo.com/videoplayback?expire=1702204064&ei=QD51ZcziEMGhkgbx9KrACQ&ip=184.164.141.146&id=o-AN2B0dvFDgr-ZBvwr8l9-ZZroTgdZMK2RIMuMQyXEvRu&itag=18&source=youtube&requir...

296 KB
0

166ms
33ms

Media
video/mp4

2a00:1450:400e:2::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r2---sn-5hnekn7k.googlevideo.com/videoplayback?expire=1702204064&ei=QD51ZcziEMGhkgbx9KrACQ&ip=184.164.141.146&id=o-AN2B0dvFDgr-ZBvwr8l9-ZZroTgdZMK2RIMuMQyXEvRu&itag=18&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&spc=UWF9f46IEfuQ5W7TY79vbfwnRAMKpWYQ8OKuTv_J0w&vprv=1&svpuc=1&mime=video%2Fmp4&ns=NNrnjqjsYpTYbo8njkvoQh4P&cnr=14&ratebypass=yes&dur=200.968&lmt=1685781175523295&fexp=24007246&c=WEB&txp=6219224&n=DboN9FmKyXZWP-J7_&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=ANLwegAwRQIhAOyblWyU3-07-c_EoO04g0SMxVcf00kBVfmhLDaovofqAiBzW6K7P7ITZ6dlO4-loDqgBpnYlMw_vf7yV1YmWDemzQ%3D%3D&cms_redirect=yes&mh=d6&mip=2a03:1b20:6:f011::4e&mm=31&mn=sn-5hnekn7k&ms=au&mt=1702183966&mv=m&mvi=2&pl=48&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AM8Gb2swRAIgNYdH2nJAKSWV91-PLJOzIJnktPt_vEXi8EQBJU9M228CICxqJ2M_3LfN2kw1_qlr3Sun6UTJQCyHUYZCYE9R-_6I

Requested by

Host: ibb.co
URL: https://ibb.co/54SqStp

Protocol

Server

2a00:1450:400e:2::7 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

client-protocol: quic
date: Sun, 10 Dec 2023 04:57:18 GMT
x-content-type-options: nosniff
last-modified: Sat, 03 Jun 2023 08:32:55 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
Content-Range: bytes 0-14185952/14185953
cache-control: private, max-age=19526
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 14185953
expires: Sun, 10 Dec 2023 04:57:18 GMT

Redirect headers

pragma: no-cache
date: Sun, 10 Dec 2023 04:57:18 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r2---sn-5hnekn7k.googlevideo.com/videoplayback?expire=1702204064&ei=QD51ZcziEMGhkgbx9KrACQ&ip=184.164.141.146&id=o-AN2B0dvFDgr-ZBvwr8l9-ZZroTgdZMK2RIMuMQyXEvRu&itag=18&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&spc=UWF9f46IEfuQ5W7TY79vbfwnRAMKpWYQ8OKuTv_J0w&vprv=1&svpuc=1&mime=video%2Fmp4&ns=NNrnjqjsYpTYbo8njkvoQh4P&cnr=14&ratebypass=yes&dur=200.968&lmt=1685781175523295&fexp=24007246&c=WEB&txp=6219224&n=DboN9FmKyXZWP-J7_&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=ANLwegAwRQIhAOyblWyU3-07-c_EoO04g0SMxVcf00kBVfmhLDaovofqAiBzW6K7P7ITZ6dlO4-loDqgBpnYlMw_vf7yV1YmWDemzQ%3D%3D&cms_redirect=yes&mh=d6&mip=2a03:1b20:6:f011::4e&mm=31&mn=sn-5hnekn7k&ms=au&mt=1702183966&mv=m&mvi=2&pl=48&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AM8Gb2swRAIgNYdH2nJAKSWV91-PLJOzIJnktPt_vEXi8EQBJU9M228CICxqJ2M_3LfN2kw1_qlr3Sun6UTJQCyHUYZCYE9R-_6I
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1262
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 46ms
37ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js?cb=31079991

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 04:57:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 33294
x-jsd-version: master
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230088-FRA
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LgQdsziM%2B24cX5OwejQFUa2Y4yhPApZ0zUFXmMXIHC9lXle3PjmfOU34hkawxsqSlPS1XLARMMDitRWUeGIpTxkmfIwtnEiPFA5LPaDST9nIhgn%2FYW%2FpRjQ0GsCj7zK4A46n46hfWUR6QX81w9A%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 8332e802ccb639da-FRA

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 152 KB
34 KB 64ms
26ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js?cb=31079991

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65d03eb82a79a732d7c0180593c4f5dc98a8fac5c20c3a5446c4f14bf93d280a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 04:57:18 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 07 Dec 2023 12:57:20 GMT
server: cloudflare
x-amz-request-id: FANESDDW9B9E9DSA
age: 3333
etag: W/"5fcefeebf5ddc7b2ddf2435967e63de9"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 8332e802fef2901c-FRA
x-amz-id-2: 3/X8tH8E5rO8cGeSb+lNhU+ULwy45NMG2aWlCk5dk6b5qqPhSq/HFmIcDoU2bo2DgxRunmOxmgUfKwp80TBIyA==

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 43 KB
13 KB 58ms
27ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js?cb=31079991

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

2f1ad4ec7176f493b16e0d186f222e3484248cbb48f82289c736a0877f2d5894

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 04:57:18 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 05 Dec 2023 05:12:22 GMT
server: nginx
etag: W/"656eb136-aa2f"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 11 Dec 2023 04:57:18 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 48 KB
17 KB 269ms
269ms Fetch
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=985266990912843&correlator=3466994357078423&eid=31079827%2C31080080%2C31079991%2C44807746%2C44807689&output=ldjh&gdfp_req=1&vrg=202312040101&ptt=17&impl=fifs&iu_parts=21724377464%3A22155214454%2Cibb.co_vli111431&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&fsfs=1&ists=1&fas=8&ifs=%5B%5B%5B2%2C1%5D%5D%5D&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1702184238507&lmt=1702184238&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fibb.co%2F54SqStp&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1239774902.1702184239&ga_sid=1702184239&ga_hid=784679052&ga_fc=false&a3p=EhkKCnB1YmNpZC5vcmcYqfvYkMUxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGKr72JDFMUgAUgIIZBIbCgxpZDUtc3luYy5jb20YqfvYkMUxSABSAghk&dlt=1702184237483&idt=970&prev_scp=vli_adslot%3D111431%26vli_acc%3D152media%26vli_adtype%3Ddisplay%26hb_width%3D336%26hb_height%3D280%26vli_sf%3D1%26vli_slot%3Dvi_22154111431_banner%26pw_tagid%3D111431%26pw_network%3Dtrue%26vli_ad_type%3Dpassback%26pw_pb%3D0.01&cust_params=hb_domain%3Dibb.co&adks=988992857&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js?cb=31079991

