xskosa8152.bibosavings.com Open in urlscan Pro
13.67.181.109 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://xskosa8152.bibosavings.com/
Submission: On October 14 via api (October 14th 2024, 10:15:18 am UTC) from JP — Scanned from JP

Summary HTTP 168 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 21 IPs in 3 countries across 17 domains to perform 168 HTTP transactions. The main IP is 13.67.181.109, located in Des Moines, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is xskosa8152.bibosavings.com.
TLS certificate: Issued by RapidSSL TLS RSA CA G1 on May 28th 2024. Valid for: a year.

This is the only time xskosa8152.bibosavings.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
127	13.67.181.109 13.67.181.109	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42::649 2a04:4e42::649	54113 (FASTLY) (FASTLY)
1	142.250.196.100 142.250.196.100	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:80a::200a	15169 (GOOGLE) (GOOGLE)
6 13	104.18.30.234 104.18.30.234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2404:6800:400... 2404:6800:4004:818::200e	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:828::200a	15169 (GOOGLE) (GOOGLE)
1	13.35.49.11 13.35.49.11	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700:20:... 2606:4700:20::681a:95d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	52.92.148.8 52.92.148.8	16509 (AMAZON-02) (AMAZON-02)
1	199.232.196.193 199.232.196.193	54113 (FASTLY) (FASTLY)
8	142.251.42.131 142.251.42.131	15169 (GOOGLE) (GOOGLE)
2 2	2404:6800:400... 2404:6800:4004:824::200e	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4004:823::200e	15169 (GOOGLE) (GOOGLE)
2	3.163.125.61 3.163.125.61	16509 (AMAZON-02) (AMAZON-02)
1	172.217.175.3 172.217.175.3	15169 (GOOGLE) (GOOGLE)
1	3.165.39.82 3.165.39.82	16509 (AMAZON-02) (AMAZON-02)
1	65.9.37.128 65.9.37.128	16509 (AMAZON-02) (AMAZON-02)
1	99.84.55.74 99.84.55.74	16509 (AMAZON-02) (AMAZON-02)
1	54.144.144.78 54.144.144.78	14618 (AMAZON-AES) (AMAZON-AES)
1	172.67.191.123 172.67.191.123	13335 (CLOUDFLAR...) (CLOUDFLARENET)
168	21

127 13.67.181.109 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

xskosa8152.bibosavings.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.196.100 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s35-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:80a::200a (Australia)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 104.18.30.234 (None, ) 6 redirects

ASN13335 (CLOUDFLARENET, US)

app.termly.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:818::200e (Australia)

ASN15169 (GOOGLE, US)

translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:828::200a (Australia)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.49.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-49-11.nrt20.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:95d (United States)

ASN13335 (CLOUDFLARENET, US)

w2.countingdownto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.92.148.8 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com

s3-us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.196.193 (United States)

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.251.42.131 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s45-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:824::200e (Australia) 2 redirects

ASN15169 (GOOGLE, US)

youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:823::200e (Australia)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.163.125.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-163-125-61.lax54.r.cloudfront.net

quickforms.formstack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.175.3 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt20s18-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.165.39.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-165-39-82.nrt12.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.37.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-37-128.nrt12.r.cloudfront.net

d2fuc4clr7gvcn.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.55.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-55-74.nrt20.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.144.144.78 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-144-144-78.compute-1.amazonaws.com

track.gaug.es	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.191.123 (United States)

ASN13335 (CLOUDFLARENET, US)

flagsapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
127	bibosavings.com xskosa8152.bibosavings.com	12 MB
13	termly.io 6 redirects app.termly.io — Cisco Umbrella Rank: 14616	177 KB
9	gstatic.com fonts.gstatic.com www.gstatic.com	370 KB
4	youtube.com 2 redirects youtube.com — Cisco Umbrella Rank: 51 www.youtube.com — Cisco Umbrella Rank: 77	2 KB
4	amazonaws.com s3-us-west-2.amazonaws.com	2 MB
3	countingdownto.com w2.countingdownto.com — Cisco Umbrella Rank: 201033
2	formstack.com quickforms.formstack.com
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 877 script.hotjar.com — Cisco Umbrella Rank: 1177	61 KB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 412 fonts.googleapis.com — Cisco Umbrella Rank: 30	33 KB
2	google.com www.google.com — Cisco Umbrella Rank: 3 translate.google.com — Cisco Umbrella Rank: 1139	32 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 220	82 KB
1	flagsapi.com flagsapi.com — Cisco Umbrella Rank: 183326	988 B
1	gaug.es track.gaug.es — Cisco Umbrella Rank: 313097	389 B
1	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 3185	232 B
1	cloudfront.net d2fuc4clr7gvcn.cloudfront.net	2 KB
1	imgur.com i.imgur.com — Cisco Umbrella Rank: 8556	80 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 791	33 KB
168	17

	Domain	Requested by
127	xskosa8152.bibosavings.com	xskosa8152.bibosavings.com ajax.googleapis.com
13	app.termly.io	6 redirects xskosa8152.bibosavings.com
8	fonts.gstatic.com	fonts.googleapis.com
4	s3-us-west-2.amazonaws.com	xskosa8152.bibosavings.com
3	w2.countingdownto.com	xskosa8152.bibosavings.com
2	quickforms.formstack.com	xskosa8152.bibosavings.com
2	www.youtube.com	xskosa8152.bibosavings.com
2	youtube.com	2 redirects
2	cdnjs.cloudflare.com	xskosa8152.bibosavings.com cdnjs.cloudflare.com
1	flagsapi.com	xskosa8152.bibosavings.com
1	track.gaug.es	xskosa8152.bibosavings.com
1	vc.hotjar.io	script.hotjar.com
1	d2fuc4clr7gvcn.cloudfront.net	xskosa8152.bibosavings.com
1	script.hotjar.com	static.hotjar.com
1	www.gstatic.com	www.google.com
1	i.imgur.com	xskosa8152.bibosavings.com
1	static.hotjar.com	xskosa8152.bibosavings.com
1	fonts.googleapis.com	xskosa8152.bibosavings.com
1	translate.google.com	xskosa8152.bibosavings.com
1	ajax.googleapis.com	xskosa8152.bibosavings.com
1	www.google.com	xskosa8152.bibosavings.com
1	code.jquery.com	xskosa8152.bibosavings.com
168	22

This site contains links to these domains. Also see Links.

Domain
quickforms.formstack.com

Subject Issuer	Validity	Valid
*.bibosavings.com RapidSSL TLS RSA CA G1	`2024-05-28` - `2025-05-27`	a year	crt.sh
cdnjs.cloudflare.com WE1	`2024-09-28` - `2024-12-27`	3 months	crt.sh
*.jquery.com Sectigo ECC Domain Validation Secure Server CA	`2024-06-25` - `2025-06-25`	a year	crt.sh
*.google.com WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
upload.video.google.com WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
app.termly.io Sectigo RSA Domain Validation Secure Server CA	`2024-05-28` - `2025-06-28`	a year	crt.sh
*.hotjar.com Amazon RSA 2048 M03	`2024-05-22` - `2025-06-20`	a year	crt.sh
countingdownto.com WE1	`2024-09-09` - `2024-12-08`	3 months	crt.sh
*.s3-us-west-2.amazonaws.com Amazon RSA 2048 M01	`2024-09-14` - `2025-08-29`	a year	crt.sh
*.imgur.com Sectigo RSA Domain Validation Secure Server CA	`2024-02-15` - `2025-02-14`	a year	crt.sh
*.gstatic.com WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
*.formstack.com Amazon RSA 2048 M02	`2024-02-18` - `2025-03-18`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2024-07-30` - `2025-07-03`	a year	crt.sh
*.hotjar.io Amazon ECDSA 256 M02	`2024-02-07` - `2025-03-08`	a year	crt.sh
*.gaug.es Sectigo RSA Domain Validation Secure Server CA	`2024-03-03` - `2025-04-03`	a year	crt.sh
flagsapi.com WE1	`2024-09-21` - `2024-12-20`	3 months	crt.sh

This page contains 14 frames:

Primary Page: https://xskosa8152.bibosavings.com/
Frame ID: A092E2089DE10DEF8A25E2EE30ED17A5
Requests: 155 HTTP requests in this frame

Frame: https://w2.countingdownto.com/5756610
Frame ID: A48BBE0560608681B0F0940875637958
Requests: 1 HTTP requests in this frame

Frame: https://w2.countingdownto.com/5756617
Frame ID: 61B86A98CB9B6634FAF7B55BA1A4C015
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/JSPa6dqpYNw?rel=0&showinfo=0&start=0
Frame ID: 46B6884B83C117E7EE2BD1ABFA8E8BD0
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/S3T4nhtHxOA?rel=0&showinfo=0&start=0
Frame ID: 9AFB2A352D4CA5EDFEDE15461EE770B8
Requests: 1 HTTP requests in this frame

Frame: https://w2.countingdownto.com/5790327
Frame ID: 6C08E8D280A2BC084E78F2EF8EA86FBC
Requests: 1 HTTP requests in this frame

Frame: https://quickforms.formstack.com/forms/contact&company=bibo
Frame ID: C28BC4FE395A2EC1B40EAF40697AE4B3
Requests: 1 HTTP requests in this frame

Frame: https://app.termly.io/policy-viewer/policy.html?policyUUID=2113cb24-ba0c-4d6d-a73f-8a26620d6760
Frame ID: 4CE198C2C5A5B8C5F79223557BF8D992
Requests: 1 HTTP requests in this frame

Frame: https://app.termly.io/policy-viewer/policy.html?policyUUID=995709d8-2d76-47f0-979f-7ccae7462780
Frame ID: 0E4F20C2B59051F42898B6DCB35E7BE2
Requests: 1 HTTP requests in this frame

Frame: https://app.termly.io/policy-viewer/policy.html?policyUUID=995709d8-2d76-47f0-979f-7ccae7462780
Frame ID: 9C372D95E1A444BD206BE78BE438D0D6
Requests: 1 HTTP requests in this frame

Frame: https://app.termly.io/policy-viewer/policy.html?policyUUID=88b38497-4e5e-4fc1-9127-10fea32d552b
Frame ID: 8FC9D50CD3AC18E113D92105D93A907E
Requests: 1 HTTP requests in this frame

Frame: https://app.termly.io/policy-viewer/policy.html?policyUUID=2113cb24-ba0c-4d6d-a73f-8a26620d6760
Frame ID: EAA5036A86C348F2F7CCEF6572EDDEAF
Requests: 1 HTTP requests in this frame

Frame: https://app.termly.io/policy-viewer/policy.html?policyUUID=8dd34398-2d96-4596-9ec0-d6a79abc2883
Frame ID: E129195D4361ADBF4883D37F30D24BBA
Requests: 1 HTTP requests in this frame

Frame: https://quickforms.formstack.com/forms/contact&company=bibo
Frame ID: 63E9486EF82DF2AE8B5BC74FA1507C41
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Chart.js (JavaScript Graphics) Expand

Overall confidence: 75%
Detected patterns

/Chart(?:\.bundle)?(?:\.min)?\.js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css
owl\.carousel.*\.js

Termly (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

app\.termly\.io/embed\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui[.-]([\d.]*\d)[^/]*\.js
jquery-ui.*\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

168
Requests

100 %
HTTPS

32 %
IPv6

17
Domains

22
Subdomains

21
IPs

3
Countries

15109 kB
Transfer

17643 kB
Size

13
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://quickforms.formstack.com/forms/btcinbtcout
Title: 1ST REGISTER HERE - THEN SEND EVERYONE YOU KNOW HERE - GIVE THEM YOUR NAME AND EMAIL - YOU WILL GET THE CREDIT AND EARN MORE BITCOIN THAN YOU EVER IMAGINE!

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 141

https://youtube.com/embed/JSPa6dqpYNw?rel=0&showinfo=0&start=0 HTTP 301
https://www.youtube.com/embed/JSPa6dqpYNw?rel=0&showinfo=0&start=0

Request Chain 142

https://youtube.com/embed/S3T4nhtHxOA?rel=0&showinfo=0&start=0 HTTP 301
https://www.youtube.com/embed/S3T4nhtHxOA?rel=0&showinfo=0&start=0

Request Chain 152

https://app.termly.io/document/terms-of-service/2113cb24-ba0c-4d6d-a73f-8a26620d6760 HTTP 301
https://app.termly.io/policy-viewer/policy.html?policyUUID=2113cb24-ba0c-4d6d-a73f-8a26620d6760

Request Chain 153

https://app.termly.io/document/privacy-policy/995709d8-2d76-47f0-979f-7ccae7462780 HTTP 301
https://app.termly.io/policy-viewer/policy.html?policyUUID=995709d8-2d76-47f0-979f-7ccae7462780

Request Chain 154

https://app.termly.io/document/privacy-policy/995709d8-2d76-47f0-979f-7ccae7462780 HTTP 301
https://app.termly.io/policy-viewer/policy.html?policyUUID=995709d8-2d76-47f0-979f-7ccae7462780

Request Chain 155

https://app.termly.io/document/cookie-policy/88b38497-4e5e-4fc1-9127-10fea32d552b HTTP 301
https://app.termly.io/policy-viewer/policy.html?policyUUID=88b38497-4e5e-4fc1-9127-10fea32d552b

Request Chain 156

https://app.termly.io/document/terms-of-service/2113cb24-ba0c-4d6d-a73f-8a26620d6760 HTTP 301
https://app.termly.io/policy-viewer/policy.html?policyUUID=2113cb24-ba0c-4d6d-a73f-8a26620d6760

Request Chain 157

https://app.termly.io/document/disclaimer/8dd34398-2d96-4596-9ec0-d6a79abc2883 HTTP 301
https://app.termly.io/policy-viewer/policy.html?policyUUID=8dd34398-2d96-4596-9ec0-d6a79abc2883

168 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
xskosa8152.bibosavings.com/ 347 KB
92 KB 1280ms
1013ms Document
text/html 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 9bc33b33374f93377758c2268a4d8a515d558da2f51808989856a931b21c098f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control: private
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 14 Oct 2024 10:15:08 GMT
server: Microsoft-IIS/10.0
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
x-aspnetmvc-version: 5.2
x-powered-by: ASP.NET

GET
H2 200 jquery-ui-1.9.2.custom.css
xskosa8152.bibosavings.com/shipping/ 32 KB
6 KB 258ms
254ms Stylesheet
text/css 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://xskosa8152.bibosavings.com/shipping/jquery-ui-1.9.2.custom.css
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 68a76c86c9f9bad498c81268ed0b6f11c7700a227a280e690cf64c1e350bed0d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

content-encoding: gzip
etag: "04f9eec596fd81:0"
accept-ranges: bytes
content-length: 6203
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: text/css
last-modified: Tue, 24 May 2022 10:35:02 GMT
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 jquery-1.8.3.js Show response
xskosa8152.bibosavings.com/shipping/ 269 KB
78 KB 395ms
390ms Script
application/javascript 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://xskosa8152.bibosavings.com/shipping/jquery-1.8.3.js
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b6223c1e647e59da86a937c846f274c4bb55d3547fa59de070c1d9d444ca8d90

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

content-encoding: gzip
etag: "04f9eec596fd81:0"
accept-ranges: bytes
content-length: 79962
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: application/javascript
last-modified: Tue, 24 May 2022 10:35:02 GMT
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 jquery-ui-1.9.2.custom.min.js Show response
xskosa8152.bibosavings.com/shipping/ 232 KB
61 KB 525ms
521ms Script
application/javascript 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://xskosa8152.bibosavings.com/shipping/jquery-ui-1.9.2.custom.min.js
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: c989637573e679c547a2a1fef1c768a4ddc95187d0c3ec479f355d94e50af6fb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

content-encoding: gzip
etag: "04f9eec596fd81:0"
accept-ranges: bytes
content-length: 62451
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: application/javascript
last-modified: Tue, 24 May 2022 10:35:02 GMT
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 Site.css
xskosa8152.bibosavings.com/shipping/ 24 KB
3 KB 258ms
254ms Stylesheet
text/css 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://xskosa8152.bibosavings.com/shipping/Site.css
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 35cb005e75081011cf1f0bf2a81f5e06c254c55cd8cd7e938ea0ef0b1e533210

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

content-encoding: gzip
etag: "04f9eec596fd81:0"
accept-ranges: bytes
content-length: 2783
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: text/css
last-modified: Tue, 24 May 2022 10:35:02 GMT
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 bootstrap.min.css
xskosa8152.bibosavings.com/assets/css/ 152 KB
22 KB 390ms
386ms Stylesheet
text/css 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://xskosa8152.bibosavings.com/assets/css/bootstrap.min.css
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 69765878d940dc2cd7516eae3c352079626dc3c5986591294dc5e59bd9610388

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

content-encoding: gzip
etag: "809494c7f91d81:0"
accept-ranges: bytes
content-length: 22782
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: text/css
last-modified: Wed, 06 Jul 2022 21:28:13 GMT
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 all-fontawesome.min.css
xskosa8152.bibosavings.com/assets/css/ 170 KB
33 KB 392ms
389ms Stylesheet
text/css 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://xskosa8152.bibosavings.com/assets/css/all-fontawesome.min.css
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 70496a3839817a861767b251f101c3e4a8426ed4252f3399c68d4216085205c8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

content-encoding: gzip
etag: "809494c7f91d81:0"
accept-ranges: bytes
content-length: 33550
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: text/css
last-modified: Wed, 06 Jul 2022 21:28:13 GMT
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H3 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 18ms
9ms Stylesheet
text/css 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03e5f-7918"
age: 362360
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ddjF5c7HO%2Fz%2FqUy9eNutLftROGKzYyxjetT%2FhqkwCoyOjXo7w2umdyvXC2cGvfWnPfWSMVpjxvOTTTW0%2FwmkAc03%2BQXTSserBykSK4L839tk0N1oJfGK6%2Fp7PrZZG9aZS%2B05y9T6"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sat, 04 Oct 2025 10:15:08 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: text/css; charset=utf-8
last-modified: Mon, 04 May 2020 16:10:07 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8d26ce761d25d76c-NRT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5631
server: cloudflare

