urlscan.io logo urlscan.io
SecurityTrails logo

ibb.co Open in urlscan Pro
213.174.132.224  Public Scan

Go To Rescan Add Verdict Report
URL: https://ibb.co/b3qmNfr
Submission: On August 19 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 4 countries across 16 domains to perform 49 HTTP transactions. The main IP is 213.174.132.224, located in Ashburn, United States and belongs to ADVANCEDHOSTERS-AS, NL. The main domain is ibb.co. The Cisco Umbrella rank of the primary domain is 10903.
TLS certificate: Issued by R3 on August 10th 2023. Valid for: 3 months.
This is the only time ibb.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    213.174.132.224 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
ibb.co
1    2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    2606:4700:3032::ac43:83fb (United States)

ASN13335 (CLOUDFLARENET, US)
simgbb.com
2    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.usefulcontentsites.com
c.usefulcontentsites.com
8    2606:4700:10::6816:3bc7 (United States)

ASN13335 (CLOUDFLARENET, US)
services.vlitag.com
assets.vlitag.com
media.vlitag.com
2    162.19.58.156 (France)

ASN16276 (OVH, FR)
PTR: ns3096358.ip-162-19-58.eu
i.ibb.co
3    93.93.51.191 (Luxembourg)

ASN34655 (DOCLER-AS, LU)
pt.protoawe.com
1    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2606:4700:1::6813:864e (United States)

ASN13335 (CLOUDFLARENET, US)
cm.mgid.com
4    93.93.51.200 (Luxembourg)

ASN34655 (DOCLER-AS, LU)
pt-static2.awepsljan.com
pt-static4.awepsljan.com
pt-static3.awepsljan.com
pt-static5.awepsljan.com
8    2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
3    13.224.192.181 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-192-181.fra2.r.cloudfront.net
c.amazon-adsystem.com
4    93.93.51.190 (Luxembourg)

ASN34655 (DOCLER-AS, LU)
galleryn1.vcmdiawe.com
galleryn0.vcmdiawe.com
1    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
redirector.googlevideo.com
1    2a00:1450:4001:23::a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
r5---sn-4g5edndk.googlevideo.com
Apex Domain
Subdomains		 Transfer
8 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 76
150 KB
8 vlitag.com
services.vlitag.com — Cisco Umbrella Rank: 30417
assets.vlitag.com — Cisco Umbrella Rank: 45410
media.vlitag.com — Cisco Umbrella Rank: 62396
441 KB
5 simgbb.com
simgbb.com — Cisco Umbrella Rank: 208509
139 KB
4 vcmdiawe.com
galleryn1.vcmdiawe.com — Cisco Umbrella Rank: 24551
galleryn0.vcmdiawe.com — Cisco Umbrella Rank: 20306
108 KB
4 awepsljan.com
pt-static2.awepsljan.com
pt-static4.awepsljan.com
pt-static3.awepsljan.com
pt-static5.awepsljan.com
122 KB
3 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 361
64 KB
3 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 228
155 KB
3 protoawe.com
pt.protoawe.com
9 KB
3 ibb.co
ibb.co — Cisco Umbrella Rank: 10903
i.ibb.co — Cisco Umbrella Rank: 11172
248 KB
2 googlevideo.com
redirector.googlevideo.com — Cisco Umbrella Rank: 788
r5---sn-4g5edndk.googlevideo.com — Cisco Umbrella Rank: 294712
995 B
2 usefulcontentsites.com
cdn.usefulcontentsites.com — Cisco Umbrella Rank: 129606
c.usefulcontentsites.com — Cisco Umbrella Rank: 49796
3 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 73
imasdk.googleapis.com — Cisco Umbrella Rank: 600
124 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 374
1 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 62
21 KB
1 mgid.com
cm.mgid.com — Cisco Umbrella Rank: 1491
377 B
1 gstatic.com
fonts.gstatic.com
48 KB
49 16
Domain Requested by
8 www.googletagmanager.com pt.protoawe.com
www.googletagmanager.com
ibb.co
5 simgbb.com ibb.co
simgbb.com
4 services.vlitag.com ibb.co
services.vlitag.com
3 galleryn0.vcmdiawe.com pt.protoawe.com
3 c.amazon-adsystem.com services.vlitag.com
c.amazon-adsystem.com
3 securepubads.g.doubleclick.net services.vlitag.com
securepubads.g.doubleclick.net
3 assets.vlitag.com services.vlitag.com
ibb.co
3 pt.protoawe.com ibb.co
2 i.ibb.co ibb.co
1 c.usefulcontentsites.com
1 r5---sn-4g5edndk.googlevideo.com ibb.co
1 redirector.googlevideo.com 1 redirects
1 media.vlitag.com 1 redirects
1 cdn.jsdelivr.net assets.vlitag.com
1 www.google-analytics.com www.googletagmanager.com
1 galleryn1.vcmdiawe.com pt.protoawe.com
1 imasdk.googleapis.com services.vlitag.com
1 pt-static5.awepsljan.com pt.protoawe.com
1 pt-static3.awepsljan.com pt.protoawe.com
1 pt-static4.awepsljan.com pt.protoawe.com
1 pt-static2.awepsljan.com pt.protoawe.com
1 cm.mgid.com cdn.usefulcontentsites.com
1 fonts.gstatic.com fonts.googleapis.com
1 cdn.usefulcontentsites.com ibb.co
1 fonts.googleapis.com ibb.co
1 ibb.co
49 26

This site contains links to these domains. Also see Links.

Domain
imgbb.com
api.imgbb.com
i.ibb.co
Subject Issuer Validity Valid
ibb.co
R3		 2023-08-10 -
2023-11-08		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
simgbb.com
GTS CA 1P5		 2023-08-12 -
2023-11-10		 3 months crt.sh
usefulcontentsites.com
GTS CA 1P5		 2023-06-27 -
2023-09-25		 3 months crt.sh
vlitag.com
GTS CA 1P5		 2023-07-31 -
2023-10-29		 3 months crt.sh
pt.aweproto.com
R3		 2023-07-21 -
2023-10-19		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-11 -
2024-04-10		 a year crt.sh
pt-static1.awepsljan.com
R3		 2023-06-28 -
2023-09-26		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
*.vcmdiawe.com
Sectigo RSA Domain Validation Secure Server CA		 2023-05-02 -
2024-05-02		 a year crt.sh

This page contains 2 frames:

Primary Page: https://ibb.co/b3qmNfr
Frame ID: 91C8350534CD77FFCD624A4ED27A66EC
Requests: 30 HTTP requests in this frame

Frame: https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1
Frame ID: E8B1705C73F7D2057EB3D31299E87A50
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