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

537b791a756d094abf9cebc83b5e788a4635a3486de45223606eb606f87458c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 04:57:18 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16867
x-xss-protection: 0
google-lineitem-id: 5877303303
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138377370660
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ibb.co
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cc.jpeg
px.vliplatform.com/bi-v4/ 0
271 B 131ms
131ms Image
image/jpeg 2606:4700:3030::6815:5286
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNBAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNayqtPPrM-YBwU-PPwY-aKBA-YKKewTeZrawPRdzNwqfftkRwlNqrb_TZYdtroqRkjmNBYAbPMA,BBUbYMA,BAAbYZARrdzNuggustRwkjNTRmNTTTPBTRleNplR_yszuNyqsltRedhNgyy
Requested by: Host: ibb.co
URL: https://ibb.co/54SqStp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 04:57:18 GMT
cf-cache-status: MISS
last-modified: Sun, 10 Dec 2023 04:57:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Aj0qv9jlpk9hOw5Qewi7J71MavBSwlz7JjmyZIWByoEdVb3YYuesCYvBzWTyb%2FsXtqLR25Tlf9LW%2BHPWoJ%2BUqQdCm68edaM0H%2BGswvH2NH0SYUimqdWkG6rSFiLXCCpCuwP6V51cOhG7hmrzQL3zzw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 8332e802bbaf18e7-FRA
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 container.html Show response
f4e8c1e4582a69605647227e946dd6d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1B0C 6 KB
3 KB 181ms
58ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f4e8c1e4582a69605647227e946dd6d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js?cb=31079991

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ibb.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 10 Dec 2023 04:57:18 GMT
expires: Mon, 09 Dec 2024 04:57:18 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/ 39 KB
14 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl_page_level_ads.js?cb=31079991

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js?cb=31079991

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8bbaf7f99000c8db41dc83a3391f120b31bb8fc88dd9bdb5ce4050f59c56eda8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 11:36:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62431
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13834
x-xss-protection: 0
server: cafe
etag: 17155732702192029938
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 08 Dec 2024 11:36:47 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 29 KB
13 KB 296ms
296ms Fetch
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=985266990912843&correlator=2308021830050529&eid=31079827%2C31080080%2C31079991%2C44807746%2C44807689&output=ldjh&gdfp_req=1&vrg=202312040101&ptt=17&impl=fifs&iu_parts=21724377464%3A22155214454%2Cibb.co_vli94532&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=2&sfv=1-0-40&fsfs=1&ifs=%5B%5B%5B2%2C1%5D%5D%5D&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1702184238594&lmt=1702184238&adxs=985&adys=265&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fibb.co%2F54SqStp&vis=1&psz=300x-1&msz=300x-1&fws=0&ohw=0&ga_vid=1239774902.1702184239&ga_sid=1702184239&ga_hid=784679052&ga_fc=false&a3p=EhkKCnB1YmNpZC5vcmcYqfvYkMUxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGKr72JDFMUgAUgIIZBIbCgxpZDUtc3luYy5jb20YqfvYkMUxSABSAghk&dlt=1702184237483&idt=970&prev_scp=vli_adslot%3D94532%26vli_acc%3D152media%26vli_adtype%3Ddisplay%26hb_width%3D300%26hb_height%3D250%26pw_tagid%3D94532%26vli_sf%3D1%26pw_network%3Dtrue%26vli_ad_type%3Dpassback%26pw_pb%3D0.01&cust_params=hb_domain%3Dibb.co&adks=902507607&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js?cb=31079991

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9fd0e3cb3a91f4f1c8426c0e52de9c363129d799997b8a79e7bc09e782502c4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 04:57:18 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12852
x-xss-protection: 0
google-lineitem-id: 5877303303
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138377370636
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ibb.co
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cc.jpeg
px.vliplatform.com/bi-v4/ 0
270 B 130ms
129ms Image
image/jpeg 2606:4700:3030::6815:5286
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNBAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNwAAwPeAM-YqqZ-Paqa-MYYU-rPwPBrPyaKrZRdzNwqfftkRwlNqrb_TZYdtroqRkjmNBAAbYZARrdzNuggustRwkjNTRmNaPZBYRleNplR_yszuNyqsltRedhNgyy
Requested by: Host: ibb.co
URL: https://ibb.co/54SqStp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 04:57:18 GMT
cf-cache-status: MISS
last-modified: Sun, 10 Dec 2023 04:57:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EXZnlIC1xiaLAzY99XcxYis8cc4uryJlqWz3%2BopzIwxEzkGGtHEn3PKB%2FHCU7V7w5IrNzROvLLkpZLvyAM9Al8ord8AZjConRpd1FbVZKS6rEqZLtANGJRTCU0z6IS2NNN1vjypiCn5sdVIvgZlDqg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 8332e8034c1618e7-FRA
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 62 KB
15 KB 381ms
380ms Fetch
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=985266990912843&correlator=3495099048492498&eid=31079827%2C31080080%2C31079991%2C44807746%2C44807689&output=ldjh&gdfp_req=1&vrg=202312040101&ptt=17&impl=fifs&iu_parts=21724377464%3A22155214454%2Cibb.co_vli111430&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90&ifi=3&sfv=1-0-40&fsfs=1&ifs=%5B%5B%5B2%2C1%5D%5D%5D&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1702184238609&lmt=1702184238&adxs=436&adys=1226&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fibb.co%2F54SqStp&vis=1&psz=1600x-1&msz=728x-1&fws=512&ohw=0&ga_vid=1239774902.1702184239&ga_sid=1702184239&ga_hid=784679052&ga_fc=false&a3p=EhkKCnB1YmNpZC5vcmcYqfvYkMUxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGKr72JDFMUgAUgIIZBIbCgxpZDUtc3luYy5jb20YqfvYkMUxSABSAghk&dlt=1702184237483&idt=970&prev_scp=vli_adslot%3D111430%26vli_acc%3D152media%26vli_adtype%3Ddisplay%26hb_width%3D970%26hb_height%3D90%26pw_tagid%3D111430%26vli_sf%3D1%26pw_network%3Dtrue%26vli_ad_type%3Dpassback%26pw_pb%3D0.01&cust_params=hb_domain%3Dibb.co&adks=3672933460&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js?cb=31079991

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f51039eb37dc7cef752b152110f27884e98e62286b5ac4ce6b32dc037c5a3dd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 04:57:18 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14859
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ibb.co
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cc.jpeg
px.vliplatform.com/bi-v4/ 0
273 B 128ms
128ms Image
image/jpeg 2606:4700:3030::6815:5286
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNBAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNZeKPZKyr-wUyq-PAwU-wZPM-rUPUrYqAwyaqRdzNwqfftkRwlNqrb_TZYdtroqRkjmNKYMbaA,aKAbaARrdzNuggustRwkjNTRmNTTTPBARleNplR_yszuNyqsltRedhNgyy
Requested by: Host: ibb.co
URL: https://ibb.co/54SqStp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 04:57:18 GMT
cf-cache-status: MISS
last-modified: Sun, 10 Dec 2023 04:57:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LR2bIuFQ5Ro%2FO3VCSuiRKZF09ZQP96c2BuC9SIuFcRi6g2mA9VYzyQpLl5umTJAxkf%2Bhw2WF0%2FSK%2FV9bU%2Fb6spjDC3xFg9zCv169P7HuyKW%2B1VoNaSRJctR57vk6ARXyi5EhCZVMhruB2e0B43VHwA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 8332e8035c2918e7-FRA
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 6F15 15 KB
6 KB 45ms
15ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=ibb.co

