ibb.co Open in urlscan Pro
213.174.132.224  Public Scan

10 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 53

• https://media.vlitag.com/vid/?id=6Fk_i-JDmbY&t=y HTTP 302
• https://redirector.googlevideo.com/videoplayback?expire=1695186195&ei=sygKZZaICqSzsfIPhuiT-AM&ip=184.164.141.146&id=o-AATAvzNeX5TcaTS1l_AZuo5vWCXP08jUNGndn-uz4Uk7&itag=136&aitags=134%2C136%2C160%2C243&source=youtube&requiressl=yes&mh=d6&mm=31%2C29&mn=sn-2puupm-2pue%2Csn-a5msenes&ms=au%2Crdu&mv=u&mvi=1&pl=19&spc=UWF9f2Lty4t3bSqbK4H6nQSclmiTw00IEuURVCohmg&vprv=1&svpuc=1&mime=video%2Fmp4&ns=hNc338eU2WQqlQ9T6oNhmeEP&gir=yes&clen=33307029&dur=200.909&lmt=1685781129302686&mt=1695164317&fvip=3&keepalive=yes&fexp=24007246&c=WEB&txp=6216224&n=Eb9xZkv3Bn1BHv3&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgSgncr5A5istbVZ51TZXXoT_Y432Rg6YqeNkhWvu4UOECIExeKHxFnpaL8U6XcD6y_m655sowgaaGOwf3xWGigQt-&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRgIhANFtwrXuHuuoW9mfBVsoA0DOmdWKysXdn2n2rhGFRpOhAiEAnudbId7aRO_t7q4yq6McWb6N9u-qUYw_dmdvuN1T9II%3D HTTP 302
• https://r2---sn-hpa7knll.googlevideo.com/videoplayback?expire=1695186195&ei=sygKZZaICqSzsfIPhuiT-AM&ip=184.164.141.146&id=o-AATAvzNeX5TcaTS1l_AZuo5vWCXP08jUNGndn-uz4Uk7&itag=136&aitags=134%2C136%2C160%2C243&source=youtube&requiressl=yes&spc=UWF9f2Lty4t3bSqbK4H6nQSclmiTw00IEuURVCohmg&vprv=1&svpuc=1&mime=video%2Fmp4&ns=hNc338eU2WQqlQ9T6oNhmeEP&gir=yes&clen=33307029&dur=200.909&lmt=1685781129302686&keepalive=yes&fexp=24007246&c=WEB&txp=6216224&n=Eb9xZkv3Bn1BHv3&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgSgncr5A5istbVZ51TZXXoT_Y432Rg6YqeNkhWvu4UOECIExeKHxFnpaL8U6XcD6y_m655sowgaaGOwf3xWGigQt-&cms_redirect=yes&mh=d6&mip=85.190.232.27&mm=31&mn=sn-hpa7knll&ms=au&mt=1695167122&mv=m&mvi=2&pl=24&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhANSqzPg732fdfMPjEUMZ9iDXOG8p4XZwG0Gy4NE-sAVJAiAtGDhQEEG6ePDLUHSwYFNgIhIdaRCp8-q3CkHpvWIzGg%3D%3D

114 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request MPQLW6m Show response ibb.co/	21 KB 6 KB	723ms 432ms	Document text/html	213.174.132.224 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://ibb.co/MPQLW6m Protocol H2 Security TLS 1.3, , AES_128_GCM Server 213.174.132.224 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx / Resource Hash 87d4c8157eb76ef4f451ff8a9408b533cbd4f526a8dd55487ce5db23b0f7abd7 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload max-age=63072000; includeSubDomains; preload X-Frame-Options DENY DENY Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 accept-language it-IT,it;q=0.9 Response headers content-encoding gzip content-type text/html; charset=UTF-8 date Tue, 19 Sep 2023 23:51:49 GMT server nginx strict-transport-security max-age=63072000; includeSubDomains; preload max-age=63072000; includeSubDomains; preload vary Accept-Encoding x-frame-options DENY DENY
GET H2	200	css2 fonts.googleapis.com/	9 KB 1 KB	185ms 64ms	Stylesheet text/css	142.250.74.202 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500&display=swap Requested by Host: ibb.co URL: https://ibb.co/MPQLW6m Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.74.202 Old Bridge, United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s02-in-f10.1e100.net Software ESF / Resource Hash b5aacc837f3866c139e24a9c447f8ecc672b3e718536585ac1fd0ce9cc0e4e8c Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language it-IT,it;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Tue, 19 Sep 2023 23:51:50 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 19 Sep 2023 22:08:44 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 19 Sep 2023 23:51:50 GMT
GET H2	200	ibb.css simgbb.com/2801/	115 KB 26 KB	178ms 60ms	Stylesheet text/css	172.67.131.251 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://simgbb.com/2801/ibb.css Requested by Host: ibb.co URL: https://ibb.co/MPQLW6m Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.131.251 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d192a5e1527c429f7e465e41ecbf501e491bbb33365f4870a332ff497c4b12e8 Request headers accept-language it-IT,it;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 23:51:50 GMT content-encoding br cf-cache-status HIT last-modified Thu, 02 Feb 2023 10:55:40 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 6409 etag W/"63db96ac-1cd5c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H7Dq2T73pEB%2FmQBqOR0w79wknwe6H2XIXt1JHZYsemxQMzv6q%2Bp%2ByQk9%2FzrxKqa4DzeBFqT7LwNi0wgfDpdmR8ghMt3tHscvZWMuzauyRVujpT%2FKUnzPCjxq2DUx"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * cache-control max-age=31536000 cf-ray 8095bd2b2fc10dbd-MRS alt-svc h3=":443"; ma=86400
GET H2	200	subscribe.js Show response cdn.usefulcontentsites.com/js/push/	5 KB 2 KB	225ms 71ms	Script application/javascript	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.usefulcontentsites.com/js/push/subscribe.js?v=7 Requested by Host: ibb.co URL: https://ibb.co/MPQLW6m Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7c598d6dc2f040f82c608cb1ef063629ad52ade976a354e578cfab5f2fbb428d Request headers accept-language it-IT,it;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers x-id pa5-up-gc8 date Tue, 19 Sep 2023 23:51:50 GMT x-amz-version-id null content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id TKG2YNDB1XZQFWJD age 3357 x-cached-since 2022-12-20T08:53:39+00:00 alt-svc h3=":443"; ma=86400 x-amz-id-2 6gRGAmoH4EmrXfr/H/IRCNGPSUnCEe9ezUsSz7BGSsiuXdRtZyAzT5ggRAPkMr2jPZfhsDkyMLU= last-modified Wed, 30 Mar 2022 12:06:36 GMT server cloudflare x-amz-meta-s3cmd-attrs atime:1648641987/ctime:1648641987/gid:0/gname:root/md5:531a7e657aea171bbfa47a0c45adfede/mode:33206/mtime:1648641987/uid:0/uname:root etag W/"531a7e657aea171bbfa47a0c45adfede" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ATHLwGHFBqarncBlb%2BXDatzrWUOVxdm9FtVg%2FAs7SC6JRZHX6MhqEJgTxh1KH5e7dkKZTINnJY63clJ4tdxrocQRCPvpmf3xrd5Itbh3zpcGBEhSTUdhwExTOt8Jo26xV3oPu06uyptQNRni8Q%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control max-age=14400 cache STALE cf-ray 8095bd2c9c40029c-CDG
GET H2	200	/ Show response services.vlitag.com/adv1/	574 KB 147 KB	201ms 73ms	Script application/javascript	104.22.58.199 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1 Requested by Host: ibb.co URL: https://ibb.co/MPQLW6m Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.22.58.199 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 547cf2960a26f2a2014a4d946809c87ce80676e964d5e14c7b6b16a9a48e4625 Request headers accept-language it-IT,it;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 23:51:50 GMT content-encoding br cf-cache-status HIT cf-bgj minify server cloudflare age 823 cf-polished origSize=587646 etag W/"8e6637b4f4f57cc6ca9a8b8db5bcdcb1 2023-09-11T22:19:40 v1 default" vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control public, max-age=900, stale-while-revalidate=3600 x-robots-tag noindex, nofollow, noarchive, nosnippet cf-ray 8095bd2caf0d27a6-LYS alt-svc h3=":443"; ma=86400
GET H2	200	logo.png simgbb.com/images/	938 B 1 KB	58ms 56ms	Image image/png	172.67.131.251 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://simgbb.com/images/logo.png Requested by Host: ibb.co URL: https://ibb.co/MPQLW6m Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.131.251 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 80329d457bd68a89b53ca393d3ba5f1c7b4f944c3c60ef8244a6969e10647c55 Request headers accept-language it-IT,it;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 23:51:50 GMT cf-cache-status HIT last-modified Thu, 02 Feb 2023 10:55:40 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1507 etag "63db96ac-3aa" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Mz5fIwni1Q6JeMgkZzC%2B%2Bn9Xx2ksQIbWxh0ussyvrubbmp6O7zBaq5i0kEE5a5BrKnXuNSnbhqAykESz4hKxcWZW8xrTz9YFdu0NndeGGo3zhFAwrL5M31UniZ8"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=31536000 accept-ranges bytes cf-ray 8095bd2c08880dbd-MRS alt-svc h3=":443"; ma=86400 content-length 938
GET H2	200	DSC0258.jpg i.ibb.co/c2VdMLj/	73 KB 74 KB	197ms 60ms	Image image/jpeg	162.19.58.156 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://i.ibb.co/c2VdMLj/DSC0258.jpg Requested by Host: ibb.co URL: https://ibb.co/MPQLW6m Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.19.58.156 , France, ASN16276 (OVH, FR), Reverse DNS ns3096358.ip-162-19-58.eu Software nginx / Resource Hash 4f1b57952586bf39daa120bd8c85603f0b6aaa5087ad56846e8670e2c23f268a Request headers accept-language it-IT,it;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 23:51:50 GMT last-modified Tue, 19 Sep 2023 23:47:05 GMT server nginx access-control-allow-methods GET, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 75231 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	script Show response pt.protoawe.com/cifra/	2 KB 2 KB	201ms 61ms	Script application/javascript	93.93.51.191 DOCLER-AS
General Check archive.org Show headers Download Go to Full URL https://pt.protoawe.com/cifra/script?id=awe-customiframe-container&row=1&column=4&border=0&wide=0&padding=8px&model=0&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&legacyRedirect=1 Requested by Host: ibb.co URL: https://ibb.co/MPQLW6m Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 93.93.51.191 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash 3b5c79fa6438eb8abbfc5dbde134a7f49a7f5920a1099a47b5ffed5222b495f0 Request headers accept-language it-IT,it;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 23:50:50 GMT cache-control no-cache x-ud-id IZy6T/AE8 server unknown x-cache-status R-HIT content-type application/javascript
GET H2	200	jquery2.js Show response simgbb.com/2801/	114 KB 41 KB	63ms 62ms	Script application/javascript	172.67.131.251 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://simgbb.com/2801/jquery2.js Requested by Host: ibb.co URL: https://ibb.co/MPQLW6m Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.131.251 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ff3ec271ef20383e3c4fd7f8a8bbab3610c6bd52fa7ca3a52059b97faf148b24 Request headers accept-language it-IT,it;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 23:51:50 GMT content-encoding br cf-cache-status HIT last-modified Thu, 02 Feb 2023 10:55:40 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 4345 etag W/"63db96ac-1c65d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vm9WvuwGIt10bEsg6ooMulhbaGpozI%2Fi3gz3qcq9nEG48IsMsEhbxnzAz4sDr1eb8lG1JFIKg22umScW6zZ1%2FKziBHBwnpNjrEymKa7sGunibiOGanIXtIBQ3kjG"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control max-age=31536000 cf-ray 8095bd2c08890dbd-MRS alt-svc h3=":443"; ma=86400
GET H2	200	ibb.js Show response simgbb.com/2801/	215 KB 62 KB	84ms 83ms	Script application/javascript	172.67.131.251 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://simgbb.com/2801/ibb.js Requested by Host: ibb.co URL: https://ibb.co/MPQLW6m Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.131.251 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 45906ccf25c34566708e3c7b29332f2d567c6fa53c72a64b2523928343be6cd1 Request headers accept-language it-IT,it;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 23:51:50 GMT content-encoding br cf-cache-status HIT last-modified Tue, 01 Aug 2023 17:15:28 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1507 etag W/"64c93db0-35a95" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hnEGdbrL7afdB0j04p23GzN4md9H2us0E43zfMV2UDNGmCtWqHMolhW6tapysm3n4elgIlwM2%2Bcmxfb49d3Ca0w4YzkLx%2FXWSflFUlAcUGcjmmg5gJFHXQx86VjW"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control max-age=31536000 cf-ray 8095bd2c088a0dbd-MRS alt-svc h3=":443"; ma=86400
GET H2	200	cifra Show response pt.protoawe.com/ Frame 4F0C	27 KB 7 KB	317ms 183ms	Document text/html	93.93.51.191 DOCLER-AS
General Check archive.org Show headers Download Go to Full URL https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1 Requested by Host: ibb.co URL: https://ibb.co/MPQLW6m Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 93.93.51.191 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash 10a6f3f75173e786422ee4c475975c1b88c27746095ba33aa7c36755fd036ef4 Request headers Referer https://ibb.co/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 accept-language it-IT,it;q=0.9 Response headers cache-control max-age=300, public content-encoding gzip content-type text/html; charset=UTF-8 date Tue, 19 Sep 2023 23:51:50 GMT server unknown vary Accept-Encoding x-cache-status R-MISS x-ud-id 8PXP7/CO8
GET H2	200	imgbb.woff2 simgbb.com/fonts/	8 KB 9 KB	197ms 64ms	Font font/woff2	172.67.131.251 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://simgbb.com/fonts/imgbb.woff2 Requested by Host: simgbb.com URL: https://simgbb.com/2801/ibb.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.131.251 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f46bf0c1c79af4187878ef33dc72a02a554013f943f2eaeb9ad5e88c246b6b13 Request headers Referer https://simgbb.com/2801/ibb.css Origin https://ibb.co accept-language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 23:51:50 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 3286 alt-svc h3=":443"; ma=86400 content-length 8468 last-modified Thu, 02 Feb 2023 10:55:40 GMT server cloudflare etag "63db96ac-2114" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ogHjSMUNSnhQkP5ZNzYUJau6tqFpuCNU0Am0k%2Bw4hyUlxhSRN4sweR38giQXQSIcS5TMhTkHGVcMwEniPy6o5v8t2UzflioN4xW3x3%2FtYNHo0pvrHrHfhTAUk16u"}],"group":"cf-nel","max_age":604800} content-type font/woff2 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes cf-ray 8095bd2ce9a15ab6-VIE
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 fonts.gstatic.com/s/opensans/v36/	47 KB 48 KB	185ms 53ms	Font font/woff2	142.250.185.163 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.163 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f3.1e100.net Software sffe / Resource Hash 9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://ibb.co accept-language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Thu, 14 Sep 2023 18:17:53 GMT x-content-type-options nosniff age 452037 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 48432 x-xss-protection 0 last-modified Thu, 14 Sep 2023 00:40:31 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 13 Sep 2024 18:17:53 GMT
GET H2	200	DSC0258.jpg i.ibb.co/r5NJTsV/	303 KB 304 KB	104ms 104ms	Image image/jpeg	162.19.58.156 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://i.ibb.co/r5NJTsV/DSC0258.jpg Requested by Host: ibb.co URL: https://ibb.co/MPQLW6m Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.19.58.156 , France, ASN16276 (OVH, FR), Reverse DNS ns3096358.ip-162-19-58.eu Software nginx / Resource Hash 76ff8b27b9a3529cf3fb06314f184f119b79b0a6a6599c1f8ba941a5eb5206b5 Request headers accept-language it-IT,it;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 23:51:50 GMT last-modified Tue, 19 Sep 2023 23:47:05 GMT server nginx access-control-allow-methods GET, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 310269 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	js-cookie-muidn Show response cm.mgid.com/	0 380 B	194ms 79ms	Script application/javascript	104.19.130.76 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cm.mgid.com/js-cookie-muidn Requested by Host: cdn.usefulcontentsites.com URL: https://cdn.usefulcontentsites.com/js/push/subscribe.js?v=7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.130.76 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language it-IT,it;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Tue, 19 Sep 2023 23:51:50 GMT cf-cache-status DYNAMIC server cloudflare content-type application/javascript cache-control no-store, no-cache, must-revalidate, max-age=0 cf-ray 8095bd2de8652791-LYS alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	8e6637b4f4f57cc6ca9a8b8db5bcdcb1.json Show response services.vlitag.com/cli/	42 B 344 B	299ms 193ms	XHR application/json	104.22.58.199 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://services.vlitag.com/cli/8e6637b4f4f57cc6ca9a8b8db5bcdcb1.json?hn=https://ibb.co Requested by Host: services.vlitag.com URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.22.58.199 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fa178c4d46880590bcc3e79e8ba2fb51815827e8b5a39fa6701574c4415d51a7 Request headers accept-language it-IT,it;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Tue, 19 Sep 2023 23:51:50 GMT cf-cache-status BYPASS server cloudflare vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin https://ibb.co cache-control private, no-cache, no-store, must-revalidate accept-ranges bytes x-robots-tag noindex, nofollow, noarchive, nosnippet cf-ray 8095bd2e89f527bd-LYS content-length 42 alt-svc h3=":443"; ma=86400 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	di.min-v392658.js Show response pt-static5.awepsljan.com/npe/_common/script/incognito/ Frame 4F0C	3 KB 2 KB	203ms 61ms	Script application/javascript	93.93.51.200 DOCLER-AS
General Check archive.org Show headers Download Go to Full URL https://pt-static5.awepsljan.com/npe/_common/script/incognito/di.min-v392658.js Requested by Host: pt.protoawe.com URL: https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash 7d71a852775aba4b8dc1944e102cb58b344c544fe55e69da4caa73e8ccc1d2cb Request headers accept-language it-IT,it;q=0.9 Referer https://pt.protoawe.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers x-cdn-node itmil date Tue, 19 Sep 2023 23:51:50 GMT content-encoding gzip last-modified Tue, 19 Sep 2023 11:37:23 GMT server unknown etag W/"650987f3-d47" x-cache-status R-HIT vary Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=1209600 expires Tue, 03 Oct 2023 23:51:50 GMT