IMG-2942 hosted at ImgBB — ImgBB

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

49
Requests

98 %
HTTPS

68 %
IPv6

16
Domains

26
Subdomains

18
IPs

4
Countries

1633 kB
Transfer

4313 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40
  • https://media.vlitag.com/vid/?id=6Fk_i-JDmbY&t=y HTTP 302
  • https://redirector.googlevideo.com/videoplayback?expire=1692435453&ei=nS_gZIjkGoXP8wSJ5avYBA&ip=184.164.141.146&id=o-AGh_aMzZ5eq86ZoA4iHcqIJU_haYFGHwAZ0LZE213ob0&itag=136&aitags=134%2C136%2C160%2C243&source=youtube&requiressl=yes&mh=d6&mm=31%2C29&mn=sn-2puupm-2pue%2Csn-p5qlsndk&ms=au%2Crdu&mv=u&mvi=1&pl=22&spc=UWF9f3t4TF7zrxaSUKzYzMPHyz7CCKJP-tUKllJj7A&vprv=1&svpuc=1&mime=video%2Fmp4&ns=EVNJwbO1l23X5dXeQBcVwyEP&gir=yes&clen=33307029&dur=200.909&lmt=1685781129302686&mt=1692412709&fvip=3&keepalive=yes&fexp=24007246%2C24363391&beids=24350018&c=WEB&txp=6216224&n=KEzgwYlDK9Tfwm8QY2&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAJKvIjT1aeyK4KH-FJD1Em9YLZnyJ_JD6c_BCHI8gjJnAiA9WmQbl3XeQaqf9rl4BM5ljbfI_i63aXpzHaMJMxQ07g%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRAIgBD6T7f4TDkmyGhbNx6kj5yfzWiLqm2ybGrJEs7-spZICIHwqZtCHciDU8URfdQjveZYdJO9Iw51tNoSFG_kk2lFb HTTP 302
  • https://r5---sn-4g5edndk.googlevideo.com/videoplayback?expire=1692435453&ei=nS_gZIjkGoXP8wSJ5avYBA&ip=184.164.141.146&id=o-AGh_aMzZ5eq86ZoA4iHcqIJU_haYFGHwAZ0LZE213ob0&itag=136&aitags=134%2C136%2C160%2C243&source=youtube&requiressl=yes&spc=UWF9f3t4TF7zrxaSUKzYzMPHyz7CCKJP-tUKllJj7A&vprv=1&svpuc=1&mime=video%2Fmp4&ns=EVNJwbO1l23X5dXeQBcVwyEP&gir=yes&clen=33307029&dur=200.909&lmt=1685781129302686&keepalive=yes&fexp=24007246%2C24363391&beids=24350018&c=WEB&txp=6216224&n=KEzgwYlDK9Tfwm8QY2&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAJKvIjT1aeyK4KH-FJD1Em9YLZnyJ_JD6c_BCHI8gjJnAiA9WmQbl3XeQaqf9rl4BM5ljbfI_i63aXpzHaMJMxQ07g%3D%3D&cms_redirect=yes&mh=d6&mip=2001:1b60:2:240:3247::3&mm=31&mn=sn-4g5edndk&ms=au&mt=1692413592&mv=m&mvi=5&pl=29&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAMjEM6KGX0rIWYU0e2LCYg600ymLkTAc53zzYr2KAx97AiBcM2-flU8hQ9PwOk2DoQHCgIuWM3yrU6yUTx-g3EK5zw%3D%3D

49 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request b3qmNfr
ibb.co/ 		21 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ibb.co/b3qmNfr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.174.132.224 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
6506c4d2f51b0f1a42b9b00101c740d30dfc84d7b0f4f661547636d734b0360f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload max-age=63072000; includeSubDomains; preload
X-Frame-Options DENY DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 19 Aug 2023 02:57:51 GMT
server
nginx
strict-transport-security
max-age=63072000; includeSubDomains; preload max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
x-frame-options
DENY DENY
css2
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500&display=swap
Requested by
Host: ibb.co
URL: https://ibb.co/b3qmNfr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
406982b8ecdd220a552875f3e7c224f577034e04d5d4e4da90ca5e4fed066e06
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibb.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 19 Aug 2023 02:57:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 19 Aug 2023 01:50:29 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 19 Aug 2023 02:57:51 GMT
ibb.css
simgbb.com/2801/ 		115 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://simgbb.com/2801/ibb.css
Requested by
Host: ibb.co
URL: https://ibb.co/b3qmNfr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:83fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d192a5e1527c429f7e465e41ecbf501e491bbb33365f4870a332ff497c4b12e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibb.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 19 Aug 2023 02:57:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 02 Feb 2023 10:55:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4614
etag
W/"63db96ac-1cd5c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EEd8EF8zJiyLCmx%2Fx8E75wXB6zB1RLDwj%2FcWka7BHK1F0fk9oj35dwYr%2BZSBlR3feU00u9fi9P4cFMFZ20mRoyNkcF%2FmwVnUTyr%2B2NjMLe3FrWOSM%2FT4e0tbIHq2TOPEOT0aqk%2F15YRr"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
7f8f21a6ec4218d9-FRA
alt-svc
h3=":443"; ma=86400
subscribe.js
cdn.usefulcontentsites.com/js/push/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.usefulcontentsites.com/js/push/subscribe.js?v=7
Requested by
Host: ibb.co
URL: https://ibb.co/b3qmNfr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c598d6dc2f040f82c608cb1ef063629ad52ade976a354e578cfab5f2fbb428d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibb.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc16
date
Sat, 19 Aug 2023 02:57:51 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
VS7TN78P7PZG3N8M
age
3494
x-cached-since
2023-07-10T00:58:07+00:00
x-id-fe
fr5-hw-edge-gc16
alt-svc
h3=":443"; ma=86400
x-amz-id-2
Y2smqfI1RUPooDAuiY15hgXRsbykfDSmwgAKbOj7v1c4J3O7pA/lxKrtdriUzsAmeolngow7I08=
last-modified
Wed, 30 Mar 2022 12:06:36 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1648641987/ctime:1648641987/gid:0/gname:root/md5:531a7e657aea171bbfa47a0c45adfede/mode:33206/mtime:1648641987/uid:0/uname:root
etag
W/"531a7e657aea171bbfa47a0c45adfede"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LLKEKQtTqin8BuWgXWP9lY2nH%2FjFxCP75BYibntD9tNPNsTsW5XltXa8XMj0%2Frj2YbZ5UxNamtpIbmM9oYiPWoYFNZzNYsk7Dxi1fcXAPIUqchDMLyGwST4tPf2WnIngM4gWpsILueKeyvo7TwRR0CTIyI2zost0hA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cache
STALE
cf-ray
7f8f21a77e764dcd-FRA
/
services.vlitag.com/adv1/ 		576 KB
148 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1
Requested by
Host: ibb.co
URL: https://ibb.co/b3qmNfr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3bc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfab3ba542048240c70d2e8603c4b7b81711e0fedb2d7a84b70ae217c5dd438c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibb.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 19 Aug 2023 02:57:51 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
server
cloudflare
age
360
cf-polished
origSize=589336
etag
W/"8e6637b4f4f57cc6ca9a8b8db5bcdcb1 2023-08-18T03:49:11 v1 default"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=900, stale-while-revalidate=3600
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7f8f21a76db05c2c-FRA
alt-svc
h3=":443"; ma=86400
logo.png
simgbb.com/images/ 		938 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simgbb.com/images/logo.png
Requested by
Host: ibb.co
URL: https://ibb.co/b3qmNfr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:83fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80329d457bd68a89b53ca393d3ba5f1c7b4f944c3c60ef8244a6969e10647c55