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4563823fd629a48517c7feb8bf33640e12440e08bdde7a172ce477c2ddfc9c4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ibb.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 10 Dec 2023 04:57:18 GMT
server: Kestrel
server-processing-duration-in-ticks: 266678
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2 204 increment Show response
id5-sync.com/api/esp/ 0
222 B 31ms
7ms XHR
text/plain 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://ibb.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ibb.co
date: Sun, 10 Dec 2023 04:57:18 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2

200

sid Show response
mug.criteo.com/ Frame 6F15
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=ibb.co&sn=ChromeSyncframe&so=0&topUrl=ibb.co&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=vEbq2nxEUTdnM00vVi90c1lrQ2N5cnkvVEJ2akxmT0ZOaGRNQ2djYmRCenlFNGdHYXNOQTQzUjR1U0JrR3NyZmt4dzNKUW5ZRytMK1duS21UbTRWNURqV3A4YlI3QnNSbXhPb25mU2RrZ2pNTi93UHJKTlNjUkZtbXZhOE...

438 B
673 B

17ms
16ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=vEbq2nxEUTdnM00vVi90c1lrQ2N5cnkvVEJ2akxmT0ZOaGRNQ2djYmRCenlFNGdHYXNOQTQzUjR1U0JrR3NyZmt4dzNKUW5ZRytMK1duS21UbTRWNURqV3A4YlI3QnNSbXhPb25mU2RrZ2pNTi93UHJKTlNjUkZtbXZhOEppZWZGVGVLdzRrcElpeE42MWtadUp6V3RjSk9Nb0dWaytxaUNQUit0MDF6RmkxTERBMnU4dnlPck5ma0ljRGlwYXVETTBxV3ZEdnFmcGhhTitBYlFNVmRDN1JYdUxBeG1WNUY5amUySjZMdURwQUk2RXNVWDR6cHlRU1lmbjJZRXZLblFCUzkvUEd6L29KVHZPWDBOSi9UK0hpWG5vUT09fA&cppv=2

Requested by

Host: ibb.co
URL: https://ibb.co/54SqStp

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

06b1615ac5aefc79aa880ce3a5c5d00b600bf2a416e387c3316fec66eb8f8ab1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 04:57:17 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1492583
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 10 Dec 2023 04:57:17 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=vEbq2nxEUTdnM00vVi90c1lrQ2N5cnkvVEJ2akxmT0ZOaGRNQ2djYmRCenlFNGdHYXNOQTQzUjR1U0JrR3NyZmt4dzNKUW5ZRytMK1duS21UbTRWNURqV3A4YlI3QnNSbXhPb25mU2RrZ2pNTi93UHJKTlNjUkZtbXZhOEppZWZGVGVLdzRrcElpeE42MWtadUp6V3RjSk9Nb0dWaytxaUNQUit0MDF6RmkxTERBMnU4dnlPck5ma0ljRGlwYXVETTBxV3ZEdnFmcGhhTitBYlFNVmRDN1JYdUxBeG1WNUY5amUySjZMdURwQUk2RXNVWDR6cHlRU1lmbjJZRXZLblFCUzkvUEd6L29KVHZPWDBOSi9UK0hpWG5vUT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 264023
content-length: 0
expires: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame A913 52 KB
21 KB 252ms
55ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WXTGF28

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.protoawe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 10 Dec 2023 04:42:48 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 870
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 10 Dec 2023 06:42:48 GMT

GET container.html
f4e8c1e4582a69605647227e946dd6d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4510 0
0

GET container.html
f4e8c1e4582a69605647227e946dd6d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1091 0
0

GET
H2 200 adtag.js Show response
dsp.vlitag.com/js/v1/ Frame D44F 102 KB
26 KB 39ms
22ms Script
application/javascript 2606:4700:10::6816:3bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dsp.vlitag.com/js/v1/adtag.js
Requested by: Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3bc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e00cb88738adfce7ad329a09432c6bb494decc964b1b1c311c34d2f180e56b65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 04:57:18 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 158
cf-polished: origSize=104022
etag: W/"2023-11-17T05:03:23"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=300, stale-while-revalidate=3600
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 8332e8055f6a380f-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 bidding Show response
adsystem.pocpoc.io/adv/v1/ Frame D44F 2 B
585 B 168ms
132ms XHR
application/json 2606:4700:20::681a:ea7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adsystem.pocpoc.io/adv/v1/bidding?dv=desktop&dm=ibb.co&tid=VLI1-94532&sz=1&asz=300x250&at=native,banner
Requested by: Host: dsp.vlitag.com
URL: https://dsp.vlitag.com/js/v1/adtag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ea7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 04:57:19 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 2
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xIo05he6m6xvk1CgRWGollCKHFQla6Lu7IkXSmvjfVcKz0FvOcY91IgocKK69MPnDG1MAadzv1jL6qy2oH1sfL3TBd5BZwCe9NmpQnKsTXVNmk3Y%2Fm8vH2Z6Lj6xb3I6oVQSjo%2BuuBlG5I924iDiNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ibb.co
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 8332e805dc6135fe-FRA
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tfa.jpeg
px.pocpoc.io/v1/ Frame D44F 0
518 B 192ms
146ms Image
image/jpeg 2606:4700:20::681a:fa7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.pocpoc.io/v1/tfa.jpeg?e=rtNrtl0zghRzdNMMTaraBy-ZAtY-PUyP-MMYq-tatqUUZKBeKeRrdNowwGegRzorNcsoT-aPZBYRleNpl
Requested by: Host: ibb.co
URL: https://ibb.co/54SqStp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fa7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 04:57:19 GMT
cf-cache-status: MISS
last-modified: Sun, 10 Dec 2023 04:57:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A1bKBorvJFHHiJBg5wpFEdyqOlvEL4KftBweL7qCpLQIe7dVeY%2B68IHGsVg0gAwDVZqtxQiEqEBxKcdP8vjfAnXt6nh97gDKrnmLg7yrd9GuYmZJ1DS3X2cDFPZ%2FuJC8mzF3d5glX%2Bl3xw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, immutable, max-age=864000
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 8332e805eb01bbd3-FRA
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 container.html Show response
f4e8c1e4582a69605647227e946dd6d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F592 6 KB
3 KB 51ms
51ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f4e8c1e4582a69605647227e946dd6d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js?cb=31079991