GET H2	200	advertisement-v392658.js Show response pt-static1.awepsljan.com/npe/_common/script/adblock/ Frame 4F0C	21 B 276 B	200ms 63ms	Script application/javascript	93.93.51.200 DOCLER-AS
General Check archive.org Show headers Download Go to Full URL https://pt-static1.awepsljan.com/npe/_common/script/adblock/advertisement-v392658.js Requested by Host: pt.protoawe.com URL: https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash e97a9988dce8067f81f57557b349dd481e0335e75175179b6b01322be2ff13a5 Request headers accept-language it-IT,it;q=0.9 Referer https://pt.protoawe.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers x-cdn-node itmil date Tue, 19 Sep 2023 23:51:50 GMT last-modified Tue, 19 Sep 2023 11:37:23 GMT server unknown etag "650987f3-15" x-cache-status R-HIT content-type application/javascript access-control-allow-origin * cache-control max-age=1209600 accept-ranges bytes content-length 21 expires Tue, 03 Oct 2023 23:51:50 GMT
GET H2	200	cifra-v392658.css pt-static1.awepsljan.com/npe/cifra/styles/ Frame 4F0C	17 KB 4 KB	197ms 60ms	Stylesheet text/css	93.93.51.200 DOCLER-AS
General Check archive.org Show headers Download Go to Full URL https://pt-static1.awepsljan.com/npe/cifra/styles/cifra-v392658.css Requested by Host: pt.protoawe.com URL: https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash 20cf474dea9c0f5240d01473977eeec6332beec6bcf12667c09745153435b1d2 Request headers accept-language it-IT,it;q=0.9 Referer https://pt.protoawe.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers x-cdn-node itmil date Tue, 19 Sep 2023 23:51:50 GMT content-encoding gzip last-modified Tue, 19 Sep 2023 11:37:24 GMT server unknown etag W/"650987f4-43a3" x-cache-status R-HIT vary Accept-Encoding, Accept-Encoding content-type text/css access-control-allow-origin * cache-control max-age=1209600 expires Tue, 03 Oct 2023 23:51:50 GMT
GET H2	200	cifrafk-v392658.js Show response pt-static2.awepsljan.com/npe/cifra/script/ Frame 4F0C	323 KB 116 KB	199ms 60ms	Script application/javascript	93.93.51.200 DOCLER-AS
General Check archive.org Show headers Download Go to Full URL https://pt-static2.awepsljan.com/npe/cifra/script/cifrafk-v392658.js Requested by Host: pt.protoawe.com URL: https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash b72b133f647545d0fa6ca3c13454dc5adca17490e714c9abb3b56c61fdadd294 Request headers accept-language it-IT,it;q=0.9 Referer https://pt.protoawe.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers x-cdn-node itmil date Tue, 19 Sep 2023 23:51:50 GMT content-encoding gzip last-modified Tue, 19 Sep 2023 11:37:24 GMT server unknown etag W/"650987f4-50a28" x-cache-status R-HIT vary Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=1209600 expires Tue, 03 Oct 2023 23:51:50 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/ Frame 4F0C	225 KB 76 KB	199ms 69ms	Script application/javascript	142.250.186.72 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-WXTGF28 Requested by Host: pt.protoawe.com URL: https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.72 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f8.1e100.net Software Google Tag Manager / Resource Hash d2bcf6b2d8c2aa89976f7769a8c4dd1fa6d90db8eba0768451b39e41ea0c9af0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language it-IT,it;q=0.9 Referer https://pt.protoawe.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 23:51:51 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 77492 x-xss-protection 0 last-modified Tue, 19 Sep 2023 22:51:29 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 19 Sep 2023 23:51:51 GMT
GET H3	200	vl.json Show response services.vlitag.com/vld/1695163682/	13 B 306 B	58ms 57ms	XHR application/json	104.22.58.199 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://services.vlitag.com/vld/1695163682/vl.json?page_url=https%3A%2F%2Fibb.co%2FMPQLW6m Requested by Host: services.vlitag.com URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1 Protocol H3 Security QUIC, , AES_128_GCM Server 104.22.58.199 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554 Request headers accept-language it-IT,it;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 23:51:51 GMT cf-cache-status HIT last-modified Tue, 19 Sep 2023 23:47:28 GMT server cloudflare age 263 vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin https://ibb.co cache-control public, immutable, max-age=31536000 accept-ranges bytes x-robots-tag noindex, nofollow, noarchive, nosnippet cf-ray 8095bd2fbfff27a6-LYS content-length 13 alt-svc h3=":443"; ma=86400
GET H3	200	8e6637b4f4f57cc6ca9a8b8db5bcdcb1.json Show response services.vlitag.com/obj/1695163682/	44 KB 5 KB	58ms 58ms	XHR application/json	104.22.58.199 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://services.vlitag.com/obj/1695163682/8e6637b4f4f57cc6ca9a8b8db5bcdcb1.json?cc=IT&hn=https://ibb.co Requested by Host: services.vlitag.com URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1 Protocol H3 Security QUIC, , AES_128_GCM Server 104.22.58.199 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ea20638db28636dd397c7d1e793bddb9b65bf3dea9fd6ddcb3ee208354a451aa Request headers accept-language it-IT,it;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 23:51:51 GMT content-encoding br cf-cache-status HIT last-modified Tue, 19 Sep 2023 22:49:21 GMT server cloudflare age 3717 vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin https://ibb.co cache-control public, immutable, max-age=31536000 x-robots-tag noindex, nofollow, noarchive, nosnippet cf-ray 8095bd2fb80027a6-LYS alt-svc h3=":443"; ma=86400
GET H2	200	prebid-7.48.0.js Show response assets.vlitag.com/prebid/default/	561 KB 172 KB	80ms 71ms	Script application/javascript	104.22.58.199 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://assets.vlitag.com/prebid/default/prebid-7.48.0.js Requested by Host: services.vlitag.com URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.22.58.199 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 95dbbacaaa6b78654b2b74da75fa16e9986ff82fe674aea184b07e643295c871 Request headers accept-language it-IT,it;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 23:51:51 GMT content-encoding br cf-cache-status HIT cf-bgj minify last-modified Mon, 08 May 2023 07:36:47 GMT server cloudflare age 1171329 cf-polished origSize=575587 etag W/"6458a68f-8c863" vary Accept-Encoding content-type application/javascript cache-control max-age=16070400 cf-ray 8095bd30685327a6-LYS alt-svc h3=":443"; ma=86400 expires Wed, 06 Sep 2023 10:59:22 GMT
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	99 KB 29 KB	308ms 149ms	Script text/javascript	142.250.186.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: services.vlitag.com URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f2.1e100.net Software cafe / Resource Hash 4332e0f9a0cca1d3156fb352f894e6115f94465af68cb0290a483bed8d6be1dc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language it-IT,it;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 23:51:51 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 29452 x-xss-protection 0 server cafe etag 485 / 19619 / m202309140101 / config-hash: 10560056370792808416 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * expires Tue, 19 Sep 2023 23:51:51 GMT
GET H2	200	ima3.js Show response imasdk.googleapis.com/js/sdkloader/	359 KB 124 KB	181ms 63ms	Script text/javascript	172.217.16.202 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://imasdk.googleapis.com/js/sdkloader/ima3.js Requested by Host: services.vlitag.com URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.16.202 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s65-in-f10.1e100.net Software sffe / Resource Hash 46b70779d5e04e84c467110c5f028beb73a1a9d5f67675fdbadc000773f58214 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language it-IT,it;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 23:51:51 GMT content-encoding gzip x-content-type-options nosniff server sffe cross-origin-opener-policy same-origin; report-to="ads-doubleclick-instream-static" vary Accept-Encoding report-to {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]} content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 125907 x-xss-protection 0 expires Tue, 19 Sep 2023 23:51:51 GMT
GET H2	200	sf_host.min.js Show response assets.vlitag.com/plugins/safeframe/src/js/	38 KB 17 KB	70ms 61ms	Script application/javascript	104.22.58.199 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://assets.vlitag.com/plugins/safeframe/src/js/sf_host.min.js Requested by Host: services.vlitag.com URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.22.58.199 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0 Request headers accept-language it-IT,it;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 23:51:51 GMT content-encoding br cf-cache-status HIT last-modified Fri, 01 Nov 2019 05:04:50 GMT server cloudflare age 1171329 etag W/"5dbbbcf2-9806" vary Accept-Encoding content-type application/javascript cache-control max-age=16070400 cf-ray 8095bd30685427a6-LYS alt-svc h3=":443"; ma=86400 expires Wed, 06 Sep 2023 10:59:22 GMT
GET H2	200	apstag.js Show response c.amazon-adsystem.com/aax2/	249 KB 61 KB	176ms 66ms	Script application/javascript	13.224.192.181 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/aax2/apstag.js Requested by Host: services.vlitag.com URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.192.181 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-192-181.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 07eb86d32844a4bae782c9a243f8db9a435b9fa116c5b19f7de310789b9d63a8 Request headers accept-language it-IT,it;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 23:49:26 GMT content-encoding gzip via 1.1 d7433132a7c6595c9aab2dc2272e7060.cloudfront.net (CloudFront), 1.1 e0efba8a72628bfc3dc6d4d637b28302.cloudfront.net (CloudFront) last-modified Thu, 14 Sep 2023 19:03:58 GMT server AmazonS3 x-amz-cf-pop FRA60-P1, FRA2-C1 age 146 x-amz-server-side-encryption AES256 etag W/"c48a6ec54d501e77b70ec98cc7bfa1a9" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=3600 x-amz-cf-id tBUTVNQx9QS_T--IjqeduH30JdoDVQcjg0W5MJxRZKqD7t00LZ9N_A==
GET H2	200	5a7ce37428a4997f160ea150cd32f434_glamour_460x345.jpg galleryn0.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f15/ Frame 4F0C	37 KB 37 KB	223ms 94ms	Image image/jpeg	93.93.51.190 DOCLER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://galleryn0.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f15/5a7ce37428a4997f160ea150cd32f434_glamour_460x345.jpg?cno=b1ee Requested by Host: pt.protoawe.com URL: https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.93.51.190 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash 290746bdeef10583eaa5c16a335f7e2dfb4c6f851ec8f367263e8d01d3d7c533 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language it-IT,it;q=0.9 Referer https://pt.protoawe.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 23:51:51 GMT x-content-type-options nosniff x-cache-status R-HIT x-cache-source Origin content-length 37990 x-cdn-node itmil last-modified Sun, 10 Sep 2023 00:03:25 GMT server unknown etag "97d2e6441692d7f92f297393e71f6fbb" content-type image/jpeg access-control-allow-origin * x-rgw-object-type Normal cache-control max-age=1209600 x-real-source - accept-ranges bytes expires Tue, 03 Oct 2023 23:51:51 GMT
GET H2	200	8fb302bb41f8232459ad7a79ba49a51f_glamour_460x345.jpg galleryn1.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f18/ Frame 4F0C	30 KB 30 KB	222ms 93ms	Image image/jpeg	93.93.51.190 DOCLER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://galleryn1.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f18/8fb302bb41f8232459ad7a79ba49a51f_glamour_460x345.jpg?cno=6a75 Requested by Host: pt.protoawe.com URL: https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.93.51.190 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash 74df1d9dff9ff3dc412553659c8b6489727d1ea5f974d9098677be3a69a36de9 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language it-IT,it;q=0.9 Referer https://pt.protoawe.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 23:51:51 GMT x-content-type-options nosniff x-cache-status R-HIT x-cache-source Origin content-length 30825 x-cdn-node itmil last-modified Sun, 17 Sep 2023 04:40:45 GMT server unknown etag "bc3e5fa4bb9c6ea6969419b8d92e5073" content-type image/jpeg access-control-allow-origin * x-rgw-object-type Normal cache-control max-age=1209600 x-real-source - accept-ranges bytes expires Tue, 03 Oct 2023 23:51:51 GMT
GET H2	200	dc287a3fd54b7f3b467dbcf73bbed3dd_glamour_460x345.jpg galleryn1.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f1d/ Frame 4F0C	18 KB 19 KB	246ms 117ms	Image image/jpeg	93.93.51.190 DOCLER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://galleryn1.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f1d/dc287a3fd54b7f3b467dbcf73bbed3dd_glamour_460x345.jpg?cno=ead4 Requested by Host: pt.protoawe.com URL: https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.93.51.190 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash ec1f29ec022a116bc741af5fe4e61071da404368e5a272faf5add9fe8130a478 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language it-IT,it;q=0.9 Referer https://pt.protoawe.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 23:51:51 GMT x-content-type-options nosniff x-cache-status R-HIT x-cache-source Origin content-length 18704 x-cdn-node itmil last-modified Wed, 03 May 2023 02:36:45 GMT server unknown etag "41181e442be04131adda01815f63dd26" content-type image/jpeg access-control-allow-origin * x-rgw-object-type Normal cache-control max-age=1209600 x-real-source - accept-ranges bytes expires Tue, 03 Oct 2023 23:51:51 GMT
GET H2	200	e0e52e3fa3735fc7ae0ffa9b09909ce5_glamour_460x345.jpg galleryn3.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f1e/ Frame 4F0C	23 KB 23 KB	194ms 60ms	Image image/jpeg	93.93.51.190 DOCLER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://galleryn3.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f1e/e0e52e3fa3735fc7ae0ffa9b09909ce5_glamour_460x345.jpg?cno=b133 Requested by Host: pt.protoawe.com URL: https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.93.51.190 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash 77f939a20125318a088b0ef1a5d5a8a31be98ea6e59763a73e9cefaaf9c65851 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language it-IT,it;q=0.9 Referer https://pt.protoawe.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 23:51:51 GMT x-content-type-options nosniff x-cache-status R-HIT x-cache-source Origin content-length 23449 x-cdn-node itmil last-modified Sat, 10 Jun 2023 15:03:42 GMT server unknown etag "15c69b94270d94dc66d25ae55475ebb6" content-type image/jpeg access-control-allow-origin * x-rgw-object-type Normal cache-control max-age=1209600 x-real-source - accept-ranges bytes expires Tue, 03 Oct 2023 23:51:51 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/ Frame 4F0C	52 KB 21 KB	179ms 56ms	Script text/javascript	142.250.186.78 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WXTGF28 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.78 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f14.1e100.net Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language it-IT,it;q=0.9 Referer https://pt.protoawe.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Tue, 19 Sep 2023 23:49:43 GMT last-modified Mon, 12 Jun 2023 18:23:07 GMT server Golfe2 age 128 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Wed, 20 Sep 2023 01:49:43 GMT
GET H2	200	aps_csm.js Show response c.amazon-adsystem.com/bao-csm/aps-comm/	6 KB 3 KB	193ms 65ms	XHR application/javascript	13.224.192.181 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.192.181 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-192-181.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844 Request headers accept-language it-IT,it;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers x-amz-version-id 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog content-encoding gzip via 1.1 e86025dac63232624d2273c5fd256ce4.cloudfront.net (CloudFront) date Tue, 19 Sep 2023 11:25:37 GMT x-amz-cf-pop FRA2-C1 age 74045 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Tue, 29 Aug 2023 08:30:37 GMT server AmazonS3 etag W/"a4d296427fc806b21335359e398c025c" access-control-max-age 3000 access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control public, max-age=86400 vary Accept-Encoding,Origin x-amz-cf-id nKyGPzjP2ZdPad-b4L-5P8gfMPQeHjHGuYg1jB9Xzvpk3PcOB1rYvg==
GET H2	200	pubads_impl.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/	409 KB 129 KB	63ms 62ms	Script text/javascript	142.250.186.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/pubads_impl.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f2.1e100.net Software cafe / Resource Hash 1bde658df6e7fc967fdfa663ef601083be84e4dfb80de29e5423d8d618bf790e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language it-IT,it;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 19:33:19 GMT content-encoding br x-content-type-options nosniff age 15512 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 131810 x-xss-protection 0 server cafe etag 9411153894055172020 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 timing-allow-origin * expires Wed, 18 Sep 2024 19:33:19 GMT