GET
H2 200 flaticon.css
xskosa8152.bibosavings.com/assets/css/ 3 KB
684 B 395ms
392ms Stylesheet
text/css 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://xskosa8152.bibosavings.com/assets/css/flaticon.css
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: aac2f64ab635d3ade192d4b135500b9609501f45773fe4e7774955892308dd2c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

content-encoding: gzip
etag: "809494c7f91d81:0"
accept-ranges: bytes
content-length: 642
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: text/css
last-modified: Wed, 06 Jul 2022 21:28:13 GMT
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 animate.min.css
xskosa8152.bibosavings.com/assets/css/ 70 KB
5 KB 525ms
522ms Stylesheet
text/css 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://xskosa8152.bibosavings.com/assets/css/animate.min.css
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: a61e123314188bd0453320008e01b4bbb665bee09039f4cbd9bef44de410ce67

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

content-encoding: gzip
etag: "809494c7f91d81:0"
accept-ranges: bytes
content-length: 5123
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: text/css
last-modified: Wed, 06 Jul 2022 21:28:13 GMT
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 magnific-popup.min.css
xskosa8152.bibosavings.com/assets/css/ 5 KB
2 KB 526ms
523ms Stylesheet
text/css 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://xskosa8152.bibosavings.com/assets/css/magnific-popup.min.css
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3d92e113ac3031b838001ddddf965d045f470ff748ff2e116b30378910eeaecb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

content-encoding: gzip
etag: "809494c7f91d81:0"
accept-ranges: bytes
content-length: 1573
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: text/css
last-modified: Wed, 06 Jul 2022 21:28:13 GMT
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 owl.carousel.min.css
xskosa8152.bibosavings.com/assets/css/ 3 KB
1 KB 526ms
523ms Stylesheet
text/css 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://xskosa8152.bibosavings.com/assets/css/owl.carousel.min.css
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 16eb16e4a08c5f7b7d45cd1029d493c1dc79d67bd11d6255c9664696d5e36fb0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

content-encoding: gzip
etag: "809494c7f91d81:0"
accept-ranges: bytes
content-length: 1064
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: text/css
last-modified: Wed, 06 Jul 2022 21:28:13 GMT
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 style.css
xskosa8152.bibosavings.com/assets/css/ 133 KB
21 KB 526ms
524ms Stylesheet
text/css 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://xskosa8152.bibosavings.com/assets/css/style.css
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 1bf29d8202d94238cb1946787e41653a35139dd8308c001fe23b0c9eeab54c6a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

content-encoding: gzip
etag: "80c954cd39fdb1:0"
accept-ranges: bytes
content-length: 21140
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: text/css
last-modified: Wed, 25 Sep 2024 10:58:07 GMT
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 jquery-1.11.3.min.js Show response
code.jquery.com/ 94 KB
33 KB 10ms
1ms Script
application/javascript 2a04:4e42::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.11.3.min.js
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

content-encoding: gzip
etag: W/"28feccc0-176d5"
age: 5198862
x-cache: HIT, HIT
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
x-cache-hits: 121, 304655
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
x-served-by: cache-lga21975-LGA, cache-tyo11932-TYO
cache-control: public, max-age=31536000, stale-while-revalidate=604800
x-timer: S1728900908.492219,VS0,VE0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 33261
server: nginx

GET
H2 200 bibosavings.png
xskosa8152.bibosavings.com/assets/img/logo/ 46 KB
46 KB 526ms
524ms Image
image/png 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xskosa8152.bibosavings.com/assets/img/logo/bibosavings.png
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 1b033b8d01e0572b874ad7a1c8874bd5dfd71f754fffea8c70e674792c540d38

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

etag: "e9ddb47b59fada1:0"
accept-ranges: bytes
content-length: 46748
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: image/png
last-modified: Thu, 29 Aug 2024 21:21:59 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 banner-1.jpg
xskosa8152.bibosavings.com/Content/images/ 139 KB
139 KB 527ms
525ms Image
image/jpeg 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xskosa8152.bibosavings.com/Content/images/banner-1.jpg
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 82eddc544822207b4606f13005e94c67c6de2f498c380a133f422e747a4fdf30

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

etag: "148cd211c1db1:0"
accept-ranges: bytes
content-length: 142116
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: image/jpeg
last-modified: Sat, 07 Sep 2024 11:50:27 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 banner-2.jpg
xskosa8152.bibosavings.com/Content/images/ 850 KB
850 KB 142ms
142ms Image
image/jpeg 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xskosa8152.bibosavings.com/Content/images/banner-2.jpg
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 2c90517888161a34b4ecf7da79dc83fff4510933cbc4656cd9dca8d8f676935d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

etag: "6aaacf211c1db1:0"
accept-ranges: bytes
content-length: 870119
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: image/jpeg
last-modified: Sat, 07 Sep 2024 11:50:27 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 banner-3.jpg
xskosa8152.bibosavings.com/Content/images/ 592 KB
593 KB 487ms
457ms Image
image/jpeg 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xskosa8152.bibosavings.com/Content/images/banner-3.jpg
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 1a159fe274130b2f3b5a3aa6c65ff30a977fbf1e67e650b3321837112a413980

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

etag: "6aaacf211c1db1:0"
accept-ranges: bytes
content-length: 606649
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: image/jpeg
last-modified: Sat, 07 Sep 2024 11:50:27 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 banner-4.jpg
xskosa8152.bibosavings.com/Content/images/ 716 KB
717 KB 490ms
461ms Image
image/jpeg 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xskosa8152.bibosavings.com/Content/images/banner-4.jpg
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 8ef32313986322fb5f4d9c7a0a1cc20f9c1c7fd0ca87258ad473ee97701022b2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

etag: "6aaacf211c1db1:0"
accept-ranges: bytes
content-length: 733616
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: image/jpeg
last-modified: Sat, 07 Sep 2024 11:50:27 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 Shopping_1.jpg
xskosa8152.bibosavings.com/Content/images/ 211 KB
211 KB 619ms
594ms Image
image/jpeg 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xskosa8152.bibosavings.com/Content/images/Shopping_1.jpg
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b6a9772319b76bfb10257498bcc6dd051af414e71bedf787c12f1a369217f83b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

etag: "f1725c12c3ddb1:0"
accept-ranges: bytes
content-length: 216029
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: image/jpeg
last-modified: Mon, 23 Sep 2024 14:15:41 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 404 banner-5.jpg
xskosa8152.bibosavings.com/Content/images/ 1 KB
1 KB 621ms
596ms Image
text/html 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xskosa8152.bibosavings.com/Content/images/banner-5.jpg
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 23773caee40e4e2264e01c8124be0fbe289c6a7cea00dec8c3dfe404f3a1f281

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

cache-control: private
x-aspnet-version: 4.0.30319
content-length: 16636
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: text/html; charset=utf-8
x-powered-by: ASP.NET
x-aspnetmvc-version: 5.2
server: Microsoft-IIS/10.0

GET
H2 200 icon7.png
xskosa8152.bibosavings.com/assets/img/ 5 KB
5 KB 620ms
597ms Image
image/png 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xskosa8152.bibosavings.com/assets/img/icon7.png
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 2e624454583f6136a553058fa39aa381a0be2a4da4fe60835814d6ac8fc4d2d2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

etag: "7ff06cf27d4db1:0"
accept-ranges: bytes
content-length: 4643
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: image/png
last-modified: Wed, 11 Sep 2024 19:08:12 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 icon8.png
xskosa8152.bibosavings.com/assets/img/ 4 KB
4 KB 620ms
597ms Image
image/png 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xskosa8152.bibosavings.com/assets/img/icon8.png
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 863af78e1a624989449da9d8af711097e68b66f2a4ce28b2ee2b6c7357646615

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

etag: "46546cf27d4db1:0"
accept-ranges: bytes
content-length: 3895
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: image/png
last-modified: Wed, 11 Sep 2024 19:08:12 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 icon9.png
xskosa8152.bibosavings.com/assets/img/ 6 KB
6 KB 621ms
597ms Image
image/png 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xskosa8152.bibosavings.com/assets/img/icon9.png
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 16c0eb84461f5dbdbe9110a4827f7ea09bc768dcfc4dffd1cdda4167121118c9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

etag: "2466cf27d4db1:0"
accept-ranges: bytes
content-length: 6032
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: image/png
last-modified: Wed, 11 Sep 2024 19:08:12 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 icon10.png
xskosa8152.bibosavings.com/assets/img/ 7 KB
7 KB 621ms
598ms Image
image/png 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xskosa8152.bibosavings.com/assets/img/icon10.png
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 83163c5378089574169aa629b56acfcdd3d76919778935c2d4d55bd220f57127

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

etag: "499e6ef27d4db1:0"
accept-ranges: bytes
content-length: 6694
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: image/png
last-modified: Wed, 11 Sep 2024 19:08:12 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 icon11.png
xskosa8152.bibosavings.com/assets/img/ 6 KB
6 KB 621ms
598ms Image
image/png 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xskosa8152.bibosavings.com/assets/img/icon11.png
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 0e39fc6581d1157b1f25b4500777aed78ff234475fdc04b6f3c66b0df4262d53

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

etag: "6f7f6af27d4db1:0"
accept-ranges: bytes
content-length: 6547
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: image/png
last-modified: Wed, 11 Sep 2024 19:08:12 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 icon12.png
xskosa8152.bibosavings.com/assets/img/ 6 KB
6 KB 621ms
598ms Image
image/png 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xskosa8152.bibosavings.com/assets/img/icon12.png
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ed1f65f1cd0a7cba881d2909a3ef917c92f894d27f6b58ef5d661848d9e33205

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

etag: "59a26cf27d4db1:0"
accept-ranges: bytes
content-length: 6332
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: image/png
last-modified: Wed, 11 Sep 2024 19:08:12 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 bibo-1.png
xskosa8152.bibosavings.com/assets/img/ 7 KB
7 KB 621ms
598ms Image
image/png 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xskosa8152.bibosavings.com/assets/img/bibo-1.png
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 521b99127871b7adf5700061c740de965058b59873b8e20c0e8aaa554c6242c5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

etag: "cbc0937b59fada1:0"
accept-ranges: bytes
content-length: 6708
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: image/png
last-modified: Thu, 29 Aug 2024 21:21:59 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 bibo-2.png
xskosa8152.bibosavings.com/assets/img/ 3 KB
3 KB 621ms
598ms Image
image/png 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xskosa8152.bibosavings.com/assets/img/bibo-2.png
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4e805be8df3025d1a73b88bb600b0e37e1d2c1854be6fde2649bd5ffa9324dfa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

etag: "507eb37b59fada1:0"
accept-ranges: bytes
content-length: 3508
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: image/png
last-modified: Thu, 29 Aug 2024 21:21:59 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 bibo-3.png
xskosa8152.bibosavings.com/assets/img/ 6 KB
6 KB 621ms
599ms Image
image/png 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xskosa8152.bibosavings.com/assets/img/bibo-3.png
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4ec9e3d01c33b6d7165639151a607b134c0447dff22579415d7816fd0dadcb54

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

etag: "6a20957b59fada1:0"
accept-ranges: bytes
content-length: 5886
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: image/png
last-modified: Thu, 29 Aug 2024 21:21:59 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 bibo-4.png
xskosa8152.bibosavings.com/assets/img/ 15 KB
15 KB 621ms
599ms Image
image/png 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xskosa8152.bibosavings.com/assets/img/bibo-4.png
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f75c46c420cfcff5b618fbfaf632ea4148e8b4e9aea00c03af19ab54c4e90625

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

etag: "1d9b37b59fada1:0"
accept-ranges: bytes
content-length: 15612
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: image/png
last-modified: Thu, 29 Aug 2024 21:21:59 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 bibo-5.png
xskosa8152.bibosavings.com/assets/img/ 6 KB
6 KB 621ms
599ms Image
image/png 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xskosa8152.bibosavings.com/assets/img/bibo-5.png
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 6acd2c55c81597e4e19d39660880795d522216540809120417503cf354189de1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

etag: "1d9b37b59fada1:0"
accept-ranges: bytes
content-length: 5966
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: image/png
last-modified: Thu, 29 Aug 2024 21:21:59 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 bibo-6.png
xskosa8152.bibosavings.com/assets/img/ 14 KB
14 KB 621ms
600ms Image
image/png 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xskosa8152.bibosavings.com/assets/img/bibo-6.png
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 91a259ae724877192d0fe3bef2aa53a436fa68cec7f3d8a0a3221ce7efbbb518

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

etag: "1d9b37b59fada1:0"
accept-ranges: bytes
content-length: 14710
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: image/png
last-modified: Thu, 29 Aug 2024 21:21:59 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 GetStartedNowStep1.jpg
xskosa8152.bibosavings.com/assets/img/ 2 KB
2 KB 621ms
600ms Image
image/jpeg 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xskosa8152.bibosavings.com/assets/img/GetStartedNowStep1.jpg
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 54bbb98001c618adf4d9b0e9eb53a75bd6860709042a4f3efa09b881bbad93ac

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

etag: "e7b7b6f9cbdb1:0"
accept-ranges: bytes
content-length: 1828
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: image/jpeg
last-modified: Fri, 20 Sep 2024 20:31:24 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 GetStartedNowStep2.jpg
xskosa8152.bibosavings.com/assets/img/ 2 KB
2 KB 621ms
600ms Image
image/jpeg 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xskosa8152.bibosavings.com/assets/img/GetStartedNowStep2.jpg
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ff54da28d6794824e68069ef9de644b1e1d01d29520ad531c1c20c20959790e6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

etag: "fc7ab7f9cbdb1:0"
accept-ranges: bytes
content-length: 1849
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: image/jpeg
last-modified: Fri, 20 Sep 2024 20:31:24 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 GetStartedNowStep3.jpg
xskosa8152.bibosavings.com/assets/img/ 2 KB
2 KB 622ms
601ms Image
image/jpeg 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xskosa8152.bibosavings.com/assets/img/GetStartedNowStep3.jpg
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 141817e31e4281ccdb0a8be5dddd74eafcf3e55bcd2afa57e6f7b1ff28572db3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

etag: "bbdeb6f9cbdb1:0"
accept-ranges: bytes
content-length: 1850
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: image/jpeg
last-modified: Fri, 20 Sep 2024 20:31:24 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 GetStartedNowStep4.jpg
xskosa8152.bibosavings.com/assets/img/ 2 KB
2 KB 622ms
601ms Image
image/jpeg 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xskosa8152.bibosavings.com/assets/img/GetStartedNowStep4.jpg
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3b32683f072f9e63ca6a004578a218470580ffb06b913a9f0f48d0652fc29fa7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

etag: "41a6b5f9cbdb1:0"
accept-ranges: bytes
content-length: 1823
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: image/jpeg
last-modified: Fri, 20 Sep 2024 20:31:24 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 ShopNow-1.png
xskosa8152.bibosavings.com/assets/img/ 91 KB
91 KB 622ms
602ms Image
image/png 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xskosa8152.bibosavings.com/assets/img/ShopNow-1.png
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 89bfb09e667f48e096b7b3b3c133fd631a8cd35a56a74110e802908a35c4ee89

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

etag: "41b79052a3adb1:0"
accept-ranges: bytes
content-length: 93282
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: image/png
last-modified: Thu, 19 Sep 2024 14:50:51 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 ShopNow-2.png
xskosa8152.bibosavings.com/assets/img/ 25 KB
25 KB 623ms
602ms Image
image/png 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xskosa8152.bibosavings.com/assets/img/ShopNow-2.png
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f9453aebbf2d72533aaf2a95cda2a9de9a1192be5317a78d99c2c106eced0b46

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

etag: "6559152a3adb1:0"
accept-ranges: bytes
content-length: 25644
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: image/png
last-modified: Thu, 19 Sep 2024 14:50:51 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 ShopNow-3.png
xskosa8152.bibosavings.com/assets/img/ 23 KB
23 KB 623ms
603ms Image
image/png 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xskosa8152.bibosavings.com/assets/img/ShopNow-3.png
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5e6a33e38673075a98b17035c64442f11ea344553bea8b4c2cecda2da03c13c8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

etag: "809d9352a3adb1:0"
accept-ranges: bytes
content-length: 23792
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: image/png
last-modified: Thu, 19 Sep 2024 14:50:51 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 ShopNow-4.png
xskosa8152.bibosavings.com/assets/img/ 24 KB
24 KB 880ms
860ms Image
image/png 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xskosa8152.bibosavings.com/assets/img/ShopNow-4.png
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 1660558b6aeb5400d8376410238afd32d489184f2ea4109a4fbe76cd2dde3d91

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

etag: "2a19352a3adb1:0"
accept-ranges: bytes
content-length: 24402
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: image/png
last-modified: Thu, 19 Sep 2024 14:50:51 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 logo3.png
xskosa8152.bibosavings.com/assets/img/logo/ 7 KB
8 KB 880ms
860ms Image
image/png 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xskosa8152.bibosavings.com/assets/img/logo/logo3.png
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 2e2bfb4c23e2174e1d8b296747e28de9acc0724325f7f34bee3ca5e9dfb47202