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ibb.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 10 Dec 2023 04:57:18 GMT
expires: Mon, 09 Dec 2024 04:57:18 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cc.jpeg
px.vliplatform.com/imp-v4/ 0
533 B 161ms
160ms Image
image/jpeg 2606:4700:3030::6815:5286
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/imp-v4/cc.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNBAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNwtPArPTU-eBUU-PMKY-qZtP-YwrwMZYBqTyyRqxeNRwNqrb_TZYdtroqRhNARlmNxfrtyoftrbxfrtyoftrRdzNwqfftkRrdzNuggustRwkhNzkxtRmNTTTPBARleNplR_yszuNyqsltRedhNgyy
Requested by: Host: ibb.co
URL: https://ibb.co/54SqStp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 04:57:19 GMT
cf-cache-status: MISS
last-modified: Sun, 10 Dec 2023 04:57:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gFq75j8q72ATaON2QZGwmHO6apbC2iT63b94AcdyI80tbWdtPLLpl1DJ0Gn7%2FJNpv9zCszCkBlBW6NfQN8Cr6fQ8FPVrqT0QhTzj0YWnE6hjTX6FUEJq%2B1hdxhlE8kGwFhjkIVLtnHHL4c97rzpy%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 8332e806188c7fe1-IAD
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012310301456000/ Frame F592 196 KB
56 KB 164ms
52ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Requested by

Host: f4e8c1e4582a69605647227e946dd6d6.safeframe.googlesyndication.com
URL: https://f4e8c1e4582a69605647227e946dd6d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f4e8c1e4582a69605647227e946dd6d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 09 Dec 2023 20:42:23 GMT
age: 29696
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56081
x-xss-protection: 0
server: sffe
etag: "6a17d296884b026a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 08 Dec 2024 20:42:23 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame F592 15 KB
5 KB 294ms
183ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: f4e8c1e4582a69605647227e946dd6d6.safeframe.googlesyndication.com
URL: https://f4e8c1e4582a69605647227e946dd6d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f4e8c1e4582a69605647227e946dd6d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 09 Dec 2023 08:33:14 GMT
age: 73445
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5225
x-xss-protection: 0
server: sffe
etag: "0b7142e00666043e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 08 Dec 2024 08:33:14 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame F592 95 KB
29 KB 272ms
161ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs

Requested by

Host: f4e8c1e4582a69605647227e946dd6d6.safeframe.googlesyndication.com
URL: https://f4e8c1e4582a69605647227e946dd6d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f4e8c1e4582a69605647227e946dd6d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 09 Dec 2023 07:42:20 GMT
age: 76499
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29077
x-xss-protection: 0
server: sffe
etag: "7b1f1965b6cd6fda"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 08 Dec 2024 07:42:20 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame F592 5 KB
2 KB 291ms
181ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs

Requested by

Host: f4e8c1e4582a69605647227e946dd6d6.safeframe.googlesyndication.com
URL: https://f4e8c1e4582a69605647227e946dd6d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f4e8c1e4582a69605647227e946dd6d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 08 Dec 2023 11:30:53 GMT
age: 149186
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1911
x-xss-protection: 0
server: sffe
etag: "5b0a82507b260c6e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 07 Dec 2024 11:30:53 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame F592 40 KB
13 KB 257ms
146ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs

Requested by

Host: f4e8c1e4582a69605647227e946dd6d6.safeframe.googlesyndication.com
URL: https://f4e8c1e4582a69605647227e946dd6d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f4e8c1e4582a69605647227e946dd6d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 08 Dec 2023 11:49:46 GMT
age: 148053
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12952
x-xss-protection: 0
server: sffe
etag: "9817e561a46c70fa"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 07 Dec 2024 11:49:46 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame F592 6 KB
802 B 63ms
63ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: f4e8c1e4582a69605647227e946dd6d6.safeframe.googlesyndication.com
URL: https://f4e8c1e4582a69605647227e946dd6d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f4e8c1e4582a69605647227e946dd6d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 10 Dec 2023 04:57:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 10 Dec 2023 03:34:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 10 Dec 2023 04:57:19 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F592 2 KB
3 KB 228ms
113ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: f4e8c1e4582a69605647227e946dd6d6.safeframe.googlesyndication.com
URL: https://f4e8c1e4582a69605647227e946dd6d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f4e8c1e4582a69605647227e946dd6d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 11:53:15 GMT
x-content-type-options: nosniff
server: cafe
age: 61444
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Sun, 10 Dec 2023 11:53:15 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F592 295 B
664 B 170ms
55ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: f4e8c1e4582a69605647227e946dd6d6.safeframe.googlesyndication.com
URL: https://f4e8c1e4582a69605647227e946dd6d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f4e8c1e4582a69605647227e946dd6d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 17:24:32 GMT
x-content-type-options: nosniff
server: cafe
age: 41567
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Sun, 10 Dec 2023 17:24:32 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame A913 234 KB
81 KB 62ms
61ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-H7LMNP6Q9N&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WXTGF28

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2e072fe97ec35ab66a5de81de24603c07a67da217986de693bb1eb0bfc44ce8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.protoawe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 04:57:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83268
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 10 Dec 2023 04:57:19 GMT

GET
H2 200 qM9.gif
pt.protoawe.com/Vc5Pj/ Frame A913 43 B
296 B 10ms
10ms Image
image/gif 93.93.51.191
DOCLER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pt.protoawe.com/Vc5Pj/qM9.gif?psprogram=revs&pstool=212_1&site=jsm&campaign_id=&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&psid=mesaction&categoryName=girl&vp%5BautoPlay%5D=1&vp%5BshowChat%5D=0&vp%5BchatAutoHide%5D=0&im=0
Requested by: Host: ibb.co
URL: https://ibb.co/54SqStp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.93.51.191 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software: unknown /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 04:57:19 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: unknown
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
content-length: 43
expires: Sun, 10 Dec 2023 04:57:18 GMT

GET
H2 200 6592766407814317453
tpc.googlesyndication.com/simgad/17637474065875300081/ Frame F592 25 KB
25 KB 99ms
56ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17637474065875300081/6592766407814317453

Requested by

Host: f4e8c1e4582a69605647227e946dd6d6.safeframe.googlesyndication.com
URL: https://f4e8c1e4582a69605647227e946dd6d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4101253aa5ffe37ea1d92bfbf1010cf3350e30504431df785e763d2fc3a49580

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f4e8c1e4582a69605647227e946dd6d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 07:11:03 GMT
x-content-type-options: nosniff
age: 78376
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25713
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 07:26:53 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 08 Dec 2024 07:11:03 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/15617088550668970093/ Frame F592 2 KB
2 KB 158ms
116ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15617088550668970093/14763004658117789537?w=100&h=100&tw=1&q=75

Requested by

Host: f4e8c1e4582a69605647227e946dd6d6.safeframe.googlesyndication.com
URL: https://f4e8c1e4582a69605647227e946dd6d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18b50a144dc8f12735dda29d866c262fcbb2681134c29984a717d00a3e087176

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f4e8c1e4582a69605647227e946dd6d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 04:50:47 GMT
x-content-type-options: nosniff
age: 86792
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2111
x-xss-protection: 0
last-modified: Thu, 28 Jul 2022 15:13:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 08 Dec 2024 04:50:47 GMT

GET
DATA 200
OK truncated
/ Frame F592 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: caf0c9d2aa2c74aba84732c31fcae90677fe52b115e6c88b6d54d12f693f5486