GET H2	200	9cf0c4f1-7630-476b-9141-f4472e005192 Show response config.aps.amazon-adsystem.com/configs/	537 B 813 B	178ms 53ms	Script application/javascript	99.86.4.30 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://config.aps.amazon-adsystem.com/configs/9cf0c4f1-7630-476b-9141-f4472e005192 Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.30 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-30.fra6.r.cloudfront.net Software CloudFront / Resource Hash b25b9a7c5e3db18c4ecee3cc7d3162cd8d9ecd91f17ec185d768de267e3ba3f6 Request headers accept-language it-IT,it;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 23:13:22 GMT via 1.1 89c822bb1ce1445a7be6d1057088cfbe.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop FRA6-C1 age 2309 x-cache Hit from cloudfront content-type application/javascript cache-control max-age=3600 content-length 537 x-amz-cf-id aAlyRTUUY3YknZiQQ_PgoBnQAm__w9rn9n5Xp9TcElK-eZvORR6KYw==
GET H2	204	config Show response c.amazon-adsystem.com/cdn/prod/	0 302 B	59ms 58ms	XHR text/plain	13.224.192.181 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fibb.co&pubid=9cf0c4f1-7630-476b-9141-f4472e005192 Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.192.181 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-192-181.fra2.r.cloudfront.net Software Server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language it-IT,it;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 21:47:36 GMT via 1.1 e0efba8a72628bfc3dc6d4d637b28302.cloudfront.net (CloudFront) server Server x-amz-cf-pop FRA2-C1 age 7455 x-cache Hit from cloudfront access-control-allow-origin https://ibb.co cache-control max-age=21550, s-maxage=21600 access-control-allow-credentials true x-amz-cf-id sqKyNlpAjKFBS9V5xRZtoMF15WKZiXS8psnuYiPT3y2Cj7k9b-EYeA==
GET H2	200	latest.json Show response cdn.jsdelivr.net/gh/prebid/currency-file@1/	2 KB 2 KB	147ms 59ms	XHR application/json	104.16.89.20 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230920 Requested by Host: assets.vlitag.com URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1a4dc19ff4252e47630d51b345780b1b96b9c6a21ff358266e9d60bf8c715ac2 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://ibb.co/ accept-language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Content-Type text/plain Response headers date Tue, 19 Sep 2023 23:51:51 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 3304 x-jsd-version 1.0.1818 content-encoding br x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-served-by cache-fra-eddf8230103-FRA, cache-yyz4578-YYZ x-jsd-version-type version server cloudflare etag W/"63c-g7L8eUzQQd1oX2hmZmocfYLYIy8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FIgHjRP6ptZZ6EH3M%2BtTkhyIq%2BP49rSi6Fd0n3O8XDVOnPVDvGbXo1re8h9WYZcQELnLSHmsbRU5isaQGIQM8Deb9bnEDs9KXpmClF5GZebUKRJqQ968xt1l3zvhtfHLCPI%3D"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 timing-allow-origin * cf-ray 8095bd332a84a32b-FCO
GET H2	200	bid Show response aax.amazon-adsystem.com/e/dtb/	23 B 455 B	250ms 94ms	XHR text/javascript	108.138.9.235 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fibb.co%2FMPQLW6m&pid=EwDtw8PKPRfIl&cb=0&ws=1600x1200&v=23.829.1852&t=1500&slots=%5B%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A1%2C%22id%22%3A%22Interdog_Media_RON_Instream%22%2C%22mt%22%3A%22v%22%2C%22s%22%3A%5B%22640x480%22%5D%7D%2C%7B%22sd%22%3A%22vi_22154111431_banner%22%2C%22s%22%3A%5B%22336x280%22%2C%22300x250%22%5D%2C%22sn%22%3A111431%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!pubpower.io%2C467%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22no-cmp%22%7D Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.9.235 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-9-235.fra56.r.cloudfront.net Software Server / Resource Hash 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8 Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers accept-language it-IT,it;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 23:51:51 GMT strict-transport-security max-age=47474747; includeSubDomains; preload via 1.1 f61953901038b0c4b4c82c311140f1b8.cloudfront.net (CloudFront) server Server x-amz-cf-pop FRA56-P6 x-amz-rid 1QVVQKV7FEGK3SS1TZ5Z vary Accept-Encoding,User-Agent x-cache Miss from cloudfront content-type text/javascript;charset=UTF-8 access-control-allow-origin https://ibb.co access-control-allow-credentials true timing-allow-origin * content-length 23 x-amz-cf-id b-IhdVHm0ZErcwax1Oy7DBQTRlJNWmTf_H1QEzotEA5JUSp3ZoHpcQ==
GET H2	200	cc.jpeg px.vliplatform.com/bi-v4/	0 510 B	318ms 189ms	Image image/jpeg	172.67.158.59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNAAMewBre-YqtZ-PTwy-wyeB-ZqrBPMtwwMwARdzNcortg%20oflzktqdRlmNUPAbPMARwlNqdqmgfRkjmNUPAbPMARrdzNqdqmgfRwkjNARmNTTTPBTRleNplR_yszuNyqsltRedhNgyy Requested by Host: ibb.co URL: https://ibb.co/MPQLW6m Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.158.59 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language it-IT,it;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 23:51:51 GMT cf-cache-status MISS last-modified Tue, 19 Sep 2023 23:51:51 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M8B7Rstmtqm7wGQj8W4eDxLM4fIEan1AH4cFHPTYe17j%2BwXf5gI2QPn8TXzGU4ygUSf3xfPO1bNRLwk233aHK6IqiSEm6QnAOkR80CxZjUq6iSgEefqqcCr6%2FYNdnktP9LSc9Q%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=864000, immutable accept-ranges bytes x-robots-tag noindex, nofollow, noarchive, nosnippet cf-ray 8095bd3399ab5af4-VIE content-length 0 alt-svc h3=":443"; ma=86400
GET H2	200	cc.jpeg px.vliplatform.com/bi-v4/	0 263 B	338ms 210ms	Image image/jpeg	172.67.158.59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNaYYBraBK-AKPr-PUMq-atKA-BTtrqtwryTZaRdzNwqfftkRlmNBBUbPMARwlNqdqmgfRkjmNBBUbYMA,BAAbYZARrdzNqdqmgfRwkjNARmNTTTPBTRleNplR_yszuNyqsltRedhNgyy Requested by Host: ibb.co URL: https://ibb.co/MPQLW6m Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.158.59 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language it-IT,it;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 23:51:51 GMT cf-cache-status MISS last-modified Tue, 19 Sep 2023 23:51:51 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GkcLjBC6oXGgQzaDYk0vS%2FC%2F6RxjgjLKdzGb5BNq0%2BKVlyUt9crmnSfiET026xgBE%2B%2BYHjB36vQB3%2Fy64A2QvESDYDtgzsCGfBiEgUbtR%2FVEaQIP8i6uK59WVoHCSsJZkgO58g%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=864000, immutable accept-ranges bytes x-robots-tag noindex, nofollow, noarchive, nosnippet cf-ray 8095bd3399ad5af4-VIE content-length 0 alt-svc h3=":443"; ma=86400
GET H2	200	bid Show response aax.amazon-adsystem.com/e/dtb/	23 B 455 B	236ms 95ms	XHR text/javascript	108.138.9.235 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fibb.co%2FMPQLW6m&pid=EwDtw8PKPRfIl&cb=1&ws=1600x1200&v=23.829.1852&t=1500&slots=%5B%7B%22sd%22%3A%22vi_22154111432%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A111432%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!pubpower.io%2C467%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22no-cmp%22%7D Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.9.235 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-9-235.fra56.r.cloudfront.net Software Server / Resource Hash 89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4 Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers accept-language it-IT,it;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 23:51:51 GMT strict-transport-security max-age=47474747; includeSubDomains; preload via 1.1 f61953901038b0c4b4c82c311140f1b8.cloudfront.net (CloudFront) server Server x-amz-cf-pop FRA56-P6 x-amz-rid 26XY6PFY2958SDQ8Z22R vary Accept-Encoding,User-Agent x-cache Miss from cloudfront content-type text/javascript;charset=UTF-8 access-control-allow-origin https://ibb.co access-control-allow-credentials true timing-allow-origin * content-length 23 x-amz-cf-id EFHUoybkh38oBQ4En7kaxhp5AjvPlsvAELJchVZMYxHKL1Ww4kJwIQ==
GET H2	200	cc.jpeg px.vliplatform.com/bi-v4/	0 257 B	308ms 192ms	Image image/jpeg	172.67.158.59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNBaYBreZq-PyAB-PywT-MMKy-tMqrMAwAAeaTRdzNwqfftkRlmNKYMbaARwlNqdqmgfRkjmNKYMbaARrdzNqdqmgfRwkjNARmNTTTPBYRleNplR_yszuNyqsltRedhNgyy Requested by Host: ibb.co URL: https://ibb.co/MPQLW6m Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.158.59 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language it-IT,it;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 23:51:51 GMT cf-cache-status MISS last-modified Tue, 19 Sep 2023 23:51:51 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8J0e4UASp0LQdt6s%2F1uRBvhQi0PgWotp6KZyCcKrPP%2FhJg9%2B1ZlyrUbzX7mtGTzGhSjNdyHnKk3PW%2B9o7a9gHoQa2B%2FN8vfFcUP7Uj2Y7bi5Kg83UIa1AD52DUdsRbnMRp5XpQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=864000, immutable accept-ranges bytes x-robots-tag noindex, nofollow, noarchive, nosnippet cf-ray 8095bd3399ae5af4-VIE content-length 0 alt-svc h3=":443"; ma=86400
GET H2	200	bid Show response aax.amazon-adsystem.com/e/dtb/	23 B 455 B	229ms 93ms	XHR text/javascript	108.138.9.235 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fibb.co%2FMPQLW6m&pid=EwDtw8PKPRfIl&cb=2&ws=1600x1200&v=23.829.1852&t=1500&slots=%5B%7B%22sd%22%3A%22vi_22154111430_7%22%2C%22s%22%3A%5B%22970x90%22%5D%2C%22sn%22%3A111430%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%2C%7B%22sd%22%3A%22vi_22154111430_8%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A111430%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!pubpower.io%2C467%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22no-cmp%22%7D Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.9.235 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-9-235.fra56.r.cloudfront.net Software Server / Resource Hash 5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5 Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers accept-language it-IT,it;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 23:51:51 GMT strict-transport-security max-age=47474747; includeSubDomains; preload via 1.1 f61953901038b0c4b4c82c311140f1b8.cloudfront.net (CloudFront) server Server x-amz-cf-pop FRA56-P6 x-amz-rid NH7K1NT4KMMKXMT6NFC6 vary Accept-Encoding,User-Agent x-cache Miss from cloudfront content-type text/javascript;charset=UTF-8 access-control-allow-origin https://ibb.co access-control-allow-credentials true timing-allow-origin * content-length 23 x-amz-cf-id sNc-l9DONjTC51hsvxkc2MkuNpqqjGAZLbXDs0AoeZ_NqyVuAK-_eA==
GET H2	200	cc.jpeg px.vliplatform.com/bi-v4/	0 254 B	302ms 192ms	Image image/jpeg	172.67.158.59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNUUtMPPYY-eZwr-PtPB-aAAw-MTeaABYtUqeaRdzNwqfftkRlmNaKAbaARwlNqdqmgfRkjmNaKAbaARrdzNqdqmgfRwkjNARmNTTTPBARleNplR_yszuNyqsltRedhNgyy Requested by Host: ibb.co URL: https://ibb.co/MPQLW6m Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.158.59 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language it-IT,it;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 23:51:51 GMT cf-cache-status MISS last-modified Tue, 19 Sep 2023 23:51:51 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ko8p2AaEQcKExCt6pLbsP5B2sX%2FohdZQeafTzknXWpG9KCuZMGnyxuiEZAflPLounue9tvL4x8VZ6PW%2BuqPkSfTTPTE9JVzHuFcbp1nKdbaL0vLg7t1nqUwzFwf8XsZsgDuMAA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=864000, immutable accept-ranges bytes x-robots-tag noindex, nofollow, noarchive, nosnippet cf-ray 8095bd3399b05af4-VIE content-length 0 alt-svc h3=":443"; ma=86400
GET H2	200	cc.jpeg px.vliplatform.com/bi-v4/	0 255 B	424ms 314ms	Image image/jpeg	172.67.158.59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNYZYPKqAq-PKMt-PeaT-wAKq-TyYaytMBZeTURdzNwqfftkRlmNKYMbaARwlNqdqmgfRkjmNKYMbaARrdzNqdqmgfRwkjNARmNTTTPBARleNplR_yszuNyqsltRedhNgyy Requested by Host: ibb.co URL: https://ibb.co/MPQLW6m Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.158.59 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language it-IT,it;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 23:51:51 GMT cf-cache-status MISS last-modified Tue, 19 Sep 2023 23:51:51 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BwxNpwFpGKMIlTMByLej1tsdjioDy5cNsVXsukPalfX2xjaVwAXm4vu%2FlcaCq5F0qu98RSOp1c4W2HJPmkCBGEVENrivKD6rFDEdvXlwbDBPNH0tyONdO15VZhay6xRb23xOKA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=864000, immutable accept-ranges bytes x-robots-tag noindex, nofollow, noarchive, nosnippet cf-ray 8095bd3399af5af4-VIE content-length 0 alt-svc h3=":443"; ma=86400
GET H2	200	bid Show response aax.amazon-adsystem.com/e/dtb/	23 B 455 B	187ms 92ms	XHR text/javascript	108.138.9.235 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fibb.co%2FMPQLW6m&pid=EwDtw8PKPRfIl&cb=3&ws=1600x1200&v=23.829.1852&t=1500&slots=%5B%7B%22sd%22%3A%22vi_2215494532_1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A94532%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!pubpower.io%2C467%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22no-cmp%22%7D Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.9.235 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-9-235.fra56.r.cloudfront.net Software Server / Resource Hash 1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3 Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers accept-language it-IT,it;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 23:51:51 GMT strict-transport-security max-age=47474747; includeSubDomains; preload via 1.1 f61953901038b0c4b4c82c311140f1b8.cloudfront.net (CloudFront) server Server x-amz-cf-pop FRA56-P6 x-amz-rid ESR2VCZSNBSDTQ0SY567 vary Accept-Encoding,User-Agent x-cache Miss from cloudfront content-type text/javascript;charset=UTF-8 access-control-allow-origin https://ibb.co access-control-allow-credentials true timing-allow-origin * content-length 23 x-amz-cf-id Ua6Qo6bO33M1al_q-Ad7nBqtBn6NQpUxaFhwvvOSe3o6rrtfiC0Y7g==
GET H2	200	1679645040.png assets.vlitag.com/widget/2023/03/24/	98 KB 99 KB	101ms 99ms	Image image/webp	104.22.58.199 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.vlitag.com/widget/2023/03/24/1679645040.png Requested by Host: ibb.co URL: https://ibb.co/MPQLW6m Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.22.58.199 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c43f2cfd502f8404bf58060207dfd8294ad0c7f1bc08e69db75713552f915795 Request headers accept-language it-IT,it;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 23:51:51 GMT cf-cache-status HIT age 1171286 cf-polished origFmt=png, origSize=323185 content-disposition inline; filename="1679645040.webp" alt-svc h3=":443"; ma=86400 content-length 100856 cf-bgj imgq:85,h2pri last-modified Fri, 24 Mar 2023 08:04:00 GMT server cloudflare etag "641d5970-4ee71" vary Accept content-type image/webp cache-control max-age=16070400 accept-ranges bytes cf-ray 8095bd33396127a6-LYS expires Wed, 06 Sep 2023 10:59:22 GMT
GET H2	200	1648753545.jpg assets.vlitag.com/widget/2022/03/31/	97 KB 97 KB	66ms 64ms	Image image/webp	104.22.58.199 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.vlitag.com/widget/2022/03/31/1648753545.jpg Requested by Host: ibb.co URL: https://ibb.co/MPQLW6m Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.22.58.199 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 191a98003e98b429276e8f3daefd3849a1603a4ddee78efc0168ba41a131a5bb Request headers accept-language it-IT,it;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 23:51:51 GMT cf-cache-status HIT age 1170786 cf-polished qual=85, origFmt=jpeg, origSize=133932 content-disposition inline; filename="1648753545.webp" alt-svc h3=":443"; ma=86400 content-length 99048 cf-bgj imgq:85,h2pri last-modified Thu, 31 Mar 2022 19:05:45 GMT server cloudflare etag "6245fb89-20b2c" vary Accept content-type image/webp cache-control max-age=16070400 accept-ranges bytes cf-ray 8095bd33396227a6-LYS expires Wed, 06 Sep 2023 10:59:22 GMT
GET H2	200	1572962830.jpg assets.vlitag.com/widget/2019/11/05/	170 KB 171 KB	101ms 99ms	Image image/jpeg	104.22.58.199 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.vlitag.com/widget/2019/11/05/1572962830.jpg Requested by Host: ibb.co URL: https://ibb.co/MPQLW6m Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.22.58.199 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a24a1cdd313ab6fa435e1a0f9f4f0395f864a11c9a5ff9610beafe91548d1a8d Request headers accept-language it-IT,it;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 23:51:51 GMT cf-cache-status HIT age 1170786 cf-polished degrade=85, origSize=227959, status=webp_bigger alt-svc h3=":443"; ma=86400 content-length 174276 cf-bgj imgq:85,h2pri last-modified Tue, 05 Nov 2019 14:07:11 GMT server cloudflare etag "5dc1820f-37a77" vary Accept-Encoding content-type image/jpeg cache-control max-age=16070400 accept-ranges bytes cf-ray 8095bd33396327a6-LYS expires Wed, 06 Sep 2023 10:59:22 GMT