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibb.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 19 Aug 2023 02:57:51 GMT
cf-cache-status
HIT
last-modified
Thu, 02 Feb 2023 10:55:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4809
etag
"63db96ac-3aa"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hzf%2FA6yamA6%2BGG3YKK8hFiRBb%2B%2F4rdfjVzcH6gBCqZRepvTJ81Vsh50UDb40RFg0faGK7Q4fNVmZWNnqEp2nBHVx6Qi6Tj%2BtTXw%2FkDvhlfV52gpZu5tIYoehwG9ZP1%2FvJGlLgUz8Hvq8"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7f8f21a73c7b18d9-FRA
alt-svc
h3=":443"; ma=86400
content-length
938
IMG-2942.jpg
i.ibb.co/GJBpChV/ 		99 KB
99 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ibb.co/GJBpChV/IMG-2942.jpg
Requested by
Host: ibb.co
URL: https://ibb.co/b3qmNfr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.58.156 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3096358.ip-162-19-58.eu
Software
nginx /
Resource Hash
9533bd889192d7eb328aa4793fa850855dbb802000059fdd1f1990fb1f5c37a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibb.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 19 Aug 2023 02:57:51 GMT
last-modified
Sat, 19 Aug 2023 02:41:38 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
101225
expires
Thu, 31 Dec 2037 23:55:55 GMT
script
pt.protoawe.com/cifra/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pt.protoawe.com/cifra/script?id=awe-customiframe-container&row=1&column=4&border=0&wide=0&padding=8px&model=0&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&legacyRedirect=1
Requested by
Host: ibb.co
URL: https://ibb.co/b3qmNfr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
93.93.51.191 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software
unknown /
Resource Hash
3b5c79fa6438eb8abbfc5dbde134a7f49a7f5920a1099a47b5ffed5222b495f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibb.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 19 Aug 2023 02:57:04 GMT
cache-control
no-cache
x-ud-id
oX0JA/7yt
server
unknown
x-cache-status
R-HIT
content-type
application/javascript
jquery2.js
simgbb.com/2801/ 		114 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://simgbb.com/2801/jquery2.js
Requested by
Host: ibb.co
URL: https://ibb.co/b3qmNfr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:83fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff3ec271ef20383e3c4fd7f8a8bbab3610c6bd52fa7ca3a52059b97faf148b24

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibb.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 19 Aug 2023 02:57:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 02 Feb 2023 10:55:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1838
etag
W/"63db96ac-1c65d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eepbPk6v06o9geQ9luX1uyaBlfxG4mUbz6u3x7n1%2BDH%2B%2FCcUyzPE4VrTjxpVJ5L59N7JLv%2FDjwtQK0jsNKshuFLjtAaAYqL93zGQ4ykPjKqGQPf2WO5QJZC7kSbr6KsEhTeG%2FrD7DJ%2F5"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
7f8f21a73c7c18d9-FRA
alt-svc
h3=":443"; ma=86400
ibb.js
simgbb.com/2801/ 		215 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://simgbb.com/2801/ibb.js
Requested by
Host: ibb.co
URL: https://ibb.co/b3qmNfr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:83fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45906ccf25c34566708e3c7b29332f2d567c6fa53c72a64b2523928343be6cd1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibb.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 19 Aug 2023 02:57:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 01 Aug 2023 17:15:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4511
etag
W/"64c93db0-35a95"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E9E544BjDKQCvxtNicoh6E1uDlgjxHJc30W4%2Fuj3s7XqqaYajlHmgehd%2BTuxS1sEshIIZvHGQaaBh57KWn57dCnnPGUeVVkvRJRTfrA8%2BT704Dhk8vQTJsCeRTIeH2qf4XcNBZTw%2BeHH"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
7f8f21a73c7d18d9-FRA
alt-svc
h3=":443"; ma=86400
cifra
pt.protoawe.com/ Frame E8B1 		27 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1
Requested by
Host: ibb.co
URL: https://ibb.co/b3qmNfr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
93.93.51.191 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software
unknown /
Resource Hash
3c0c1360e75572f93c53127c4d4a3a5969db23f0c93e4c66d949a41b5b6a79cf

Request headers

Referer
https://ibb.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=300, public
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 19 Aug 2023 02:57:51 GMT
server
unknown
vary
Accept-Encoding
x-cache-status
R-MISS
x-ud-id
VOE9y/moz
imgbb.woff2
simgbb.com/fonts/ 		8 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://simgbb.com/fonts/imgbb.woff2
Requested by
Host: simgbb.com
URL: https://simgbb.com/2801/ibb.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:83fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f46bf0c1c79af4187878ef33dc72a02a554013f943f2eaeb9ad5e88c246b6b13