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

etag: "b091e286a7adb1:0"
accept-ranges: bytes
content-length: 7663
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: image/png
last-modified: Thu, 19 Sep 2024 15:20:57 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 logo4.png
xskosa8152.bibosavings.com/assets/img/logo/ 9 KB
9 KB 879ms
859ms Image
image/png 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xskosa8152.bibosavings.com/assets/img/logo/logo4.png
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5fc227887ffdcf0ab45ef170583c17acb0f8a2a38ad11bd2e38ab0e15959dfc8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

etag: "61de286a7adb1:0"
accept-ranges: bytes
content-length: 8864
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: image/png
last-modified: Thu, 19 Sep 2024 15:20:57 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 logo5.png
xskosa8152.bibosavings.com/assets/img/logo/ 7 KB
7 KB 879ms
859ms Image
image/png 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xskosa8152.bibosavings.com/assets/img/logo/logo5.png
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: acc6a5cabf1139a96a5a215c664e49c657c90cabe62e32bede18a00b8f0a1180

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

etag: "d0b8e286a7adb1:0"
accept-ranges: bytes
content-length: 6911
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: image/png
last-modified: Thu, 19 Sep 2024 15:20:57 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 logo6.png
xskosa8152.bibosavings.com/assets/img/logo/ 35 KB
35 KB 879ms
860ms Image
image/png 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xskosa8152.bibosavings.com/assets/img/logo/logo6.png
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 9ed23c503594526e4e0bd4beab7e4c81b91c7742ae1777e2638ea43de92536b6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

etag: "4acae386a7adb1:0"
accept-ranges: bytes
content-length: 36113
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: image/png
last-modified: Thu, 19 Sep 2024 15:20:57 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 shutterstock_1017962767.jpg
xskosa8152.bibosavings.com/assets/img/ 4 MB
4 MB 884ms
865ms Image
image/jpeg 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xskosa8152.bibosavings.com/assets/img/shutterstock_1017962767.jpg
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d276d3e3cd7cfff35ac59cb0a59e1eed2c6411c5f03ddc3f8bb45055489f7295

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

etag: "c229a552a3adb1:0"
accept-ranges: bytes
content-length: 3761971
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: image/jpeg
last-modified: Thu, 19 Sep 2024 14:50:52 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 ChangpengZhao.jpg
xskosa8152.bibosavings.com/assets/img/billionaire-section/ 5 KB
5 KB 887ms
869ms Image
image/jpeg 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xskosa8152.bibosavings.com/assets/img/billionaire-section/ChangpengZhao.jpg
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: a04c190af52fe1e444b313aa731036017303cc46c459cbfec341c6f5aec89141

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

etag: "d1609452a3adb1:0"
accept-ranges: bytes
content-length: 5273
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: image/jpeg
last-modified: Thu, 19 Sep 2024 14:50:51 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 stack-removebg-preview.png
xskosa8152.bibosavings.com/assets/img/billionaire-section/ 14 KB
14 KB 888ms
869ms Image
image/png 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xskosa8152.bibosavings.com/assets/img/billionaire-section/stack-removebg-preview.png
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: c1bcf59bd7203b174ea22be17b496e83e2f816c2b7aecc12f879ecde2a2c13fd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

etag: "9acd9852a3adb1:0"
accept-ranges: bytes
content-length: 13970
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: image/png
last-modified: Thu, 19 Sep 2024 14:50:51 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 ChristopherJaszczynski.jpg
xskosa8152.bibosavings.com/assets/img/billionaire-section/ 7 KB
7 KB 891ms
873ms Image
image/jpeg 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xskosa8152.bibosavings.com/assets/img/billionaire-section/ChristopherJaszczynski.jpg
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 352ed9aa669bb3aea7d6a1a28558dde46c9b5a370d9ccc65c14c75b52a9a1608

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

etag: "66e79552a3adb1:0"
accept-ranges: bytes
content-length: 7597
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: image/jpeg
last-modified: Thu, 19 Sep 2024 14:50:51 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 GiancarloDevasini.jpg
xskosa8152.bibosavings.com/assets/img/billionaire-section/ 4 KB
4 KB 892ms
873ms Image
image/jpeg 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xskosa8152.bibosavings.com/assets/img/billionaire-section/GiancarloDevasini.jpg
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: cf88b7bf05af7253805e4455d9525bb8669ab55400a9d0e814d8d5723f2eaac1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

etag: "11af9452a3adb1:0"
accept-ranges: bytes
content-length: 3919
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: image/jpeg
last-modified: Thu, 19 Sep 2024 14:50:51 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 VitalikButerin.jpg
xskosa8152.bibosavings.com/assets/img/billionaire-section/ 6 KB
6 KB 892ms
874ms Image
image/jpeg 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xskosa8152.bibosavings.com/assets/img/billionaire-section/VitalikButerin.jpg
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f97dbfeb0d09de72225a799274f042609039ff5596559aba2008636b1a0b6d51

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

etag: "9acd9852a3adb1:0"
accept-ranges: bytes
content-length: 6085
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: image/jpeg
last-modified: Thu, 19 Sep 2024 14:50:51 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 Camerona-TylerWinklevoss.jpg
xskosa8152.bibosavings.com/assets/img/billionaire-section/ 8 KB
8 KB 892ms
874ms Image
image/jpeg 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xskosa8152.bibosavings.com/assets/img/billionaire-section/Camerona-TylerWinklevoss.jpg
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 6986f82a261d49907a9d7c4ecb20865f0845db70488184a98456a7b1e5f1243c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

etag: "11af9452a3adb1:0"
accept-ranges: bytes
content-length: 8651
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: image/jpeg
last-modified: Thu, 19 Sep 2024 14:50:51 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 MichaelSaylor.jpg
xskosa8152.bibosavings.com/assets/img/billionaire-section/ 5 KB
5 KB 892ms
874ms Image
image/jpeg 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xskosa8152.bibosavings.com/assets/img/billionaire-section/MichaelSaylor.jpg
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 6f3afbb9803e27f71723f073c4b8f59ba4f6cbfc0073c1da7297948347765f33

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

etag: "bfaa9652a3adb1:0"
accept-ranges: bytes
content-length: 4836
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: image/jpeg
last-modified: Thu, 19 Sep 2024 14:50:51 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 BrianArmstrong.jpg
xskosa8152.bibosavings.com/assets/img/billionaire-section/ 5 KB
5 KB 892ms
874ms Image
image/jpeg 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xskosa8152.bibosavings.com/assets/img/billionaire-section/BrianArmstrong.jpg
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 1ffeccdacffae417f66aadeb3636216ba4010422df7b0fd7ca6d93e80c00dcf8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

etag: "68769352a3adb1:0"
accept-ranges: bytes
content-length: 5437
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: image/jpeg
last-modified: Thu, 19 Sep 2024 14:50:51 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 PCandDell.png
xskosa8152.bibosavings.com/assets/img/ 87 KB
87 KB 898ms
881ms Image
image/png 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xskosa8152.bibosavings.com/assets/img/PCandDell.png
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 20b50245688a840c3b0b12c71176309cb1449265b4837e0c47e4bc58bc4e2da7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

etag: "eaa58f52a3adb1:0"
accept-ranges: bytes
content-length: 89287
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: image/png
last-modified: Thu, 19 Sep 2024 14:50:51 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 cryptowalletcash.png
xskosa8152.bibosavings.com/assets/img/ 225 KB
226 KB 902ms
885ms Image
image/png 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xskosa8152.bibosavings.com/assets/img/cryptowalletcash.png
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f9562eda832803ac60645d8ca4083db2630b9a9bb1b4aa138e46e1731996858e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

etag: "e4d913afa7adb1:0"
accept-ranges: bytes
content-length: 230686
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: image/png
last-modified: Thu, 19 Sep 2024 15:22:05 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 cryptoGenerator-removebg-preview.png
xskosa8152.bibosavings.com/assets/img/ 117 KB
118 KB 907ms
890ms Image
image/png 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xskosa8152.bibosavings.com/assets/img/cryptoGenerator-removebg-preview.png
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 8a81060ab3b754d9dc15cd950b4f0d6667a37164cfaf7bef2d35a9ab4c28af27

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

etag: "598b8952a3adb1:0"
accept-ranges: bytes
content-length: 120299
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: image/png
last-modified: Thu, 19 Sep 2024 14:50:51 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 Join-the-Revolution.jpg
xskosa8152.bibosavings.com/assets/img/ 340 KB
340 KB 909ms
892ms Image
image/jpeg 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xskosa8152.bibosavings.com/assets/img/Join-the-Revolution.jpg
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 12c7ce93e578867823ef48632729582b21672919f64133a6fbc8d2a29f290b4f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

etag: "c7ef9152a3adb1:0"
accept-ranges: bytes
content-length: 347861
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: image/jpeg
last-modified: Thu, 19 Sep 2024 14:50:51 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 UnilevelChart.jpg
xskosa8152.bibosavings.com/assets/img/comp-plan-section/ 15 KB
15 KB 912ms
896ms Image
image/jpeg 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xskosa8152.bibosavings.com/assets/img/comp-plan-section/UnilevelChart.jpg
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: eb7037dcaeace58b787d78849ba79eb26a265b06f31122e229064b0026c99ede

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

etag: "8afce88da5adb1:0"
accept-ranges: bytes
content-length: 15475
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: image/jpeg
last-modified: Thu, 19 Sep 2024 15:06:50 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 MatrixChart.jpg
xskosa8152.bibosavings.com/assets/img/comp-plan-section/ 74 KB
74 KB 912ms
896ms Image
image/jpeg 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xskosa8152.bibosavings.com/assets/img/comp-plan-section/MatrixChart.jpg
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5937eda4ab024692e6c6f8486554e9434d9c0b9c3164ac01a6f50a5fc13345d9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

etag: "fadea8da5adb1:0"
accept-ranges: bytes
content-length: 75599
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: image/jpeg
last-modified: Thu, 19 Sep 2024 15:06:50 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 BinaryChart.jpg
xskosa8152.bibosavings.com/assets/img/comp-plan-section/ 27 KB
28 KB 918ms
902ms Image
image/jpeg 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xskosa8152.bibosavings.com/assets/img/comp-plan-section/BinaryChart.jpg
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 8cb49e8771cdea5461e0039ecb2b0a30853340db2153c49752e4415b100b45ab

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

etag: "5f7ee38da5adb1:0"
accept-ranges: bytes
content-length: 28132
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: image/jpeg
last-modified: Thu, 19 Sep 2024 15:06:50 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 CodedBonusChart1.jpg
xskosa8152.bibosavings.com/assets/img/comp-plan-section/ 26 KB
26 KB 921ms
905ms Image
image/jpeg 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xskosa8152.bibosavings.com/assets/img/comp-plan-section/CodedBonusChart1.jpg
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: a709ba73494d55e6969214753f110414ce3bac35e3752dda7d38f6fb87c330d8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

etag: "45efe58da5adb1:0"
accept-ranges: bytes
content-length: 26425
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: image/jpeg
last-modified: Thu, 19 Sep 2024 15:06:50 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 CodedBonusChart2.jpg
xskosa8152.bibosavings.com/assets/img/comp-plan-section/ 23 KB
23 KB 921ms
905ms Image
image/jpeg 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xskosa8152.bibosavings.com/assets/img/comp-plan-section/CodedBonusChart2.jpg
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: eaeadaf06c4bfd9532d3224945e4d7e31b3ca63e9d64cb12419c9635db2a2cac

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

etag: "c398e98da5adb1:0"
accept-ranges: bytes
content-length: 23525
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: image/jpeg
last-modified: Thu, 19 Sep 2024 15:06:50 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 DailyPayChart.jpg
xskosa8152.bibosavings.com/assets/img/comp-plan-section/ 21 KB
21 KB 924ms
909ms Image
image/jpeg 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xskosa8152.bibosavings.com/assets/img/comp-plan-section/DailyPayChart.jpg
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: c8704d4974b0bfc3b881ac4189424d76437453d20a8e27e51018cd7b33d1ee09

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

etag: "853e58da5adb1:0"
accept-ranges: bytes
content-length: 21462
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: image/jpeg
last-modified: Thu, 19 Sep 2024 15:06:50 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 thumbnail_AdPack_UnilvelChat.png
xskosa8152.bibosavings.com/assets/img/comp-plan-section/ 6 KB
6 KB 924ms
909ms Image
image/png 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xskosa8152.bibosavings.com/assets/img/comp-plan-section/thumbnail_AdPack_UnilvelChat.png
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 60e2d1b20246e87887928c7cba937ec66432a09fa33127081dc20e03adeeb5d1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

etag: "a76f3717c4ddb1:0"
accept-ranges: bytes
content-length: 6402
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: image/png
last-modified: Mon, 23 Sep 2024 14:22:59 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 tab.png
xskosa8152.bibosavings.com/assets/img/ 14 KB
14 KB 929ms
914ms Image
image/png 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xskosa8152.bibosavings.com/assets/img/tab.png
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5e20ca5e78f7da3e735c6c2cbf16043a67ad769d3c9e59de34a33c45b4084b80

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

etag: "507eb37b59fada1:0"
accept-ranges: bytes
content-length: 14192
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: image/png
last-modified: Thu, 29 Aug 2024 21:21:59 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 contact-us.png
xskosa8152.bibosavings.com/assets/img/ 111 KB
111 KB 928ms
914ms Image
image/png 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xskosa8152.bibosavings.com/assets/img/contact-us.png
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 150053ee55e7971e10ca45542c5dff126a3c616d14e1455701e6a2697a4722a9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

etag: "dd5b8d52a3adb1:0"
accept-ranges: bytes
content-length: 114007
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: image/png
last-modified: Thu, 19 Sep 2024 14:50:51 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 comingSoon.jpg
xskosa8152.bibosavings.com/assets/img/coming-soon/ 74 KB
74 KB 931ms
917ms Image
image/jpeg 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xskosa8152.bibosavings.com/assets/img/coming-soon/comingSoon.jpg
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 7331a713a353c75966f06f7fdfeb944c53405e4192b501e4f69618dca5143089

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

etag: "24fc584c7f91d81:0"
accept-ranges: bytes
content-length: 75756
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: image/jpeg
last-modified: Wed, 06 Jul 2022 21:28:13 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 icon-white.png
xskosa8152.bibosavings.com/assets/img/choose/ 6 KB
6 KB 941ms
927ms Image
image/png 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xskosa8152.bibosavings.com/assets/img/choose/icon-white.png
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ce16d142a5916d7775a1cd70d579dafffcddbf6efaad06b32c230ade11bda34a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

etag: "7a7675d12992d81:0"
accept-ranges: bytes
content-length: 5746
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: image/png
last-modified: Thu, 07 Jul 2022 17:48:51 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 CompPlan_Matrix_image.jpg
xskosa8152.bibosavings.com/assets/img/choose/ 28 KB
28 KB 941ms
928ms Image
image/jpeg 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xskosa8152.bibosavings.com/assets/img/choose/CompPlan_Matrix_image.jpg
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: a0ed1be10257b5aa8f8e887f3ad2a5be30b8ef5871f8860fd40903cabbf1d750

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

etag: "55d183c9e89ad81:0"
accept-ranges: bytes
content-length: 29025
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: image/jpeg
last-modified: Mon, 18 Jul 2022 20:56:01 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 CompPlan_Matrix_Chart-updated.png
xskosa8152.bibosavings.com/assets/img/choose/ 5 KB
5 KB 941ms
928ms Image
image/png 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xskosa8152.bibosavings.com/assets/img/choose/CompPlan_Matrix_Chart-updated.png
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: bca6c2eafac2d239607444a1f6f0404b3c155c11520469a3d2e4eae2efaf2f3c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

etag: "23afd05e2c9cd81:0"
accept-ranges: bytes
content-length: 5405
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: image/png
last-modified: Wed, 20 Jul 2022 11:32:19 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 CompPlan_DirectCommissions.png
xskosa8152.bibosavings.com/assets/img/choose/ 30 KB
30 KB 942ms
929ms Image
image/png 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xskosa8152.bibosavings.com/assets/img/choose/CompPlan_DirectCommissions.png
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: c5ad5b6b34d24364671e4783efd176a1891bfca04e6cc489b0fee2d81013c5c7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

etag: "627df55f896d81:0"
accept-ranges: bytes
content-length: 30582
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: image/png
last-modified: Wed, 13 Jul 2022 20:35:00 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 CompPlan_DirectCommissions_Amounts.png
xskosa8152.bibosavings.com/assets/img/choose/ 7 KB
7 KB 1013ms
1000ms Image
image/png 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xskosa8152.bibosavings.com/assets/img/choose/CompPlan_DirectCommissions_Amounts.png
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 22e8c910d255cb8f06e430a1497d7b0b4a1161ad4cbcf33341191d0aa162d1f5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

etag: "13a4f55f896d81:0"
accept-ranges: bytes
content-length: 6739
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: image/png
last-modified: Wed, 13 Jul 2022 20:35:00 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 CompPlan_RetailManagement_Chart.png
xskosa8152.bibosavings.com/assets/img/choose/ 11 KB
11 KB 1012ms
1000ms Image
image/png 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xskosa8152.bibosavings.com/assets/img/choose/CompPlan_RetailManagement_Chart.png
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: feb14bae57b7560e5496f94941acff47c0278fb2bc0e406c89a03ac7dcddcfc2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

etag: "731895ae1296d81:0"
accept-ranges: bytes
content-length: 11467
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: image/png
last-modified: Tue, 12 Jul 2022 17:13:19 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 CompPlan_Powerline_Image.png
xskosa8152.bibosavings.com/assets/img/choose/ 14 KB
14 KB 1012ms
1000ms Image
image/png 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xskosa8152.bibosavings.com/assets/img/choose/CompPlan_Powerline_Image.png
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: a34bf3bd53c1a474e166d981c9689e674989a47ce1f961689e418b0de9d58d3c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

etag: "43472aac7e98d81:0"
accept-ranges: bytes
content-length: 14518
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: image/png
last-modified: Fri, 15 Jul 2022 19:11:22 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 CompPlan_Powerline_Chart_EarningsperSale.png
xskosa8152.bibosavings.com/assets/img/choose/ 6 KB
6 KB 1015ms
1003ms Image
image/png 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xskosa8152.bibosavings.com/assets/img/choose/CompPlan_Powerline_Chart_EarningsperSale.png
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 9e4d404b484884ebdc834f6fe5323b18f0c1585cc3e10b7c5005e584cc142629