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F592 15 KB
16 KB 57ms
56ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://f4e8c1e4582a69605647227e946dd6d6.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 16:39:21 GMT
x-content-type-options: nosniff
age: 130678
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Dec 2024 16:39:21 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F592 15 KB
15 KB 68ms
68ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://f4e8c1e4582a69605647227e946dd6d6.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:19:43 GMT
x-content-type-options: nosniff
age: 85056
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Dec 2024 05:19:43 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F592 15 KB
15 KB 81ms
81ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://f4e8c1e4582a69605647227e946dd6d6.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 18:59:57 GMT
x-content-type-options: nosniff
age: 122242
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Dec 2024 18:59:57 GMT

GET
H2 200 creative.min.js Show response
static.vliplatform.com/plugins/pbnative/ Frame D44F 36 KB
9 KB 31ms
14ms Script
application/javascript 2606:4700:3030::6815:5286
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.vliplatform.com/plugins/pbnative/creative.min.js?v=1.06
Requested by: Host: dsp.vlitag.com
URL: https://dsp.vlitag.com/js/v1/adtag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f1b8610e956324918230ac2715a40b0b09f6668dda455871f11924a15a53fa9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 04:57:19 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1968767
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 17 Nov 2023 09:53:08 GMT
server: cloudflare
etag: W/"65573804-8ec5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X1ZUlbmYjx3ZAPrGkV%2FYIYCD8tf2X2D072pNwRWOXwdnOS2dGBCnG6MSaLako%2Fo7X5ZLDSHUvPKld83LqMgy9G466bHius%2FNGUqECqzzL%2FQBhtVy9r446zq8Kvjvg6RzlRzTDi4J0XYhLovDIUXj9Qi19Us%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 8332e806cf2318e7-FRA
expires: Fri, 17 Nov 2023 10:34:32 GMT

GET
H2 200 platforms Show response
odb.outbrain.com/utils/ Frame D44F 4 KB
3 KB 457ms
434ms XHR
application/json 146.75.118.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/platforms?contentUrl=https%3A%2F%2Fibb.co%2F54SqStp&widgetJSId=APP_1&key=INTER1JBG3BD8Q2B763PIB4G3&idx=0&format=vjnc&cors=true&extid=vli-94532
Requested by: Host: static.vliplatform.com
URL: https://static.vliplatform.com/plugins/pbnative/creative.min.js?v=1.06
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.118.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 81683b48e7096bc6af01b9fa777481e73440c925567ebf085de60cff38ace52d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-cache-hits: 0, 0
date: Sun, 10 Dec 2023 04:57:19 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, FRA, Europe1
x-cache: MISS, MISS
x-traceid: b91b78cc5d4ba9afb2f79663ae98aab7
content-length: 2681
x-served-by: cache-lga13626-LGA, cache-fra-eddf8230095-FRA
x-timer: S1702184239.201616,VS0,VE428
vary: Accept-Encoding, User-Agent
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://ibb.co
access-control-allow-credentials: true
accept-ranges: bytes
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame F592 0
0 99ms
98ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CLQp3LkV1ZfHWKJPB7gP04IwYt9Xq03T2gdLVnhJkEAEgncKtaWCV4pCCoAegAYTK_b0DyAEJqQJiLYh_9w6yPuACAKgDAcgDCqoE8wFP0C3ltiQpUt6Ma9QlSebMAWgOsIvBMsdu7XvOTyaNyyFIWeLKu-WhxjeLzMw7xxOEotoJSg55gooGkMrChu6kJNDGwp10apomfIFXQr69xTwuA3ikCk6RmXuhL-uV21NSQG1SDzvuuFWMX14zUK-umk_nl6KnXsFAriFYrzQjKvanBR-G20Qm7h0lP5JBTID9khgCkHAXIFHuzmJx4AALwn_zhL_ySgjUAb-w1HQUiwwQxVO40hVH5gec2fTiLtctzNaKjT2B0di6xZ-p5tdLWc2f5rwh-m-R_KKGQ7I9uI0O0UrF8tr8j8lspkmvBM8cez3ABM7_pIvHBOAEAYgFvIGGtU2SBQQIBBgBkgUECAUYBKAGLoAH1JneQKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEJzjB9IIHwiA4YAQEAEYHTICqgI6AoBASL39wTpYtYOMt4qEgwOaCT9odHRwczovL3d3dy5zbWFya2V0ZXIuZGUvZ29vZ2xlLWFkcy9rb3N0ZW5sb3NlLWFjY291bnQtYW5hbHlzZS-ACgHICwGiDBgqFgoU5LSxAu61sQK1uLECrLqxAru7sQLiDRMImauMt4qEgwMVk6B7Ch10MAMDuBPkA9gTDdAVAYAXAbIXHgocCAASFHB1Yi04Mjc4NDE2OTM5Mzc3ODk2GNKubQ&sigh=q_S2hSILt5Y&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSTwDICaaNwI4aiTdgAE2TC0gdRccr-WmRaJQrJSJJYc2TeE6NvrP43jPOLsIcRfdiZzMOYG_XSCfJEQCdouTg4AKd3FSg-b2dIcPSjDQvai4YAQ&template_id=484&cbvp=2
Requested by: Host: ibb.co
URL: https://ibb.co/54SqStp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f4e8c1e4582a69605647227e946dd6d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H2 200 ob_logo_16x16.svg
widgets.outbrain.com/images/widgetIcons/ Frame EFE4 4 KB
4 KB 45ms
10ms Image
image/svg+xml 2.19.106.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/ob_logo_16x16.svg
Requested by: Host: ibb.co
URL: https://ibb.co/54SqStp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.106.209 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-106-209.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 9764f6ea10d17a29553a666699d2a12bbbf6805ec29f539084c051285d86c516

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires: Tue, 09 Jan 2024 04:57:19 GMT
date: Sun, 10 Dec 2023 04:57:19 GMT
last-modified: Tue, 05 Dec 2023 07:28:21 GMT
server: AkamaiNetStorage
etag: "1415406c6886077dae89bf474cd6c146:1701762093.651712"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 4128
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ Frame EFE4 990 B
1 KB 46ms
11ms Image
image/svg+xml 2.19.106.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by: Host: ibb.co
URL: https://ibb.co/54SqStp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.106.209 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-106-209.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires: Tue, 09 Jan 2024 04:57:19 GMT
date: Sun, 10 Dec 2023 04:57:19 GMT
last-modified: Tue, 05 Dec 2023 07:28:21 GMT
server: AkamaiNetStorage
etag: "5ab8e16b5f46213840bcd403e349419c:1701762077.100249"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 990
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H2 200 eyJpdSI6ImNiY2Y1NDI2ZWMwMjQ1ZWVhYTZmOTNlOTQzNDZhNjgxYmU1ZjJiNzFiZGEzZmY3NTU5NzYzMTIwYTExZjVmZjgiLCJ3IjozMjAsImgiOjE4MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ Frame EFE4 8 KB
8 KB 41ms
6ms Image
image/webp 2.18.161.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImNiY2Y1NDI2ZWMwMjQ1ZWVhYTZmOTNlOTQzNDZhNjgxYmU1ZjJiNzFiZGEzZmY3NTU5NzYzMTIwYTExZjVmZjgiLCJ3IjozMjAsImgiOjE4MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: ibb.co
URL: https://ibb.co/54SqStp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.161.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-161-178.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c373ad8c551faba7051204f86b2d49a57230dddc7ac721378b9da83bbae7b59e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 04:57:19 GMT
last-modified: Tue, 03 Oct 2023 13:38:57 GMT
access-control-allow-methods: GET,POST
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=529080
access-control-allow-credentials: false
x-traceid: 8bd48d214c16d20d31b81fcd23875349
timing-allow-origin: *, *
content-length: 7958