Request headers

Referer
https://simgbb.com/2801/ibb.css
Origin
https://ibb.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 19 Aug 2023 02:57:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2975
alt-svc
h3=":443"; ma=86400
content-length
8468
last-modified
Thu, 02 Feb 2023 10:55:40 GMT
server
cloudflare
etag
"63db96ac-2114"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=klHbn0NT6aPeWVjIHmeHCwoL8FhgwywqTTIUEfq2bH1lMOJE%2BKFhtYYdvs136mTIHXUlljIS85BtMY9KV03BkDLzny63fFq6iU2HvC3BYW5KumGryP33EdhEDkLHK%2B5QnZEw1a9DlOky"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7f8f21a78b6a4d93-FRA
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ibb.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 19 Aug 2023 00:05:03 GMT
x-content-type-options
nosniff
age
10368
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48412
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:08:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 18 Aug 2024 00:05:03 GMT
IMG-2942.jpg
i.ibb.co/j5Bf3pL/ 		142 KB
143 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ibb.co/j5Bf3pL/IMG-2942.jpg
Requested by
Host: ibb.co
URL: https://ibb.co/b3qmNfr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.58.156 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3096358.ip-162-19-58.eu
Software
nginx /
Resource Hash
df8f4a00c389b04bb7046625b4852b7f307f85f3c703ca06b9ebf572bdf5b7c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibb.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 19 Aug 2023 02:57:51 GMT
last-modified
Sat, 19 Aug 2023 02:41:38 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
145737
expires
Thu, 31 Dec 2037 23:55:55 GMT
js-cookie-muidn
cm.mgid.com/ 		0
377 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/js-cookie-muidn
Requested by
Host: cdn.usefulcontentsites.com
URL: https://cdn.usefulcontentsites.com/js/push/subscribe.js?v=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibb.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Aug 2023 02:57:51 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
7f8f21a82cde2bdc-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
8e6637b4f4f57cc6ca9a8b8db5bcdcb1.json
services.vlitag.com/cli/ 		42 B
344 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://services.vlitag.com/cli/8e6637b4f4f57cc6ca9a8b8db5bcdcb1.json?hn=https://ibb.co
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3bc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6637e59147dcc379f85d6d0b432c2d4e431e314ae5a642bb7c7ae6c9c8ff81b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibb.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Aug 2023 02:57:51 GMT
cf-cache-status
BYPASS
server
cloudflare
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ibb.co
cache-control
private, no-cache, no-store, must-revalidate
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7f8f21a83ba8367e-FRA
content-length
42
alt-svc
h3=":443"; ma=86400
expires
Fri, 01 Jan 1990 00:00:00 GMT
di.min-v795780.js
pt-static2.awepsljan.com/npe/_common/script/incognito/ Frame E8B1 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pt-static2.awepsljan.com/npe/_common/script/incognito/di.min-v795780.js
Requested by
Host: pt.protoawe.com
URL: https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software
unknown /
Resource Hash
7d71a852775aba4b8dc1944e102cb58b344c544fe55e69da4caa73e8ccc1d2cb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pt.protoawe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-cdn-node
defra
date
Sat, 19 Aug 2023 02:57:51 GMT
content-encoding
gzip
last-modified
Fri, 11 Aug 2023 12:19:28 GMT
server
unknown
etag
W/"64d62750-d47"
x-cache-status
R-HIT
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1209600
expires
Sat, 02 Sep 2023 02:57:51 GMT
advertisement-v795780.js
pt-static4.awepsljan.com/npe/_common/script/adblock/ Frame E8B1 		21 B
277 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pt-static4.awepsljan.com/npe/_common/script/adblock/advertisement-v795780.js
Requested by
Host: pt.protoawe.com
URL: https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software
unknown /
Resource Hash
e97a9988dce8067f81f57557b349dd481e0335e75175179b6b01322be2ff13a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pt.protoawe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-cdn-node
defra
date
Sat, 19 Aug 2023 02:57:51 GMT
last-modified
Fri, 11 Aug 2023 12:19:28 GMT
server
unknown
etag
"64d62750-15"
x-cache-status
R-HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1209600
accept-ranges
bytes
content-length
21
expires
Sat, 02 Sep 2023 02:57:51 GMT
cifra-v795780.css
pt-static3.awepsljan.com/npe/cifra/styles/ Frame E8B1 		16 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pt-static3.awepsljan.com/npe/cifra/styles/cifra-v795780.css
Requested by
Host: pt.protoawe.com
URL: https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software
unknown /
Resource Hash
1c415650a2aa6f716a4ec6438530c949a1486ed3e628dbdcc296893f2eac6e9a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pt.protoawe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-cdn-node
defra
date
Sat, 19 Aug 2023 02:57:51 GMT
content-encoding
gzip
last-modified
Fri, 11 Aug 2023 12:19:28 GMT
server
unknown
etag
W/"64d62750-41f3"
x-cache-status
R-HIT
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=1209600
expires
Sat, 02 Sep 2023 02:57:51 GMT
cifrafk-v795780.js
pt-static5.awepsljan.com/npe/cifra/script/ Frame E8B1 		323 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pt-static5.awepsljan.com/npe/cifra/script/cifrafk-v795780.js
Requested by
Host: pt.protoawe.com
URL: https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software
unknown /
Resource Hash
b72b133f647545d0fa6ca3c13454dc5adca17490e714c9abb3b56c61fdadd294

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pt.protoawe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-cdn-node
defra
date
Sat, 19 Aug 2023 02:57:51 GMT
content-encoding
gzip
last-modified
Fri, 11 Aug 2023 12:19:28 GMT
server
unknown
etag
W/"64d62750-50a28"
x-cache-status
R-HIT
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1209600
expires
Sat, 02 Sep 2023 02:57:51 GMT
gtm.js
www.googletagmanager.com/ Frame E8B1 		212 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WXTGF28
Requested by
Host: pt.protoawe.com
URL: https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c36a51a5e9c6c36af802c675fcec1d27366ebfa39cb46ca60c0bf2c37cb42202
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pt.protoawe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 19 Aug 2023 02:57:51 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73102
x-xss-protection
0
last-modified
Sat, 19 Aug 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 19 Aug 2023 02:57:51 GMT
vl.json
services.vlitag.com/vld/1692331386/ 		13 B
266 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://services.vlitag.com/vld/1692331386/vl.json?page_url=https%3A%2F%2Fibb.co%2Fb3qmNfr
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3bc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibb.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 19 Aug 2023 02:57:51 GMT
cf-cache-status
MISS
last-modified
Sat, 19 Aug 2023 02:57:51 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ibb.co
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7f8f21a93c96bb3b-FRA
content-length
13
alt-svc
h3=":443"; ma=86400
8e6637b4f4f57cc6ca9a8b8db5bcdcb1.json
services.vlitag.com/obj/1692331386/ 		29 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://services.vlitag.com/obj/1692331386/8e6637b4f4f57cc6ca9a8b8db5bcdcb1.json?cc=DE&hn=https://ibb.co
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3bc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79ec0b11288716fa808e7c034abeee7b94bf61954a75ce917737196c6f3cd91e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibb.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 19 Aug 2023 02:57:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 18 Aug 2023 08:01:47 GMT
server
cloudflare
age
68119
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ibb.co
cache-control
public, immutable, max-age=31536000
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
7f8f21a93c97bb3b-FRA
alt-svc
h3=":443"; ma=86400
prebid-7.48.0.js
assets.vlitag.com/prebid/default/ 		561 KB
172 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3bc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95dbbacaaa6b78654b2b74da75fa16e9986ff82fe674aea184b07e643295c871