GET H2	200	1592801729.jpg assets.vlitag.com/widget/2020/06/22/	74 KB 74 KB	61ms 59ms	Image image/webp	104.22.58.199 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.vlitag.com/widget/2020/06/22/1592801729.jpg Requested by Host: ibb.co URL: https://ibb.co/MPQLW6m Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.22.58.199 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b8341f341848ee9eec71870d976b0895ef1084190c2e0b0349d2ba1c9b9ef64e Request headers accept-language it-IT,it;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 23:51:51 GMT cf-cache-status HIT age 1170786 cf-polished qual=85, origFmt=jpeg, origSize=103053 content-disposition inline; filename="1592801729.webp" alt-svc h3=":443"; ma=86400 content-length 75514 cf-bgj imgq:85,h2pri last-modified Mon, 22 Jun 2020 04:55:29 GMT server cloudflare etag "5ef039c1-1928d" vary Accept content-type image/webp cache-control max-age=16070400 accept-ranges bytes cf-ray 8095bd33396427a6-LYS expires Wed, 06 Sep 2023 10:59:22 GMT
GET H2	200	1572962870.jpg assets.vlitag.com/widget/2019/11/05/	107 KB 107 KB	72ms 71ms	Image image/webp	104.22.58.199 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.vlitag.com/widget/2019/11/05/1572962870.jpg Requested by Host: ibb.co URL: https://ibb.co/MPQLW6m Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.22.58.199 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 45fe766308841d0d4a2068ef014d83df899ef6623f6bb4bde509431657b1c707 Request headers accept-language it-IT,it;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 23:51:51 GMT cf-cache-status HIT age 1170786 cf-polished qual=85, origFmt=jpeg, origSize=151033 content-disposition inline; filename="1572962870.webp" alt-svc h3=":443"; ma=86400 content-length 109336 cf-bgj imgq:85,h2pri last-modified Tue, 05 Nov 2019 14:07:50 GMT server cloudflare etag "5dc18236-24df9" vary Accept content-type image/webp cache-control max-age=16070400 accept-ranges bytes cf-ray 8095bd33396527a6-LYS expires Wed, 06 Sep 2023 10:59:22 GMT
GET H2	200	1596163502.jpg assets.vlitag.com/widget/2020/07/30/	104 KB 105 KB	101ms 99ms	Image image/webp	104.22.58.199 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.vlitag.com/widget/2020/07/30/1596163502.jpg Requested by Host: ibb.co URL: https://ibb.co/MPQLW6m Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.22.58.199 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5db53bf6a77148dae0aece6b6512e4a6bf94603af72e449a0f23ed03e8b96ff3 Request headers accept-language it-IT,it;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 23:51:51 GMT cf-cache-status HIT age 1170786 cf-polished qual=85, origFmt=jpeg, origSize=140376 content-disposition inline; filename="1596163502.webp" alt-svc h3=":443"; ma=86400 content-length 106784 cf-bgj imgq:85,h2pri last-modified Fri, 31 Jul 2020 02:45:02 GMT server cloudflare etag "5f2385ae-22458" vary Accept content-type image/webp cache-control max-age=16070400 accept-ranges bytes cf-ray 8095bd33396627a6-LYS expires Wed, 06 Sep 2023 10:59:22 GMT
GET H2	200	cc.jpeg px.vliplatform.com/bi-v4/	0 255 B	250ms 191ms	Image image/jpeg	172.67.158.59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNrBBrMUwt-yByw-PrrY-MKyK-YeZYAeAAPeaaRdzNwqfftkRlmNBAAbYZARwlNqdqmgfRkjmNBAAbYZARrdzNqdqmgfRwkjNARmNaPZBYRleNplR_yszuNyqsltRedhNgyy Requested by Host: ibb.co URL: https://ibb.co/MPQLW6m Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.158.59 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language it-IT,it;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 23:51:51 GMT cf-cache-status MISS last-modified Tue, 19 Sep 2023 23:51:51 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=phlHaExEeZLJulqFtBIdpGPCQji3%2F7G31beqpuXJ9IqM0MIF937JqLpmhlc0guveQMBe5iPlQV5sATsPJtho0xOK9G0SHxcsjcv4pg7qR%2FCZawcZmgcmRBMyN0ESiCP%2FmcQkjA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=864000, immutable accept-ranges bytes x-robots-tag noindex, nofollow, noarchive, nosnippet cf-ray 8095bd3399b15af4-VIE content-length 0 alt-svc h3=":443"; ma=86400
GET H3	206	videoplayback r2---sn-hpa7knll.googlevideo.com/ Redirect Chain https://media.vlitag.com/vid/?id=6Fk_i-JDmbY&t=y https://redirector.googlevideo.com/videoplayback?expire=1695186195&ei=sygKZZaICqSzsfIPhuiT-AM&ip=184.164.141.146&id=o-AATAvzNeX5TcaTS1l_AZuo5vWCXP08jUNGndn-uz4Uk7&itag=136&aitags=134%2C136%2C160%2C... https://r2---sn-hpa7knll.googlevideo.com/videoplayback?expire=1695186195&ei=sygKZZaICqSzsfIPhuiT-AM&ip=184.164.141.146&id=o-AATAvzNeX5TcaTS1l_AZuo5vWCXP08jUNGndn-uz4Uk7&itag=136&aitags=134%2C136%2C...	326 KB 0	122ms 44ms	Media video/mp4	173.194.18.135 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://r2---sn-hpa7knll.googlevideo.com/videoplayback?expire=1695186195&ei=sygKZZaICqSzsfIPhuiT-AM&ip=184.164.141.146&id=o-AATAvzNeX5TcaTS1l_AZuo5vWCXP08jUNGndn-uz4Uk7&itag=136&aitags=134%2C136%2C160%2C243&source=youtube&requiressl=yes&spc=UWF9f2Lty4t3bSqbK4H6nQSclmiTw00IEuURVCohmg&vprv=1&svpuc=1&mime=video%2Fmp4&ns=hNc338eU2WQqlQ9T6oNhmeEP&gir=yes&clen=33307029&dur=200.909&lmt=1685781129302686&keepalive=yes&fexp=24007246&c=WEB&txp=6216224&n=Eb9xZkv3Bn1BHv3&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgSgncr5A5istbVZ51TZXXoT_Y432Rg6YqeNkhWvu4UOECIExeKHxFnpaL8U6XcD6y_m655sowgaaGOwf3xWGigQt-&cms_redirect=yes&mh=d6&mip=85.190.232.27&mm=31&mn=sn-hpa7knll&ms=au&mt=1695167122&mv=m&mvi=2&pl=24&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhANSqzPg732fdfMPjEUMZ9iDXOG8p4XZwG0Gy4NE-sAVJAiAtGDhQEEG6ePDLUHSwYFNgIhIdaRCp8-q3CkHpvWIzGg%3D%3D Requested by Host: ibb.co URL: https://ibb.co/MPQLW6m Protocol H3 Server 173.194.18.135 , United States, ASN15169 (GOOGLE, US), Reverse DNS mil07s22-in-f7.1e100.net Software gvs 1.0 / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language it-IT,it;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers client-protocol quic date Tue, 19 Sep 2023 23:51:52 GMT x-restrict-formats-hint None x-content-type-options nosniff last-modified Sat, 03 Jun 2023 08:32:09 GMT server gvs 1.0 vary Origin content-type video/mp4 Content-Range bytes 0-33307028/33307029 cache-control private, max-age=18383 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46" Content-Length 33307029 expires Tue, 19 Sep 2023 23:51:52 GMT Redirect headers pragma no-cache date Tue, 19 Sep 2023 23:51:52 GMT x-content-type-options nosniff server ClientMapServer x-frame-options SAMEORIGIN content-type text/html; charset=UTF-8 location https://r2---sn-hpa7knll.googlevideo.com/videoplayback?expire=1695186195&ei=sygKZZaICqSzsfIPhuiT-AM&ip=184.164.141.146&id=o-AATAvzNeX5TcaTS1l_AZuo5vWCXP08jUNGndn-uz4Uk7&itag=136&aitags=134%2C136%2C160%2C243&source=youtube&requiressl=yes&spc=UWF9f2Lty4t3bSqbK4H6nQSclmiTw00IEuURVCohmg&vprv=1&svpuc=1&mime=video%2Fmp4&ns=hNc338eU2WQqlQ9T6oNhmeEP&gir=yes&clen=33307029&dur=200.909&lmt=1685781129302686&keepalive=yes&fexp=24007246&c=WEB&txp=6216224&n=Eb9xZkv3Bn1BHv3&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgSgncr5A5istbVZ51TZXXoT_Y432Rg6YqeNkhWvu4UOECIExeKHxFnpaL8U6XcD6y_m655sowgaaGOwf3xWGigQt-&cms_redirect=yes&mh=d6&mip=85.190.232.27&mm=31&mn=sn-hpa7knll&ms=au&mt=1695167122&mv=m&mvi=2&pl=24&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhANSqzPg732fdfMPjEUMZ9iDXOG8p4XZwG0Gy4NE-sAVJAiAtGDhQEEG6ePDLUHSwYFNgIhIdaRCp8-q3CkHpvWIzGg%3D%3D cache-control no-cache, must-revalidate alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1271 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/ Frame 4F0C	231 KB 81 KB	71ms 70ms	Script application/javascript	142.250.186.72 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-H7LMNP6Q9N&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WXTGF28 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.72 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f8.1e100.net Software Google Tag Manager / Resource Hash 3eecca45ea7797fb38b11b1f998ccda03160e9f31c127331b401b942ae10cac4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language it-IT,it;q=0.9 Referer https://pt.protoawe.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 23:51:51 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 82813 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 19 Sep 2023 23:51:51 GMT
GET H2	200	CO8.gif pt.protoawe.com/8PXP7/ Frame 4F0C	43 B 295 B	61ms 61ms	Image image/gif	93.93.51.191 DOCLER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://pt.protoawe.com/8PXP7/CO8.gif?psprogram=revs&pstool=212_1&site=jsm&campaign_id=&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&psid=mesaction&categoryName=girl&vp%5BautoPlay%5D=1&vp%5BshowChat%5D=0&vp%5BchatAutoHide%5D=0&im=1 Requested by Host: ibb.co URL: https://ibb.co/MPQLW6m Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 93.93.51.191 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers accept-language it-IT,it;q=0.9 Referer https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 23:51:51 GMT last-modified Mon, 28 Sep 1970 06:00:00 GMT server unknown content-type image/gif access-control-allow-origin * cache-control no-cache content-length 43 expires Tue, 19 Sep 2023 23:51:50 GMT
GET H3	200	pubcid.min.js Show response cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/	732 B 1 KB	104ms 60ms	Script application/javascript	104.16.89.20 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language it-IT,it;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 23:51:51 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 35930 x-jsd-version master content-encoding br x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-served-by cache-fra-eddf8230042-FRA, cache-jnb7027-JNB x-jsd-version-type branch server cloudflare etag W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nc7Q4WCsa%2FiNriOWAHggZZIJv07qYN4yhUBwNbEaGhpR3ypEBfibv%2FfdyeOy43sJrSiR6rCiZ2OVwBlAxhePujnst4Ag8ApO7yVTqv0sd99Vbg23s%2FPdjf7JhB0Z6gIgVKw%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 timing-allow-origin * cf-ray 8095bd34fbdba325-FCO
GET H2	200	esp.js Show response cdn.id5-sync.com/api/1.0/	139 KB 31 KB	197ms 63ms	Script text/javascript	172.67.38.106 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.id5-sync.com/api/1.0/esp.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.38.106 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ccebb3668d65d3268223556ecdbe14e98305dd0abeffe6308c75e7fb21188fc5 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload Request headers accept-language it-IT,it;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 23:51:51 GMT strict-transport-security max-age=15552000; includeSubDomains; preload content-encoding gzip cf-cache-status HIT last-modified Fri, 08 Sep 2023 09:30:49 GMT server cloudflare x-amz-request-id 01Z2436RQ6GYNX7A age 2325 etag W/"1a5f44cdb786ba83a7fa05963228f464" x-amz-server-side-encryption AES256 vary Accept-Encoding content-type text/javascript;charset=utf-8 cache-control public, max-age=3600 cf-ray 8095bd358f5b279b-LYS x-amz-id-2 bOF6tXA0TwWkVTsZZvoOjiRUm6J7nCuAPvZ8qiH9dnkZW1iBybiY1c4WadznIBzC93/h+5Qggvk=
GET H2	200	publishertag.ids.js Show response static.criteo.net/js/ld/	43 KB 14 KB	219ms 92ms	Script text/javascript	178.250.1.3 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/js/ld/publishertag.ids.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash c746ca687b3e79023240e45eb684f036fd9a1312b454758a6018b3ece635dafb Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language it-IT,it;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 23:51:51 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Thu, 07 Sep 2023 09:22:37 GMT server nginx etag W/"64f9965d-ab99" content-type text/javascript access-control-allow-origin * cache-control max-age=86400, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Wed, 20 Sep 2023 23:51:51 GMT
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	28 KB 12 KB	364ms 358ms	XHR text/plain	142.250.186.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1979321753368533&correlator=515650426640964&eid=31077366%2C31077696%2C31070232&output=ldjh&gdfp_req=1&vrg=202309140101&ptt=17&impl=fifs&iu_parts=21724377464%3A22155214454%2Cibb.co_vli94532&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&sfv=1-0-40&fsfs=1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1695167511750&lmt=1695160311&adxs=985&adys=265&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fibb.co%2FMPQLW6m&vis=1&psz=300x-1&msz=300x-1&fws=0&ohw=0&ga_vid=984353190.1695167512&ga_sid=1695167512&ga_hid=1361524163&ga_fc=false&a3p=EhkKCnB1YmNpZC5vcmcYwvnt_qoxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGML57f6qMUgAUgIIZBIbCgxpZDUtc3luYy5jb20Ywvnt_qoxSABSAghk&dlt=1695167510128&idt=1474&prev_scp=vli_adslot%3D94532%26vli_acc%3D152media%26vli_adtype%3Ddisplay%26hb_width%3D300%26hb_height%3D250%26pw_tagid%3D94532%26vli_sf%3D1%26pw_network%3Dtrue%26vli_ad_type%3Dpassback%26pw_pb%3D0.01&cust_params=hb_domain%3Dibb.co&adks=902507607&frm=20 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f2.1e100.net Software cafe / Resource Hash 039c7744adef9f14ef0b030fe9ef597a8d62766d1dccad307cbc517bf68fe139 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language it-IT,it;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 23:51:52 GMT content-encoding br x-content-type-options nosniff observe-browsing-topics ?1 google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12440 x-xss-protection 0 google-lineitem-id 5877303303 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id 138377370654 content-type text/plain; charset=UTF-8 access-control-allow-origin https://ibb.co cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	cc.jpeg px.vliplatform.com/bi-v4/	0 260 B	219ms 212ms	Image image/jpeg	172.67.158.59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNZZZteqPT-qUqA-PMMq-qUYt-YTyrTYUqUZPeRdzNwqfftkRwlNqrb_TZYdtroqRkjmNBAAbYZARrdzNuggustRwkjNTRmNaPZBYRleNplR_yszuNyqsltRedhNgyy Requested by Host: ibb.co URL: https://ibb.co/MPQLW6m Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.158.59 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language it-IT,it;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 23:51:51 GMT cf-cache-status MISS last-modified Tue, 19 Sep 2023 23:51:51 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4YjqKKld5p77%2BtnVTrEuKFe53fbl7e%2F25PSUzkZqFCJUafctb5iVM3F%2BAGHup%2FqH96fQlBYW2jXwapBgpS8GjHxey%2F6UiLE8VyYY9iLzKTPXjP0vQwYqB5CaHOo0m5goHqZHrQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=864000, immutable accept-ranges bytes x-robots-tag noindex, nofollow, noarchive, nosnippet cf-ray 8095bd34c9d35af4-VIE content-length 0 alt-svc h3=":443"; ma=86400
GET H2	200	container.html Show response c51d4dfe96c8411fa6426238f9bfcf50.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C53A	6 KB 3 KB	239ms 61ms	Document text/html	142.250.185.225 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://c51d4dfe96c8411fa6426238f9bfcf50.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.225 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f1.1e100.net Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ibb.co/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 accept-language it-IT,it;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Tue, 19 Sep 2023 23:51:51 GMT expires Wed, 18 Sep 2024 23:51:51 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	46 KB 16 KB	349ms 348ms	XHR text/plain	142.250.186.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1979321753368533&correlator=2889106134481865&eid=31077366%2C31077696%2C31070232&output=ldjh&gdfp_req=1&vrg=202309140101&ptt=17&impl=fifs&iu_parts=21724377464%3A22155214454%2Cibb.co_vli111431&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=2&sfv=1-0-40&fsfs=1&ists=1&fas=8&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1695167511795&lmt=1695160311&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fibb.co%2FMPQLW6m&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=984353190.1695167512&ga_sid=1695167512&ga_hid=1361524163&ga_fc=false&a3p=EhkKCnB1YmNpZC5vcmcYwvnt_qoxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGML57f6qMUgAUgIIZBIbCgxpZDUtc3luYy5jb20Ywvnt_qoxSABSAghk&dlt=1695167510128&idt=1474&prev_scp=vli_adslot%3D111431%26vli_acc%3D152media%26vli_adtype%3Ddisplay%26hb_width%3D336%26hb_height%3D280%26vli_sf%3D1%26vli_slot%3Dvi_22154111431_banner%26pw_tagid%3D111431%26pw_network%3Dtrue%26vli_ad_type%3Dpassback%26pw_pb%3D0.01&cust_params=hb_domain%3Dibb.co&adks=988992857&frm=20 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f2.1e100.net Software cafe / Resource Hash a4a3b6c2bd29a3b69797ecb0ef7d9e59c669fdb3cadba1560af9db8271729f5f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language it-IT,it;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 23:51:52 GMT content-encoding br x-content-type-options nosniff observe-browsing-topics ?1 google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 16112 x-xss-protection 0 google-lineitem-id 5877303303 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id 138377346455 content-type text/plain; charset=UTF-8 access-control-allow-origin https://ibb.co cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	cc.jpeg px.vliplatform.com/bi-v4/	0 258 B	193ms 189ms	Image image/jpeg	172.67.158.59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNUwMPMtar-ZyqT-Para-aZBZ-MZAaaeaaeBrBRdzNwqfftkRwlNqrb_TZYdtroqRkjmNBYAbPMA,BBUbYMA,BAAbYZARrdzNuggustRwkjNTRmNTTTPBTRleNplR_yszuNyqsltRedhNgyy Requested by Host: ibb.co URL: https://ibb.co/MPQLW6m Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.158.59 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language it-IT,it;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 23:51:51 GMT cf-cache-status MISS last-modified Tue, 19 Sep 2023 23:51:51 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L9iAB7aDvhSaprXbLke6LzOsDc3BrsaDSx40EEm%2FnaVNtUGtVG7ehwPgLjjDYVOZmhev4FvF65gKMPi4HHdV1Y7JxTAV4ssP21XxypmXK0D3ARI1jF%2Bg%2Be6Zc1k%2Bv%2BnIIh68cA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=864000, immutable accept-ranges bytes x-robots-tag noindex, nofollow, noarchive, nosnippet cf-ray 8095bd34e9db5af4-VIE content-length 0 alt-svc h3=":443"; ma=86400