GET
H/1.1 200
OK l
mcdp-nydc1.outbrain.com/ Frame D44F 2 B
278 B 349ms
86ms Image
text/plain 64.202.112.223
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mcdp-nydc1.outbrain.com/l?token=a21220e4be459a0d13998268346aa727_198067_1702184239559
Requested by: Host: ibb.co
URL: https://ibb.co/54SqStp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.223 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sun, 10 Dec 2023 04:57:19 GMT
content-encoding: br
X-TraceId: e2bb5e28266f864e37c343dd95fd02f9
Content-Length: 6
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: text/plain; charset=UTF-8

GET
H/1.1 200
OK log-viewability
log.outbrainimg.com/loggerServices/ Frame D44F 4 B
325 B 347ms
84ms Image
application/json 64.202.112.223
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.outbrainimg.com/loggerServices/log-viewability?requestId=a21220e4be459a0d13998268346aa727&position=0
Requested by: Host: ibb.co
URL: https://ibb.co/54SqStp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.223 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 10 Dec 2023 04:57:19 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 80285e17a59e1f611b30bd6f3c07782e
Content-Length: 4
Expires: 0

GET
H3 200 cc.jpeg
px.vliplatform.com/iv-v4/ 0
497 B 146ms
145ms Image
image/jpeg 2606:4700:3030::6815:5286
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/iv-v4/cc.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNBAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNoc-wtPArPTU-eBUU-PMKY-qZtP-YwrwMZYBqTyyRqxeNRwNqrb_TZYdtroqRlmNxfrtyoftrbxfrtyoftrRdzNwqfftkRrdzNuggustRmNTTTPBARleNplR_yszuNyqslt
Requested by: Host: ibb.co
URL: https://ibb.co/54SqStp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:5286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 04:57:20 GMT
cf-cache-status: MISS
last-modified: Sun, 10 Dec 2023 04:57:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YyLHNg16%2BcXRn2BzLmY25Gu10SoB25DsgM%2Ffw4J2L6llhwDnLSK7jqgaxbeKNB15lpZ13kkGjTbmgSP4Ns0MxlGB6g09Yedcz%2FGlcVBN78sXRmqiheGSW4f2CETEiyhqzJk4od2q%2BNqwbOgKH88RBA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 8332e80d8fb07fe1-IAD
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame F592 42 B
404 B 215ms
94ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvdfSuVQixgroAREMn0SwhQRydSM3pBaob_9L6SNcrFiDr_udgbjN0dQsWxENB3kL2Bia9E2qUS38tS_EbuYeHkfwXQOb-iV37OJlHy43np025z0CGNHgDCbGBc2T39ZDurz8q3VtagThHKY05H_KIhBk8PTJ3u4rDnXIE1Rjo&sai=AMfl-YQWjn-W5ROk7s-vSw5b-VZhh7f0iiNqcIeNKAbgb8EYIndrVcd_eHVH-mME1zi6A8yPblTdTAukLoU4wqUdQ7Lrlzgu5F0cMl2xfx0a6CXAgOw3Jajf3r4Uz78texrHOJ5nFjTNsboJw9cpr8jZcyRh3e_63QpQ2cdo&sig=Cg0ArKJSzOBVCPYOVvBlEAE&cid=CAQSTwDICaaNwI4aiTdgAE2TC0gdRccr-WmRaJQrJSJJYc2TeE6NvrP43jPOLsIcRfdiZzMOYG_XSCfJEQCdouTg4AKd3FSg-b2dIcPSjDQvai4YAQ&id=ampim&o=0,91&d=970,90&ss=1600,1200&bs=970,90&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=373&tls=1373&g=92.22519397735596&h=100&tt=1374&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Requested by

Host: ibb.co
URL: https://ibb.co/54SqStp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f4e8c1e4582a69605647227e946dd6d6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 04:57:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 217ms
104ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312040101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js?cb=31079991

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9188482814431eb1a13ae827db87ec71d59e2e2bdbe02656acaf77e1edb9b402

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 04:57:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12331
x-xss-protection: 0

GET
H2 200 push-event-counter
c.usefulcontentsites.com/ 43 B
481 B 234ms
218ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.usefulcontentsites.com/push-event-counter?permission=default&domain=ibb.co
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 04:57:20 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-mg-request-uuid: e071afed-b49b-42c7-bd34-017a49b7fbf3
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kKwWi3dz3KM%2B7TDh%2BuuM0t9PTe2%2B1U9dqpoFBUDfhInk27f6ZaTvVggDeBjbKPgtGdM9QFmviZ%2BJZfZQtEXlxi93utoSJJhBYawJqQO92hnyNEot9Hj7zY3C9ocpowo1Pqbe6DBoxIQcgTwyE6A0Od1ve0CLBCc%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: https://ibb.co
content-type: image/gif
cf-ray: 8332e80fc90e67cb-SJC
access-control-allow-headers: *
alt-svc: h3=":443"; ma=86400

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 63ms
63ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js?cb=31079991

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 04:57:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 10 Dec 2023 04:57:20 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0AA9 13 KB
5 KB 55ms
54ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ibb.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 52851
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 14:16:29 GMT
expires: Sun, 08 Dec 2024 14:16:29 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3B44 829 B
1 KB 178ms
64ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7635dedb1404152e054bb162be6a66b23e37d8486bbec01af6c9ea64a9980120