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibb.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 19 Aug 2023 02:57:51 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 08 May 2023 07:36:47 GMT
server
cloudflare
age
68161
cf-polished
origSize=575587
etag
W/"6458a68f-8c863"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=16070400
cf-ray
7f8f21a9af1b5c2c-FRA
alt-svc
h3=":443"; ma=86400
expires
Fri, 18 Aug 2023 08:31:47 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		97 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9364d2da9aefdcaf32cf910df66e1a750895ac91bdc57f30940b19113c5c3b08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibb.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 19 Aug 2023 02:57:51 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28515
x-xss-protection
0
server
cafe
etag
629 / 19588 / 31077163 / config-hash: 4570674370816517536
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 19 Aug 2023 02:57:51 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		354 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
695d7f02b1c1193c310b3606dce44ceec5b942debf5dae643857ac8b82956b42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibb.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 19 Aug 2023 02:57:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
124775
x-xss-protection
0
expires
Sat, 19 Aug 2023 02:57:51 GMT
sf_host.min.js
assets.vlitag.com/plugins/safeframe/src/js/ 		38 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.vlitag.com/plugins/safeframe/src/js/sf_host.min.js
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3bc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibb.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 19 Aug 2023 02:57:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 01 Nov 2019 05:04:50 GMT
server
cloudflare
age
68161
etag
W/"5dbbbcf2-9806"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=16070400
cf-ray
7f8f21a9af1c5c2c-FRA
alt-svc
h3=":443"; ma=86400
expires
Fri, 18 Aug 2023 08:31:47 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		247 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-181.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a98bbedfe137634d13583cfe8f3c45c2619a3b000e5040a2d278e34113a7e718

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibb.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 19 Aug 2023 02:49:40 GMT
content-encoding
gzip
via
1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront), 1.1 172e63b20fb363ed969de28ae3937e20.cloudfront.net (CloudFront)
last-modified
Fri, 18 Aug 2023 14:49:35 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA2-C1
age
492
x-amz-server-side-encryption
AES256
etag
W/"18d224f28cc64cc090497710b99f69ff"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
IyCHHPcSJnHJTq_06TSB3rvpm4A15NQO1NJp9aCDoHtoB0V3_cfVkg==
70a668febf99be3ee2df6bbc7394c418_glamour_460x345.jpg
galleryn1.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f17/ Frame E8B1 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://galleryn1.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f17/70a668febf99be3ee2df6bbc7394c418_glamour_460x345.jpg?cno=72fe
Requested by
Host: pt.protoawe.com
URL: https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.93.51.190 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software
unknown /
Resource Hash
c64230421367c3d4edb6b2f504e434520eeb1a5df3d9c1b8f79e9a9012e96e84
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pt.protoawe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-cdn-node
defra
date
Sat, 19 Aug 2023 02:57:51 GMT
x-content-type-options
nosniff
last-modified
Tue, 13 Jun 2023 07:05:26 GMT
server
unknown
etag
"06f04f11bea063955b57334af13d8e82"
x-cache-status
R-HIT
content-type
image/jpeg
access-control-allow-origin
*
x-cache-source
Origin
cache-control
max-age=1209600
x-real-source
-
accept-ranges
bytes
content-length
35211
expires
Sat, 02 Sep 2023 02:57:51 GMT
97c9c396206c88f0c64c1393f0276c32_glamour_460x345.jpg
galleryn0.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f19/ Frame E8B1 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://galleryn0.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f19/97c9c396206c88f0c64c1393f0276c32_glamour_460x345.jpg?cno=42ae
Requested by
Host: pt.protoawe.com
URL: https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.93.51.190 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software
unknown /
Resource Hash
389db2b2d7942f809a3ba9bd78e5142b2904cbce7e246520394ef027ff1729c1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pt.protoawe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-cdn-node
defra
date
Sat, 19 Aug 2023 02:57:51 GMT
x-content-type-options
nosniff
last-modified
Sun, 06 Aug 2023 07:14:27 GMT
server
unknown
etag
"3c95b6bd771b712cedde0a6e29003cea"
x-cache-status
R-HIT
content-type
image/jpeg
access-control-allow-origin
*
x-cache-source
Origin
cache-control
max-age=1209600
x-real-source
-
accept-ranges
bytes
content-length
23401
expires
Sat, 02 Sep 2023 02:57:51 GMT
b2b4e7508fd02c06c7e52cf6d77e45c4_glamour_460x345.jpg
galleryn0.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f1b/ Frame E8B1 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://galleryn0.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f1b/b2b4e7508fd02c06c7e52cf6d77e45c4_glamour_460x345.jpg?cno=a7bc
Requested by
Host: pt.protoawe.com
URL: https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.93.51.190 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software
unknown /
Resource Hash
98ecccbdd36a736af56f5539c38b35d384afbe66dff5ce7a4d0e9de712cb4014
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pt.protoawe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-cdn-node
defra
date
Sat, 19 Aug 2023 02:57:51 GMT
x-content-type-options
nosniff
last-modified
Thu, 17 Aug 2023 00:17:15 GMT
server
unknown
etag
"5cbd67df9727331afeda53e6618639b9"
x-cache-status
R-HIT
content-type
image/jpeg
access-control-allow-origin
*
x-cache-source
Origin
cache-control
max-age=1209600
x-real-source
-
accept-ranges
bytes
content-length
28961
expires
Sat, 02 Sep 2023 02:57:51 GMT
028d8065a37ed2dea59b1f229400b740_glamour_460x345.jpg
galleryn0.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f10/ Frame E8B1 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://galleryn0.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f10/028d8065a37ed2dea59b1f229400b740_glamour_460x345.jpg?cno=4a09
Requested by
Host: pt.protoawe.com
URL: https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.93.51.190 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software
unknown /
Resource Hash
07c14037076c4c2cceaf2a223d4399586a9d583899b2eb65f0fcf4933a2ed6d4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pt.protoawe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-cdn-node
defra
date
Sat, 19 Aug 2023 02:57:51 GMT
x-content-type-options
nosniff
last-modified
Fri, 11 Aug 2023 17:49:04 GMT
server
unknown
etag
"0e3cc2c746f5d9c1d7b5a2bf7adc8ce6"
x-cache-status
R-HIT
content-type
image/jpeg
access-control-allow-origin
*
x-cache-source
Origin
cache-control
max-age=1209600
x-real-source
-
accept-ranges
bytes
content-length
21777
expires
Sat, 02 Sep 2023 02:57:51 GMT
analytics.js
www.google-analytics.com/ Frame E8B1 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WXTGF28
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pt.protoawe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 19 Aug 2023 01:49:43 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
4088
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 19 Aug 2023 03:49:43 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-181.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibb.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
rBtfgJUMGYsy5fZuQwMAU7hSD.fVdF76
content-encoding
gzip
via
1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
date
Fri, 18 Aug 2023 06:03:04 GMT
x-amz-cf-pop
FRA2-C1
age
75448
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Sat, 24 Jun 2023 09:19:11 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
zKgD0wpxeR7of77NkMfoI4wEU6XfpMk-2jhs52LzUMk4nys2kFMfow==
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/ 		402 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/pubads_impl.js?cb=31077163
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a6eda84e469463424ebf458949c409a82ee31d042cf3c8e84978658832f634c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibb.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 19 Aug 2023 01:42:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
4498
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
129634
x-xss-protection
0
server
cafe
etag
8962464231799197432
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 18 Aug 2024 01:42:53 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		28 B
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ibb.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c1c7a23390293d0ffeed4e1affd2ddae7eb2a2548fb76a8fd884d84e547e0464
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibb.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 19 Aug 2023 02:57:51 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32
x-xss-protection
0
expires
Sat, 19 Aug 2023 02:57:51 GMT
js
www.googletagmanager.com/gtag/ Frame E8B1 		224 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-H7LMNP6Q9N&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WXTGF28
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
baa1209bdecd614671890367dbe02cbd562fc2ae3433e6963b0f6edc60345e8c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pt.protoawe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 19 Aug 2023 02:57:51 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
80143
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 19 Aug 2023 02:57:51 GMT
moz.gif
pt.protoawe.com/VOE9y/ Frame E8B1 		43 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pt.protoawe.com/VOE9y/moz.gif?psprogram=revs&pstool=212_1&site=jsm&campaign_id=&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&psid=mesaction&categoryName=girl&vp%5BautoPlay%5D=1&vp%5BshowChat%5D=0&vp%5BchatAutoHide%5D=0&im=1
Requested by
Host: ibb.co
URL: https://ibb.co/b3qmNfr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
93.93.51.191 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software
unknown /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 19 Aug 2023 02:57:51 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
unknown
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
content-length
43
expires
Sat, 19 Aug 2023 02:57:50 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		0
302 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fibb.co&pubid=9cf0c4f1-7630-476b-9141-f4472e005192
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-181.fra2.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibb.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 19 Aug 2023 00:25:20 GMT
via
1.1 172e63b20fb363ed969de28ae3937e20.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
age
9151
x-cache
Hit from cloudfront
access-control-allow-origin
https://ibb.co
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
3u0LHV2Aknyb5H9hqq_IEHu5ugtQl3PqdrdvBthdwD0ANhHfzlgeIQ==
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230819
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7c623284d9d62c3fae552e4c6824bc2548e7e7ca693553629b4c5b6155618c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ibb.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 19 Aug 2023 02:57:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
39422
x-jsd-version
1.0.1785
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230103-FRA, cache-bma1676-BMA
x-jsd-version-type
version
server
cloudflare
etag
W/"63b-dTSWbFcYmn4sfMuzzQwuxMTgBzo"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ohk%2FBKT7Sdi08ys1c6XWc4G1Ug%2F8UV%2FlSe8clce5z1a07upp0ueo2oteOvGjq%2B6ncNUZwkRu8ZDDiUxkw7mNo7%2BjxdrYGho8ZJ52uz46x2Nj8zlnDcwKy7ZTC2L0dNa4BzORKboR2qbTxKAdFkw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7f8f21ab2ce030d8-FRA
1679645040.png
assets.vlitag.com/widget/2023/03/24/ 		98 KB
99 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.vlitag.com/widget/2023/03/24/1679645040.png
Requested by
Host: ibb.co
URL: https://ibb.co/b3qmNfr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3bc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c43f2cfd502f8404bf58060207dfd8294ad0c7f1bc08e69db75713552f915795