GET H3	200	pubads_impl_page_level_ads.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/	38 KB 13 KB	63ms 59ms	Script text/javascript	142.250.186.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/pubads_impl_page_level_ads.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f2.1e100.net Software cafe / Resource Hash f0b6ecf9b0675055a440c13b8a67530fef79d28cb582bcd31a77e15b50b72368 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language it-IT,it;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 13:12:16 GMT content-encoding br x-content-type-options nosniff age 38375 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13639 x-xss-protection 0 server cafe etag 15988943048180208822 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 timing-allow-origin * expires Wed, 18 Sep 2024 13:12:16 GMT
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	39 KB 15 KB	379ms 378ms	XHR text/plain	142.250.186.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1979321753368533&correlator=1261705376925827&eid=31077366%2C31077696%2C31070232&output=ldjh&gdfp_req=1&vrg=202309140101&ptt=17&impl=fifs&iu_parts=21724377464%3A22155214454%2Cibb.co_vli111430&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90&ifi=3&sfv=1-0-40&fsfs=1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1695167511985&lmt=1695160311&adxs=436&adys=1226&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fibb.co%2FMPQLW6m&vis=1&psz=1600x-1&msz=728x-1&fws=512&ohw=0&ga_vid=984353190.1695167512&ga_sid=1695167512&ga_hid=1361524163&ga_fc=false&a3p=EhkKCnB1YmNpZC5vcmcYwvnt_qoxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGML57f6qMUgAUgIIZBIbCgxpZDUtc3luYy5jb20Ywvnt_qoxSABSAghk&dlt=1695167510128&idt=1474&prev_scp=vli_adslot%3D111430%26vli_acc%3D152media%26vli_adtype%3Ddisplay%26hb_width%3D970%26hb_height%3D90%26pw_tagid%3D111430%26vli_sf%3D1%26pw_network%3Dtrue%26vli_ad_type%3Dpassback%26pw_pb%3D0.01&cust_params=hb_domain%3Dibb.co&adks=3672933460&frm=20 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f2.1e100.net Software cafe / Resource Hash 8329043d8aef21dd59da8a2ca26f1fc9a75ce592a99ddac94e9a7168b00ee516 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language it-IT,it;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 23:51:52 GMT content-encoding br x-content-type-options nosniff observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15712 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://ibb.co cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	cc.jpeg px.vliplatform.com/bi-v4/	0 522 B	190ms 190ms	Image image/jpeg	172.67.158.59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNrYaKaZwK-UPPy-PwYa-MtYq-YewKTZyaqMTMRdzNwqfftkRwlNqrb_TZYdtroqRkjmNKYMbaA,aKAbaARrdzNuggustRwkjNTRmNTTTPBARleNplR_yszuNyqsltRedhNgyy Requested by Host: ibb.co URL: https://ibb.co/MPQLW6m Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.158.59 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language it-IT,it;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 23:51:52 GMT cf-cache-status MISS last-modified Tue, 19 Sep 2023 23:51:52 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1SIpoNhb9%2BePoqj7mL%2FilCQI9jDa5n8zZeSOEEYLVyPkF1%2BcSes6Xr1rdGIaxtBdyZZZzuehwanGzRcrkJX%2BSIsLI5xQc04eI48RKSVNXmtSiuOHENRgAud8UnsUxnOXnUZGTQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=864000, immutable accept-ranges bytes x-robots-tag noindex, nofollow, noarchive, nosnippet cf-ray 8095bd361fb800c6-CDG content-length 0 alt-svc h3=":443"; ma=86400
GET H2	200	syncframe Show response gum.criteo.com/ Frame 988D	15 KB 6 KB	196ms 65ms	Document text/html	178.250.7.13 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=ibb.co Requested by Host: static.criteo.net URL: https://static.criteo.net/js/ld/publishertag.ids.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash dcccb2680f053e97760df92d73620611629aba41492d27f770828f780d84b302 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://ibb.co/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 accept-language it-IT,it;q=0.9 Response headers cache-control private, max-age=3600 content-encoding gzip content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Tue, 19 Sep 2023 23:51:51 GMT server Kestrel server-processing-duration-in-ticks 220901 strict-transport-security max-age=31536000; preload; vary Accept-Encoding
GET H/1.1	204	increment Show response id5-sync.com/api/esp/	0 315 B	180ms 57ms	XHR text/plain	162.19.138.117 OVH
General Check archive.org Show headers Download Go to Full URL https://id5-sync.com/api/esp/increment?counter=no-config Requested by Host: cdn.id5-sync.com URL: https://cdn.id5-sync.com/api/1.0/esp.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR), Reverse DNS ns31533568.ip-162-19-138.eu Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Referer https://ibb.co/ accept-language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://ibb.co date Tue, 19 Sep 2023 23:51:51 GMT strict-transport-security max-age=63072000; includeSubDomains; preload access-control-allow-credentials true vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
GET		container.html c51d4dfe96c8411fa6426238f9bfcf50.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2D66	0 0
GET H2	200	adtag.js Show response dsp.vlitag.com/js/v1/ Frame 1C7F	102 KB 26 KB	77ms 67ms	Script application/javascript	104.22.58.199 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dsp.vlitag.com/js/v1/adtag.js Requested by Host: services.vlitag.com URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.22.58.199 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 44d1c878ee2c022361cfcae57d526f0c92c2c42f553973579c07fcebeac26502 Request headers accept-language it-IT,it;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 23:51:52 GMT content-encoding br cf-cache-status HIT cf-bgj minify server cloudflare age 117 cf-polished origSize=104022 etag W/"2023-09-19T02:46:59" vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control public, max-age=300, stale-while-revalidate=3600 x-robots-tag noindex, nofollow, noarchive, nosnippet cf-ray 8095bd376adc27a6-LYS alt-svc h3=":443"; ma=86400
GET H2	200	container.html Show response c51d4dfe96c8411fa6426238f9bfcf50.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 57A1	6 KB 3 KB	55ms 54ms	Document text/html	142.250.185.225 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://c51d4dfe96c8411fa6426238f9bfcf50.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.225 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f1.1e100.net Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ibb.co/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 accept-language it-IT,it;q=0.9 Response headers accept-ranges bytes age 1 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Tue, 19 Sep 2023 23:51:51 GMT expires Wed, 18 Sep 2024 23:51:51 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	json Show response gum.criteo.com/sid/ Frame 988D	433 B 555 B	63ms 63ms	Fetch application/json	178.250.7.13 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/sid/json?origin=publishertagids&domain=ibb.co&sn=ChromeSyncframe&so=0&topUrl=ibb.co&cw=1&lsw=1&topicsavail=0&fledgeavail=0 Requested by Host: gum.criteo.com URL: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=ibb.co Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 499ba3cd48ea107b09d32e6c077bde4d5cfcdbda574c84b7af7500d805f8ccc5 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language it-IT,it;q=0.9 Referer https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=ibb.co User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Tue, 19 Sep 2023 23:51:52 GMT strict-transport-security max-age=31536000; preload; content-encoding gzip server Kestrel vary Accept-Encoding content-type application/json; charset=utf-8 cache-control no-cache, no-store, must-revalidate server-processing-duration-in-ticks 1046165 expires 0
GET H2	200	css2 fonts.googleapis.com/ Frame 57A1	4 KB 767 B	66ms 65ms	Stylesheet text/css	142.250.74.202 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap Requested by Host: c51d4dfe96c8411fa6426238f9bfcf50.safeframe.googlesyndication.com URL: https://c51d4dfe96c8411fa6426238f9bfcf50.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.74.202 Old Bridge, United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s02-in-f10.1e100.net Software ESF / Resource Hash 2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language it-IT,it;q=0.9 Referer https://c51d4dfe96c8411fa6426238f9bfcf50.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Tue, 19 Sep 2023 23:51:52 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 19 Sep 2023 22:27:07 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 19 Sep 2023 23:51:52 GMT
GET H2	200	ext.js Show response tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame A0C2	24 KB 7 KB	178ms 56ms	Script text/javascript	142.250.184.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js Requested by Host: ibb.co URL: https://ibb.co/MPQLW6m Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f1.1e100.net Software sffe / Resource Hash 08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language it-IT,it;q=0.9 Referer https://c51d4dfe96c8411fa6426238f9bfcf50.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 07:26:10 GMT content-encoding br x-content-type-options nosniff age 59142 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6402 x-xss-protection 0 last-modified Thu, 03 Nov 2022 19:10:08 GMT server sffe vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control public, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Wed, 18 Sep 2024 07:26:10 GMT
GET H3	200	creative.js Show response cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame A0C2	26 KB 9 KB	46ms 45ms	Script application/javascript	104.16.89.20 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js Requested by Host: ibb.co URL: https://ibb.co/MPQLW6m Protocol H3 Security QUIC, , AES_128_GCM Server 104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e0bfcf41c566f571ea252620518b4bee4496dba2b1df9a1aa3e436f81592e1b0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language it-IT,it;q=0.9 Referer https://c51d4dfe96c8411fa6426238f9bfcf50.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 23:51:52 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 3303 x-jsd-version 1.15.0 content-encoding br x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-served-by cache-fra-eddf8230064-FRA, cache-yyz4549-YYZ x-jsd-version-type version server cloudflare etag W/"6658-uUC6DsKFQz3nsj0JP3lp528lwJQ" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7X8Jyn2Sp1bMJmpDmI%2BOEIpbB2SPETQX9yB%2BMGP6X3w7Q5JYjcerTVEc%2FALBegGJMecEtJaZJRa%2BlG34ie1z8MB3%2FIPe47ZacRJjxY9QjKIRlzsHWTw7dNcUrRtm9o%2FZmvA%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 timing-allow-origin * cf-ray 8095bd37ea17a325-FCO
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame A0C2	182 KB 57 KB	220ms 73ms	Script text/javascript	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: ibb.co URL: https://ibb.co/MPQLW6m Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software sffe / Resource Hash 04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language it-IT,it;q=0.9 Referer https://c51d4dfe96c8411fa6426238f9bfcf50.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 23:51:52 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 57988 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1694604874705780" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Tue, 19 Sep 2023 23:51:52 GMT
GET H2	200	interstitial_ad_frame_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230918/r20110914/elements/html/ Frame 57A1	20 KB 9 KB	171ms 52ms	Script text/javascript	142.250.184.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/elements/html/interstitial_ad_frame_fy2021.js Requested by Host: c51d4dfe96c8411fa6426238f9bfcf50.safeframe.googlesyndication.com URL: https://c51d4dfe96c8411fa6426238f9bfcf50.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f1.1e100.net Software cafe / Resource Hash bd91080d2c7f2120ad82727f5c07bbb439b810ed4035993ddb1825ca1611396b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language it-IT,it;q=0.9 Referer https://c51d4dfe96c8411fa6426238f9bfcf50.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 20:01:15 GMT content-encoding br x-content-type-options nosniff age 13837 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8566 x-xss-protection 0 server cafe etag 5625731030761120726 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 03 Oct 2023 20:01:15 GMT
GET H2	200	bidding Show response adsystem.pocpoc.io/adv/v1/ Frame 1C7F	2 B 575 B	319ms 178ms	XHR application/json	104.26.14.167 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://adsystem.pocpoc.io/adv/v1/bidding?dv=desktop&dm=ibb.co&tid=VLI1-94532&sz=1&asz=300x250&at=native,banner Requested by Host: dsp.vlitag.com URL: https://dsp.vlitag.com/js/v1/adtag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.14.167 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 Request headers accept-language it-IT,it;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 23:51:52 GMT cf-cache-status BYPASS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 content-length 2 pragma no-cache server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xWT8tz8VHdFPtjoXW4F2yYzq2V14kIb%2BEtB7Z57ukZ1DVscPV8hnwsIz2dP6UHwjUpxR5%2BWNqHFB7grEA1Yq4E8q15n4VgLaIaaaOm%2BwA9Af5pEbyBxi1BlM%2Be4gLAt8wz8xog%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 access-control-allow-origin https://ibb.co cache-control no-cache, no-store, must-revalidate accept-ranges bytes x-robots-tag noindex, nofollow, noarchive, nosnippet cf-ray 8095bd390c520411-CDG expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	tfa.jpeg px.pocpoc.io/v1/ Frame 1C7F	0 507 B	314ms 188ms	Image image/jpeg	172.67.75.64 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://px.pocpoc.io/v1/tfa.jpeg?e=rtNrtl0zghRzdNaByweqAZ-aaBU-PYet-MeMa-KaaMBYqePyAYRrdNowwGegRzorNcsoT-aPZBYRleNpl Requested by Host: ibb.co URL: https://ibb.co/MPQLW6m Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.75.64 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language it-IT,it;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 23:51:52 GMT cf-cache-status MISS last-modified Tue, 19 Sep 2023 23:51:52 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gsrN5sUTv8voHSoynrdn6y04r5wQT%2FEd55LfM%2FiDLghqPOzx%2BrtREsPefEriQ5IUh3xLBR%2FLbTqwH88v0aC9oFAELLlSDXSszlZNUjjIbIE960h4ZuDDLds27TFhVQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, immutable, max-age=864000 accept-ranges bytes x-robots-tag noindex, nofollow, noarchive, nosnippet cf-ray 8095bd38eee25a5f-VIE content-length 0 alt-svc h3=":443"; ma=86400
GET H3	200	container.html Show response c51d4dfe96c8411fa6426238f9bfcf50.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 10BD	6 KB 3 KB	62ms 52ms	Document text/html	142.250.185.225 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://c51d4dfe96c8411fa6426238f9bfcf50.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.225 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f1.1e100.net Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ibb.co/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 accept-language it-IT,it;q=0.9 Response headers accept-ranges bytes age 1 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Tue, 19 Sep 2023 23:51:51 GMT expires Wed, 18 Sep 2024 23:51:51 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	cc.jpeg px.vliplatform.com/imp-v4/	0 488 B	189ms 189ms	Image image/jpeg	172.67.158.59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://px.vliplatform.com/imp-v4/cc.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNeayqwTyA-aqYA-PKtK-qYtw-BBPUeKTqTryMRqxeNRwNqrb_TZYdtroqRhNARlmNxfrtyoftrbxfrtyoftrRdzNwqfftkRrdzNuggustRwkhNzkxtRmNTTTPBARleNplR_yszuNyqsltRedhNgyy Requested by Host: ibb.co URL: https://ibb.co/MPQLW6m Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.158.59 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language it-IT,it;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 23:51:52 GMT cf-cache-status MISS last-modified Tue, 19 Sep 2023 23:51:52 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XBWb3z4VfrOPanaxqXIdPWi52SsxFMAuHhf1CY8oblyV6%2BM6Fo9VifYfi67iAjQDdBKR%2BkyyD%2BqIIGdL%2BJI3AQAOIaZ2JgtQLKpqHzqagWVFCglzW3Fz%2BRfdpb8pMBb8PYmMDA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=864000, immutable accept-ranges bytes x-robots-tag noindex, nofollow, noarchive, nosnippet cf-ray 8095bd38995e00c6-CDG content-length 0 alt-svc h3=":443"; ma=86400