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3Dv4p5kpKJ5Y99JGUlequg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ibb.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-3Dv4p5kpKJ5Y99JGUlequg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 10 Dec 2023 04:57:20 GMT
expires: Sun, 10 Dec 2023 04:57:20 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 0AA9 39 KB
15 KB 58ms
56ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 22:01:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 111321
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Dec 2024 22:01:59 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3B44 0
0 89ms
89ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312040101&jk=985266990912843&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 0AA9 0
10 B 56ms
56ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?u1MzZA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 04:57:21 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 90ms
90ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312040101&jk=985266990912843&bg=!zs2lzYLNAAY3kmNgF5I7ADQBe5WfOBi6VD2AUZKjeoRmIbVHIVnvOGdZi2RM6pBgC2NDqv3BqocQqUT9l3ijK3VpJcSMAgAAADlSAAAAAmgBB5kC7wrhWUUKlTYOXlQaWYqHAdArJd8v38Wm8jb9hAa_vIH2dYPkzOmA_5rgnpNeQOZhk5KywPmMROFYJ-WcGf0na4ozxgaLsFENJ2f1h2OcxkwOkJ1h976PJGoxK0lvQwretw9SdI8y6fU1TntVyninmymk9SD3_3OeoIyH7kfZZ4ZEJ3zQKNQZFedrBoHjNszuvWz1KODlz5DVcpHRf_O3HTA-xavfeMBZ9mFw0MCuLm7dxAWrkNSXDkb5hnI96sssyv2Y53WbafLSe4RA6mcYZu6t4f4FfxPbO2ClTa8TAIdxATZE_z6AmpZzmI-wJug-qSDfePw505js4uxrTG7xUoxKj25Oc9z_CYrzJWV9XHL7j9GZna5f_rXR5Bca-FdRVBEp4W5w35gmbkhDCOG59-Y0X0hZBxJG1jd4uKcaf0LDKN2ARd7qi9O4463cWUHPFw3w_X4-hOaih0yANbSP_O9p7OJqQ_ds2NWb0JHv7U5KGooMYcLbw0me3pxKgRiLzUPc9_ln0vCS9IZCS6dXqpLoN4FAipCtjuMElELxZ9IgbbrohXSEJA9JQ-MxyCJjrBIOZXfYgpsfdL8sLJQZ7Fmy0CHdSuChK-82DaZaNm73BZwysz5Gpz67E3q18I7PdY7CkhyyFMMhjdmgIwK7KfFoFGxZhlNbaeIsnk-LQJ94TUf9ygN9PB6GB5ntOXEMncleRMHDRLCs1Hs1fFtgn3xF-c9LyTL88AiUO6J2Mrw_AQXDBPisAQkRm0jCMqcuKtUHdldbAVzRssxZPd4ggnlZbR8GkQJn6E_T98wter4n9X4OHusFYxupl1JEeFQuR16me5GpDmd3R3tFWuDKcE7SECOXdo_ZqzIPbw-kvwJCVdq1Y_892lewPfJWs5tCPty5MKczH_vjAOQhqdZKnYpyPnOT9ddfmYd10vxRbax3xQqBHcvvy-aGJuhAOHkDQqEXB5ApmTUocHoOJVFlF-6YIchuoG6CAbkDZau4y0A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: f4e8c1e4582a69605647227e946dd6d6.safeframe.googlesyndication.com
URL: https://f4e8c1e4582a69605647227e946dd6d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Domain: f4e8c1e4582a69605647227e946dd6d6.safeframe.googlesyndication.com
URL: https://f4e8c1e4582a69605647227e946dd6d6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Verdicts & Comments Add Verdict or Comment

107 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
pt.protoawe.com/	1970-01-20 17:32:56	Name: psui Value: e0988dc2329dcf88bc7dae694bd9be35
ibb.co/	1970-01-20 18:16:08	Name: __ppIdCC Value: ivv_xo21796184637.83
.mgid.com/	1970-01-20 16:49:46	Name: __cf_bm Value: 59RLFEWjfS6GFfdajx79Pc0vQ75iMTMMAC0qBZamKKI-1702184238-0-AZLr7klv+3BOqp3AM6vod3Iq1ohcs09K5GUfZwcc9gt3SsDTGW+Nt3pReHIptRYlvcXfBZ1eUont9zrgMnjNrXI=
.ibb.co/	1970-01-20 17:30:03	Name: sharedid Value: 4b8b9b1f-e4db-4301-8010-330f2705b255
.ibb.co/	1970-01-20 17:30:03	Name: sharedid_cst Value: zix7LPQsHA%3D%3D
.criteo.com/	1970-01-21 02:11:20	Name: receive-cookie-deprecation Value: 1
.criteo.com/	1970-01-21 02:11:20	Name: uid Value: 63061fcd-3897-4b55-b19b-3d6e9a5ac32a
.ibb.co/	1970-01-21 02:11:20	Name: cto_bundle Value: mR0COl96TFdpQ1hac1Y3emdyUXJmTlgzbG1WUUJWZGZXTTFIVWZSNnkybWolMkZOVk92dWV5VEhaJTJCZ0VTajdYTDhQTUxSeFZLZlNvekdKOUtGcEhic3FXT3JxanU5ZWtYJTJCNkt4M2Y1TmY4JTJCTmRpYUlmJTJGcXVIUm5QeU1uWTEwUEJXSUJPYjA0OVhHekVWVG9oSGlwZHJ5SEVuRFNRJTNEJTNE
.ibb.co/	1970-01-21 02:11:20	Name: __gads Value: ID=bebbcfd2e7caebdb:T=1702184238:RT=1702184238:S=ALNI_Map6bngptzqt31Xs2q8UajvS6B7CQ
.ibb.co/	1970-01-21 02:11:20	Name: __gpi Value: UID=00000d111a89e50e:T=1702184238:RT=1702184238:S=ALNI_MaFmBnd0WeL4HbXkE-igirEIy3kww
.doubleclick.net/	1970-01-21 02:11:20	Name: IDE Value: AHWqTUmaeCMwPK4xGBpiWfTCAKNqGjC13uS4YiUblV1boAoe1RXOuz_1nvj0fbu3bME