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibb.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 19 Aug 2023 02:57:51 GMT
cf-cache-status
HIT
age
68164
cf-polished
origFmt=png, origSize=323185
content-disposition
inline; filename="1679645040.webp"
alt-svc
h3=":443"; ma=86400
content-length
100856
cf-bgj
imgq:85,h2pri
last-modified
Fri, 24 Mar 2023 08:04:00 GMT
server
cloudflare
etag
"641d5970-4ee71"
vary
Accept
content-type
image/webp
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
7f8f21ab0ff45c2c-FRA
expires
Fri, 18 Aug 2023 08:31:47 GMT
videoplayback
r5---sn-4g5edndk.googlevideo.com/
Redirect Chain
  • https://media.vlitag.com/vid/?id=6Fk_i-JDmbY&t=y
  • https://redirector.googlevideo.com/videoplayback?expire=1692435453&ei=nS_gZIjkGoXP8wSJ5avYBA&ip=184.164.141.146&id=o-AGh_aMzZ5eq86ZoA4iHcqIJU_haYFGHwAZ0LZE213ob0&itag=136&aitags=134%2C136%2C160%2C2...
  • https://r5---sn-4g5edndk.googlevideo.com/videoplayback?expire=1692435453&ei=nS_gZIjkGoXP8wSJ5avYBA&ip=184.164.141.146&id=o-AGh_aMzZ5eq86ZoA4iHcqIJU_haYFGHwAZ0LZE213ob0&itag=136&aitags=134%2C136%2C1...
161 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://r5---sn-4g5edndk.googlevideo.com/videoplayback?expire=1692435453&ei=nS_gZIjkGoXP8wSJ5avYBA&ip=184.164.141.146&id=o-AGh_aMzZ5eq86ZoA4iHcqIJU_haYFGHwAZ0LZE213ob0&itag=136&aitags=134%2C136%2C160%2C243&source=youtube&requiressl=yes&spc=UWF9f3t4TF7zrxaSUKzYzMPHyz7CCKJP-tUKllJj7A&vprv=1&svpuc=1&mime=video%2Fmp4&ns=EVNJwbO1l23X5dXeQBcVwyEP&gir=yes&clen=33307029&dur=200.909&lmt=1685781129302686&keepalive=yes&fexp=24007246%2C24363391&beids=24350018&c=WEB&txp=6216224&n=KEzgwYlDK9Tfwm8QY2&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAJKvIjT1aeyK4KH-FJD1Em9YLZnyJ_JD6c_BCHI8gjJnAiA9WmQbl3XeQaqf9rl4BM5ljbfI_i63aXpzHaMJMxQ07g%3D%3D&cms_redirect=yes&mh=d6&mip=2001:1b60:2:240:3247::3&mm=31&mn=sn-4g5edndk&ms=au&mt=1692413592&mv=m&mvi=5&pl=29&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAMjEM6KGX0rIWYU0e2LCYg600ymLkTAc53zzYr2KAx97AiBcM2-flU8hQ9PwOk2DoQHCgIuWM3yrU6yUTx-g3EK5zw%3D%3D
Requested by
Host: ibb.co
URL: https://ibb.co/b3qmNfr
Protocol
H3
Server
2a00:1450:4001:23::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibb.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

client-protocol
quic
date
Sat, 19 Aug 2023 02:57:52 GMT
x-restrict-formats-hint
None
x-content-type-options
nosniff
last-modified
Sat, 03 Jun 2023 08:32:09 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
Content-Range
bytes 0-33307028/33307029
cache-control
private, max-age=21281
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
33307029
expires
Sat, 19 Aug 2023 02:57:52 GMT