GET H2	200	ab Show response ams3-ib.adnxs.com/ Frame 10BD	12 KB 6 KB	194ms 66ms	Script application/javascript	185.89.210.141 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ams3-ib.adnxs.com/ab?ro=1&an_audit=0&referrer=https%3A%2F%2Fibb.co%2FMPQLW6m&e=wqT_3QLPFuhPCwAAAwDWAAUBCJjoqKgGEIy0xr76p8-KKxgAKjYJW1oNiXssnT8RjRgsi3ihlz8ZAAAAoJmZBUAhjQ0SBClcDSQAMQkbqMk_MJU2OLUBQKtaSAJQjuLysgFY0ccBYABosDF44PYFgAEBigEDVVNEkgEBBuCYAdgFoAFaqAEBsAEAuAECwAEFyAEC0AEA2AEA4AEA8AEAigJodWYoJ2EnLCA2MTc2Mjg4LCAwKTsBFCxpJywgNzQ3NDI2NiwRFCxnJywgMjE2NzY0MDMVFSxjJywgNTY3MjgxMTkVFTByJywgMzc1MTczMzkwBRbwsJICvQ4hOFlBdWFRaTN0SVliRUk3aThySUJHQUFnMGNjQk1BRTRBRUFBU0t0YVVKVTJXQUJnX19fX193OW9BSEFCZUFHQUFRR0lBUUdRQVFHWUFRR2dBUUtvQVFLd0FRQzVBYjB3VmlLZkxKMF93UUc5TUZZaW55eWRQOGtCQUFBQW9Odks1al9aQVFBQUFBQUFBUEFfNEFIYW1NZ0Q5UUh5Wk9rOG1BSUFvQUlBdFFJQQElCHZRSQEH8HlBd0FJQnlBSUIwQUlCMkFJQjRBSUE2QUlBLUFJQWdBTUJtQU1Cb2dNVENMblp4U3dRQ2hnQkxkMVdOajh5QTNWdWE3b0RDVUZOVXpNNk5qRTBOdUFEeEVTQUJMbTgtZ3VJQkwyOC1ndVFCQUNZQkFTcUJOVUhDUF9fXyUBIQQERVEBBxEBCEFSahELFF9fXzhCSTYsAABvARYRAQhBVEQRCwUsAE8yLAAERkEBFhEBBEFVNlgAAFU2LAAAWREoAQEEQVc2WAAAYTYsAAB3ASQRAQRBWDZYAAhnQUgRGwWUAGk6EAAAazoQAABtOhAAAG86EAAAcToQAABzOhAAAHU6EAAAdzoQAAB5OhAAADA6EAAAMjoQAAA0OhAAADY6EAAAODoQAAAtOhAACGdBTAH5DQEIOEJpOhAAAGs6EAAAbToQAABvOhAAAHE6EAAAczoQAAB1OhAAAHc6EAAAeToQAAAwOhAAADI6EAAANDoQAAA2OhAAADg6EAAALToQAARnQS4tAiEANhAAAGs6EAAAbToQAABvOhAAAHE6EAAAczoQAAB1OhAAAHc6EAAAeToQAAAwOhAAADI6EAAANDoQAAA2OhAAADg6EAAALToQAAhnQVQt_AEBIQA2EAAAazoQAABtOhAAAG86EAAAcToQAABzOhAAAHU6EAAAdzoQAAB5OhAAADA6EAAAMjoQAAA0OhAAADY6EAAAODoQAAAtOhAACGdBWAH5DQEhADYQAABrOhAAAG06EAAId1FRpZgFAQhNa0UFCAUBGERZQkFEeEIFDAkBHGlBV0NNS2tGCQ4YQUE4RC14Qh0_CHdRVREbCEFBTS4oAARfUi4oAAAyFSjARHdQLUFGb1Jid0JmT0Nxd3I0QmFEOC1BS0NCZ05WVTBTSUJnU1FCZ0dZQmdDaEJnQRVgIHFBWUVzZ1lrQx2AAEUdDABHHQwASR0MOHVBWUuaApkBIW5CREhtdzpBByhOSEhBU0FBS0FBeBVqEEFBNkNV3XEUa0RFUkVrDR8MRHdQMT00AEYRGAxBQUFHHRgARx0YAEgdGBBIZ0FpUREQyER3UHcuLtgC8AbgAmbqAhZodHRwczovL2liYi5jby9NUFFMVzZt8gIRCgZBRFZfSUQSBxprCDDyAhIKBkNQR19JRBIIHlcIGPICCgoFQ1ABFBgBMPICDQoIATYMRlJFUREQHFJFTV9VU0VSBRAADAkgGENPREUSAPIBDwFREQ8QCwoHQ1AVDhAQCgVJTwFZAAca2AgA8gEhBElPFSE4EwoPQ1VTVE9NX01PREVMASsUAPICGgoWMhYAHExFQUZfTkFNBXEIHgoaNh0ACEFTVAE-EElGSUVEAT4cDQoIU1BMSVQBTfBtATCAAwCIAwGQAwCYAwmgAwGqAwDAA9gEyAMA2AOri8EB4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANIEDzExNTYzI0FNUzM6NjE0NtoEAggB4AQB8AQSHwogiAUBmAUAoAX_EQEYAcAFAMkFAAUBFPA_0gUJCQULQAAAANgFAeAFAfAFpNoC-gUEAW8okAYAmAYAuAYAwQYBITAAAPA_0Aa1RNoGFgoQCREZAQGdYOAGAfIGAggAgAcBiAcAoAcByAfg9gXSBw0VZAEmCNoHBgFdwBgA4AcA6gcCCADwB4kBiggCEACVCAAAgD-YCAHACPAG0ggOCIGChIiQoMCAARACGAA.&s=b265e340e1189336151ee354b8a5ec0dcb31b726&pp=ZQo0GAAAvJ4IVQoHAAezmElpHGvbR1R6bVFE1Q&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCO9lmGDQKZZ75AoeU1PIPmOeesArS4Nfgbo-ktpOTCsCNtwEQASAAYP2KooTUEoIBF2NhLXB1Yi0zOTYwMDk1NzA5OTMwMTM0yAEJ4AIAqAMByAMCqgSKAk_Qxt-vW00HzoUfYuNlbh39gPhX1rHyL3R7aYtKoqa9Wt2gpRw7fPbjP0eGzn9d8gTMkxRPA0nGbzwRdQCKFCuIs8RdC9gSbvrO0VtheN1xpV3nD7cn336qxismYfuNYSDCc4G3ufGlj2vdW0w4F4cIM1ad1Pn8TwgmvuNMt1zQZ_cBtlwfCrPQPtFX3wXL20rIoYh4UkWOZCSYT2D_Vz_7zgkC4KFlFt6VxeyFTYVhBWRXVLzhDoEtEn31oSgTmwbr53eBLHwvPaAgCgkEpg0Qq88Jne9yCp_MZvglEYFrzxq78gY4ieluKLu38rXlzhZHW3chaiylOcRSH_6nF5021szp7fRwLBHX4AQBgAbtwbH06PrVjU6gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0FG-tOI4KOxuaGq6N2E3rvh4Itjg%26client%3Dca-pub-3960095709930134%26adurl%3D Requested by Host: c51d4dfe96c8411fa6426238f9bfcf50.safeframe.googlesyndication.com URL: https://c51d4dfe96c8411fa6426238f9bfcf50.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.21.3 / Resource Hash 886b991c8562415a389e57b277adf9548e4e45ca062c232382897dc5a9e249c0 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language it-IT,it;q=0.9 Referer https://c51d4dfe96c8411fa6426238f9bfcf50.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 23:51:52 GMT content-encoding gzip x-creative-id 375173390 p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" x-proxy-origin 85.190.232.27; 85.190.232.27; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com x-xss-protection 0 pragma no-cache an-x-request-uuid 96cc2506-c7ea-47f5-bb2b-5efa987d5d66 server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/ Frame 10BD	3 KB 1 KB	54ms 52ms	Script text/javascript	142.250.184.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/window_focus_fy2021.js Requested by Host: c51d4dfe96c8411fa6426238f9bfcf50.safeframe.googlesyndication.com URL: https://c51d4dfe96c8411fa6426238f9bfcf50.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f1.1e100.net Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language it-IT,it;q=0.9 Referer https://c51d4dfe96c8411fa6426238f9bfcf50.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 17:26:38 GMT content-encoding br x-content-type-options nosniff age 23114 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 03 Oct 2023 17:26:38 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/ Frame 10BD	20 KB 8 KB	55ms 54ms	Script text/javascript	142.250.184.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/qs_click_protection_fy2021.js Requested by Host: c51d4dfe96c8411fa6426238f9bfcf50.safeframe.googlesyndication.com URL: https://c51d4dfe96c8411fa6426238f9bfcf50.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f1.1e100.net Software cafe / Resource Hash 096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language it-IT,it;q=0.9 Referer https://c51d4dfe96c8411fa6426238f9bfcf50.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 19:58:30 GMT content-encoding br x-content-type-options nosniff age 14002 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8275 x-xss-protection 0 server cafe etag 7349537481621356269 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 03 Oct 2023 19:58:30 GMT
GET H2	200	ext.js Show response tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 10BD	24 KB 6 KB	62ms 61ms	Script text/javascript	142.250.184.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js Requested by Host: c51d4dfe96c8411fa6426238f9bfcf50.safeframe.googlesyndication.com URL: https://c51d4dfe96c8411fa6426238f9bfcf50.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f1.1e100.net Software sffe / Resource Hash 08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language it-IT,it;q=0.9 Referer https://c51d4dfe96c8411fa6426238f9bfcf50.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 07:26:10 GMT content-encoding br x-content-type-options nosniff age 59142 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6402 x-xss-protection 0 last-modified Thu, 03 Nov 2022 19:10:08 GMT server sffe vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control public, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Wed, 18 Sep 2024 07:26:10 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 10BD	182 KB 57 KB	131ms 131ms	Script text/javascript	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: c51d4dfe96c8411fa6426238f9bfcf50.safeframe.googlesyndication.com URL: https://c51d4dfe96c8411fa6426238f9bfcf50.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software sffe / Resource Hash 04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language it-IT,it;q=0.9 Referer https://c51d4dfe96c8411fa6426238f9bfcf50.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 23:51:52 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 57988 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1694604874705780" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Tue, 19 Sep 2023 23:51:52 GMT
GET H2	200	creative.min.js Show response static.vliplatform.com/plugins/pbnative/ Frame 1C7F	36 KB 9 KB	90ms 81ms	Script application/javascript	172.67.158.59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.vliplatform.com/plugins/pbnative/creative.min.js?v=1.05 Requested by Host: dsp.vlitag.com URL: https://dsp.vlitag.com/js/v1/adtag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.158.59 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 03a4b8eeed06bd5b9c5a4a3f160407a0417175cc2068df1a2a37b67b821c0e8c Request headers accept-language it-IT,it;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 23:51:52 GMT content-encoding br cf-cache-status HIT last-modified Tue, 29 Aug 2023 09:09:42 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1164205 etag W/"64edb5d6-8eb1" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e3j9VxFntz6lKUdCzmAxJbnOdyMA8F7IwJ6ioAWZyc6pHsO3M0lRJnP6cLkyTqAUHU%2Fj2SzzWa%2BiyHAg1by0A7MdDLdSebHTXYr6nLV%2BtEtIUCEOXF%2FW3BvGtkNhbUMdst0fAjLySQU%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=31536000 cf-ray 8095bd3a6aaf5af4-VIE alt-svc h3=":443"; ma=86400 expires Wed, 06 Sep 2023 12:58:27 GMT
GET H2	200	imp Show response impit.tradedoubler.com/ Frame 10BD	2 KB 2 KB	191ms 70ms	Script application/x-javascript	35.186.231.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://impit.tradedoubler.com/imp?type(js)g(25269774)a(3190045)preurl(https://ams3-ib.adnxs.com/ssclick2?e=wqT_3QKPAfCOjwAAAAMAxBkFAQiY6KioBhCMtMa--qfPiisYACCVNii1ATCrWjgCQI7i8rIBSNHHAVAAWgNVU0RiA1VTRGjYBXBaeLAxgAHg9gWIAQGQAQKYAQWgAQKpAY8m91WYE50_sQFaZDvfT42XP7kBAAAAoJmZBUDBAY0YLIt4oZc_yQFcWg2JeyydP9gB8AbgAQA./s=b22d4093f35ad2674100a410b5eff8a693acf54b/ip=85.190.232.27/bcr=AAAAAAAA8D8=/cnd=%21nBDHmwi3tIYbEI7i8rIBGNHHASAAKAAxAAAAAAAAAAA6CUFNUzM6NjE0NkDEREkAAAAAAADwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=MTE1NjMjQU1TMzo2MTQ2/bn=97120/clickenc=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCO9lmGDQKZZ75AoeU1PIPmOeesArS4Nfgbo-ktpOTCsCNtwEQASAAYP2KooTUEoIBF2NhLXB1Yi0zOTYwMDk1NzA5OTMwMTM0yAEJ4AIAqAMByAMCqgSKAk_Qxt-vW00HzoUfYuNlbh39gPhX1rHyL3R7aYtKoqa9Wt2gpRw7fPbjP0eGzn9d8gTMkxRPA0nGbzwRdQCKFCuIs8RdC9gSbvrO0VtheN1xpV3nD7cn336qxismYfuNYSDCc4G3ufGlj2vdW0w4F4cIM1ad1Pn8TwgmvuNMt1zQZ_cBtlwfCrPQPtFX3wXL20rIoYh4UkWOZCSYT2D_Vz_7zgkC4KFlFt6VxeyFTYVhBWRXVLzhDoEtEn31oSgTmwbr53eBLHwvPaAgCgkEpg0Qq88Jne9yCp_MZvglEYFrzxq78gY4ieluKLu38rXlzhZHW3chaiylOcRSH_6nF5021szp7fRwLBHX4AQBgAbtwbH06PrVjU6gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0FG-tOI4KOxuaGq6N2E3rvh4Itjg%26client%3Dca-pub-3960095709930134%26adurl%3D)epi(https%3A%2F%2Fibb.co%2FMPQLW6m;55418;21676403;181;17909;6933)611119540 Requested by Host: ibb.co URL: https://ibb.co/MPQLW6m Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.186.231.97 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 97.231.186.35.bc.googleusercontent.com Software TXServerHttp / Resource Hash 8a55883d5868f5b0671dfd2ce60382f13bbb43e8767e7bdeb18647220daff968 Request headers accept-language it-IT,it;q=0.9 Referer https://c51d4dfe96c8411fa6426238f9bfcf50.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Tue, 19 Sep 2023 23:51:52 GMT via 1.1 google referrer-policy origin server TXServerHttp content-type application/x-javascript; charset=ISO-8859-1 access-control-allow-origin * cache-control private, max-age=0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1541
GET H2	200	rd_log Show response ams3-ib.adnxs.com/ Frame 10BD	0 531 B	62ms 61ms	Script text/html	185.89.210.141 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fibb.co%2FMPQLW6m&e=wqT_3QK4HPRVBTgOAAADANYABQEImOioqAYQjLTGvvqnz4orGAAqNgmPJvdVmBOdPxFaZDvfT42XPxkAAACgmZkFQCGNGCyLeKGXPylcWg2JeyydPzEAAACgmZnJPzCVNji1AUCrWkgCUI7i8rIBWNHHAWAAaLAxeOD2BYABAYoBA1VTRJIBA1VTRJgB2AWgAVqoAQGwAQC4AQLAAQXIAQLQAQDYAQDgAQDqAdUFaHR0cHM6Ly9hZGNsaWNrLmcuZG91YmxlY2xpY2submV0L2FjbGs_c2E9TCZhaT1DTzlsbUdEUUtaWjc1QW9lVTFQSVBtT2Vlc0FyUzROZmdiby1rdHBPVENzQ050d0VRQVNBQVlQMktvb1RVRW9JQkYyTmhMWEIxWWkwek9UWXdNRGsxTnpBNU9UTXdNVE0weUFFSjRBSUFxQU1CeUFNQ3FnU0tBa19ReHQtdlcwMEh6b1VmWXVObGJoMzlnUGhYMXJIeUwzUjdhWXRLb3FhOVd0MmdwUnc3ZlBialAwZUd6bjlkOGdUTWt4UlBBMG5HYnp3UmRRQ0tGQ3VJczhSZEM5Z1NidnJPMFZ0aGVOMXhwVjNuRDdjbjMzNnF4aXNtWWZ1TllTRENjNEczdWZHbGoydmRXMHc0RjRjSU0xYWQxUG44VHdnbXZ1Tk10MXpRWl9jQnRsd2ZDclBRUHRGWDN3WEwyMHJJb1loNFVrV09aQ1NZVDJEX1Z6Xzd6Z2tDNEtGbEZ0NlZ4ZXlGVFlWaEJXUlhWTHpoRG9FdEVuMzFvU2dUbXdicjUzZUJMSHd2UGFBZ0Nna0VwZzBRcTg4Sm5lOXlDcF9NWnZnbEVZRnJ6eHE3OGdZNGllbHVLTHUzOHJYbHpoWkhXM2NoYWl5bE9jUlNIXzZuRjUwMjFzenA3ZlJ3TEJIWDRBUUJnQWJ0d2JIMDZQclZqVTZnQmlHb0I2YS1HNmdIbHRnYnFBZXFtN0VDcUFlRHJiRUNxQWZfbnJFQ3FBZmZuN0VDMkFjQTBnZ1VDSURoZ0JBUUFUSUNxZ0k2QW9CQVNMMzl3VHI2Q3dJSUFZQU1BZEFWQVlBWEFRJm51bT0xJnNpZz1BT0Q2NF8wRkctdE9JNEtPeHVhR3E2TjJFM3J2aDRJdGpnJmNsaWVudD1jYS1wdWItMzk2MDA5NTcwOTkzMDEzNCZhZHVybD3wAQCKAmh1ZignYScsIDYxNzYyODgsIDApO3VmKCdpJywgNzQ3NDI2NiwgMCk7dWYoJ2cnLCAyMTY3NjQwMywgMCk7dWYoJ2MnLCA1NjcyODExOSwgMCk7dWYoJ3InLCAzNzUxNzMzOTAsIDApO5ICvQ4hOFlBdWFRaTN0SVliRUk3aThySUJHQUFnMGNjQk1BRTRBRUFBU0t0YVVKVTJXQUJnX19fX193OW9BSEFCZUFHQUFRR0lBUUdRQVFHWUFRR2dBUUtvQVFLd0FRQzVBYjB3VmlLZkxKMF93UUc5TUZZaW55eWRQOGtCQUFBQW9Odks1al9aQVFBQUFBQUFBUEFfNEFIYW1NZ0Q5UUh5Wk9rOG1BSUFvQUlBdFFJQUFBQUF2UUlBQUFBQXdBSUJ5QUlCMEFJQjJBSUI0QUlBNkFJQS1BSUFnQU1CbUFNQm9nTVRDTG5aeFN3UUNoZ0JMZDFXTmo4eUEzVnVhN29EQ1VGTlV6TTZOakUwTnVBRHhFU0FCTG04LWd1SUJMMjgtZ3VRQkFDWUJBU3FCTlVIQ1BfX19fX19fX19fX3dFUV9fX19fX19fX19fX0FSal9fX19fX19fX19fOEJJUF9fX19fX19fX19fd0VvX18RKhBfX0FURBkNEF84Qk9QHQ8Id0ZBHQ4MX0FVah0PCDhCVTYsAABZHR0IX0FXNlgAAGE2LAAAdzIsAABYNlgACGdBSB0fCDhCaToQAABrOhAAAG06EAAAbzoQAABxOhAAAHM6EAAAdToQAAB3OhAAAHk6EAAAMDoQAAAyOhAAADQ6EAAANjoQAAA4OhAAAC06EAAIZ0FMOgABNhAAAGs6EAAAbToQAABvOhAAAHE6EAAAczoQAAB1OhAAAHc6EAAAeToQAAAwOhAAADI6EAAANDoQAAA2OhAAADg6EAAALToQAARnQS4tAkEANhAAAGs6EAAAbToQAABvOhAAAHE6EAAAczoQAAB1OhAAAHc6EAAAeToQAAAwOhAAADI6EAAANDoQAAA2OhAAADg6EAAALToQAAhnQVQ6AAI2EAAAazoQAABtOhAAAG86EAAAcToQAABzOhAAAHU6EAAAdzoQAAB5OhAAADA6EAAAMjoQAAA0OhAAADY6EAAAODoQAAAtOhAACGdBWDoAATYQAABrOhAAAG06EAAMd1FRQRUBCE1rRRUMHEFEWUJBRHhCGREgQWlBV0NNS2tGERMQOEQteEIdPwh3UVURGwhBQU0uKAAEX1IuKAAAMhUowER3UC1BRm9SYndCZk9DcXdyNEJhRDgtQUtDQmdOVlUwU0lCZ1NRQmdHWUJnQ2hCZ0EVYCBxQVlFc2dZa0MdgABFHQwARx0MAEkdDKB1QVlLmgKZASFuQkRIbXdpM3RJWWJFSTdpOHJJQkdOSEhBU0FBS0FBeBVqVEFBNkNVRk5Vek02TmpFME5rREVSRWsNHwxEd1AxPTQARhEYDEFBQUcdGABHHRgASB0YEEhnQWlRERBARHdQdy4u2ALwBuACZuoCFmgaKwvwi2liYi5jby9NUFFMVzZt8gIRCgZBRFZfSUQSBzYxNzYyODjyAhIKBkNQR19JRBIIMjE2NzY0MDPyAgoKBUNQX0lEEgEw8gINCghBRFZfRlJFURIBMPICDQoIUkVNX1VTRVISATDyAgwKCEFEVl9DT0RFEgDyAgwKCENQR19DT0RFEgDyAgsKB0NQX0NPCQ4QEAoFSU8FgRg3NDc0MjY2BSEMSU9fQw0-OBMKD0NVU1RPTV9NT0RFTAErFADyAhoKFjIWACBMRUFGX05BTUUBHQgeCho2HQAIQVNUAT4QSUZJRUQBIRwNCghTUExJVAFN8N4BMIADAIgDAZADAJgDCaADAaoDAMAD2ATIAwDYA6uLwQHgAwDoAwD4AwOABACSBAQvdWFwmAQAogQNODUuMTkwLjIzMi4yN6gEALIEDAgAEAAYACAAMAA4ArgEAMAEAMgEANIEDzExNTYzI0FNUzM6NjE0NtoEAggB4AQB8ASO4vKyAYgFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBaTaAvoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0Aa1RNoGFgoQAAAABUQRAXAQABgA4AYB8gYCCACABwGIBwCgBwHIB-D2BdIHDRVkASYI2gcGCcy44AcA6gcCCADwB4kBiggCEACVCAAAgD-YCAHACPAG0ggOCIGChIiQoMCAARACGAA.&s=96b793e1871f46ee90a8c0b1a8e3e799586be856&bdref=https%3A%2F%2Fibb.co%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fibb.co%2F,https%3A%2F%2Fc51d4dfe96c8411fa6426238f9bfcf50.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html& Requested by Host: ams3-ib.adnxs.com URL: https://ams3-ib.adnxs.com/ab?ro=1&an_audit=0&referrer=https%3A%2F%2Fibb.co%2FMPQLW6m&e=wqT_3QLPFuhPCwAAAwDWAAUBCJjoqKgGEIy0xr76p8-KKxgAKjYJW1oNiXssnT8RjRgsi3ihlz8ZAAAAoJmZBUAhjQ0SBClcDSQAMQkbqMk_MJU2OLUBQKtaSAJQjuLysgFY0ccBYABosDF44PYFgAEBigEDVVNEkgEBBuCYAdgFoAFaqAEBsAEAuAECwAEFyAEC0AEA2AEA4AEA8AEAigJodWYoJ2EnLCA2MTc2Mjg4LCAwKTsBFCxpJywgNzQ3NDI2NiwRFCxnJywgMjE2NzY0MDMVFSxjJywgNTY3MjgxMTkVFTByJywgMzc1MTczMzkwBRbwsJICvQ4hOFlBdWFRaTN0SVliRUk3aThySUJHQUFnMGNjQk1BRTRBRUFBU0t0YVVKVTJXQUJnX19fX193OW9BSEFCZUFHQUFRR0lBUUdRQVFHWUFRR2dBUUtvQVFLd0FRQzVBYjB3VmlLZkxKMF93UUc5TUZZaW55eWRQOGtCQUFBQW9Odks1al9aQVFBQUFBQUFBUEFfNEFIYW1NZ0Q5UUh5Wk9rOG1BSUFvQUlBdFFJQQElCHZRSQEH8HlBd0FJQnlBSUIwQUlCMkFJQjRBSUE2QUlBLUFJQWdBTUJtQU1Cb2dNVENMblp4U3dRQ2hnQkxkMVdOajh5QTNWdWE3b0RDVUZOVXpNNk5qRTBOdUFEeEVTQUJMbTgtZ3VJQkwyOC1ndVFCQUNZQkFTcUJOVUhDUF9fXyUBIQQERVEBBxEBCEFSahELFF9fXzhCSTYsAABvARYRAQhBVEQRCwUsAE8yLAAERkEBFhEBBEFVNlgAAFU2LAAAWREoAQEEQVc2WAAAYTYsAAB3ASQRAQRBWDZYAAhnQUgRGwWUAGk6EAAAazoQAABtOhAAAG86EAAAcToQAABzOhAAAHU6EAAAdzoQAAB5OhAAADA6EAAAMjoQAAA0OhAAADY6EAAAODoQAAAtOhAACGdBTAH5DQEIOEJpOhAAAGs6EAAAbToQAABvOhAAAHE6EAAAczoQAAB1OhAAAHc6EAAAeToQAAAwOhAAADI6EAAANDoQAAA2OhAAADg6EAAALToQAARnQS4tAiEANhAAAGs6EAAAbToQAABvOhAAAHE6EAAAczoQAAB1OhAAAHc6EAAAeToQAAAwOhAAADI6EAAANDoQAAA2OhAAADg6EAAALToQAAhnQVQt_AEBIQA2EAAAazoQAABtOhAAAG86EAAAcToQAABzOhAAAHU6EAAAdzoQAAB5OhAAADA6EAAAMjoQAAA0OhAAADY6EAAAODoQAAAtOhAACGdBWAH5DQEhADYQAABrOhAAAG06EAAId1FRpZgFAQhNa0UFCAUBGERZQkFEeEIFDAkBHGlBV0NNS2tGCQ4YQUE4RC14Qh0_CHdRVREbCEFBTS4oAARfUi4oAAAyFSjARHdQLUFGb1Jid0JmT0Nxd3I0QmFEOC1BS0NCZ05WVTBTSUJnU1FCZ0dZQmdDaEJnQRVgIHFBWUVzZ1lrQx2AAEUdDABHHQwASR0MOHVBWUuaApkBIW5CREhtdzpBByhOSEhBU0FBS0FBeBVqEEFBNkNV3XEUa0RFUkVrDR8MRHdQMT00AEYRGAxBQUFHHRgARx0YAEgdGBBIZ0FpUREQyER3UHcuLtgC8AbgAmbqAhZodHRwczovL2liYi5jby9NUFFMVzZt8gIRCgZBRFZfSUQSBxprCDDyAhIKBkNQR19JRBIIHlcIGPICCgoFQ1ABFBgBMPICDQoIATYMRlJFUREQHFJFTV9VU0VSBRAADAkgGENPREUSAPIBDwFREQ8QCwoHQ1AVDhAQCgVJTwFZAAca2AgA8gEhBElPFSE4EwoPQ1VTVE9NX01PREVMASsUAPICGgoWMhYAHExFQUZfTkFNBXEIHgoaNh0ACEFTVAE-EElGSUVEAT4cDQoIU1BMSVQBTfBtATCAAwCIAwGQAwCYAwmgAwGqAwDAA9gEyAMA2AOri8EB4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANIEDzExNTYzI0FNUzM6NjE0NtoEAggB4AQB8AQSHwogiAUBmAUAoAX_EQEYAcAFAMkFAAUBFPA_0gUJCQULQAAAANgFAeAFAfAFpNoC-gUEAW8okAYAmAYAuAYAwQYBITAAAPA_0Aa1RNoGFgoQCREZAQGdYOAGAfIGAggAgAcBiAcAoAcByAfg9gXSBw0VZAEmCNoHBgFdwBgA4AcA6gcCCADwB4kBiggCEACVCAAAgD-YCAHACPAG0ggOCIGChIiQoMCAARACGAA.&s=b265e340e1189336151ee354b8a5ec0dcb31b726&pp=ZQo0GAAAvJ4IVQoHAAezmElpHGvbR1R6bVFE1Q&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCO9lmGDQKZZ75AoeU1PIPmOeesArS4Nfgbo-ktpOTCsCNtwEQASAAYP2KooTUEoIBF2NhLXB1Yi0zOTYwMDk1NzA5OTMwMTM0yAEJ4AIAqAMByAMCqgSKAk_Qxt-vW00HzoUfYuNlbh39gPhX1rHyL3R7aYtKoqa9Wt2gpRw7fPbjP0eGzn9d8gTMkxRPA0nGbzwRdQCKFCuIs8RdC9gSbvrO0VtheN1xpV3nD7cn336qxismYfuNYSDCc4G3ufGlj2vdW0w4F4cIM1ad1Pn8TwgmvuNMt1zQZ_cBtlwfCrPQPtFX3wXL20rIoYh4UkWOZCSYT2D_Vz_7zgkC4KFlFt6VxeyFTYVhBWRXVLzhDoEtEn31oSgTmwbr53eBLHwvPaAgCgkEpg0Qq88Jne9yCp_MZvglEYFrzxq78gY4ieluKLu38rXlzhZHW3chaiylOcRSH_6nF5021szp7fRwLBHX4AQBgAbtwbH06PrVjU6gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0FG-tOI4KOxuaGq6N2E3rvh4Itjg%26client%3Dca-pub-3960095709930134%26adurl%3D Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.21.3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language it-IT,it;q=0.9 Referer https://c51d4dfe96c8411fa6426238f9bfcf50.