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1(Line 6) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload max-age=63072000; includeSubDomains; preload
X-Frame-Options	DENY DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax.amazon-adsystem.com
adsystem.pocpoc.io
assets.vlitag.com
c.amazon-adsystem.com
c.usefulcontentsites.com
cdn.ampproject.org
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.usefulcontentsites.com
cm.mgid.com
config.aps.amazon-adsystem.com
dsp.vlitag.com
f4e8c1e4582a69605647227e946dd6d6.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
galleryn0.vcmdiawe.com
galleryn2.vcmdiawe.com
galleryn3.vcmdiawe.com
gum.criteo.com
i.ibb.co
ibb.co
id5-sync.com
images.outbrainimg.com
imasdk.googleapis.com
log.outbrainimg.com
mcdp-nydc1.outbrain.com
media.vlitag.com
mug.criteo.com
odb.outbrain.com
pagead2.googlesyndication.com
pt-static1.awepsljan.com
pt-static3.awepsljan.com
pt-static4.awepsljan.com
pt-static5.awepsljan.com
pt.protoawe.com
px.pocpoc.io
px.vliplatform.com
r2---sn-5hnekn7k.googlevideo.com
redirector.googlevideo.com
securepubads.g.doubleclick.net
services.vlitag.com
simgbb.com
static.criteo.net
static.vliplatform.com
tpc.googlesyndication.com
widgets.outbrain.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
f4e8c1e4582a69605647227e946dd6d6.safeframe.googlesyndication.com
108.138.1.25
108.138.9.235
146.75.118.132
162.19.138.83
162.19.58.160
2.18.161.178
2.19.106.209
213.174.132.224
2606:4700:10::6816:3556
2606:4700:10::6816:3bc7
2606:4700:1::6813:834c
2606:4700:20::681a:ea7
2606:4700:20::681a:fa7
2606:4700:3030::6815:5286
2606:4700:3032::ac43:83fb
2606:4700::6810:5614
2a00:1450:4001:809::200a
2a00:1450:4001:80f::2008
2a00:1450:4001:812::2002
2a00:1450:4001:813::2003
2a00:1450:4001:81c::2001
2a00:1450:4001:827::2001
2a00:1450:4001:828::2004
2a00:1450:4001:828::200a
2a00:1450:4001:829::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::200e
2a00:1450:400e:2::7
2a02:2638:3::3
2a02:2638:3::c
2a06:98c1:3121::3
64.202.112.223
93.93.51.190
93.93.51.191
93.93.51.200
99.86.4.71
06b1615ac5aefc79aa880ce3a5c5d00b600bf2a416e387c3316fec66eb8f8ab1
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
089eb8245e3b54ba7ec782bf62126667c21b7d050e5fe8a50c3c221969eed9fd
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
18b50a144dc8f12735dda29d866c262fcbb2681134c29984a717d00a3e087176
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0
191a98003e98b429276e8f3daefd3849a1603a4ddee78efc0168ba41a131a5bb
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
2dc37eeeb346edd7286ac5fbd4d78aed9c22129d81fce5b3c06ddc069d2cc08c
2e072fe97ec35ab66a5de81de24603c07a67da217986de693bb1eb0bfc44ce8b
2f1ad4ec7176f493b16e0d186f222e3484248cbb48f82289c736a0877f2d5894
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
37e4f9980a062336a13489cd63e91b7053f19b1999dd1fd11160e91c6ee2cafc
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
3b5c79fa6438eb8abbfc5dbde134a7f49a7f5920a1099a47b5ffed5222b495f0
4101253aa5ffe37ea1d92bfbf1010cf3350e30504431df785e763d2fc3a49580
4563823fd629a48517c7feb8bf33640e12440e08bdde7a172ce477c2ddfc9c4d
45906ccf25c34566708e3c7b29332f2d567c6fa53c72a64b2523928343be6cd1
45fe766308841d0d4a2068ef014d83df899ef6623f6bb4bde509431657b1c707
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4c8495a624e981dd104c183455dd71486d9431980e86fb23258d49898f0cb609
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
5207d08d5dd848aaeebe673a7bb88197615d6f1dbe4d1200e44fc8474c7c66ea
5231e76151c35cc82203824656c357d03e674e6348ad706a9823d11b36fc3e63
537b791a756d094abf9cebc83b5e788a4635a3486de45223606eb606f87458c5
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5db53bf6a77148dae0aece6b6512e4a6bf94603af72e449a0f23ed03e8b96ff3
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65d03eb82a79a732d7c0180593c4f5dc98a8fac5c20c3a5446c4f14bf93d280a
75ddc6d9d2c549c62524a182bc3326311a6aedaeb3a4bd726db370f41aff22c2
7635dedb1404152e054bb162be6a66b23e37d8486bbec01af6c9ea64a9980120
76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554
7c598d6dc2f040f82c608cb1ef063629ad52ade976a354e578cfab5f2fbb428d
7d71a852775aba4b8dc1944e102cb58b344c544fe55e69da4caa73e8ccc1d2cb
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
80329d457bd68a89b53ca393d3ba5f1c7b4f944c3c60ef8244a6969e10647c55
81683b48e7096bc6af01b9fa777481e73440c925567ebf085de60cff38ace52d
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8bbaf7f99000c8db41dc83a3391f120b31bb8fc88dd9bdb5ce4050f59c56eda8
8cb19dd370d8a0dd9ee570e546a789c88840bd443082943f099e4c87cdfff2bf
8f1b8610e956324918230ac2715a40b0b09f6668dda455871f11924a15a53fa9
9188482814431eb1a13ae827db87ec71d59e2e2bdbe02656acaf77e1edb9b402
9764f6ea10d17a29553a666699d2a12bbbf6805ec29f539084c051285d86c516
9969c20b05385e44eef49078bb0fbffd8dd6081b90adf392fbcad9a894fa549a
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
9b93fc8aee6f502da201af2459e66574e544d66c73c70772680a3b9619539b74
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034
9fd0e3cb3a91f4f1c8426c0e52de9c363129d799997b8a79e7bc09e782502c4a
a04091bb8479d9ddcef48a5c816dc7ac84fab47ba0d7028c289d8ff76f4a9048
a1467c6ed682df808cf830c429ebaec42c32c2033369aa48446fb9e7f592769d
a24a1cdd313ab6fa435e1a0f9f4f0395f864a11c9a5ff9610beafe91548d1a8d
a3531c1a6993ccc3e7b0f3e1495768e3464aecd55193ef112cb5555422ae6c90
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
b4e74b74a183216726aec22173ae44d22a759dc1eef72dd6769ce5bf0c712016
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
b5aacc837f3866c139e24a9c447f8ecc672b3e718536585ac1fd0ce9cc0e4e8c
b8341f341848ee9eec71870d976b0895ef1084190c2e0b0349d2ba1c9b9ef64e
bda9ec230e9fd779256cde4a4b7687c6fbfab102624bed226faca3e27d255716
c373ad8c551faba7051204f86b2d49a57230dddc7ac721378b9da83bbae7b59e
c3b459c54ecd9f262e2f6f0ea633d1da499ecfe68fb1ff3ec126be0f3bf0b7aa
c417bdd5756646f7102a004458c6aa90e7a4c7ff04631494f0a9b8099619343d
c43f2cfd502f8404bf58060207dfd8294ad0c7f1bc08e69db75713552f915795
c54991e96f555b235bce7efd9505c3f04bd2e0b7711059eb075315f22ce206bd
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
c93010a2d7bf6f81bcedbf39d7fd74a4780fe8c3decba718d9ff4b0fe08fa75d
caf0c9d2aa2c74aba84732c31fcae90677fe52b115e6c88b6d54d12f693f5486
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d192a5e1527c429f7e465e41ecbf501e491bbb33365f4870a332ff497c4b12e8
da11fea14aa373ea068726762d9842ac4129e659d436ae4f34b71db803046e3b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e00cb88738adfce7ad329a09432c6bb494decc964b1b1c311c34d2f180e56b65
e28415c44976c45ebd859cec7a9c93561bcd81e696652db69ff2151949865c47
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e752832f4652b23f34221e9684fd64d7538cd8f2c1b53a492ea9ba367cd1418c
e97a9988dce8067f81f57557b349dd481e0335e75175179b6b01322be2ff13a5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f46bf0c1c79af4187878ef33dc72a02a554013f943f2eaeb9ad5e88c246b6b13
f51039eb37dc7cef752b152110f27884e98e62286b5ac4ce6b32dc037c5a3dd3
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
ff3ec271ef20383e3c4fd7f8a8bbab3610c6bd52fa7ca3a52059b97faf148b24

ibb.co Open in urlscan Pro 213.174.132.224 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

111 Requests

96 %HTTPS

65 %IPv6

26 Domains

49 Subdomains

37 IPs

5 Countries

3098 kBTransfer

6697 kBSize

11 Cookies

10 Outgoing links

Page URL History

Redirected requests

111 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ibb.co Open in urlscan Pro
213.174.132.224 Public Scan

Screenshot
Live screenshot

Full Image

111
Requests

96 %
HTTPS

65 %
IPv6

26
Domains

49
Subdomains

37
IPs

5
Countries

3098 kB
Transfer

6697 kB
Size

11
Cookies

111 HTTP transactions
1 data transactions