Redirect headers

pragma
no-cache
date
Sat, 19 Aug 2023 02:57:52 GMT
x-content-type-options
nosniff
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://r5---sn-4g5edndk.googlevideo.com/videoplayback?expire=1692435453&ei=nS_gZIjkGoXP8wSJ5avYBA&ip=184.164.141.146&id=o-AGh_aMzZ5eq86ZoA4iHcqIJU_haYFGHwAZ0LZE213ob0&itag=136&aitags=134%2C136%2C160%2C243&source=youtube&requiressl=yes&spc=UWF9f3t4TF7zrxaSUKzYzMPHyz7CCKJP-tUKllJj7A&vprv=1&svpuc=1&mime=video%2Fmp4&ns=EVNJwbO1l23X5dXeQBcVwyEP&gir=yes&clen=33307029&dur=200.909&lmt=1685781129302686&keepalive=yes&fexp=24007246%2C24363391&beids=24350018&c=WEB&txp=6216224&n=KEzgwYlDK9Tfwm8QY2&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAJKvIjT1aeyK4KH-FJD1Em9YLZnyJ_JD6c_BCHI8gjJnAiA9WmQbl3XeQaqf9rl4BM5ljbfI_i63aXpzHaMJMxQ07g%3D%3D&cms_redirect=yes&mh=d6&mip=2001:1b60:2:240:3247::3&mm=31&mn=sn-4g5edndk&ms=au&mt=1692413592&mv=m&mvi=5&pl=29&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAMjEM6KGX0rIWYU0e2LCYg600ymLkTAc53zzYr2KAx97AiBcM2-flU8hQ9PwOk2DoQHCgIuWM3yrU6yUTx-g3EK5zw%3D%3D
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1321
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/ Frame E8B1 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=G-H7LMNP6Q9N&v=3&t=t&pid=199563078&cv=3&rv=38g0&tc=13&es=1&e=gtm.init_consent&eid=-1&ut=AABA&h=Ag&dl=pt.protoawe.com%2Fcifra&tdp=G-H7LMNP6Q9N;82340267;1;2;0&z=0
Requested by
Host: ibb.co
URL: https://ibb.co/b3qmNfr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pt.protoawe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 19 Aug 2023 02:57:51 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
td
www.googletagmanager.com/ Frame E8B1 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/td?id=G-H7LMNP6Q9N&v=3&t=t&pid=199563078&cv=3&rv=38g0&tc=13&es=1&e=gtm.init_consent&eid=-1&ut=AABA&h=Ag&dl=pt.protoawe.com%2Fcifra&tdp=G-H7LMNP6Q9N;82340267;1;2;0&z=0
Requested by
Host: ibb.co
URL: https://ibb.co/b3qmNfr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pt.protoawe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Aug 2023 02:57:51 GMT
server
Golfe2
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/ Frame E8B1 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=G-H7LMNP6Q9N&v=3&t=t&pid=199563078&cv=3&rv=38g0&tc=13&es=1&e=gtm.init&eid=0&ut=AABA&h=Ag&tr=1ogtcookiesettings.1ogtsessiontimeout.1ogt1pdatav2.1setproductsettings.1ogtgooglesignals.1ogteventedit.1ogteventedit.1ogteventedit.1ogteventedit.1ccdconversionmarking.1ccdempageview.1ccdgaregscope&ti=2ogtcookiesettings.2ogtsessiontimeout.2ogt1pdatav2.2setproductsettings.2ogtgooglesignals.2ogteventedit.2ogteventedit.2ogteventedit.2ogteventedit.2ccdconversionmarking.2ccdempageview.2ccdgaregscope&z=0
Requested by
Host: ibb.co
URL: https://ibb.co/b3qmNfr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pt.protoawe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 19 Aug 2023 02:57:51 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
a
www.googletagmanager.com/ Frame E8B1 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=G-H7LMNP6Q9N&v=3&t=t&pid=199563078&cv=3&rv=38g0&tc=13&es=1&e=gtm.js&eid=1&ut=AABA&h=Ag&tr=1gct&ti=1gct&z=0
Requested by
Host: ibb.co
URL: https://ibb.co/b3qmNfr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pt.protoawe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 19 Aug 2023 02:57:51 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
a
www.googletagmanager.com/ Frame E8B1 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=G-H7LMNP6Q9N&v=3&t=t&pid=199563078&cv=3&rv=38g0&tc=13&es=1&e=gtm.dom&eid=3&ut=AABA&h=Ag&z=0
Requested by
Host: ibb.co
URL: https://ibb.co/b3qmNfr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pt.protoawe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 19 Aug 2023 02:57:51 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
a
www.googletagmanager.com/ Frame E8B1 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=G-H7LMNP6Q9N&v=3&t=t&pid=199563078&cv=3&rv=38g0&tc=13&es=1&e=gtm.load&eid=4&ut=AABA&h=Ag&z=0
Requested by
Host: ibb.co
URL: https://ibb.co/b3qmNfr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pt.protoawe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 19 Aug 2023 02:57:51 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
push-event-counter
c.usefulcontentsites.com/ 		43 B
482 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.usefulcontentsites.com/push-event-counter?permission=default&domain=ibb.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibb.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 19 Aug 2023 02:57:53 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-mg-request-uuid
2f14bbb8-83fa-4df6-9e46-51bc1ad6ea9f
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nQVdmYymRtI1fsH0FH5NzesD7kaOLK6KFaihbOpTNMp1O7vWOpiO%2BiaKebnEYWIyo1RJp1pTUpWPHU5Y%2BdV%2FuMiSC3y9CA7LFCPN86ykBXWQhD%2BC%2BX3P6p9iHjcAmmhOgdD8grA1D3uiHs6Pa6GV2ux5x8odX9c%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
https://ibb.co
content-type
image/gif
cf-ray
7f8f21b66a2c4dcd-FRA
access-control-allow-headers
*
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