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Tue, 19 Sep 2023 23:51:52 GMT an-x-request-uuid 7e1e090b-1587-427b-9d74-0d0dcd282ef9 server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 85.190.232.27; 85.190.232.27; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	trk.js Show response cdn.adnxs.com/v/s/239/ Frame 10BD	80 KB 28 KB	134ms 35ms	Script application/x-javascript	151.101.1.108 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.adnxs.com/v/s/239/trk.js Requested by Host: ams3-ib.adnxs.com URL: https://ams3-ib.adnxs.com/ab?ro=1&an_audit=0&referrer=https%3A%2F%2Fibb.co%2FMPQLW6m&e=wqT_3QLPFuhPCwAAAwDWAAUBCJjoqKgGEIy0xr76p8-KKxgAKjYJW1oNiXssnT8RjRgsi3ihlz8ZAAAAoJmZBUAhjQ0SBClcDSQAMQkbqMk_MJU2OLUBQKtaSAJQjuLysgFY0ccBYABosDF44PYFgAEBigEDVVNEkgEBBuCYAdgFoAFaqAEBsAEAuAECwAEFyAEC0AEA2AEA4AEA8AEAigJodWYoJ2EnLCA2MTc2Mjg4LCAwKTsBFCxpJywgNzQ3NDI2NiwRFCxnJywgMjE2NzY0MDMVFSxjJywgNTY3MjgxMTkVFTByJywgMzc1MTczMzkwBRbwsJICvQ4hOFlBdWFRaTN0SVliRUk3aThySUJHQUFnMGNjQk1BRTRBRUFBU0t0YVVKVTJXQUJnX19fX193OW9BSEFCZUFHQUFRR0lBUUdRQVFHWUFRR2dBUUtvQVFLd0FRQzVBYjB3VmlLZkxKMF93UUc5TUZZaW55eWRQOGtCQUFBQW9Odks1al9aQVFBQUFBQUFBUEFfNEFIYW1NZ0Q5UUh5Wk9rOG1BSUFvQUlBdFFJQQElCHZRSQEH8HlBd0FJQnlBSUIwQUlCMkFJQjRBSUE2QUlBLUFJQWdBTUJtQU1Cb2dNVENMblp4U3dRQ2hnQkxkMVdOajh5QTNWdWE3b0RDVUZOVXpNNk5qRTBOdUFEeEVTQUJMbTgtZ3VJQkwyOC1ndVFCQUNZQkFTcUJOVUhDUF9fXyUBIQQERVEBBxEBCEFSahELFF9fXzhCSTYsAABvARYRAQhBVEQRCwUsAE8yLAAERkEBFhEBBEFVNlgAAFU2LAAAWREoAQEEQVc2WAAAYTYsAAB3ASQRAQRBWDZYAAhnQUgRGwWUAGk6EAAAazoQAABtOhAAAG86EAAAcToQAABzOhAAAHU6EAAAdzoQAAB5OhAAADA6EAAAMjoQAAA0OhAAADY6EAAAODoQAAAtOhAACGdBTAH5DQEIOEJpOhAAAGs6EAAAbToQAABvOhAAAHE6EAAAczoQAAB1OhAAAHc6EAAAeToQAAAwOhAAADI6EAAANDoQAAA2OhAAADg6EAAALToQAARnQS4tAiEANhAAAGs6EAAAbToQAABvOhAAAHE6EAAAczoQAAB1OhAAAHc6EAAAeToQAAAwOhAAADI6EAAANDoQAAA2OhAAADg6EAAALToQAAhnQVQt_AEBIQA2EAAAazoQAABtOhAAAG86EAAAcToQAABzOhAAAHU6EAAAdzoQAAB5OhAAADA6EAAAMjoQAAA0OhAAADY6EAAAODoQAAAtOhAACGdBWAH5DQEhADYQAABrOhAAAG06EAAId1FRpZgFAQhNa0UFCAUBGERZQkFEeEIFDAkBHGlBV0NNS2tGCQ4YQUE4RC14Qh0_CHdRVREbCEFBTS4oAARfUi4oAAAyFSjARHdQLUFGb1Jid0JmT0Nxd3I0QmFEOC1BS0NCZ05WVTBTSUJnU1FCZ0dZQmdDaEJnQRVgIHFBWUVzZ1lrQx2AAEUdDABHHQwASR0MOHVBWUuaApkBIW5CREhtdzpBByhOSEhBU0FBS0FBeBVqEEFBNkNV3XEUa0RFUkVrDR8MRHdQMT00AEYRGAxBQUFHHRgARx0YAEgdGBBIZ0FpUREQyER3UHcuLtgC8AbgAmbqAhZodHRwczovL2liYi5jby9NUFFMVzZt8gIRCgZBRFZfSUQSBxprCDDyAhIKBkNQR19JRBIIHlcIGPICCgoFQ1ABFBgBMPICDQoIATYMRlJFUREQHFJFTV9VU0VSBRAADAkgGENPREUSAPIBDwFREQ8QCwoHQ1AVDhAQCgVJTwFZAAca2AgA8gEhBElPFSE4EwoPQ1VTVE9NX01PREVMASsUAPICGgoWMhYAHExFQUZfTkFNBXEIHgoaNh0ACEFTVAE-EElGSUVEAT4cDQoIU1BMSVQBTfBtATCAAwCIAwGQAwCYAwmgAwGqAwDAA9gEyAMA2AOri8EB4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANIEDzExNTYzI0FNUzM6NjE0NtoEAggB4AQB8AQSHwogiAUBmAUAoAX_EQEYAcAFAMkFAAUBFPA_0gUJCQULQAAAANgFAeAFAfAFpNoC-gUEAW8okAYAmAYAuAYAwQYBITAAAPA_0Aa1RNoGFgoQCREZAQGdYOAGAfIGAggAgAcBiAcAoAcByAfg9gXSBw0VZAEmCNoHBgFdwBgA4AcA6gcCCADwB4kBiggCEACVCAAAgD-YCAHACPAG0ggOCIGChIiQoMCAARACGAA.&s=b265e340e1189336151ee354b8a5ec0dcb31b726&pp=ZQo0GAAAvJ4IVQoHAAezmElpHGvbR1R6bVFE1Q&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCO9lmGDQKZZ75AoeU1PIPmOeesArS4Nfgbo-ktpOTCsCNtwEQASAAYP2KooTUEoIBF2NhLXB1Yi0zOTYwMDk1NzA5OTMwMTM0yAEJ4AIAqAMByAMCqgSKAk_Qxt-vW00HzoUfYuNlbh39gPhX1rHyL3R7aYtKoqa9Wt2gpRw7fPbjP0eGzn9d8gTMkxRPA0nGbzwRdQCKFCuIs8RdC9gSbvrO0VtheN1xpV3nD7cn336qxismYfuNYSDCc4G3ufGlj2vdW0w4F4cIM1ad1Pn8TwgmvuNMt1zQZ_cBtlwfCrPQPtFX3wXL20rIoYh4UkWOZCSYT2D_Vz_7zgkC4KFlFt6VxeyFTYVhBWRXVLzhDoEtEn31oSgTmwbr53eBLHwvPaAgCgkEpg0Qq88Jne9yCp_MZvglEYFrzxq78gY4ieluKLu38rXlzhZHW3chaiylOcRSH_6nF5021szp7fRwLBHX4AQBgAbtwbH06PrVjU6gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0FG-tOI4KOxuaGq6N2E3rvh4Itjg%26client%3Dca-pub-3960095709930134%26adurl%3D Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.1.108 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AkamaiNetStorage / Resource Hash a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d Request headers accept-language it-IT,it;q=0.9 Referer https://c51d4dfe96c8411fa6426238f9bfcf50.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers Expires Wed, 10 Jul 2024 11:56:20 GMT Date Tue, 19 Sep 2023 23:51:52 GMT Content-Encoding gzip Via 1.1 varnish, 1.1 varnish Age 6090932 X-Cache HIT, HIT Connection keep-alive Content-Length 27646 X-Served-By cache-lga21944-LGA, cache-fco2270029-FCO Last-Modified Tue, 11 Jul 2023 11:56:12 GMT Server AkamaiNetStorage X-Timer S1695167513.786645,VS0,VE0 ETag "615fd4ad24a409f4de5416b603f042c1:1689076572.555276" Vary Accept-Encoding Content-Type application/x-javascript Access-Control-Allow-Origin * Cache-Control max-age=31536000 Accept-Ranges bytes X-Cache-Hits 42, 1206487
GET H2	200	platforms Show response odb.outbrain.com/utils/ Frame 1C7F	5 KB 3 KB	415ms 258ms	XHR application/json	146.75.122.132 FASTLY
General Check archive.org Show headers Download Go to Full URL https://odb.outbrain.com/utils/platforms?contentUrl=https://ibb.co/MPQLW6m&widgetJSId=APP_1&key=INTER1JBG3BD8Q2B763PIB4G3&idx=0&format=vjnc&cors=true&extid=vli-94532 Requested by Host: static.vliplatform.com URL: https://static.vliplatform.com/plugins/pbnative/creative.min.js?v=1.05 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 146.75.122.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash cc82b714bd4147fdc07b4bbce6f5ee8aba3c957da8423d8fdcb90bc45bcc244e Request headers accept-language it-IT,it;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers x-cache-hits 0, 0 date Tue, 19 Sep 2023 23:51:53 GMT content-encoding br via 1.1 varnish, 1.1 varnish traffic-path NYDC1, LGA, FRA, Europe1 x-cache MISS, MISS x-traceid 0218c262355994c543afa6d4d7859984 content-length 2835 x-served-by cache-lga21957-LGA, cache-fra-etou8220085-FRA x-timer S1695167513.946561,VS0,VE198 vary Accept-Encoding, User-Agent content-type application/json; charset=UTF-8 access-control-allow-origin https://ibb.co access-control-allow-credentials true accept-ranges bytes expires Thu, 01 Jan 1970 00:00:00 GMT
GET H/1.1	200 OK	DISPLAY-728x90.jpg vht.tradedoubler.com/file/331547/2023/0609/ Frame 10BD	68 KB 69 KB	206ms 69ms	Image image/jpeg	13.224.189.31 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://vht.tradedoubler.com/file/331547/2023/0609/DISPLAY-728x90.jpg Requested by Host: c51d4dfe96c8411fa6426238f9bfcf50.safeframe.googlesyndication.com URL: https://c51d4dfe96c8411fa6426238f9bfcf50.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 13.224.189.31 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-189-31.fra2.r.cloudfront.net Software Apache / Resource Hash 98c78ee82e04abf6363c875335c4ad56007adcc740b073eae7275e3855f23a3b Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language it-IT,it;q=0.9 Referer https://c51d4dfe96c8411fa6426238f9bfcf50.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers Date Wed, 13 Sep 2023 02:36:29 GMT Strict-Transport-Security max-age=31536000 Via 1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront) X-Content-Type-Options nosniff X-Amz-Cf-Pop FRA2-C1 Age 594924 X-Cache Hit from cloudfront Connection keep-alive Content-Length 69971 X-XSS-Protection 1; mode=block Referrer-Policy strict-origin-when-cross-origin Last-Modified Wed, 06 Sep 2023 08:09:14 GMT Server Apache Content-Type image/jpeg Accept-Ranges bytes X-Amz-Cf-Id PNyHRqm_wrgEYqiL6YslwsqT6IQ38CxpUYJKi2-l71Y4TSDqUHDD0g==
GET DATA	200 OK	truncated / Frame 10BD	221 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 4830ef8c2c03a9b67aa409813f750f53b22751d54322402aac39f152801d89ee Request headers accept-language it-IT,it;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers Content-Type image/png
POST H2	200	vevent ams3-ib.adnxs.com/ Frame 10BD	0 581 B	61ms 61ms	Ping text/html	185.89.210.141 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fibb.co%2FMPQLW6m&e=wqT_3QKxGvRVBTENAAADANYABQEImOioqAYQjLTGvvqnz4orGAAqNgmPJvdVmBOdPxFaZDvfT42XPxkAAACgmZkFQCGNGCyLeKGXPylcWg2JeyydPzEAAACgmZnJPzCVNji1AUCrWkgCUI7i8rIBWNHHAWAAaLAxeOD2BYABAYoBA1VTRJIBA1VTRJgB2AWgAVqoAQGwAQC4AQLAAQXIAQLQAQDYAQDgAQDqAdUFaHR0cHM6Ly9hZGNsaWNrLmcuZG91YmxlY2xpY2submV0L2FjbGs_c2E9TCZhaT1DTzlsbUdEUUtaWjc1QW9lVTFQSVBtT2Vlc0FyUzROZmdiby1rdHBPVENzQ050d0VRQVNBQVlQMktvb1RVRW9JQkYyTmhMWEIxWWkwek9UWXdNRGsxTnpBNU9UTXdNVE0weUFFSjRBSUFxQU1CeUFNQ3FnU0tBa19ReHQtdlcwMEh6b1VmWXVObGJoMzlnUGhYMXJIeUwzUjdhWXRLb3FhOVd0MmdwUnc3ZlBialAwZUd6bjlkOGdUTWt4UlBBMG5HYnp3UmRRQ0tGQ3VJczhSZEM5Z1NidnJPMFZ0aGVOMXhwVjNuRDdjbjMzNnF4aXNtWWZ1TllTRENjNEczdWZHbGoydmRXMHc0RjRjSU0xYWQxUG44VHdnbXZ1Tk10MXpRWl9jQnRsd2ZDclBRUHRGWDN3WEwyMHJJb1loNFVrV09aQ1NZVDJEX1Z6Xzd6Z2tDNEtGbEZ0NlZ4ZXlGVFlWaEJXUlhWTHpoRG9FdEVuMzFvU2dUbXdicjUzZUJMSHd2UGFBZ0Nna0VwZzBRcTg4Sm5lOXlDcF9NWnZnbEVZRnJ6eHE3OGdZNGllbHVLTHUzOHJYbHpoWkhXM2NoYWl5bE9jUlNIXzZuRjUwMjFzenA3ZlJ3TEJIWDRBUUJnQWJ0d2JIMDZQclZqVTZnQmlHb0I2YS1HNmdIbHRnYnFBZXFtN0VDcUFlRHJiRUNxQWZfbnJFQ3FBZmZuN0VDMkFjQTBnZ1VDSURoZ0JBUUFUSUNxZ0k2QW9CQVNMMzl3VHI2Q3dJSUFZQU1BZEFWQVlBWEFRJm51bT0xJnNpZz1BT0Q2NF8wRkctdE9JNEtPeHVhR3E2TjJFM3J2aDRJdGpnJmNsaWVudD1jYS1wdWItMzk2MDA5NTcwOTkzMDEzNCZhZHVybD3wAQCKAmh1ZignYScsIDYxNzYyODgsIDApO3VmKCdpJywgNzQ3NDI2NiwgMCk7dWYoJ2cnLCAyMTY3NjQwMywgMCk7dWYoJ2MnLCA1NjcyODExOSwgMCk7dWYoJ3InLCAzNzUxNzMzOTAsIDApO5ICvQ4hOFlBdWFRaTN0SVliRUk3aThySUJHQUFnMGNjQk1BRTRBRUFBU0t0YVVKVTJXQUJnX19fX193OW9BSEFCZUFHQUFRR0lBUUdRQVFHWUFRR2dBUUtvQVFLd0FRQzVBYjB3VmlLZkxKMF93UUc5TUZZaW55eWRQOGtCQUFBQW9Odks1al9aQVFBQUFBQUFBUEFfNEFIYW1NZ0Q5UUh5Wk9rOG1BSUFvQUlBdFFJQUFBQUF2UUlBQUFBQXdBSUJ5QUlCMEFJQjJBSUI0QUlBNkFJQS1BSUFnQU1CbUFNQm9nTVRDTG5aeFN3UUNoZ0JMZDFXTmo4eUEzVnVhN29EQ1VGTlV6TTZOakUwTnVBRHhFU0FCTG04LWd1SUJMMjgtZ3VRQkFDWUJBU3FCTlVIQ1BfX19fX19fX19fX3dFUV9fX19fX19fX19fX0FSal9fX19fX19fX19fOEJJUF9fX19fX19fX19fd0VvX18RKhBfX0FURBkNEF84Qk9QHQ8Id0ZBHQ4MX0FVah0PCDhCVTYsAABZHR0IX0FXNlgAAGE2LAAAdzIsAABYNlgACGdBSB0fCDhCaToQAABrOhAAAG06EAAAbzoQAABxOhAAAHM6EAAAdToQAAB3OhAAAHk6EAAAMDoQAAAyOhAAADQ6EAAANjoQAAA4OhAAAC06EAAIZ0FMOgABNhAAAGs6EAAAbToQAABvOhAAAHE6EAAAczoQAAB1OhAAAHc6EAAAeToQAAAwOhAAADI6EAAANDoQAAA2OhAAADg6EAAALToQAARnQS4tAkEANhAAAGs6EAAAbToQAABvOhAAAHE6EAAAczoQAAB1OhAAAHc6EAAAeToQAAAwOhAAADI6EAAANDoQAAA2OhAAADg6EAAALToQAAhnQVQ6AAI2EAAAazoQAABtOhAAAG86EAAAcToQAABzOhAAAHU6EAAAdzoQAAB5OhAAADA6EAAAMjoQAAA0OhAAADY6EAAAODoQAAAtOhAACGdBWDoAATYQAABrOhAAAG06EAAMd1FRQRUBCE1rRRUMHEFEWUJBRHhCGREgQWlBV0NNS2tGERMQOEQteEIdPwh3UVURGwhBQU0uKAAEX1IuKAAAMhUowER3UC1BRm9SYndCZk9DcXdyNEJhRDgtQUtDQmdOVlUwU0lCZ1NRQmdHWUJnQ2hCZ0EVYCBxQVlFc2dZa0MdgABFHQwARx0MAEkdDKB1QVlLmgKZASFuQkRIbXdpM3RJWWJFSTdpOHJJQkdOSEhBU0FBS0FBeBVqVEFBNkNVRk5Vek02TmpFME5rREVSRWsNHwxEd1AxPTQARhEYDEFBQUcdGABHHRgASB0YEEhnQWlRERBARHdQdy4u2ALwBuACZuoCFmgaKwvw7WliYi5jby9NUFFMVzZtgAMAiAMBkAMAmAMJoAMBqgMAwAPYBMgDANgDq4vBAeADAOgDAPgDA4AEAJIEBC91YXCYBACiBA04NS4xOTAuMjMyLjI3qAQAsgQMCAAQABgAIAAwADgCuAQAwAQAyAQA0gQPMTE1NjMjQU1TMzo2MTQ22gQCCAHgBAHwBI7i8rIBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFpNoC-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBrVE2gYWChAAAAAAAAAFFgUBcBAAGADgBgHyBgIIAIAHAYgHAKAHAcgH4PYF0gcNFWQBJgjaBwYJzLjgBwDqBwIIAPAHiQGKCAIQAJUIAACAP5gIAcAI8AbSCA4IgYKEiJCgwIABEAIYAA..&s=f0ec767daed5e452f94a4e42a5cea6787a913f14&type=nv&nvt=5&jm=1140|1141|1003&px=0&py=0&bw=728&bh=90&sid=2527564951534769251&vd=ct~0|rr~0&sv=239&tv=view7-1js&ua=chrome52&pl=win&x=v&tag_id=6933&cid=3&cr=nv&sw=1600&sh=1200&pw=728&ph=90&ww=728&wh=90&ft=3 Requested by Host: cdn.adnxs.com URL: https://cdn.adnxs.com/v/s/239/trk.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.21.3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language it-IT,it;q=0.9 Referer https://c51d4dfe96c8411fa6426238f9bfcf50.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Tue, 19 Sep 2023 23:51:52 GMT an-x-request-uuid b635c647-90ed-46f1-9571-3019fdc6769d server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 access-control-allow-origin https://c51d4dfe96c8411fa6426238f9bfcf50.safeframe.googlesyndication.com cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 85.190.232.27; 85.190.232.27; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H3	200	adview securepubads.g.doubleclick.net/pagead/ Frame 10BD	0 0	106ms 105ms	Image text/html	142.250.186.66 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=C2EgiGDQKZZ75AoeU1PIPmOeesArS4Nfgbo-ktpOTCsCNtwEQASAAYP2KooTUEoIBF2NhLXB1Yi0zOTYwMDk1NzA5OTMwMTM0yAEJ4AIAqAMByAMCqgSHAk_Qxt-vW00HzoUfYuNlbh39gPhX1rHyL3R7aYtKoqa9Wt2gpRw7fPbjP0eGzn9d8gTMkxRPA0nGbzwRdQCKFCuIs8RdC9gSbvrO0VtheN1xpV3nD7cn336qxismYfuNYSDCc4G3ufGlj2vdW0w4F4cIM1ad1Pn8TwgmvuNMt1zQZ_cBtlwfCrPQPtFX3wXL20rIoYh4UkWOZCSYT2D_Vz_7zgkC4KFlFt6VxeyFTYVhBWRXVLzhDoEtEn31oSgTmwbr53eBLHwvPaAgCgkEpg0Qq88Jne9yCp_MZvglEYFrz1i505T6LRMDvEHDRyu8SqBDeH2lYwK94GbURnobl7cazgxoD5nk4AQBgAbtwbH06PrVjU6gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTqACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMzk2MDA5NTcwOTkzMDEzNBjSrm0&sigh=iBeEgNYybZA&uach_m=[UACH]&cid=CAQSSwBpAlJWYiEkSiNkWZnjVIALjgcFCeNkDSxR31fEXzNCrMU99N4aZGaPgdpeOXfSsZ2P-QCrp4f0GfkaCDHUsZLbwhQ8L0X2AfpfrhgB&cbvp=2&vis=1 Requested by Host: c51d4dfe96c8411fa6426238f9bfcf50.safeframe.googlesyndication.com URL: https://c51d4dfe96c8411fa6426238f9bfcf50.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f2.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language it-IT,it;q=0.9 Referer https://c51d4dfe96c8411fa6426238f9bfcf50.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers
GET H2	200	it ams3-ib.adnxs.com/ Frame 10BD	0 531 B	61ms 61ms	Image text/html	185.89.210.141 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fibb.co%2FMPQLW6m&e=wqT_3QLIFOhICgAAAwDWAAUBCJjoqKgGEIy0xr76p8-KKxgAKjYJW1oNiXssnT8RjRgsi3ihlz8ZAAAAoJmZBUAhjQ0SBClcDSQAMQkbqMk_MJU2OLUBQKtaSAJQjuLysgFY0ccBYABosDF44PYFgAEBigEDVVNEkgEBBuCYAdgFoAFaqAEBsAEAuAECwAEFyAEC0AEA2AEA4AEA8AEAigJodWYoJ2EnLCA2MTc2Mjg4LCAwKTsBFCxpJywgNzQ3NDI2NiwRFCxnJywgMjE2NzY0MDMVFSxjJywgNTY3MjgxMTkVFTByJywgMzc1MTczMzkwBRbwsJICvQ4hOFlBdWFRaTN0SVliRUk3aThySUJHQUFnMGNjQk1BRTRBRUFBU0t0YVVKVTJXQUJnX19fX193OW9BSEFCZUFHQUFRR0lBUUdRQVFHWUFRR2dBUUtvQVFLd0FRQzVBYjB3VmlLZkxKMF93UUc5TUZZaW55eWRQOGtCQUFBQW9Odks1al9aQVFBQUFBQUFBUEFfNEFIYW1NZ0Q5UUh5Wk9rOG1BSUFvQUlBdFFJQQElCHZRSQEH8HlBd0FJQnlBSUIwQUlCMkFJQjRBSUE2QUlBLUFJQWdBTUJtQU1Cb2dNVENMblp4U3dRQ2hnQkxkMVdOajh5QTNWdWE3b0RDVUZOVXpNNk5qRTBOdUFEeEVTQUJMbTgtZ3VJQkwyOC1ndVFCQUNZQkFTcUJOVUhDUF9fXyUBIQQERVEBBxEBCEFSahELFF9fXzhCSTYsAABvARYRAQhBVEQRCwUsAE8yLAAERkEBFhEBBEFVNlgAAFU2LAAAWREoAQEEQVc2WAAAYTYsAAB3ASQRAQRBWDZYAAhnQUgRGwWUAGk6EAAAazoQAABtOhAAAG86EAAAcToQAABzOhAAAHU6EAAAdzoQAAB5OhAAADA6EAAAMjoQAAA0OhAAADY6EAAAODoQAAAtOhAACGdBTAH5DQEIOEJpOhAAAGs6EAAAbToQAABvOhAAAHE6EAAAczoQAAB1OhAAAHc6EAAAeToQAAAwOhAAADI6EAAANDoQAAA2OhAAADg6EAAALToQAARnQS4tAiEANhAAAGs6EAAAbToQAABvOhAAAHE6EAAAczoQAAB1OhAAAHc6EAAAeToQAAAwOhAAADI6EAAANDoQAAA2OhAAADg6EAAALToQAAhnQVQt_AEBIQA2EAAAazoQAABtOhAAAG86EAAAcToQAABzOhAAAHU6EAAAdzoQAAB5OhAAADA6EAAAMjoQAAA0OhAAADY6EAAAODoQAAAtOhAACGdBWAH5DQEhADYQAABrOhAAAG06EAAId1FRpZgFAQhNa0UFCAUBGERZQkFEeEIFDAkBHGlBV0NNS2tGCQ4YQUE4RC14Qh0_CHdRVREbCEFBTS4oAARfUi4oAAAyFSjARHdQLUFGb1Jid0JmT0Nxd3I0QmFEOC1BS0NCZ05WVTBTSUJnU1FCZ0dZQmdDaEJnQRVgIHFBWUVzZ1lrQx2AAEUdDABHHQwASR0MOHVBWUuaApkBIW5CREhtdzpBByhOSEhBU0FBS0FBeBVqEEFBNkNV3XEUa0RFUkVrDR8MRHdQMT00AEYRGAxBQUFHHRgARx0YAEgdGBBIZ0FpUREQ8N5Ed1B3Li7YAvAG4AJm6gIWaHR0cHM6Ly9pYmIuY28vTVBRTFc2bYADAIgDAZADAJgDCaADAaoDAMAD2ATIAwDYA6uLwQHgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA0gQPMTE1NjMjQU1TMzo2MTQ22gQCCAHgBAHwBI7i8rIBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFpNoC-gUECAAQAJAGAJgGALgGAMEGBSIsAPA_0Aa1RNoGFgoQCREZAXQQABgA4AYB8gYCCACABwGIBwCgBwHIB-D2BdIHDQkRKAEmDNoHBggFCbjgBwDqBwIIAPAHiQGKCAIQAJUIAACAP5gIAcAI8AbSCA4IgYKEiJCgwIABEAIYAA..&s=08e86b97b5390ac7cb9d25178a9a242f80cc2729&pp=ZQo0GAAAvJ4IVQoHAAezmElpHGvbR1R6bVFE1Q&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCO9lmGDQKZZ75AoeU1PIPmOeesArS4Nfgbo-ktpOTCsCNtwEQASAAYP2KooTUEoIBF2NhLXB1Yi0zOTYwMDk1NzA5OTMwMTM0yAEJ4AIAqAMByAMCqgSKAk_Qxt-vW00HzoUfYuNlbh39gPhX1rHyL3R7aYtKoqa9Wt2gpRw7fPbjP0eGzn9d8gTMkxRPA0nGbzwRdQCKFCuIs8RdC9gSbvrO0VtheN1xpV3nD7cn336qxismYfuNYSDCc4G3ufGlj2vdW0w4F4cIM1ad1Pn8TwgmvuNMt1zQZ_cBtlwfCrPQPtFX3wXL20rIoYh4UkWOZCSYT2D_Vz_7zgkC4KFlFt6VxeyFTYVhBWRXVLzhDoEtEn31oSgTmwbr53eBLHwvPaAgCgkEpg0Qq88Jne9yCp_MZvglEYFrzxq78gY4ieluKLu38rXlzhZHW3chaiylOcRSH_6nF5021szp7fRwLBHX4AQBgAbtwbH06PrVjU6gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0FG-tOI4KOxuaGq6N2E3rvh4Itjg%26client%3Dca-pub-3960095709930134%26adurl%3D&cbvp=2 Requested by Host: c51d4dfe96c8411fa6426238f9bfcf50.safeframe.googlesyndication.com URL: https://c51d4dfe96c8411fa6426238f9bfcf50.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.21.3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language it-IT,it;q=0.9 Referer https://c51d4dfe96c8411fa6426238f9bfcf50.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Tue, 19 Sep 2023 23:51:53 GMT an-x-request-uuid 61a061a6-17d7-45dc-935c-d8171c16834e server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 85.190.232.27; 85.190.232.27; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	ob_logo_16x16.svg widgets.outbrain.com/images/widgetIcons/ Frame 46D3	13 KB 14 KB	204ms 54ms	Image image/svg+xml	184.30.17.67 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://widgets.outbrain.com/images/widgetIcons/ob_logo_16x16.svg Requested by Host: ibb.co URL: https://ibb.co/MPQLW6m Protocol H2 Security TLS 1.3, , AES_256_GCM Server 184.30.17.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-30-17-67.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash c3c89d5295be3c6415416b83a9e4c0fc67a790e55713ddc3f2d0c07185779acf Request headers accept-language it-IT,it;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers expires Thu, 19 Oct 2023 23:51:53 GMT date Tue, 19 Sep 2023 23:51:53 GMT last-modified Tue, 10 Jan 2023 16:40:08 GMT server AkamaiNetStorage etag "af7be0711fb1cf2f41bb793256c8f148:1673369412.559449" access-control-allow-methods GET,POST content-type image/svg+xml access-control-allow-origin * cache-control max-age=2592000 access-control-allow-credentials false accept-ranges bytes timing-allow-origin *, * content-length 13687 access-control-request-headers X-OB-STG,X-OB-PRD