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

etag: "c0d4fa5f896d81:0"
accept-ranges: bytes
content-length: 5653
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: image/png
last-modified: Wed, 13 Jul 2022 20:35:00 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 CompPlan_Powerline_Chart.png
xskosa8152.bibosavings.com/assets/img/choose/ 6 KB
6 KB 1015ms
1003ms Image
image/png 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xskosa8152.bibosavings.com/assets/img/choose/CompPlan_Powerline_Chart.png
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 050503ad350353f99bf39d9e02e8afc2075e0c6f626449704faf3ac96ab2bfe1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

etag: "bd8af85f896d81:0"
accept-ranges: bytes
content-length: 5747
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: image/png
last-modified: Wed, 13 Jul 2022 20:35:00 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 CompPlan_MatchingBonus_Image.png
xskosa8152.bibosavings.com/assets/img/choose/ 289 KB
289 KB 1014ms
1002ms Image
image/png 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xskosa8152.bibosavings.com/assets/img/choose/CompPlan_MatchingBonus_Image.png
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3c8ad852b0539a0a7a58ff97b0d2bb09944f9babadc2ebd1948d6c70f0a41d34

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

etag: "bd8af85f896d81:0"
accept-ranges: bytes
content-length: 296014
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: image/png
last-modified: Wed, 13 Jul 2022 20:35:00 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 CompPlan_MatchingBonuses-BBC_Chart.png
xskosa8152.bibosavings.com/assets/img/choose/ 26 KB
26 KB 1017ms
1005ms Image
image/png 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xskosa8152.bibosavings.com/assets/img/choose/CompPlan_MatchingBonuses-BBC_Chart.png
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 028389daee5f67c666ffc12601f5214ad3240655524a5154c30124c375f0e553

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

etag: "31c3f95f896d81:0"
accept-ranges: bytes
content-length: 26388
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: image/png
last-modified: Wed, 13 Jul 2022 20:35:00 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 CompPlan_MatchingBonuses-ZTA_Image.png
xskosa8152.bibosavings.com/assets/img/choose/ 27 KB
27 KB 1017ms
1006ms Image
image/png 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xskosa8152.bibosavings.com/assets/img/choose/CompPlan_MatchingBonuses-ZTA_Image.png
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 8aa2f389b7a85b20dde4951d73190d5b2bc579ce086d77782f033547755f2bb6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

etag: "31c3f95f896d81:0"
accept-ranges: bytes
content-length: 27665
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: image/png
last-modified: Wed, 13 Jul 2022 20:35:00 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 CompPlan_FoundersBonus_MaxEarnings.png
xskosa8152.bibosavings.com/assets/img/choose/ 9 KB
9 KB 1017ms
1006ms Image
image/png 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xskosa8152.bibosavings.com/assets/img/choose/CompPlan_FoundersBonus_MaxEarnings.png
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: fcfd777cced05e195fc9e3b1d0c13190f8d77e41212bfa1eab724f926a8cfdce

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

etag: "25cbf55f896d81:0"
accept-ranges: bytes
content-length: 8785
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: image/png
last-modified: Wed, 13 Jul 2022 20:35:00 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 CompPlan_FoundersBonus_Qualification.png
xskosa8152.bibosavings.com/assets/img/choose/ 9 KB
9 KB 1018ms
1007ms Image
image/png 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xskosa8152.bibosavings.com/assets/img/choose/CompPlan_FoundersBonus_Qualification.png
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 20309123a84ff0f93acab07462b8d16c082fa138ccf31ffe2a758b282c37cae3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

etag: "25cbf55f896d81:0"
accept-ranges: bytes
content-length: 8953
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: image/png
last-modified: Wed, 13 Jul 2022 20:35:00 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 CompPlan_FoundersBonus_Image.png
xskosa8152.bibosavings.com/assets/img/choose/ 10 KB
10 KB 1018ms
1007ms Image
image/png 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xskosa8152.bibosavings.com/assets/img/choose/CompPlan_FoundersBonus_Image.png
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 8f3574acaf002f47f134879564ef61445d87819b50f330d3786f991494877166

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

etag: "25cbf55f896d81:0"
accept-ranges: bytes
content-length: 10348
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: image/png
last-modified: Wed, 13 Jul 2022 20:35:00 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 CompPlan_LeadershipContract.png
xskosa8152.bibosavings.com/assets/img/choose/ 183 KB
183 KB 1018ms
1008ms Image
image/png 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xskosa8152.bibosavings.com/assets/img/choose/CompPlan_LeadershipContract.png
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b74c5f7d10f2fd831ecc303a65c72e6b242ee658fd40a89f831b6e4896c0e1a8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

etag: "59f02f11a197d81:0"
accept-ranges: bytes
content-length: 187472
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: image/png
last-modified: Thu, 14 Jul 2022 16:45:04 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 CompPlan_TravelDollars_Hotel.png
xskosa8152.bibosavings.com/assets/img/choose/ 41 KB
41 KB 1019ms
1008ms Image
image/png 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xskosa8152.bibosavings.com/assets/img/choose/CompPlan_TravelDollars_Hotel.png
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 7572e3ed0de7d9479a3887424801549a66964ada6657e15c6de5d6082379f1f2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

etag: "5e32c11a197d81:0"
accept-ranges: bytes
content-length: 41982
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: image/png
last-modified: Thu, 14 Jul 2022 16:45:04 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 rosen.jpg
xskosa8152.bibosavings.com/assets/img/choose/ 59 KB
59 KB 1019ms
1009ms Image
image/jpeg 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xskosa8152.bibosavings.com/assets/img/choose/rosen.jpg
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 278ca7e89b255379c633f71271939ef9aa063819e4e3244203b5c3e88d9c77de

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

etag: "1ceaab8c4a95d81:0"
accept-ranges: bytes
content-length: 60406
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: image/jpeg
last-modified: Mon, 11 Jul 2022 17:20:42 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 ritz.jpg
xskosa8152.bibosavings.com/assets/img/choose/ 58 KB
58 KB 3127ms
3117ms Image
image/jpeg 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xskosa8152.bibosavings.com/assets/img/choose/ritz.jpg
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 0c0431e5ddacb945058ad5ce125d953f660a7df22548c8b8c111208307e7e6b0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

etag: "1ceaab8c4a95d81:0"
accept-ranges: bytes
content-length: 59193
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: image/jpeg
last-modified: Mon, 11 Jul 2022 17:20:42 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 Sofitel.jpg
xskosa8152.bibosavings.com/assets/img/choose/ 64 KB
64 KB 3127ms
3117ms Image
image/jpeg 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xskosa8152.bibosavings.com/assets/img/choose/Sofitel.jpg
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: c079772873682cb81bf90ada8acb0d58ded9303949434b089da143e179b0a6f4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

etag: "a54eb48c4a95d81:0"
accept-ranges: bytes
content-length: 65173
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: image/jpeg
last-modified: Mon, 11 Jul 2022 17:20:42 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 Kawanda.jpg
xskosa8152.bibosavings.com/assets/img/choose/ 61 KB
61 KB 3127ms
3118ms Image
image/jpeg 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xskosa8152.bibosavings.com/assets/img/choose/Kawanda.jpg
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3b70348c9ace6191a9bc978cef25305fb297e2fdd4c406f4375b0cd7bdf51261

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

etag: "d5f7ae8c4a95d81:0"
accept-ranges: bytes
content-length: 62764
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: image/jpeg
last-modified: Mon, 11 Jul 2022 17:20:42 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 folder.svg
xskosa8152.bibosavings.com/assets/img/icon/ 2 KB
2 KB 3251ms
3241ms Image
image/svg+xml 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xskosa8152.bibosavings.com/assets/img/icon/folder.svg
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: c6927472f8d213e3316934cd18b1382208f9d28a1fb2cb7b4425b9669b1bb456

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

etag: "f67837c78ae6d91:0"
accept-ranges: bytes
content-length: 2214
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: image/svg+xml
last-modified: Wed, 13 Sep 2023 21:39:30 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 CoopMrketing_Chart_Revised_2.0-Large.png
xskosa8152.bibosavings.com/Content/images/ 217 KB
218 KB 3251ms
3242ms Image
image/png 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xskosa8152.bibosavings.com/Content/images/CoopMrketing_Chart_Revised_2.0-Large.png
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 0aff8c1a3b58bbfb2c6a9529a67ff4d00f6db5e570251540eb1087e8dca62e31

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

etag: "e144982a15f3d91:0"
accept-ranges: bytes
content-length: 222676
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: image/png
last-modified: Fri, 29 Sep 2023 20:40:21 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 pastedImage.png
xskosa8152.bibosavings.com/Content/images/ 30 KB
30 KB 3260ms
3251ms Image
image/png 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xskosa8152.bibosavings.com/Content/images/pastedImage.png
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: a180ca47ae95f809d2410b4753eac5ffc45eaf8caa0f5b9723a987e8667bd952

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

etag: "decf5db13bbda1:0"
accept-ranges: bytes
content-length: 30303
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: image/png
last-modified: Mon, 30 Oct 2023 14:16:36 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 P-A.png
xskosa8152.bibosavings.com/Content/images/ 79 KB
79 KB 3260ms
3251ms Image
image/png 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xskosa8152.bibosavings.com/Content/images/P-A.png
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: c45dc3d4bd33273659d24d8920b06c108941b8cbe2fb0147f417f7685fc4427f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

etag: "4c951fc0f68da1:0"
accept-ranges: bytes
content-length: 80967
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: image/png
last-modified: Fri, 27 Oct 2023 16:58:03 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 P-B.png
xskosa8152.bibosavings.com/Content/images/ 79 KB
80 KB 3388ms
3379ms Image
image/png 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xskosa8152.bibosavings.com/Content/images/P-B.png
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: aac9015a03680d99181ea3e1a3b96e805565ca1a54e1326d904cd037ac4beb44

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

etag: "44241dc0f68da1:0"
accept-ranges: bytes
content-length: 81358
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: image/png
last-modified: Fri, 27 Oct 2023 16:58:03 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 P-1.png
xskosa8152.bibosavings.com/Content/images/ 88 KB
88 KB 3390ms
3382ms Image
image/png 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xskosa8152.bibosavings.com/Content/images/P-1.png
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3b24171d30d0e1b3787ea7366d2e3206615595ddb3d852e184ca8d4b5fc2cf88

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

etag: "50da1ac0f68da1:0"
accept-ranges: bytes
content-length: 90064
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: image/png
last-modified: Fri, 27 Oct 2023 16:58:03 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 P-2.png
xskosa8152.bibosavings.com/Content/images/ 86 KB
86 KB 3391ms
3383ms Image
image/png 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xskosa8152.bibosavings.com/Content/images/P-2.png
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ed5e38902e04c76f61ecb69cac017313b667c1b51cf5b0fab9d21cc96497ae93

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

etag: "6c5422c0f68da1:0"
accept-ranges: bytes
content-length: 87948
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: image/png
last-modified: Fri, 27 Oct 2023 16:58:03 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 P-3.png
xskosa8152.bibosavings.com/Content/images/ 86 KB
86 KB 3655ms
3587ms Image
image/png 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xskosa8152.bibosavings.com/Content/images/P-3.png
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 822ff8079e2f76366c7ef22ba68bc80567e91bc868f20285fd1893d94b24e9c4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

etag: "924f1bc0f68da1:0"
accept-ranges: bytes
content-length: 88291
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: image/png
last-modified: Fri, 27 Oct 2023 16:58:03 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 P-4.png
xskosa8152.bibosavings.com/Content/images/ 87 KB
87 KB 4456ms
3858ms Image
image/png 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xskosa8152.bibosavings.com/Content/images/P-4.png
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 28a9148b4dc1e4dfb59f0fa7aadb1aa75678576fd40869fc4dcbe6596a1e9d84

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

etag: "44241dc0f68da1:0"
accept-ranges: bytes
content-length: 88627
date: Mon, 14 Oct 2024 10:15:09 GMT
content-type: image/png
last-modified: Fri, 27 Oct 2023 16:58:03 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 P-5.png
xskosa8152.bibosavings.com/Content/images/ 86 KB
86 KB 4437ms
3970ms Image
image/png 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xskosa8152.bibosavings.com/Content/images/P-5.png
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: a1dac5db4b8d0aca864034269a0155057b4e0a8e2fa98ca15bedc60f61db5e56

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

etag: "b97a19c0f68da1:0"
accept-ranges: bytes
content-length: 88407
date: Mon, 14 Oct 2024 10:15:09 GMT
content-type: image/png
last-modified: Fri, 27 Oct 2023 16:58:03 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 P-6.png
xskosa8152.bibosavings.com/Content/images/ 86 KB
86 KB 4446ms
3848ms Image
image/png 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xskosa8152.bibosavings.com/Content/images/P-6.png
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 1917d54b8030dce3d54569b04356d627f9c300daa15b16c655f16c71aeb40ac2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

etag: "2efd1cc0f68da1:0"
accept-ranges: bytes
content-length: 88316
date: Mon, 14 Oct 2024 10:15:09 GMT
content-type: image/png
last-modified: Fri, 27 Oct 2023 16:58:03 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 P-7.png
xskosa8152.bibosavings.com/Content/images/ 86 KB
87 KB 3924ms
3461ms Image
image/png 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xskosa8152.bibosavings.com/Content/images/P-7.png
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d27850e7ce660e5880d9090ed6cad471f14db717c48bf8415432578ee8a736fc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

etag: "b97a19c0f68da1:0"
accept-ranges: bytes
content-length: 88573
date: Mon, 14 Oct 2024 10:15:09 GMT
content-type: image/png
last-modified: Fri, 27 Oct 2023 16:58:03 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 P-8.png
xskosa8152.bibosavings.com/Content/images/ 83 KB
83 KB 3924ms
3461ms Image
image/png 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xskosa8152.bibosavings.com/Content/images/P-8.png
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 803529138bba0b75f02e6efbe57c1b48f992830c4a61754ac9e3281d6fa52631

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

etag: "cc5c1ec0f68da1:0"
accept-ranges: bytes
content-length: 85335
date: Mon, 14 Oct 2024 10:15:09 GMT
content-type: image/png
last-modified: Fri, 27 Oct 2023 16:58:03 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
968 B 85ms
45ms Script
text/javascript 142.250.196.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?hl=en

Requested by

Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f4.1e100.net

Software

ESF /

Resource Hash

9bb78787d230094e7b59fd220af0a87160630712d25307d3dbef05fb554a261f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

cache-control: private, max-age=300
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options: nosniff
expires: Mon, 14 Oct 2024 10:15:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date: Mon, 14 Oct 2024 10:15:09 GMT
x-xss-protection: 0
content-type: text/javascript; charset=utf-8
server: ESF
x-frame-options: SAMEORIGIN

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.4/ 88 KB
31 KB 69ms
2ms Script
text/javascript 2404:6800:4004:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.4/jquery.min.js

Requested by

Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80a::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

content-encoding: gzip
age: 192828
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options: nosniff
expires: Sun, 12 Oct 2025 04:41:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 12 Oct 2024 04:41:21 GMT
last-modified: Tue, 04 Apr 2023 03:27:01 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges: bytes
access-control-allow-origin: *
content-length: 31154
x-xss-protection: 0
server: sffe

GET
H2 200 ChrisSkyWordTour.png
xskosa8152.bibosavings.com/Content/images/ 999 KB
1000 KB 4038ms
3576ms Image
image/png 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xskosa8152.bibosavings.com/Content/images/ChrisSkyWordTour.png
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 88892035d70bf3461739e32fb63128beab71d28c8f23cd9b611b30dea88a8521

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

etag: "6764a52a15f3d91:0"
accept-ranges: bytes
content-length: 1022804
date: Mon, 14 Oct 2024 10:15:09 GMT
content-type: image/png
last-modified: Fri, 29 Sep 2023 20:40:21 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 bootstrap.min.js Show response
xskosa8152.bibosavings.com/js/ 36 KB
10 KB 258ms
230ms Script
application/javascript 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://xskosa8152.bibosavings.com/js/bootstrap.min.js
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

content-encoding: gzip
etag: "808bd4ea596fd81:0"
accept-ranges: bytes
content-length: 9776
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: application/javascript
last-modified: Tue, 24 May 2022 10:34:59 GMT
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 custom.js Show response
xskosa8152.bibosavings.com/js/ 20 KB
5 KB 483ms
455ms Script
application/javascript 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://xskosa8152.bibosavings.com/js/custom.js
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 30e7fbd837eb55b9947c798846d21a74ca7b9476e98646337ae1b95ca4feb73b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

content-encoding: gzip
etag: "809494c7f91d81:0"
accept-ranges: bytes
content-length: 4621
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: application/javascript
last-modified: Wed, 06 Jul 2022 21:28:13 GMT
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 modernizr.min.js Show response
xskosa8152.bibosavings.com/assets/js/ 11 KB
4 KB 484ms
456ms Script
application/javascript 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://xskosa8152.bibosavings.com/assets/js/modernizr.min.js
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d2b82e612d2a812e8be2a57300dab8923c4f2edbe7a799e7da70791b595646fe

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

content-encoding: gzip
etag: "809494c7f91d81:0"
accept-ranges: bytes
content-length: 4507
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: application/javascript
last-modified: Wed, 06 Jul 2022 21:28:13 GMT
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 bootstrap.bundle.min.js Show response
xskosa8152.bibosavings.com/assets/js/ 77 KB
22 KB 483ms
456ms Script
application/javascript 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://xskosa8152.bibosavings.com/assets/js/bootstrap.bundle.min.js
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 009296150b2185bd0659a7ee4406f34d31d38bfbaa693b940ae496e5a9f8a838