88 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| documentPictureInPicture object| devices function| window_to_device function| jQueryLoaded object| readyQ object| bindReadyQ function| jQuery function| $ object| vitag object| divLoading object| panelThumbs object| panelThumbList function| image_viewer_full_fix function| is_browser function| get_browser function| get_browser_version function| get_browser_os object| BrowserDetect object| html5 object| Modernizr function| is_chrome function| is_ie function| is_firefox function| is_safari function| is_opera function| is_windows function| is_osx function| is_ios function| is_linux function| Hammer object| PF number| width function| sprintf function| testPassword function| ibb function| changeEmbed function| changeLanguage function| setCookie function| getCookie function| EvEmitter function| imagesLoaded function| loadImage function| Spinner function| ClipboardJS object| CHV object| _NotificationPermissionCallbacks object| regeneratorRuntime object| _PBCFG string| tagApi object| viAPItag function| getEidsByVLI object| $sf object| vlipbChunk object| vlipb object| _pbjsGlobals object| ADAGIO object| mnet string| nobidVersion object| nobid object| _aps boolean| apstagLOADED object| apstag object| googletag object| ggeac object| google_tag_data object| google_js_reporting_queue object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| goog object| observeElementInViewport object| apscustom undefined| google_measure_js_timing

5 Cookies

Domain/Path Name / Value
pt.protoawe.com/ Name: psui
Value: ce7c3f51cf076f9f8a8d3334da759f0d
.mgid.com/ Name: __cf_bm
Value: tx8ItcOfUAYA9mM7PHhcAcU2qZP0Qiu9uLjGGG1ponY-1692413871-0-AR7wL2X59gx2GRrssMLuz59K2WldGK4PQx3YT80izDaqHqhKhN845t8zpP7C3SuTI9OZ3V7NwQa6WEaf1MmhvbI=
ibb.co/ Name: __ppIdCC
Value: ivv_xo210.64138715..
ibb.co/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.ibb.co/ Name: sharedid
Value: c2d10ba5-2c29-4f30-9b3e-95200c5ca05c

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload max-age=63072000; includeSubDomains; preload
X-Frame-Options DENY DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.vlitag.com
c.amazon-adsystem.com
c.usefulcontentsites.com
cdn.jsdelivr.net
cdn.usefulcontentsites.com
cm.mgid.com
fonts.googleapis.com
fonts.gstatic.com
galleryn0.vcmdiawe.com
galleryn1.vcmdiawe.com
i.ibb.co
ibb.co
imasdk.googleapis.com
media.vlitag.com
pt-static2.awepsljan.com
pt-static3.awepsljan.com
pt-static4.awepsljan.com
pt-static5.awepsljan.com
pt.protoawe.com
r5---sn-4g5edndk.googlevideo.com
redirector.googlevideo.com
securepubads.g.doubleclick.net
services.vlitag.com
simgbb.com
www.google-analytics.com
www.googletagmanager.com
13.224.192.181
162.19.58.156
213.174.132.224
2606:4700:10::6816:3bc7
2606:4700:1::6813:864e
2606:4700:3032::ac43:83fb
2606:4700::6810:5714
2a00:1450:4001:23::a
2a00:1450:4001:801::200a
2a00:1450:4001:80b::2008
2a00:1450:4001:810::2002
2a00:1450:4001:81c::200a
2a00:1450:4001:827::200e
2a00:1450:4001:82b::200e
2a00:1450:4001:830::2003
2a06:98c1:3120::3
93.93.51.190
93.93.51.191
93.93.51.200
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07c14037076c4c2cceaf2a223d4399586a9d583899b2eb65f0fcf4933a2ed6d4
1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0
1c415650a2aa6f716a4ec6438530c949a1486ed3e628dbdcc296893f2eac6e9a
389db2b2d7942f809a3ba9bd78e5142b2904cbce7e246520394ef027ff1729c1
3b5c79fa6438eb8abbfc5dbde134a7f49a7f5920a1099a47b5ffed5222b495f0
3c0c1360e75572f93c53127c4d4a3a5969db23f0c93e4c66d949a41b5b6a79cf
406982b8ecdd220a552875f3e7c224f577034e04d5d4e4da90ca5e4fed066e06
45906ccf25c34566708e3c7b29332f2d567c6fa53c72a64b2523928343be6cd1
6506c4d2f51b0f1a42b9b00101c740d30dfc84d7b0f4f661547636d734b0360f
6637e59147dcc379f85d6d0b432c2d4e431e314ae5a642bb7c7ae6c9c8ff81b2
695d7f02b1c1193c310b3606dce44ceec5b942debf5dae643857ac8b82956b42
76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554
79ec0b11288716fa808e7c034abeee7b94bf61954a75ce917737196c6f3cd91e
7c598d6dc2f040f82c608cb1ef063629ad52ade976a354e578cfab5f2fbb428d
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
7d71a852775aba4b8dc1944e102cb58b344c544fe55e69da4caa73e8ccc1d2cb
80329d457bd68a89b53ca393d3ba5f1c7b4f944c3c60ef8244a6969e10647c55
9364d2da9aefdcaf32cf910df66e1a750895ac91bdc57f30940b19113c5c3b08
9533bd889192d7eb328aa4793fa850855dbb802000059fdd1f1990fb1f5c37a0
95dbbacaaa6b78654b2b74da75fa16e9986ff82fe674aea184b07e643295c871
98ecccbdd36a736af56f5539c38b35d384afbe66dff5ce7a4d0e9de712cb4014
a6eda84e469463424ebf458949c409a82ee31d042cf3c8e84978658832f634c5
a98bbedfe137634d13583cfe8f3c45c2619a3b000e5040a2d278e34113a7e718
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
b72b133f647545d0fa6ca3c13454dc5adca17490e714c9abb3b56c61fdadd294
baa1209bdecd614671890367dbe02cbd562fc2ae3433e6963b0f6edc60345e8c
c1c7a23390293d0ffeed4e1affd2ddae7eb2a2548fb76a8fd884d84e547e0464
c36a51a5e9c6c36af802c675fcec1d27366ebfa39cb46ca60c0bf2c37cb42202
c43f2cfd502f8404bf58060207dfd8294ad0c7f1bc08e69db75713552f915795
c64230421367c3d4edb6b2f504e434520eeb1a5df3d9c1b8f79e9a9012e96e84
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d192a5e1527c429f7e465e41ecbf501e491bbb33365f4870a332ff497c4b12e8
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df8f4a00c389b04bb7046625b4852b7f307f85f3c703ca06b9ebf572bdf5b7c4
dfab3ba542048240c70d2e8603c4b7b81711e0fedb2d7a84b70ae217c5dd438c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e97a9988dce8067f81f57557b349dd481e0335e75175179b6b01322be2ff13a5
f46bf0c1c79af4187878ef33dc72a02a554013f943f2eaeb9ad5e88c246b6b13
f7c623284d9d62c3fae552e4c6824bc2548e7e7ca693553629b4c5b6155618c8
ff3ec271ef20383e3c4fd7f8a8bbab3610c6bd52fa7ca3a52059b97faf148b24