GET H2	200	achoice.svg widgets.outbrain.com/images/widgetIcons/ Frame 46D3	990 B 1 KB	203ms 53ms	Image image/svg+xml	184.30.17.67 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://widgets.outbrain.com/images/widgetIcons/achoice.svg Requested by Host: ibb.co URL: https://ibb.co/MPQLW6m Protocol H2 Security TLS 1.3, , AES_256_GCM Server 184.30.17.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-30-17-67.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash 9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034 Request headers accept-language it-IT,it;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers expires Thu, 19 Oct 2023 23:51:53 GMT date Tue, 19 Sep 2023 23:51:53 GMT last-modified Tue, 10 Jan 2023 16:40:08 GMT server AkamaiNetStorage etag "5ab8e16b5f46213840bcd403e349419c:1673369393.880194" access-control-allow-methods GET,POST content-type image/svg+xml access-control-allow-origin * cache-control max-age=2592000 access-control-allow-credentials false accept-ranges bytes timing-allow-origin *, * content-length 990 access-control-request-headers X-OB-STG,X-OB-PRD
GET H2	200	eyJpdSI6ImVmYWQxZGIxODc3YWU3ZTJlNjk4YjEyZTE4N2RjZTljMmYwYTIxN2I4OTdjOGE3NTU3MGQwNWE5ZGRmYTAwMjgiLCJ3IjozMjAsImgiOjE4MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp images.outbrainimg.com/transform/v3/ Frame 46D3	10 KB 10 KB	174ms 52ms	Image image/webp	2.18.161.178 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://images.outbrainimg.com/transform/v3/eyJpdSI6ImVmYWQxZGIxODc3YWU3ZTJlNjk4YjEyZTE4N2RjZTljMmYwYTIxN2I4OTdjOGE3NTU3MGQwNWE5ZGRmYTAwMjgiLCJ3IjozMjAsImgiOjE4MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp Requested by Host: ibb.co URL: https://ibb.co/MPQLW6m Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.18.161.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-161-178.deploy.static.akamaitechnologies.com Software / Resource Hash 126c11c64e3f9349bf18e639ed3383fcdd7c6495f7e6b1c362e040a98b25b83a Request headers accept-language it-IT,it;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 23:51:53 GMT last-modified Wed, 06 Sep 2023 12:41:27 GMT access-control-allow-methods GET,POST content-type image/webp access-control-allow-origin * cache-control max-age=1380395 access-control-allow-credentials false x-traceid df70a156e10a0482a7b5664bc3946c46 timing-allow-origin *, * content-length 10230
GET H/1.1	200 OK	l mcdp-nydc1.outbrain.com/ Frame 1C7F	2 B 278 B	577ms 139ms	Image text/plain	70.42.32.255 INTERNAP-BLK3
General Check archive.org Show headers Download Go to Show image Full URL https://mcdp-nydc1.outbrain.com/l?token=c72b5797605c55e2067825dfebfd3b52_198067_1695167513098 Requested by Host: ibb.co URL: https://ibb.co/MPQLW6m Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 70.42.32.255 , United States, ASN13789 (INTERNAP-BLK3, US), Reverse DNS ny.outbrain.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language it-IT,it;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers Date Tue, 19 Sep 2023 23:51:53 GMT content-encoding br X-TraceId 23de1eb44a6ae52d9e1c46f335d03593 Content-Length 6 Vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers Content-Type text/plain; charset=UTF-8
GET H/1.1	200 OK	log-viewability log.outbrainimg.com/loggerServices/ Frame 1C7F	4 B 325 B	578ms 139ms	Image application/json	70.42.32.255 INTERNAP-BLK3
General Check archive.org Show headers Download Go to Show image Full URL https://log.outbrainimg.com/loggerServices/log-viewability?requestId=c72b5797605c55e2067825dfebfd3b52&position=0 Requested by Host: ibb.co URL: https://ibb.co/MPQLW6m Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 70.42.32.255 , United States, ASN13789 (INTERNAP-BLK3, US), Reverse DNS ny.outbrain.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language it-IT,it;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers Pragma no-cache Date Tue, 19 Sep 2023 23:51:53 GMT Access-Control-Allow-Methods GET,POST Content-Type application/json; charset=UTF-8 Access-Control-Allow-Origin * Cache-Control no-cache, no-store, must-revalidate X-TraceId e7a1a6e4795fcce908081918acde3edb Content-Length 4 Expires 0
GET H3	200	cc.jpeg px.vliplatform.com/iv-v4/	0 488 B	188ms 188ms	Image image/jpeg	172.67.158.59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://px.vliplatform.com/iv-v4/cc.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNoc-eayqwTyA-aqYA-PKtK-qYtw-BBPUeKTqTryMRqxeNRwNqrb_TZYdtroqRlmNxfrtyoftrbxfrtyoftrRdzNwqfftkRrdzNuggustRmNTTTPBARleNplR_yszuNyqslt Requested by Host: ibb.co URL: https://ibb.co/MPQLW6m Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.158.59 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language it-IT,it;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 23:51:53 GMT cf-cache-status MISS last-modified Tue, 19 Sep 2023 23:51:53 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gx%2Bt1X5UXQJdxniDDa%2F6wnVrsXiVnJRmNIybDhLA4XSzgmQGsvKqnCZfL7rVD%2F5RGuVG5FAOJL5sj2WR1jjnyjPU1ilD3gs3c7Iv%2B%2BFnHSXins1xDZ5s6IXnOw9o7zUaenDfnQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=864000, immutable accept-ranges bytes x-robots-tag noindex, nofollow, noarchive, nosnippet cf-ray 8095bd404dfe00c6-CDG content-length 0 alt-svc h3=":443"; ma=86400
POST H2	200	vevent ams3-ib.adnxs.com/ Frame 10BD	0 581 B	62ms 61ms	Ping text/html	185.89.210.141 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fibb.co%2FMPQLW6m&e=wqT_3QKxGvRVBTENAAADANYABQEImOioqAYQjLTGvvqnz4orGAAqNgmPJvdVmBOdPxFaZDvfT42XPxkAAACgmZkFQCGNGCyLeKGXPylcWg2JeyydPzEAAACgmZnJPzCVNji1AUCrWkgCUI7i8rIBWNHHAWAAaLAxeOD2BYABAYoBA1VTRJIBA1VTRJgB2AWgAVqoAQGwAQC4AQLAAQXIAQLQAQDYAQDgAQDqAdUFaHR0cHM6Ly9hZGNsaWNrLmcuZG91YmxlY2xpY2submV0L2FjbGs_c2E9TCZhaT1DTzlsbUdEUUtaWjc1QW9lVTFQSVBtT2Vlc0FyUzROZmdiby1rdHBPVENzQ050d0VRQVNBQVlQMktvb1RVRW9JQkYyTmhMWEIxWWkwek9UWXdNRGsxTnpBNU9UTXdNVE0weUFFSjRBSUFxQU1CeUFNQ3FnU0tBa19ReHQtdlcwMEh6b1VmWXVObGJoMzlnUGhYMXJIeUwzUjdhWXRLb3FhOVd0MmdwUnc3ZlBialAwZUd6bjlkOGdUTWt4UlBBMG5HYnp3UmRRQ0tGQ3VJczhSZEM5Z1NidnJPMFZ0aGVOMXhwVjNuRDdjbjMzNnF4aXNtWWZ1TllTRENjNEczdWZHbGoydmRXMHc0RjRjSU0xYWQxUG44VHdnbXZ1Tk10MXpRWl9jQnRsd2ZDclBRUHRGWDN3WEwyMHJJb1loNFVrV09aQ1NZVDJEX1Z6Xzd6Z2tDNEtGbEZ0NlZ4ZXlGVFlWaEJXUlhWTHpoRG9FdEVuMzFvU2dUbXdicjUzZUJMSHd2UGFBZ0Nna0VwZzBRcTg4Sm5lOXlDcF9NWnZnbEVZRnJ6eHE3OGdZNGllbHVLTHUzOHJYbHpoWkhXM2NoYWl5bE9jUlNIXzZuRjUwMjFzenA3ZlJ3TEJIWDRBUUJnQWJ0d2JIMDZQclZqVTZnQmlHb0I2YS1HNmdIbHRnYnFBZXFtN0VDcUFlRHJiRUNxQWZfbnJFQ3FBZmZuN0VDMkFjQTBnZ1VDSURoZ0JBUUFUSUNxZ0k2QW9CQVNMMzl3VHI2Q3dJSUFZQU1BZEFWQVlBWEFRJm51bT0xJnNpZz1BT0Q2NF8wRkctdE9JNEtPeHVhR3E2TjJFM3J2aDRJdGpnJmNsaWVudD1jYS1wdWItMzk2MDA5NTcwOTkzMDEzNCZhZHVybD3wAQCKAmh1ZignYScsIDYxNzYyODgsIDApO3VmKCdpJywgNzQ3NDI2NiwgMCk7dWYoJ2cnLCAyMTY3NjQwMywgMCk7dWYoJ2MnLCA1NjcyODExOSwgMCk7dWYoJ3InLCAzNzUxNzMzOTAsIDApO5ICvQ4hOFlBdWFRaTN0SVliRUk3aThySUJHQUFnMGNjQk1BRTRBRUFBU0t0YVVKVTJXQUJnX19fX193OW9BSEFCZUFHQUFRR0lBUUdRQVFHWUFRR2dBUUtvQVFLd0FRQzVBYjB3VmlLZkxKMF93UUc5TUZZaW55eWRQOGtCQUFBQW9Odks1al9aQVFBQUFBQUFBUEFfNEFIYW1NZ0Q5UUh5Wk9rOG1BSUFvQUlBdFFJQUFBQUF2UUlBQUFBQXdBSUJ5QUlCMEFJQjJBSUI0QUlBNkFJQS1BSUFnQU1CbUFNQm9nTVRDTG5aeFN3UUNoZ0JMZDFXTmo4eUEzVnVhN29EQ1VGTlV6TTZOakUwTnVBRHhFU0FCTG04LWd1SUJMMjgtZ3VRQkFDWUJBU3FCTlVIQ1BfX19fX19fX19fX3dFUV9fX19fX19fX19fX0FSal9fX19fX19fX19fOEJJUF9fX19fX19fX19fd0VvX18RKhBfX0FURBkNEF84Qk9QHQ8Id0ZBHQ4MX0FVah0PCDhCVTYsAABZHR0IX0FXNlgAAGE2LAAAdzIsAABYNlgACGdBSB0fCDhCaToQAABrOhAAAG06EAAAbzoQAABxOhAAAHM6EAAAdToQAAB3OhAAAHk6EAAAMDoQAAAyOhAAADQ6EAAANjoQAAA4OhAAAC06EAAIZ0FMOgABNhAAAGs6EAAAbToQAABvOhAAAHE6EAAAczoQAAB1OhAAAHc6EAAAeToQAAAwOhAAADI6EAAANDoQAAA2OhAAADg6EAAALToQAARnQS4tAkEANhAAAGs6EAAAbToQAABvOhAAAHE6EAAAczoQAAB1OhAAAHc6EAAAeToQAAAwOhAAADI6EAAANDoQAAA2OhAAADg6EAAALToQAAhnQVQ6AAI2EAAAazoQAABtOhAAAG86EAAAcToQAABzOhAAAHU6EAAAdzoQAAB5OhAAADA6EAAAMjoQAAA0OhAAADY6EAAAODoQAAAtOhAACGdBWDoAATYQAABrOhAAAG06EAAMd1FRQRUBCE1rRRUMHEFEWUJBRHhCGREgQWlBV0NNS2tGERMQOEQteEIdPwh3UVURGwhBQU0uKAAEX1IuKAAAMhUowER3UC1BRm9SYndCZk9DcXdyNEJhRDgtQUtDQmdOVlUwU0lCZ1NRQmdHWUJnQ2hCZ0EVYCBxQVlFc2dZa0MdgABFHQwARx0MAEkdDKB1QVlLmgKZASFuQkRIbXdpM3RJWWJFSTdpOHJJQkdOSEhBU0FBS0FBeBVqVEFBNkNVRk5Vek02TmpFME5rREVSRWsNHwxEd1AxPTQARhEYDEFBQUcdGABHHRgASB0YEEhnQWlRERBARHdQdy4u2ALwBuACZuoCFmgaKwvw7WliYi5jby9NUFFMVzZtgAMAiAMBkAMAmAMJoAMBqgMAwAPYBMgDANgDq4vBAeADAOgDAPgDA4AEAJIEBC91YXCYBACiBA04NS4xOTAuMjMyLjI3qAQAsgQMCAAQABgAIAAwADgCuAQAwAQAyAQA0gQPMTE1NjMjQU1TMzo2MTQ22gQCCAHgBAHwBI7i8rIBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFpNoC-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBrVE2gYWChAAAAAAAAAFFgUBcBAAGADgBgHyBgIIAIAHAYgHAKAHAcgH4PYF0gcNFWQBJgjaBwYJzLjgBwDqBwIIAPAHiQGKCAIQAJUIAACAP5gIAcAI8AbSCA4IgYKEiJCgwIABEAIYAA..&s=f0ec767daed5e452f94a4e42a5cea6787a913f14&type=pv&jm=1140|1141|1003&px=0&py=0&bw=728&bh=90&sf=1&sid=2527564951534769251&vd=ct~0|rr~6&sv=239&tv=view7-1js&ua=chrome52&pl=win&x=v&tag_id=6933&cid=3&cr=pv&ft=3 Requested by Host: cdn.adnxs.com URL: https://cdn.adnxs.com/v/s/239/trk.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.21.3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language it-IT,it;q=0.9 Referer https://c51d4dfe96c8411fa6426238f9bfcf50.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Tue, 19 Sep 2023 23:51:53 GMT an-x-request-uuid e9bceae5-83fe-4aa3-a150-bcdb88a258f4 server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 access-control-allow-origin https://c51d4dfe96c8411fa6426238f9bfcf50.safeframe.googlesyndication.com cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 85.190.232.27; 85.190.232.27; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/	16 KB 12 KB	254ms 117ms	XHR application/json	142.250.186.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202309140101&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f2.1e100.net Software cafe / Resource Hash e58edb88755bff42fabd6e6782f3c5e97b58ea9d80f51f5b37d4304fbff64da0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language it-IT,it;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 23:51:54 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12039 x-xss-protection 0
GET H2	200	push-event-counter c.usefulcontentsites.com/	43 B 468 B	192ms 184ms	Image image/gif	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://c.usefulcontentsites.com/push-event-counter?permission=default&domain=ibb.co Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers accept-language it-IT,it;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 23:51:54 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-mg-request-uuid 7f6e52b7-5be1-4519-9651-77f6b38bfa4b server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fjTVogbAAHNdjzjXJuO1Ec5JCG5FvSPp%2F8ZlmweciicvZRDXs17QyHCXg8WYJKhDWsdv8rpKloF717OjkNufgcwuS0ozzPV9lyx3UfaGdamJaKbL2MU87DB%2FfmJzwDC6yh53JgPqzi35AQQ%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-methods POST, OPTIONS access-control-allow-origin https://ibb.co content-type image/gif cf-ray 8095bd436950029c-CDG access-control-allow-headers * alt-svc h3=":443"; ma=86400
GET H2	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 10BD	42 B 404 B	202ms 101ms	Fetch image/gif	142.250.186.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu0QAsc8kBVPuQsoyMhva7L_WQymOqPqFqLccBDEWM4Gq1seklvNpKKlt7mAxlFVUmtUNOabErILBZY0WChlOjYFsQj2gi_D_BuWUbT&sig=Cg0ArKJSzDKJGazffSE6EAE&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230913&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3672933460&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1695167512374&rpt=758&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language it-IT,it;q=0.9 Referer https://c51d4dfe96c8411fa6426238f9bfcf50.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers pragma no-cache date Tue, 19 Sep 2023 23:51:54 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 7 KB	63ms 62ms	Script text/javascript	142.250.184.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f1.1e100.net Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language it-IT,it;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 23:51:54 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Tue, 19 Sep 2023 23:51:54 GMT
GET H2	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0A0E	13 KB 5 KB	54ms 52ms	Document text/html	142.250.184.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f1.1e100.net Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ibb.co/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 accept-language it-IT,it;q=0.9 Response headers accept-ranges bytes age 22784 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Tue, 19 Sep 2023 17:32:10 GMT expires Wed, 18 Sep 2024 17:32:10 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	aframe Show response www.google.com/recaptcha/api2/ Frame 6861	829 B 1 KB	199ms 71ms	Document text/html	142.250.185.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f4.1e100.net Software GSE / Resource Hash 8c9602ba49c5d34f6b11a27b7176bb56616b263049c427feb16009b05b86b733 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce--N8qnHpbJlGDRz23GNBl_g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://ibb.co/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 accept-language it-IT,it;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding gzip content-length 538 content-security-policy script-src 'report-sample' 'nonce--N8qnHpbJlGDRz23GNBl_g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Tue, 19 Sep 2023 23:51:54 GMT expires Tue, 19 Sep 2023 23:51:54 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	D38i8ocviMyns63bFlxz04547CGgVcdJsS8VZS_5djY.js Show response pagead2.googlesyndication.com/bg/ Frame 0A0E	37 KB 14 KB	157ms 52ms	Script text/javascript	142.250.186.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/D38i8ocviMyns63bFlxz04547CGgVcdJsS8VZS_5djY.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f2.1e100.net Software sffe / Resource Hash 0f7f22f2872f88cca7b3addb165c73d38e78ec21a055c749b12f15652ff97636 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language it-IT,it;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 22:57:13 GMT content-encoding br x-content-type-options nosniff age 3281 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14739 x-xss-protection 0 last-modified Mon, 11 Sep 2023 20:08:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 18 Sep 2024 22:57:13 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame 6861	0 0	85ms 85ms	Image text/html	142.250.186.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202309140101&jk=1979321753368533&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f2.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language it-IT,it;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame 0A0E	0 10 B	57ms 57ms	Image text/plain	142.250.184.193 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?I6jD1Q Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f1.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language it-IT,it;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers date Tue, 19 Sep 2023 23:51:54 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H3	204	sodar pagead2.googlesyndication.com/pagead/	0 0	89ms 88ms	Image text/html	142.250.186.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202309140101&jk=1979321753368533&bg=!-fql-rXNAAbP3fMH7907ADQBe5WfOLyyGHWEDwgLPsE3XTcbaz1fkrPB65NApliZDx3LXBodeDkUYz9lfYvVvqSVQzfoAgAAAF5SAAAACGgBB5kCsWz3Sr5Ckx0UncnwYuPv2nQf_Y2LYDY1t3bCuNtTKk2RUyif0QzRBAWssYeKdiuCPe6x32r2S0BNs4-hDK9NW9ts_uVP9nFpB3pXJ93Rf0qjb7D3pVf0KnZww-393mORac-25r-xk2D0cEE-DZVHta3M1CFltZQY6dWXUEtRuaBg-7EL2SveZjd28XUpnp3pfQ6I5ZtjXf1TzEqc60i42uircCRiPPgKlrSsxBaNNLMKW8TyFbh6stiznhEtkFPn7lRtpccL_WWGQpQkO2cDxG9Ie00R-SBIv3lOQ3RxqrkC1vEIq7UPL-WYmBy3rVjFJ_E9eAcX15tS1VKLngZR5OM2AcubCoZuj_-ui7O2PfGpDx8pzIJh_goKrXggmVMziyw8l-URj4zQXP65wgoDtQdDm1fLFJ3CDgY6X-riJy5rKfFJXW1ZT3VQ3RrLtkHou3QwqUj_Hqa_6930_TlkrOhDGkJM3gHU8HVRL4PXTmEWtV_8Srhe4FBRWPlyx3IBPSxk78LvLTsTzaHVd-O9UX50gXy6hey1eme14OELdoKply5tc3Kdgn5PhaKoGyViZQCPVzVUbDpzR-mw9rO8EM9hHr3jouXx_vSsEqq8nlAnzYjx6a_ewK3bicvkEQE6w1y7ZSHMaSYnky7fibuAV6GGzMERQgishr1KRp98ubc-GLdCqNBxH55k31B3uKm4z0cKCvFDxh7FbYxe_2dYCVBGF38m40dM5SdWDuqXS4YA6Y9IYC0prNBHtCc6kFU3i9-Zu5Vq9TxfFh2fnhvest4UuCdOdifJgNO5rU7t7x6eKSnLxTAG-3llSdu0Pm5j7tmZ9KOQvNY1iT_Wz7JHA69WmsJ87QuUyCBvti7oiLhzqeMfHiqmhgcNUOKtV-Rans7Kd0ZuAj4OPVcyOxIIpacN Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f2.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language it-IT,it;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36 Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

c51d4dfe96c8411fa6426238f9bfcf50.safeframe.googlesyndication.com

URL

https://c51d4dfe96c8411fa6426238f9bfcf50.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html