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

content-encoding: gzip
etag: "809494c7f91d81:0"
accept-ranges: bytes
content-length: 22419
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: application/javascript
last-modified: Wed, 06 Jul 2022 21:28:13 GMT
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 imagesloaded.pkgd.min.js Show response
xskosa8152.bibosavings.com/assets/js/ 5 KB
2 KB 484ms
457ms Script
application/javascript 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://xskosa8152.bibosavings.com/assets/js/imagesloaded.pkgd.min.js
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5a65b0ca177f1c0433c0ead611692521c23e6668846a2861fedc09ae11416ffc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

content-encoding: gzip
etag: "809494c7f91d81:0"
accept-ranges: bytes
content-length: 1818
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: application/javascript
last-modified: Wed, 06 Jul 2022 21:28:13 GMT
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 jquery.magnific-popup.min.js Show response
xskosa8152.bibosavings.com/assets/js/ 20 KB
7 KB 484ms
457ms Script
application/javascript 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://xskosa8152.bibosavings.com/assets/js/jquery.magnific-popup.min.js
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b0a45cd5aed66e27bd8ee861d0e3b782c8e79849bde32f90f078b9f2451a36f2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

content-encoding: gzip
etag: "809494c7f91d81:0"
accept-ranges: bytes
content-length: 7361
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: application/javascript
last-modified: Wed, 06 Jul 2022 21:28:13 GMT
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 isotope.pkgd.min.js Show response
xskosa8152.bibosavings.com/assets/js/ 35 KB
10 KB 489ms
461ms Script
application/javascript 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://xskosa8152.bibosavings.com/assets/js/isotope.pkgd.min.js
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: a931e5af561b1f0efaf6cdb96aeac4c035c30756dd6edd1091da1a68747d35bc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

content-encoding: gzip
etag: "809494c7f91d81:0"
accept-ranges: bytes
content-length: 9852
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: application/javascript
last-modified: Wed, 06 Jul 2022 21:28:13 GMT
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 jquery.appear.min.js Show response
xskosa8152.bibosavings.com/assets/js/ 1 KB
853 B 618ms
590ms Script
application/javascript 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://xskosa8152.bibosavings.com/assets/js/jquery.appear.min.js
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 2597615b6993e6137aa2152e6dcd4bf8de109cb95effd026edf46cde8b118ed7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

content-encoding: gzip
etag: "830794c7f91d81:0"
accept-ranges: bytes
content-length: 796
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: application/javascript
last-modified: Wed, 06 Jul 2022 21:28:13 GMT
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 jquery.easing.min.js Show response
xskosa8152.bibosavings.com/assets/js/ 2 KB
1 KB 618ms
591ms Script
application/javascript 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://xskosa8152.bibosavings.com/assets/js/jquery.easing.min.js
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 1f7723b6b9bfced0deba108df48e3287888dd986f1ff2d5133bacc9807ac0349

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

content-encoding: gzip
etag: "25677a4c7f91d81:0"
accept-ranges: bytes
content-length: 1070
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: application/javascript
last-modified: Wed, 06 Jul 2022 21:28:13 GMT
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 owl.carousel.min.js Show response
xskosa8152.bibosavings.com/assets/js/ 43 KB
11 KB 618ms
591ms Script
application/javascript 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://xskosa8152.bibosavings.com/assets/js/owl.carousel.min.js
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 668bfb67cff6b815ff9f9b82e070d4ad8721414bca6f3de21f10fb9f3e5dfa32

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

content-encoding: gzip
etag: "809494c7f91d81:0"
accept-ranges: bytes
content-length: 11411
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: application/javascript
last-modified: Wed, 06 Jul 2022 21:28:13 GMT
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 counter-up.js Show response
xskosa8152.bibosavings.com/assets/js/ 3 KB
1 KB 618ms
591ms Script
application/javascript 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://xskosa8152.bibosavings.com/assets/js/counter-up.js
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 6f191a5f1409f8ae48ad23c44b46d327c6e32820777afdb1b98df2d2bd60047c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

content-encoding: gzip
etag: "8bb9784c7f91d81:0"
accept-ranges: bytes
content-length: 1135
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: application/javascript
last-modified: Wed, 06 Jul 2022 21:28:13 GMT
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 countdown.min.js Show response
xskosa8152.bibosavings.com/assets/js/ 5 KB
2 KB 619ms
592ms Script
application/javascript 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://xskosa8152.bibosavings.com/assets/js/countdown.min.js
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4946a3890c02275e576911291991014127625e94563cbda08bf0311ef82e4828

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

content-encoding: gzip
etag: "809494c7f91d81:0"
accept-ranges: bytes
content-length: 2386
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: application/javascript
last-modified: Wed, 06 Jul 2022 21:28:13 GMT
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 chart.min.js Show response
xskosa8152.bibosavings.com/assets/js/ 190 KB
65 KB 619ms
592ms Script
application/javascript 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://xskosa8152.bibosavings.com/assets/js/chart.min.js
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d4e6237fd90d957302fd87fce9fef93f75c3ec44dd5227839471a7b09602b6c3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

content-encoding: gzip
etag: "809494c7f91d81:0"
accept-ranges: bytes
content-length: 66379
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: application/javascript
last-modified: Wed, 06 Jul 2022 21:28:13 GMT
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 wow.min.js Show response
xskosa8152.bibosavings.com/assets/js/ 8 KB
3 KB 618ms
592ms Script
application/javascript 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://xskosa8152.bibosavings.com/assets/js/wow.min.js
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3162b6468674133d7b6c903e4b8a06f7faf51216d1e7f8b3edc8f326b1bfe461

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

content-encoding: gzip
etag: "809494c7f91d81:0"
accept-ranges: bytes
content-length: 2706
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: application/javascript
last-modified: Wed, 06 Jul 2022 21:28:13 GMT
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 main.js Show response
xskosa8152.bibosavings.com/assets/js/ 10 KB
2 KB 619ms
593ms Script
application/javascript 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://xskosa8152.bibosavings.com/assets/js/main.js
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 581649bf50a0756e2f6082ec4814e7cfde6d8e4f6676ca48e7f51aff17c30389

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

content-encoding: gzip
etag: "0b0cbfcf2bed81:0"
accept-ranges: bytes
content-length: 2104
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: application/javascript
last-modified: Fri, 02 Sep 2022 17:39:44 GMT
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 jquery.validate.js Show response
xskosa8152.bibosavings.com/content/plugins/ 47 KB
13 KB 619ms
593ms Script
application/javascript 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://xskosa8152.bibosavings.com/content/plugins/jquery.validate.js
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b9390f4c49051d862c90a19d71f213b45291375d10ee714c989526b13ac38bb1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

content-encoding: gzip
etag: "805ea3e9596fd81:0"
accept-ranges: bytes
content-length: 12757
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: application/javascript
last-modified: Tue, 24 May 2022 10:34:57 GMT
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 jquery.unobtrusive-ajax.min.js Show response
xskosa8152.bibosavings.com/scripts/ 4 KB
2 KB 619ms
593ms Script
application/javascript 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://xskosa8152.bibosavings.com/scripts/jquery.unobtrusive-ajax.min.js
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 904a5a899b57d7459e09dc6e4c1ee5de272d264e0f714f2279089fc39e5461ca

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

content-encoding: gzip
etag: "0226deb596fd81:0"
accept-ranges: bytes
content-length: 1783
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: application/javascript
last-modified: Tue, 24 May 2022 10:35:00 GMT
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 jquery.validate.unobtrusive.min.js Show response
xskosa8152.bibosavings.com/Scripts/ 6 KB
3 KB 619ms
594ms Script
application/javascript 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://xskosa8152.bibosavings.com/Scripts/jquery.validate.unobtrusive.min.js
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 11f24140f22f336529a89c2ef3a8c39263c2d48979dd5f4c7c700b022d14a650

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

content-encoding: gzip
etag: "0226deb596fd81:0"
accept-ranges: bytes
content-length: 2497
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: application/javascript
last-modified: Tue, 24 May 2022 10:35:00 GMT
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 jquery.signalR-2.2.0.min.js Show response
xskosa8152.bibosavings.com/Scripts/ 36 KB
11 KB 619ms
594ms Script
application/javascript 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://xskosa8152.bibosavings.com/Scripts/jquery.signalR-2.2.0.min.js
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 8f8daa07c2200ca04a3f51d7730e154ddf32d73b3f0db916efda86ec64bb5928

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

content-encoding: gzip
etag: "0226deb596fd81:0"
accept-ranges: bytes
content-length: 11571
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: application/javascript
last-modified: Tue, 24 May 2022 10:35:00 GMT
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H3 200 embed.min.js Show response
app.termly.io/ 494 KB
175 KB 49ms
23ms Script
application/javascript 104.18.30.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.termly.io/embed.min.js

Requested by

Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.30.234 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0de82179828cddd3d3786f6284fb3bfbe441c19a774058600d83125408f42a8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"670981ba-7b8cb"
age: 1632
x-content-type-options: nosniff
expires: Mon, 14 Oct 2024 14:15:09 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 14 Oct 2024 10:15:09 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 11 Oct 2024 19:51:22 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15768000; includeSubDomains; preload
cache-control: public, max-age=14400
referrer-policy: no-referrer
cf-ray: 8d26ce79b8e6ca1f-NRT
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 element.js Show response
translate.google.com/translate_a/ 91 KB
31 KB 121ms
57ms Script
text/javascript 2404:6800:4004:818::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Requested by

Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:818::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

193d0f42bf0b5ab4c0587f4b6969bd123168191d389b94c3b7c04eccf2b64774

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 14 Oct 2024 10:15:09 GMT
x-xss-protection: 0
content-type: text/javascript; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
server: ESF
x-frame-options: SAMEORIGIN

GET
H2 200 css2
fonts.googleapis.com/ 21 KB
1 KB 90ms
45ms Stylesheet
text/css 2404:6800:4004:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Barlow:wght@400;500;600;700;800;900&family=Roboto:wght@100;300;400;500;700;900&display=swap

Requested by

Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/assets/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:828::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

176e4425867e1ff53053c9cace0ea4091b9b568e075ece583f62cdb45b9179bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 14 Oct 2024 10:15:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 14 Oct 2024 10:15:09 GMT
content-type: text/css; charset=utf-8
last-modified: Mon, 14 Oct 2024 10:15:09 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 hotjar-3704765.js Show response
static.hotjar.com/c/ 13 KB
6 KB 21ms
8ms Script
application/javascript 13.35.49.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-3704765.js?sv=6

Requested by

Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.35.49.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-35-49-11.nrt20.r.cloudfront.net

Software

Resource Hash

fbd76d22e812ae753745977a67a076c17da7cfb93d1427e55bb242a7ce493421

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

content-encoding: br
etag: W/bdf16be7f326ebb3de8ced6e35c9f57e
age: 9
x-content-type-options: nosniff
x-cache-hit: 1
x-cache: Hit from cloudfront
x-amz-cf-id: xpUe7jq6OJaQmhwjxIs_BjG0AeewpMrUzjfs755WKNmWF-sVSVZ6rQ==
date: Mon, 14 Oct 2024 10:15:00 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
via: 1.1 01e4ad03c80c45f7c69bb168f20c9836.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: NRT20-C1

GET
H2 200 5756610
w2.countingdownto.com/ Frame A48B 0
0 41ms
28ms Document
text/html 2606:4700:20::681a:95d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://w2.countingdownto.com/5756610

Requested by

Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:95d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://xskosa8152.bibosavings.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

age: 8
cache-control: public, max-age=60
cf-cache-status: HIT
cf-ray: 8d26ce7a78c65eb0-NRT
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 14 Oct 2024 10:15:09 GMT
last-modified: Mon, 14 Oct 2024 10:15:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FV3kiHi5DRtAreEm%2B%2FdPSFqeq3dg8%2BwHAfmy18tcL5Ybbe11%2FE11Bf%2BugkBHCVeSfB4ub3FLWLAVAQGLmPTe1v%2BOXwdJ2V9B%2FafiWX4lx5rFmLrZAHI2LzrIIB5w3bV%2FWFz6ELXfw2bJpZMo8uNwzV%2BWZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-request-id: F_5KNagaycSuRNgAAa7R

GET
H2 200 5756617
w2.countingdownto.com/ Frame 61B8 0
0 35ms
24ms Document
text/html 2606:4700:20::681a:95d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://w2.countingdownto.com/5756617

Requested by

Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:95d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://xskosa8152.bibosavings.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

age: 8
cache-control: public, max-age=60
cf-cache-status: HIT
cf-ray: 8d26ce7a78c85eb0-NRT
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 14 Oct 2024 10:15:09 GMT
last-modified: Mon, 14 Oct 2024 10:15:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Clcqymr2HXYWKEjxd%2F7AWT8GuSCHa6wRP%2BTqLKlS%2BlipVnjyGHW1j6C%2FFPZDKxWgveDR6%2ByDrRNqGnqaFaYP%2F%2FTE9KJUNg%2BXQfLiyRTf%2BHEWmfxjeJ9gCQjFp3TmDTJ8Kv9waRDbtpi17B%2Fu8KIsUHWVWg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-request-id: F_5KNaVqfir0RmAABPgR

GET
H/1.1 200
OK 3d-slider-3.jpg
s3-us-west-2.amazonaws.com/s.cdpn.io/142996/ 370 KB
371 KB 874ms
175ms Image
image/jpeg 52.92.148.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-us-west-2.amazonaws.com/s.cdpn.io/142996/3d-slider-3.jpg
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/assets/css/style.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.92.148.8 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: f76a0f4e101df5868dc9081aa7e42108d8be37a4c624942e77e3764149f4e497

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

Cache-Control: public
ETag: "dfa3a2ab83c91f819dece6fa9f511498"
x-amz-version-id: null
x-amz-request-id: 8V0Y6WKSNXMXDPWD
Accept-Ranges: bytes
Content-Length: 379259
Date: Mon, 14 Oct 2024 10:15:10 GMT
Last-Modified: Wed, 04 Nov 2015 12:15:36 GMT
Content-Type: image/jpeg
Server: AmazonS3
x-amz-id-2: MlTffIOZznsydOqcSmnlKR4J7LpHq4oQz84JoUUjneqVkzwAthKOrrtWsBeqFknkFKqx7r9K788=

GET
H/1.1 200
OK 3d-slider-2.jpg
s3-us-west-2.amazonaws.com/s.cdpn.io/142996/ 638 KB
639 KB 871ms
174ms Image
image/jpeg 52.92.148.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-us-west-2.amazonaws.com/s.cdpn.io/142996/3d-slider-2.jpg
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/assets/css/style.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.92.148.8 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 447a37a794b4b54a5ac749b44994f5e5ea0a4f0b08a7d0db42c419d2fabe264f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

Cache-Control: public
ETag: "628d87292a57569efc120b687e95b4e2"
x-amz-version-id: null
x-amz-request-id: 8V0T1GM44H7J9HMR
Accept-Ranges: bytes
Content-Length: 653646
Date: Mon, 14 Oct 2024 10:15:10 GMT
Last-Modified: Wed, 04 Nov 2015 12:15:36 GMT
Content-Type: image/jpeg
Server: AmazonS3
x-amz-id-2: WXsPS52PBjHRGKOOttTyndO6BOoTqKFpFbSvRVViafEd7SDQmp0lHembTNRwkaqyBs+189acUk0=

GET
H/1.1 200
OK 3d-slider-1.jpg
s3-us-west-2.amazonaws.com/s.cdpn.io/142996/ 573 KB
574 KB 872ms
176ms Image
image/jpeg 52.92.148.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-us-west-2.amazonaws.com/s.cdpn.io/142996/3d-slider-1.jpg
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/assets/css/style.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.92.148.8 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 1b2b2aa30bba8748c6164005eef94ffd9dec64b182e4b5ec3828cdb035ed1742

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

Cache-Control: public
ETag: "76f57c792767773954ddf8a591d4d2d4"
x-amz-version-id: null
x-amz-request-id: 8V0Y8ZBAXV9BT2NC
Accept-Ranges: bytes
Content-Length: 586984
Date: Mon, 14 Oct 2024 10:15:10 GMT
Last-Modified: Wed, 04 Nov 2015 12:15:36 GMT
Content-Type: image/jpeg
Server: AmazonS3
x-amz-id-2: w56/01zk6xPsv/l8Djpl3+b84iB4lekMpTWvZXJQuYrSJB7zTDVgrqEhgpFYY0U7vUMmaqSm8VY=

GET
H/1.1 200
OK 3d-slider-4.jpg
s3-us-west-2.amazonaws.com/s.cdpn.io/142996/ 833 KB
833 KB 871ms
175ms Image
image/jpeg 52.92.148.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-us-west-2.amazonaws.com/s.cdpn.io/142996/3d-slider-4.jpg
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/assets/css/style.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.92.148.8 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: a12e4a62345d0539415ce136c5cb1e2a7a8394a91fbd7107e64647f1347493df

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

Cache-Control: public
ETag: "e626a2641bb097250ce7c99972aa407d"
x-amz-version-id: null
x-amz-request-id: 8V0PZDQ1C06DFS1E
Accept-Ranges: bytes
Content-Length: 853067
Date: Mon, 14 Oct 2024 10:15:10 GMT
Last-Modified: Wed, 04 Nov 2015 12:15:36 GMT
Content-Type: image/jpeg
Server: AmazonS3
x-amz-id-2: zYVRqrPcP/nEMyFRFzi4IoDP95b8dDMatPLPGWNr7wlBPhnc3anmv4cehdmrVezs/UQkyFUZLZw=

GET
H2 200 NPvJcyJ.jpg
i.imgur.com/ 80 KB
80 KB 872ms
131ms Image
image/jpeg 199.232.196.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/NPvJcyJ.jpg

Requested by

Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/assets/css/style.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

8cc39430ce01deced8dbcfd25d8adfd9eb048a539dba1efc20192508647f4869

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

etag: "07b823012602cf54b5b5cace9602568c"
age: 3349746
access-control-allow-methods: GET, OPTIONS
x-content-type-options: nosniff
x-cache: Miss from cloudfront, HIT, HIT
x-amz-cf-id: jrGViLPcmrs2R62r1bLixzzpQSb3SOKKol7sbuNqXlIP-IqmPhZ6xg==
date: Mon, 14 Oct 2024 10:15:09 GMT
content-type: image/jpeg
last-modified: Thu, 27 Jul 2023 19:32:21 GMT
x-cache-hits: 3, 1
x-served-by: cache-iad-kcgs7200050-IAD, cache-bfi-krnt7300101-BFI
strict-transport-security: max-age=300
cache-control: public, max-age=31536000
x-timer: S1728900910.966158,VS0,VE2
accept-ranges: bytes
access-control-allow-origin: *
content-length: 81711
x-amz-cf-pop: IAD55-P6
server: cat factory 1.0
x-amz-server-side-encryption: AES256

GET
H3 200 fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 75 KB
76 KB 18ms
13ms Font
application/octet-stream 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://xskosa8152.bibosavings.com
Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Response headers

cf-cdnjs-via: cfworker/kv
cf-cache-status: HIT
etag: "5eb03e5f-12d68"
age: 396311
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WcFU38dEoAW7j8BH%2Fz%2Fu9A8ic7j9Dlj001xn1GP%2F4eX4dR5go3kWdZC97nruI%2Bw3%2Buk2V7NyitR5Al9y5rfpfM%2BAU9f%2BCyZTR6lLa5473K7cr3VqHRL5KjtAvuYoQkEKBT4vRjP5"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sat, 04 Oct 2025 10:15:09 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 14 Oct 2024 10:15:09 GMT
content-type: application/octet-stream; charset=utf-8
last-modified: Mon, 04 May 2020 16:10:07 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8d26ce7a8df4d740-NRT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 77160
server: cloudflare

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 52ms
8ms Font
font/woff2 142.251.42.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:wght@400;500;600;700;800;900&family=Roboto:wght@100;300;400;500;700;900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.131 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f3.1e100.net

Software

sffe /

Resource Hash

89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://xskosa8152.bibosavings.com
Referer: https://fonts.googleapis.com/

Response headers

age: 194344
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sun, 12 Oct 2025 04:16:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 12 Oct 2024 04:16:05 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18536
x-xss-protection: 0
server: sffe

GET
H2 200 fa-solid-900.woff2
xskosa8152.bibosavings.com/assets/fonts/ 138 KB
138 KB 3522ms
3421ms Font
application/font-woff2 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://xskosa8152.bibosavings.com/assets/fonts/fa-solid-900.woff2
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/assets/css/all-fontawesome.min.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 8b5a3ff47c2413e0bf3dd3bb7899a25aeef9b390a055847a1185a39ad48a2da2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://xskosa8152.bibosavings.com
Referer: https://xskosa8152.bibosavings.com/assets/css/all-fontawesome.min.css

Response headers

etag: "a9a0554c7f91d81:0"
accept-ranges: bytes
content-length: 140996
date: Mon, 14 Oct 2024 10:15:08 GMT
content-type: application/font-woff2
last-modified: Wed, 06 Jul 2022 21:28:13 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H3 200 7cHqv4kjgoGqM7E3t-4s51os.woff2
fonts.gstatic.com/s/barlow/v12/ 21 KB
21 KB 53ms
10ms Font
font/woff2 142.251.42.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3t-4s51os.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:wght@400;500;600;700;800;900&family=Roboto:wght@100;300;400;500;700;900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.131 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f3.1e100.net

Software

sffe /

Resource Hash

65a47caa5183b035bf78d0f93adbe5cea500333410259c54abf2de356740df7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://xskosa8152.bibosavings.com
Referer: https://fonts.googleapis.com/

Response headers

age: 230507
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sat, 11 Oct 2025 18:13:22 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 11 Oct 2024 18:13:22 GMT
last-modified: Tue, 19 Apr 2022 19:29:44 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 21724
x-xss-protection: 0
server: sffe

GET
H2 200 fa-regular-400.woff2
xskosa8152.bibosavings.com/assets/fonts/ 170 KB
170 KB 3651ms
3324ms Font
application/font-woff2 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://xskosa8152.bibosavings.com/assets/fonts/fa-regular-400.woff2
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/assets/css/all-fontawesome.min.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4e4cc2d5669ad1bb831c050c273dbf760a070eb5f413458cf5cd7625c594a583

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://xskosa8152.bibosavings.com
Referer: https://xskosa8152.bibosavings.com/assets/css/all-fontawesome.min.css

Response headers

etag: "84ac464c7f91d81:0"
accept-ranges: bytes
content-length: 173596
date: Mon, 14 Oct 2024 10:15:09 GMT
content-type: application/font-woff2
last-modified: Wed, 06 Jul 2022 21:28:13 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 51ms
8ms Font
font/woff2 142.251.42.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:wght@400;500;600;700;800;900&family=Roboto:wght@100;300;400;500;700;900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.131 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f3.1e100.net

Software

sffe /

Resource Hash

ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://xskosa8152.bibosavings.com
Referer: https://fonts.googleapis.com/

Response headers

age: 262685
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sat, 11 Oct 2025 09:17:04 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 11 Oct 2024 09:17:04 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18588
x-xss-protection: 0
server: sffe

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 53ms
10ms Font
font/woff2 142.251.42.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:wght@400;500;600;700;800;900&family=Roboto:wght@100;300;400;500;700;900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.131 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f3.1e100.net

Software

sffe /

Resource Hash

d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://xskosa8152.bibosavings.com
Referer: https://fonts.googleapis.com/

Response headers

age: 183761
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sun, 12 Oct 2025 07:12:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 12 Oct 2024 07:12:28 GMT
last-modified: Thu, 01 Aug 2024 20:41:21 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18596
x-xss-protection: 0
server: sffe

GET
H2

200

JSPa6dqpYNw
www.youtube.com/embed/ Frame 46B6
Redirect Chain

https://youtube.com/embed/JSPa6dqpYNw?rel=0&showinfo=0&start=0
https://www.youtube.com/embed/JSPa6dqpYNw?rel=0&showinfo=0&start=0

0
0

289ms
228ms

Document
text/html

2404:6800:4004:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/JSPa6dqpYNw?rel=0&showinfo=0&start=0

Requested by

Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xskosa8152.bibosavings.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-security-policy: require-trusted-types-for 'script'
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Mon, 14 Oct 2024 10:15:09 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=ja for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=31536000
content-length: 0
content-security-policy: require-trusted-types-for 'script'
content-type: application/binary
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Mon, 14 Oct 2024 10:15:09 GMT
expires: Mon, 14 Oct 2024 10:15:09 GMT
location: https://www.youtube.com/embed/JSPa6dqpYNw?rel=0&showinfo=0&start=0
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

S3T4nhtHxOA
www.youtube.com/embed/ Frame 9AFB
Redirect Chain

https://youtube.com/embed/S3T4nhtHxOA?rel=0&showinfo=0&start=0
https://www.youtube.com/embed/S3T4nhtHxOA?rel=0&showinfo=0&start=0

0
0

156ms
96ms

Document
text/html

2404:6800:4004:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/S3T4nhtHxOA?rel=0&showinfo=0&start=0

Requested by

Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xskosa8152.bibosavings.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-security-policy: require-trusted-types-for 'script'
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Mon, 14 Oct 2024 10:15:09 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=ja for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=31536000
content-length: 0
content-security-policy: require-trusted-types-for 'script'
content-security-policy-report-only: base-uri 'self';default-src 'self' https: blob:;font-src https: data:;img-src https: data: android-webview-video-poster:;media-src blob: https:;object-src 'none';report-uri /cspreport/common;script-src 'report-sample' 'nonce-DT7-5QxBHJAwcZyiDnG-aA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';style-src https: 'unsafe-inline'
content-type: application/binary
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Mon, 14 Oct 2024 10:15:09 GMT
expires: Mon, 14 Oct 2024 10:15:09 GMT
location: https://www.youtube.com/embed/S3T4nhtHxOA?rel=0&showinfo=0&start=0
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 5790327
w2.countingdownto.com/ Frame 6C08 0
0 21ms
19ms Document
text/html 2606:4700:20::681a:95d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://w2.countingdownto.com/5790327

Requested by

Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:95d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://xskosa8152.bibosavings.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

age: 8
cache-control: public, max-age=60
cf-cache-status: HIT
cf-ray: 8d26ce7aa8f55eb0-NRT
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 14 Oct 2024 10:15:09 GMT
last-modified: Mon, 14 Oct 2024 10:15:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Euc4YPXnS62iccfU73PsaLtKBqYY2DXW7Jf3G3DJ4OC8iXb7yKlxGAmlEN9T3rKZLuCE2XGfXL4DEUnnA41QGFe3v3BRTRfLHeudxfSFbSdsmRznql2NU%2FXOI988uNc4CPW%2BG8%2FNAO3fPs2S6bLGEknAHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-request-id: F_5KNahT91pgg8AABPgh

GET
H2 200 contact&company=bibo
quickforms.formstack.com/forms/ Frame C28B 0
0 1101ms
401ms Document
text/html 3.163.125.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://quickforms.formstack.com/forms/contact&company=bibo

Requested by

Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.163.125.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-163-125-61.lax54.r.cloudfront.net

Software

CloudFront /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://xskosa8152.bibosavings.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control: public, max-age=5 public
content-type: text/html; charset=UTF-8
date: Mon, 14 Oct 2024 10:15:10 GMT
expires: Mon, 14 Oct 2024 10:15:15 GMT
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: CloudFront
strict-transport-security: max-age=63072000; includeSubDomains; preload
via: 1.1 172c5fb61e3c25c3999628de323ae63c.cloudfront.net (CloudFront)
x-amz-cf-id: ZPmavEUaw-iyQhiA24fxBZ0ZExg8W-Ko4dOvvo0aOGaqGhVd5BsOUg==
x-amz-cf-pop: LAX54-P1
x-cache: Miss from cloudfront
x-content-type-options: nosniff

GET
H2 200 GetStarteddirection1.jpg
xskosa8152.bibosavings.com/assets/img/ 2 KB
2 KB 4304ms
3854ms Image
image/jpeg 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xskosa8152.bibosavings.com/assets/img/GetStarteddirection1.jpg
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/assets/css/style.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f65a02509d006a3ec4a90e4d22f79516ae49028cf554f8dca35174ed225d0a11

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/assets/css/style.css

Response headers

etag: "4dcdb5f9cbdb1:0"
accept-ranges: bytes
content-length: 1605
date: Mon, 14 Oct 2024 10:15:09 GMT
content-type: image/jpeg
last-modified: Fri, 20 Sep 2024 20:31:24 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 GetStarteddirection2.jpg
xskosa8152.bibosavings.com/assets/img/ 2 KB
2 KB 4308ms
3858ms Image
image/jpeg 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xskosa8152.bibosavings.com/assets/img/GetStarteddirection2.jpg
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/assets/css/style.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: fa69d16388833f7e5704553ff0da6f037ba7de7f7a9f12de9abef4beb732c9ec

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/assets/css/style.css

Response headers

etag: "fc7ab7f9cbdb1:0"
accept-ranges: bytes
content-length: 1581
date: Mon, 14 Oct 2024 10:15:09 GMT
content-type: image/jpeg
last-modified: Fri, 20 Sep 2024 20:31:24 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 fa-light-300.woff2
xskosa8152.bibosavings.com/assets/fonts/ 185 KB
185 KB 3545ms
3329ms Font
application/font-woff2 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://xskosa8152.bibosavings.com/assets/fonts/fa-light-300.woff2
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/assets/css/all-fontawesome.min.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: a96c21672b34a2f47197f6d5ae5ae4b6012d6fac6cfca1c851f66901c9c8abf4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://xskosa8152.bibosavings.com
Referer: https://xskosa8152.bibosavings.com/assets/css/all-fontawesome.min.css

Response headers

etag: "e38d424c7f91d81:0"
accept-ranges: bytes
content-length: 189648
date: Mon, 14 Oct 2024 10:15:09 GMT
content-type: application/font-woff2
last-modified: Wed, 06 Jul 2022 21:28:13 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H3 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 10ms
7ms Font
font/woff2 142.251.42.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:wght@400;500;600;700;800;900&family=Roboto:wght@100;300;400;500;700;900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.131 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f3.1e100.net

Software

sffe /

Resource Hash

1b150c409df2cca1e55ffc6e55b649980f9a282bb6b25da6186d5ed55741141b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://xskosa8152.bibosavings.com
Referer: https://fonts.googleapis.com/

Response headers

age: 197555
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sun, 12 Oct 2025 03:22:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 12 Oct 2024 03:22:34 GMT
last-modified: Thu, 01 Aug 2024 20:41:28 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18436
x-xss-protection: 0
server: sffe

GET
H3 200 7cHqv4kjgoGqM7E30-8s51os.woff2
fonts.gstatic.com/s/barlow/v12/ 21 KB
21 KB 12ms
10ms Font
font/woff2 142.251.42.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E30-8s51os.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:wght@400;500;600;700;800;900&family=Roboto:wght@100;300;400;500;700;900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.131 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f3.1e100.net

Software

sffe /

Resource Hash

2b14e8397d552f351a4396dec25ec5da1348865683100e94c4ab0faea4a9a254

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://xskosa8152.bibosavings.com
Referer: https://fonts.googleapis.com/

Response headers

age: 243941
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sat, 11 Oct 2025 14:29:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 11 Oct 2024 14:29:28 GMT
last-modified: Tue, 19 Apr 2022 19:35:19 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 21796
x-xss-protection: 0
server: sffe

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 16ms
14ms Font
font/woff2 142.251.42.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:wght@400;500;600;700;800;900&family=Roboto:wght@100;300;400;500;700;900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.131 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f3.1e100.net

Software

sffe /

Resource Hash

4dbd328e347e890a801d51f9a5f8d38a3efd51ec34c0aa22cc83d0a95d6d9d71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://xskosa8152.bibosavings.com
Referer: https://fonts.googleapis.com/

Response headers

age: 238055
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sat, 11 Oct 2025 16:07:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 11 Oct 2024 16:07:34 GMT
last-modified: Thu, 01 Aug 2024 20:41:19 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18492
x-xss-protection: 0
server: sffe

GET
H3 200 7cHqv4kjgoGqM7E3_-gs51os.woff2
fonts.gstatic.com/s/barlow/v12/ 20 KB
20 KB 15ms
13ms Font
font/woff2 142.251.42.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3_-gs51os.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:wght@400;500;600;700;800;900&family=Roboto:wght@100;300;400;500;700;900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.131 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f3.1e100.net

Software

sffe /

Resource Hash

7c0597b1b0c771139c958982210f05b275993037f0f3ba20d7a9300a0741dc80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://xskosa8152.bibosavings.com
Referer: https://fonts.googleapis.com/

Response headers

age: 220774
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sat, 11 Oct 2025 20:55:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 11 Oct 2024 20:55:35 GMT
last-modified: Tue, 19 Apr 2022 19:18:28 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 20960
x-xss-protection: 0
server: sffe

GET
H3

200

policy.html
app.termly.io/policy-viewer/ Frame 4CE1
Redirect Chain

https://app.termly.io/document/terms-of-service/2113cb24-ba0c-4d6d-a73f-8a26620d6760
https://app.termly.io/policy-viewer/policy.html?policyUUID=2113cb24-ba0c-4d6d-a73f-8a26620d6760

0
0

36ms
35ms

Document
text/html

104.18.30.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.termly.io/policy-viewer/policy.html?policyUUID=2113cb24-ba0c-4d6d-a73f-8a26620d6760

Requested by

Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.30.234 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src ; style-src 'unsafe-inline'; font-src self https://fonts.googleapis.com https://fonts.gstatic.com data:

Request headers

Referer: https://xskosa8152.bibosavings.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET,OPTIONS
access-control-allow-origin: *
age: 9
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 8d26ce7b8bc9e039-NRT
content-encoding: br
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline'; font-src self https://fonts.googleapis.com https://fonts.gstatic.com data:
content-type: text/html; charset=utf-8
date: Mon, 14 Oct 2024 10:15:09 GMT
expires: Mon, 14 Oct 2024 14:15:09 GMT
last-modified: Fri, 11 Oct 2024 19:51:22 GMT
server: cloudflare
server-timing: cfCacheStatus;desc="HIT" cfExtPri
vary: Accept-Encoding

Redirect headers

age: 9
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 8d26ce7b5baae039-NRT
content-security-policy: default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https:
content-type: text/html
date: Mon, 14 Oct 2024 10:15:09 GMT
expires: Mon, 14 Oct 2024 14:15:09 GMT
location: https://app.termly.io/policy-viewer/policy.html?policyUUID=2113cb24-ba0c-4d6d-a73f-8a26620d6760
server: cloudflare
server-timing: cfCacheStatus;desc="HIT" cfExtPri
strict-transport-security: max-age=15768000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3

200

policy.html
app.termly.io/policy-viewer/ Frame 0E4F
Redirect Chain

https://app.termly.io/document/privacy-policy/995709d8-2d76-47f0-979f-7ccae7462780
https://app.termly.io/policy-viewer/policy.html?policyUUID=995709d8-2d76-47f0-979f-7ccae7462780

0
0

18ms
18ms

Document
text/html

104.18.30.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.termly.io/policy-viewer/policy.html?policyUUID=995709d8-2d76-47f0-979f-7ccae7462780

Requested by

Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.30.234 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src ; style-src 'unsafe-inline'; font-src self https://fonts.googleapis.com https://fonts.gstatic.com data:

Request headers

Referer: https://xskosa8152.bibosavings.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET,OPTIONS
access-control-allow-origin: *
age: 9
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 8d26ce7b9bf3e039-NRT
content-encoding: br
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline'; font-src self https://fonts.googleapis.com https://fonts.gstatic.com data:
content-type: text/html; charset=utf-8
date: Mon, 14 Oct 2024 10:15:09 GMT
expires: Mon, 14 Oct 2024 14:15:09 GMT
last-modified: Fri, 11 Oct 2024 19:51:22 GMT
server: cloudflare
server-timing: cfCacheStatus;desc="HIT" cfExtPri
vary: Accept-Encoding

Redirect headers

age: 9
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 8d26ce7b5bace039-NRT
content-security-policy: default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https:
content-type: text/html
date: Mon, 14 Oct 2024 10:15:09 GMT
expires: Mon, 14 Oct 2024 14:15:09 GMT
location: https://app.termly.io/policy-viewer/policy.html?policyUUID=995709d8-2d76-47f0-979f-7ccae7462780
server: cloudflare
server-timing: cfCacheStatus;desc="HIT" cfExtPri
strict-transport-security: max-age=15768000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3

200

policy.html
app.termly.io/policy-viewer/ Frame 9C37
Redirect Chain

https://app.termly.io/document/privacy-policy/995709d8-2d76-47f0-979f-7ccae7462780
https://app.termly.io/policy-viewer/policy.html?policyUUID=995709d8-2d76-47f0-979f-7ccae7462780

0
0

21ms
21ms

Document
text/html

104.18.30.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.termly.io/policy-viewer/policy.html?policyUUID=995709d8-2d76-47f0-979f-7ccae7462780

Requested by

Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.30.234 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src ; style-src 'unsafe-inline'; font-src self https://fonts.googleapis.com https://fonts.gstatic.com data:

Request headers

Referer: https://xskosa8152.bibosavings.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET,OPTIONS
access-control-allow-origin: *
age: 9
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 8d26ce7b9bf3e039-NRT
content-encoding: br
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline'; font-src self https://fonts.googleapis.com https://fonts.gstatic.com data:
content-type: text/html; charset=utf-8
date: Mon, 14 Oct 2024 10:15:09 GMT
expires: Mon, 14 Oct 2024 14:15:09 GMT
last-modified: Fri, 11 Oct 2024 19:51:22 GMT
server: cloudflare
server-timing: cfCacheStatus;desc="HIT" cfExtPri
vary: Accept-Encoding

Redirect headers

age: 9
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 8d26ce7b5bace039-NRT
content-security-policy: default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https:
content-type: text/html
date: Mon, 14 Oct 2024 10:15:09 GMT
expires: Mon, 14 Oct 2024 14:15:09 GMT
location: https://app.termly.io/policy-viewer/policy.html?policyUUID=995709d8-2d76-47f0-979f-7ccae7462780
server: cloudflare
server-timing: cfCacheStatus;desc="HIT" cfExtPri
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3

200

policy.html
app.termly.io/policy-viewer/ Frame 8FC9
Redirect Chain

https://app.termly.io/document/cookie-policy/88b38497-4e5e-4fc1-9127-10fea32d552b
https://app.termly.io/policy-viewer/policy.html?policyUUID=88b38497-4e5e-4fc1-9127-10fea32d552b

0
0

38ms
34ms

Document
text/html

104.18.30.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.termly.io/policy-viewer/policy.html?policyUUID=88b38497-4e5e-4fc1-9127-10fea32d552b

Requested by

Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.30.234 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src ; style-src 'unsafe-inline'; font-src self https://fonts.googleapis.com https://fonts.gstatic.com data:

Request headers

Referer: https://xskosa8152.bibosavings.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET,OPTIONS
access-control-allow-origin: *
age: 8
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 8d26ce7b9beae039-NRT
content-encoding: br
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline'; font-src self https://fonts.googleapis.com https://fonts.gstatic.com data:
content-type: text/html; charset=utf-8
date: Mon, 14 Oct 2024 10:15:09 GMT
expires: Mon, 14 Oct 2024 14:15:09 GMT
last-modified: Fri, 11 Oct 2024 19:51:22 GMT
server: cloudflare
server-timing: cfCacheStatus;desc="HIT" cfExtPri
vary: Accept-Encoding

Redirect headers

age: 9
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 8d26ce7b6baee039-NRT
content-security-policy: default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https:
content-type: text/html
date: Mon, 14 Oct 2024 10:15:09 GMT
expires: Mon, 14 Oct 2024 14:15:09 GMT
location: https://app.termly.io/policy-viewer/policy.html?policyUUID=88b38497-4e5e-4fc1-9127-10fea32d552b
server: cloudflare
server-timing: cfCacheStatus;desc="HIT" cfExtPri
strict-transport-security: max-age=15768000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3

200

policy.html
app.termly.io/policy-viewer/ Frame EAA5
Redirect Chain

https://app.termly.io/document/terms-of-service/2113cb24-ba0c-4d6d-a73f-8a26620d6760
https://app.termly.io/policy-viewer/policy.html?policyUUID=2113cb24-ba0c-4d6d-a73f-8a26620d6760

0
0

38ms
38ms

Document
text/html

104.18.30.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.termly.io/policy-viewer/policy.html?policyUUID=2113cb24-ba0c-4d6d-a73f-8a26620d6760

Requested by

Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.30.234 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src ; style-src 'unsafe-inline'; font-src self https://fonts.googleapis.com https://fonts.gstatic.com data:

Request headers

Referer: https://xskosa8152.bibosavings.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET,OPTIONS
access-control-allow-origin: *
age: 9
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 8d26ce7b8bc9e039-NRT
content-encoding: br
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline'; font-src self https://fonts.googleapis.com https://fonts.gstatic.com data:
content-type: text/html; charset=utf-8
date: Mon, 14 Oct 2024 10:15:09 GMT
expires: Mon, 14 Oct 2024 14:15:09 GMT
last-modified: Fri, 11 Oct 2024 19:51:22 GMT
server: cloudflare
server-timing: cfCacheStatus;desc="HIT" cfExtPri
vary: Accept-Encoding

Redirect headers

age: 9
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 8d26ce7b5baae039-NRT
content-security-policy: default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https:
content-type: text/html
date: Mon, 14 Oct 2024 10:15:09 GMT
expires: Mon, 14 Oct 2024 14:15:09 GMT
location: https://app.termly.io/policy-viewer/policy.html?policyUUID=2113cb24-ba0c-4d6d-a73f-8a26620d6760
server: cloudflare
server-timing: cfCacheStatus;desc="HIT" cfExtPri
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3

200

policy.html
app.termly.io/policy-viewer/ Frame E129
Redirect Chain

https://app.termly.io/document/disclaimer/8dd34398-2d96-4596-9ec0-d6a79abc2883
https://app.termly.io/policy-viewer/policy.html?policyUUID=8dd34398-2d96-4596-9ec0-d6a79abc2883

0
0

27ms
27ms

Document
text/html

104.18.30.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.termly.io/policy-viewer/policy.html?policyUUID=8dd34398-2d96-4596-9ec0-d6a79abc2883

Requested by

Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.30.234 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src ; style-src 'unsafe-inline'; font-src self https://fonts.googleapis.com https://fonts.gstatic.com data:

Request headers

Referer: https://xskosa8152.bibosavings.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET,OPTIONS
access-control-allow-origin: *
age: 8
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 8d26ce7b9bece039-NRT
content-encoding: br
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline'; font-src self https://fonts.googleapis.com https://fonts.gstatic.com data:
content-type: text/html; charset=utf-8
date: Mon, 14 Oct 2024 10:15:09 GMT
expires: Mon, 14 Oct 2024 14:15:09 GMT
last-modified: Fri, 11 Oct 2024 19:51:22 GMT
server: cloudflare
server-timing: cfCacheStatus;desc="HIT" cfExtPri
vary: Accept-Encoding

Redirect headers

age: 9
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 8d26ce7b6bb3e039-NRT
content-security-policy: default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https:
content-type: text/html
date: Mon, 14 Oct 2024 10:15:09 GMT
expires: Mon, 14 Oct 2024 14:15:09 GMT
location: https://app.termly.io/policy-viewer/policy.html?policyUUID=8dd34398-2d96-4596-9ec0-d6a79abc2883
server: cloudflare
server-timing: cfCacheStatus;desc="HIT" cfExtPri
strict-transport-security: max-age=15768000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/aR-zv8WjtWx4lAw-tRCA-zca/ 546 KB
216 KB 59ms
6ms Script
text/javascript 172.217.175.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/aR-zv8WjtWx4lAw-tRCA-zca/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=en

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.175.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s18-in-f3.1e100.net

Software

sffe /

Resource Hash

5f75bfbfbf0c7cac2c87d6ca5de0661aedc188b0900b6cef5efbaea134b53302

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://xskosa8152.bibosavings.com
Referer: https://xskosa8152.bibosavings.com/

Response headers

content-encoding: gzip
age: 79159
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options: nosniff
expires: Mon, 13 Oct 2025 12:15:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 13 Oct 2024 12:15:50 GMT
last-modified: Mon, 07 Oct 2024 04:02:51 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges: bytes
access-control-allow-origin: *
content-length: 220951
x-xss-protection: 0
server: sffe

GET
H2 200 GetFlagForPrefix Show response
xskosa8152.bibosavings.com/Registration/ 49 B
157 B 3565ms
3461ms XHR
application/json 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://xskosa8152.bibosavings.com/Registration/GetFlagForPrefix?prefix=%20%2B81&countryName=Japan
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.4/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e2f8ea5577b1b165e4a12ede90538ed823d1740daa638368c0ec2d0cd31165ea

Request headers

Referer: https://xskosa8152.bibosavings.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: */*

Response headers

cache-control: private
x-aspnet-version: 4.0.30319
content-length: 49
date: Mon, 14 Oct 2024 10:15:09 GMT
content-type: application/json; charset=utf-8
x-powered-by: ASP.NET
x-aspnetmvc-version: 5.2
server: Microsoft-IIS/10.0

GET
H2 200 modules.02161fb4f8ebb73fb3f8.js Show response
script.hotjar.com/ 225 KB
56 KB 508ms
15ms Script
application/javascript 3.165.39.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.02161fb4f8ebb73fb3f8.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3704765.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.165.39.82 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-165-39-82.nrt12.r.cloudfront.net

Software

Resource Hash

3c6fd07134c7c19a53b6119d41d6c250efae68f3e7384ae34971e63b21d01337

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

x-robots-tag: none
content-encoding: br
etag: "dec0c1b6789c165b6cb6404022b9d8ab"
age: 7742
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: VeCtyk4vrp9Rjj5XT3Ob8hOj_g2bzIn8So15BCMa8qdD0Cd8DN_IPw==
date: Mon, 14 Oct 2024 08:06:07 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 14 Oct 2024 08:05:53 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
via: 1.1 17cc4fcf6aa1c74f9e5243cf15c47132.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 56680
x-amz-cf-pop: NRT12-P5

GET
H2 200 contact&company=bibo
quickforms.formstack.com/forms/ Frame 63E9 0
0 443ms
443ms Document
text/html 3.163.125.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://quickforms.formstack.com/forms/contact&company=bibo

Requested by

Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.163.125.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-163-125-61.lax54.r.cloudfront.net

Software

CloudFront /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://xskosa8152.bibosavings.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control: public, max-age=5 public
content-type: text/html; charset=UTF-8
date: Mon, 14 Oct 2024 10:15:10 GMT
expires: Mon, 14 Oct 2024 10:15:15 GMT
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: CloudFront
via: 1.1 172c5fb61e3c25c3999628de323ae63c.cloudfront.net (CloudFront)
x-amz-cf-id: ZPmavEUaw-iyQhiA24fxBZ0ZExg8W-Ko4dOvvo0aOGaqGhVd5BsOUg==
x-amz-cf-pop: LAX54-P1
x-cache: Miss from cloudfront
x-content-type-options: nosniff

GET
H2 200 track.js Show response
d2fuc4clr7gvcn.cloudfront.net/ 4 KB
2 KB 38ms
4ms Script
application/javascript 65.9.37.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2fuc4clr7gvcn.cloudfront.net/track.js
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.37.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-37-128.nrt12.r.cloudfront.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: df2698e6cf74ed890afa92da10051f880df2ce0b3257b73c5d9ae2f6bea82d3c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

content-encoding: gzip
etag: W/"65f04ae5-ef5"
age: 53955
via: 1.1 3324cffdbe64c84e117777de2182476c.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: 97d9yD7TjM2SIyCTYyy31wqquemyfYOAQdgtEG2IvRwntLLzxvLSXA==
date: Sun, 13 Oct 2024 19:15:55 GMT
content-type: application/javascript
last-modified: Tue, 12 Mar 2024 12:30:29 GMT
server: nginx/1.10.3 (Ubuntu)
x-amz-cf-pop: NRT12-C5
vary: Accept-Encoding

GET
H2 204 3704765 Show response
vc.hotjar.io/sessions/ 0
232 B 227ms
203ms XHR
text/plain 99.84.55.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/3704765?s=0.25&r=0.06098197654247639
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.02161fb4f8ebb73fb3f8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.55.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-55-74.nrt20.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

via: 1.1 67ca433c54bbb58bbc14d109449a1b64.cloudfront.net (CloudFront)
access-control-allow-origin: *
cache-control: no-store
x-cache: Miss from cloudfront
x-amz-cf-id: tVpBN8ZZ4oNShYpGKgZ-TM1rP0dAfR2IB__j6O3floKF5Lv6ltnwbA==
date: Mon, 14 Oct 2024 10:15:10 GMT
x-amz-cf-pop: NRT20-C3

GET
H/1.1 200
OK track.gif
track.gaug.es/ 35 B
389 B 686ms
177ms Image
image/gif 54.144.144.78
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.gaug.es/track.gif?h[site_id]=66d52f6281917f783cbecd50&h[resource]=https%3A%2F%2Fxskosa8152.bibosavings.com%2F&h[referrer]=&h[title]=&h[user_agent]=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F129.0.0.0%20Safari%2F537.36&h[unique]=1&h[unique_hour]=1&h[unique_day]=1&h[unique_month]=1&h[unique_year]=1&h[screenx]=1600&h[browserx]=1600&h[browsery]=1200&timestamp=1728900910461

Requested by

Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.144.144.78 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-144-144-78.compute-1.amazonaws.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

Cache-Control: no-store, no-cache, must-revalidate, private
Pragma: no-cache
Connection: keep-alive
X-Content-Type-Options: nosniff
Expires: Sat, 25 Nov 2000 05:00:00 GMT
Content-Length: 35
Date: Mon, 14 Oct 2024 10:15:11 GMT
Content-Type: image/gif
Last-Modified: Mon, 14 Oct 2024 10:15:11 GMT
Server: nginx/1.10.3 (Ubuntu)

GET
H3 200 64.png
flagsapi.com/JP/flat/ 463 B
988 B 24ms
14ms Image
image/png 172.67.191.123
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flagsapi.com/JP/flat/64.png
Requested by: Host: xskosa8152.bibosavings.com
URL: https://xskosa8152.bibosavings.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.191.123 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01ab14682c623d15aaf32386fe163b152cca3009feb2b007cc9e7c7c189864ce

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

cache-control: max-age=31536000, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
pragma: no-cache
age: 1096525
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TGxfvhLes2R49Yv7FTGliuf%2FwCndctoqU1IbM6MrrGJ3jfEF3bkKSw24cwguwoQHBT6CJJoeVx%2BU9RK73iEHGauFzWRtXmn5qYZVKydX%2F0AIZ2%2FG8vFjwWLDSvIrRqs%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d26ce924ad2f6ad-NRT
expires: Thu, 19 Nov 1981 08:52:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 14 Oct 2024 10:15:13 GMT
content-type: image/png
last-modified: Tue, 01 Oct 2024 17:39:48 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 404 bibosavingsIcon.png
xskosa8152.bibosavings.com/img/ 16 KB
16 KB 140ms
140ms Other
text/html 13.67.181.109
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://xskosa8152.bibosavings.com/img/bibosavingsIcon.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.67.181.109 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 03df0d220c5e8b1b83fa7aa569906584bb9c2c95935420d95091fb05e90a8f94

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://xskosa8152.bibosavings.com/

Response headers

content-length: 16636
date: Mon, 14 Oct 2024 10:15:13 GMT
content-type: text/html; charset=utf-8
x-powered-by: ASP.NET
server: Microsoft-IIS/10.0
x-aspnetmvc-version: 5.2

Verdicts & Comments Add Verdict or Comment

82 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
xskosa8152.bibosavings.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: msyvwtfulhqtwioird2eud4z
.bibosavings.com/	1970-01-21 09:00:36	Name: BrowserIdCookie Value: 690e94ac-b286-4649-8247-4adc5be93c98
.bibosavings.com/	1970-01-21 09:00:36	Name: HasSeenVideo93007 Value: HasSeenVideo93007=2
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: De5xNPrqqkE
.youtube.com/	1970-01-21 04:34:12	Name: VISITOR_INFO1_LIVE Value: RahEutBTfIk
.youtube.com/	1970-01-21 04:34:12	Name: VISITOR_PRIVACY_METADATA Value: CgJKUBIEGgAgbg%3D%3D
.bibosavings.com/	1970-01-21 09:00:36	Name: _hjSessionUser_3704765 Value: eyJpZCI6ImYxZmEwMjQwLWZlMzEtNTU3Zi04MjQwLTNiZmQ3YzZmOGM2MyIsImNyZWF0ZWQiOjE3Mjg5MDA5MTA0MjksImV4aXN0aW5nIjpmYWxzZX0=
.bibosavings.com/	1970-01-21 00:15:02	Name: _hjSession_3704765 Value: eyJpZCI6ImI4ODU5NDg5LWE2NGEtNDI3My1iZjljLWY4OGNhYTU1OWZkYyIsImMiOjE3Mjg5MDA5MTA0MzAsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MX0=
xskosa8152.bibosavings.com/	1970-01-21 00:15:04	Name: _gauges_unique_hour Value: 1
xskosa8152.bibosavings.com/	1970-01-21 00:16:27	Name: _gauges_unique_day Value: 1
xskosa8152.bibosavings.com/	1970-01-21 00:59:39	Name: _gauges_unique_month Value: 1
xskosa8152.bibosavings.com/	1970-01-21 09:00:36	Name: _gauges_unique_year Value: 1
xskosa8152.bibosavings.com/	1970-01-21 09:00:36	Name: _gauges_unique Value: 1

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://xskosa8152.bibosavings.com/Content/images/banner-5.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://xskosa8152.bibosavings.com/img/bibosavingsIcon.png Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
app.termly.io
cdnjs.cloudflare.com
code.jquery.com
d2fuc4clr7gvcn.cloudfront.net
flagsapi.com
fonts.googleapis.com
fonts.gstatic.com
i.imgur.com
quickforms.formstack.com
s3-us-west-2.amazonaws.com
script.hotjar.com
static.hotjar.com
track.gaug.es
translate.google.com
vc.hotjar.io
w2.countingdownto.com
www.google.com
www.gstatic.com
www.youtube.com
xskosa8152.bibosavings.com
youtube.com
104.17.24.14
104.18.30.234
13.35.49.11
13.67.181.109
142.250.196.100
142.251.42.131
172.217.175.3
172.67.191.123
199.232.196.193
2404:6800:4004:80a::200a
2404:6800:4004:818::200e
2404:6800:4004:823::200e
2404:6800:4004:824::200e
2404:6800:4004:828::200a
2606:4700:20::681a:95d
2a04:4e42::649
3.163.125.61
3.165.39.82
52.92.148.8
54.144.144.78
65.9.37.128
99.84.55.74
009296150b2185bd0659a7ee4406f34d31d38bfbaa693b940ae496e5a9f8a838
01ab14682c623d15aaf32386fe163b152cca3009feb2b007cc9e7c7c189864ce
028389daee5f67c666ffc12601f5214ad3240655524a5154c30124c375f0e553
03df0d220c5e8b1b83fa7aa569906584bb9c2c95935420d95091fb05e90a8f94
050503ad350353f99bf39d9e02e8afc2075e0c6f626449704faf3ac96ab2bfe1
0aff8c1a3b58bbfb2c6a9529a67ff4d00f6db5e570251540eb1087e8dca62e31
0c0431e5ddacb945058ad5ce125d953f660a7df22548c8b8c111208307e7e6b0
0de82179828cddd3d3786f6284fb3bfbe441c19a774058600d83125408f42a8e
0e39fc6581d1157b1f25b4500777aed78ff234475fdc04b6f3c66b0df4262d53
11f24140f22f336529a89c2ef3a8c39263c2d48979dd5f4c7c700b022d14a650
12c7ce93e578867823ef48632729582b21672919f64133a6fbc8d2a29f290b4f
141817e31e4281ccdb0a8be5dddd74eafcf3e55bcd2afa57e6f7b1ff28572db3
150053ee55e7971e10ca45542c5dff126a3c616d14e1455701e6a2697a4722a9
1660558b6aeb5400d8376410238afd32d489184f2ea4109a4fbe76cd2dde3d91
16c0eb84461f5dbdbe9110a4827f7ea09bc768dcfc4dffd1cdda4167121118c9
16eb16e4a08c5f7b7d45cd1029d493c1dc79d67bd11d6255c9664696d5e36fb0
176e4425867e1ff53053c9cace0ea4091b9b568e075ece583f62cdb45b9179bc
1917d54b8030dce3d54569b04356d627f9c300daa15b16c655f16c71aeb40ac2
193d0f42bf0b5ab4c0587f4b6969bd123168191d389b94c3b7c04eccf2b64774
1a159fe274130b2f3b5a3aa6c65ff30a977fbf1e67e650b3321837112a413980
1b033b8d01e0572b874ad7a1c8874bd5dfd71f754fffea8c70e674792c540d38
1b150c409df2cca1e55ffc6e55b649980f9a282bb6b25da6186d5ed55741141b
1b2b2aa30bba8748c6164005eef94ffd9dec64b182e4b5ec3828cdb035ed1742
1bf29d8202d94238cb1946787e41653a35139dd8308c001fe23b0c9eeab54c6a
1f7723b6b9bfced0deba108df48e3287888dd986f1ff2d5133bacc9807ac0349
1ffeccdacffae417f66aadeb3636216ba4010422df7b0fd7ca6d93e80c00dcf8
20309123a84ff0f93acab07462b8d16c082fa138ccf31ffe2a758b282c37cae3
20b50245688a840c3b0b12c71176309cb1449265b4837e0c47e4bc58bc4e2da7
22e8c910d255cb8f06e430a1497d7b0b4a1161ad4cbcf33341191d0aa162d1f5
23773caee40e4e2264e01c8124be0fbe289c6a7cea00dec8c3dfe404f3a1f281
2597615b6993e6137aa2152e6dcd4bf8de109cb95effd026edf46cde8b118ed7
278ca7e89b255379c633f71271939ef9aa063819e4e3244203b5c3e88d9c77de
28a9148b4dc1e4dfb59f0fa7aadb1aa75678576fd40869fc4dcbe6596a1e9d84
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b14e8397d552f351a4396dec25ec5da1348865683100e94c4ab0faea4a9a254
2c90517888161a34b4ecf7da79dc83fff4510933cbc4656cd9dca8d8f676935d
2e2bfb4c23e2174e1d8b296747e28de9acc0724325f7f34bee3ca5e9dfb47202
2e624454583f6136a553058fa39aa381a0be2a4da4fe60835814d6ac8fc4d2d2
30e7fbd837eb55b9947c798846d21a74ca7b9476e98646337ae1b95ca4feb73b
3162b6468674133d7b6c903e4b8a06f7faf51216d1e7f8b3edc8f326b1bfe461
352ed9aa669bb3aea7d6a1a28558dde46c9b5a370d9ccc65c14c75b52a9a1608
35cb005e75081011cf1f0bf2a81f5e06c254c55cd8cd7e938ea0ef0b1e533210
3b24171d30d0e1b3787ea7366d2e3206615595ddb3d852e184ca8d4b5fc2cf88
3b32683f072f9e63ca6a004578a218470580ffb06b913a9f0f48d0652fc29fa7
3b70348c9ace6191a9bc978cef25305fb297e2fdd4c406f4375b0cd7bdf51261
3c6fd07134c7c19a53b6119d41d6c250efae68f3e7384ae34971e63b21d01337
3c8ad852b0539a0a7a58ff97b0d2bb09944f9babadc2ebd1948d6c70f0a41d34
3d92e113ac3031b838001ddddf965d045f470ff748ff2e116b30378910eeaecb
447a37a794b4b54a5ac749b44994f5e5ea0a4f0b08a7d0db42c419d2fabe264f
4946a3890c02275e576911291991014127625e94563cbda08bf0311ef82e4828
4dbd328e347e890a801d51f9a5f8d38a3efd51ec34c0aa22cc83d0a95d6d9d71
4e4cc2d5669ad1bb831c050c273dbf760a070eb5f413458cf5cd7625c594a583
4e805be8df3025d1a73b88bb600b0e37e1d2c1854be6fde2649bd5ffa9324dfa
4ec9e3d01c33b6d7165639151a607b134c0447dff22579415d7816fd0dadcb54
521b99127871b7adf5700061c740de965058b59873b8e20c0e8aaa554c6242c5
54bbb98001c618adf4d9b0e9eb53a75bd6860709042a4f3efa09b881bbad93ac
581649bf50a0756e2f6082ec4814e7cfde6d8e4f6676ca48e7f51aff17c30389
5937eda4ab024692e6c6f8486554e9434d9c0b9c3164ac01a6f50a5fc13345d9
5a65b0ca177f1c0433c0ead611692521c23e6668846a2861fedc09ae11416ffc
5e20ca5e78f7da3e735c6c2cbf16043a67ad769d3c9e59de34a33c45b4084b80
5e6a33e38673075a98b17035c64442f11ea344553bea8b4c2cecda2da03c13c8
5f75bfbfbf0c7cac2c87d6ca5de0661aedc188b0900b6cef5efbaea134b53302
5fc227887ffdcf0ab45ef170583c17acb0f8a2a38ad11bd2e38ab0e15959dfc8
60e2d1b20246e87887928c7cba937ec66432a09fa33127081dc20e03adeeb5d1
65a47caa5183b035bf78d0f93adbe5cea500333410259c54abf2de356740df7e
668bfb67cff6b815ff9f9b82e070d4ad8721414bca6f3de21f10fb9f3e5dfa32
68a76c86c9f9bad498c81268ed0b6f11c7700a227a280e690cf64c1e350bed0d
69765878d940dc2cd7516eae3c352079626dc3c5986591294dc5e59bd9610388
6986f82a261d49907a9d7c4ecb20865f0845db70488184a98456a7b1e5f1243c
6acd2c55c81597e4e19d39660880795d522216540809120417503cf354189de1
6f191a5f1409f8ae48ad23c44b46d327c6e32820777afdb1b98df2d2bd60047c
6f3afbb9803e27f71723f073c4b8f59ba4f6cbfc0073c1da7297948347765f33
70496a3839817a861767b251f101c3e4a8426ed4252f3399c68d4216085205c8
7331a713a353c75966f06f7fdfeb944c53405e4192b501e4f69618dca5143089
7572e3ed0de7d9479a3887424801549a66964ada6657e15c6de5d6082379f1f2
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7c0597b1b0c771139c958982210f05b275993037f0f3ba20d7a9300a0741dc80
803529138bba0b75f02e6efbe57c1b48f992830c4a61754ac9e3281d6fa52631
822ff8079e2f76366c7ef22ba68bc80567e91bc868f20285fd1893d94b24e9c4
82eddc544822207b4606f13005e94c67c6de2f498c380a133f422e747a4fdf30
83163c5378089574169aa629b56acfcdd3d76919778935c2d4d55bd220f57127
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
863af78e1a624989449da9d8af711097e68b66f2a4ce28b2ee2b6c7357646615
88892035d70bf3461739e32fb63128beab71d28c8f23cd9b611b30dea88a8521
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
89bfb09e667f48e096b7b3b3c133fd631a8cd35a56a74110e802908a35c4ee89
8a81060ab3b754d9dc15cd950b4f0d6667a37164cfaf7bef2d35a9ab4c28af27
8aa2f389b7a85b20dde4951d73190d5b2bc579ce086d77782f033547755f2bb6
8b5a3ff47c2413e0bf3dd3bb7899a25aeef9b390a055847a1185a39ad48a2da2
8cb49e8771cdea5461e0039ecb2b0a30853340db2153c49752e4415b100b45ab
8cc39430ce01deced8dbcfd25d8adfd9eb048a539dba1efc20192508647f4869
8ef32313986322fb5f4d9c7a0a1cc20f9c1c7fd0ca87258ad473ee97701022b2
8f3574acaf002f47f134879564ef61445d87819b50f330d3786f991494877166
8f8daa07c2200ca04a3f51d7730e154ddf32d73b3f0db916efda86ec64bb5928
904a5a899b57d7459e09dc6e4c1ee5de272d264e0f714f2279089fc39e5461ca
91a259ae724877192d0fe3bef2aa53a436fa68cec7f3d8a0a3221ce7efbbb518
9bb78787d230094e7b59fd220af0a87160630712d25307d3dbef05fb554a261f
9bc33b33374f93377758c2268a4d8a515d558da2f51808989856a931b21c098f
9e4d404b484884ebdc834f6fe5323b18f0c1585cc3e10b7c5005e584cc142629
9ed23c503594526e4e0bd4beab7e4c81b91c7742ae1777e2638ea43de92536b6
a04c190af52fe1e444b313aa731036017303cc46c459cbfec341c6f5aec89141
a0ed1be10257b5aa8f8e887f3ad2a5be30b8ef5871f8860fd40903cabbf1d750
a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af
a12e4a62345d0539415ce136c5cb1e2a7a8394a91fbd7107e64647f1347493df
a180ca47ae95f809d2410b4753eac5ffc45eaf8caa0f5b9723a987e8667bd952
a1dac5db4b8d0aca864034269a0155057b4e0a8e2fa98ca15bedc60f61db5e56
a34bf3bd53c1a474e166d981c9689e674989a47ce1f961689e418b0de9d58d3c
a61e123314188bd0453320008e01b4bbb665bee09039f4cbd9bef44de410ce67
a709ba73494d55e6969214753f110414ce3bac35e3752dda7d38f6fb87c330d8
a931e5af561b1f0efaf6cdb96aeac4c035c30756dd6edd1091da1a68747d35bc
a96c21672b34a2f47197f6d5ae5ae4b6012d6fac6cfca1c851f66901c9c8abf4
aac2f64ab635d3ade192d4b135500b9609501f45773fe4e7774955892308dd2c
aac9015a03680d99181ea3e1a3b96e805565ca1a54e1326d904cd037ac4beb44
acc6a5cabf1139a96a5a215c664e49c657c90cabe62e32bede18a00b8f0a1180
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
b0a45cd5aed66e27bd8ee861d0e3b782c8e79849bde32f90f078b9f2451a36f2
b6223c1e647e59da86a937c846f274c4bb55d3547fa59de070c1d9d444ca8d90
b6a9772319b76bfb10257498bcc6dd051af414e71bedf787c12f1a369217f83b
b74c5f7d10f2fd831ecc303a65c72e6b242ee658fd40a89f831b6e4896c0e1a8
b9390f4c49051d862c90a19d71f213b45291375d10ee714c989526b13ac38bb1
bca6c2eafac2d239607444a1f6f0404b3c155c11520469a3d2e4eae2efaf2f3c
c079772873682cb81bf90ada8acb0d58ded9303949434b089da143e179b0a6f4
c1bcf59bd7203b174ea22be17b496e83e2f816c2b7aecc12f879ecde2a2c13fd
c45dc3d4bd33273659d24d8920b06c108941b8cbe2fb0147f417f7685fc4427f
c5ad5b6b34d24364671e4783efd176a1891bfca04e6cc489b0fee2d81013c5c7
c6927472f8d213e3316934cd18b1382208f9d28a1fb2cb7b4425b9669b1bb456
c8704d4974b0bfc3b881ac4189424d76437453d20a8e27e51018cd7b33d1ee09
c989637573e679c547a2a1fef1c768a4ddc95187d0c3ec479f355d94e50af6fb
ce16d142a5916d7775a1cd70d579dafffcddbf6efaad06b32c230ade11bda34a
cf88b7bf05af7253805e4455d9525bb8669ab55400a9d0e814d8d5723f2eaac1
d276d3e3cd7cfff35ac59cb0a59e1eed2c6411c5f03ddc3f8bb45055489f7295
d27850e7ce660e5880d9090ed6cad471f14db717c48bf8415432578ee8a736fc
d2b82e612d2a812e8be2a57300dab8923c4f2edbe7a799e7da70791b595646fe
d4e6237fd90d957302fd87fce9fef93f75c3ec44dd5227839471a7b09602b6c3
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
df2698e6cf74ed890afa92da10051f880df2ce0b3257b73c5d9ae2f6bea82d3c
e2f8ea5577b1b165e4a12ede90538ed823d1740daa638368c0ec2d0cd31165ea
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaeadaf06c4bfd9532d3224945e4d7e31b3ca63e9d64cb12419c9635db2a2cac
eb7037dcaeace58b787d78849ba79eb26a265b06f31122e229064b0026c99ede
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
ed1f65f1cd0a7cba881d2909a3ef917c92f894d27f6b58ef5d661848d9e33205
ed5e38902e04c76f61ecb69cac017313b667c1b51cf5b0fab9d21cc96497ae93
f65a02509d006a3ec4a90e4d22f79516ae49028cf554f8dca35174ed225d0a11
f75c46c420cfcff5b618fbfaf632ea4148e8b4e9aea00c03af19ab54c4e90625
f76a0f4e101df5868dc9081aa7e42108d8be37a4c624942e77e3764149f4e497
f9453aebbf2d72533aaf2a95cda2a9de9a1192be5317a78d99c2c106eced0b46
f9562eda832803ac60645d8ca4083db2630b9a9bb1b4aa138e46e1731996858e
f97dbfeb0d09de72225a799274f042609039ff5596559aba2008636b1a0b6d51
fa69d16388833f7e5704553ff0da6f037ba7de7f7a9f12de9abef4beb732c9ec
fbd76d22e812ae753745977a67a076c17da7cfb93d1427e55bb242a7ce493421
fcfd777cced05e195fc9e3b1d0c13190f8d77e41212bfa1eab724f926a8cfdce
feb14bae57b7560e5496f94941acff47c0278fb2bc0e406c89a03ac7dcddcfc2
ff54da28d6794824e68069ef9de644b1e1d01d29520ad531c1c20c20959790e6

xskosa8152.bibosavings.com Open in urlscan Pro 13.67.181.109 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

168 Requests

100 %HTTPS

32 %IPv6

17 Domains

22 Subdomains

21 IPs

3 Countries

15109 kBTransfer

17643 kBSize

13 Cookies

1 Outgoing links

Redirected requests

168 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

xskosa8152.bibosavings.com Open in urlscan Pro
13.67.181.109 Public Scan

Screenshot
Live screenshot

Full Image

168
Requests

100 %
HTTPS

32 %
IPv6

17
Domains

22
Subdomains

21
IPs

3
Countries

15109 kB
Transfer

17643 kB
Size

13
Cookies

168 HTTP transactions
0 data transactions