ibb.co Open in urlscan Pro
213.174.132.224  Public Scan

9 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40

• https://media.vlitag.com/vid/?id=6Fk_i-JDmbY&t=y HTTP 302
• https://redirector.googlevideo.com/videoplayback?expire=1686977402&ei=GueMZLWgCsGikgb3o7n4DA&ip=184.164.141.146&id=o-AM6ESDFX5K_oUpiaCeoCLAKwIYR_l6u-k63rA1u7exLn&itag=136&aitags=134%2C136%2C160%2C243&source=youtube&requiressl=yes&mh=d6&mm=31%2C26&mn=sn-a5mekn6d%2Csn-n4v7snls&ms=au%2Conr&mv=u&mvi=4&pl=19&spc=qEK7BwYP_GRifVbEZY0ScrLoULZ-ttN4bbcLMTzpEQ&vprv=1&svpuc=1&mime=video%2Fmp4&ns=fNdz3XVwiik8AdeYqMq42FcN&gir=yes&clen=33307029&dur=200.909&lmt=1685781129302686&mt=1686954333&fvip=1&keepalive=yes&fexp=24007246%2C24363393%2C51000011&beids=24350018&c=WEB&txp=6216224&n=a53oZez_6ft4BW2&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAL3YC_RkR9mUsVW_-eIhCpKrUwMlN72NXpI4AbyRRwmrAiBRJjINrLE5lJuuhe2U43cScwV1HxmgKe9vCRK4wcTfsg%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRQIgSA9sb1lJ9z8DAjqlZNe6iag_sxlzoKPu984VrewwY2QCIQDk1NRWsb--44xSJEKIzLmCrVWP98Nkr-7LeRcYStyoww%3D%3D HTTP 302
• https://r4---sn-4g5lznes.googlevideo.com/videoplayback?expire=1686977402&ei=GueMZLWgCsGikgb3o7n4DA&ip=184.164.141.146&id=o-AM6ESDFX5K_oUpiaCeoCLAKwIYR_l6u-k63rA1u7exLn&itag=136&aitags=134%2C136%2C160%2C243&source=youtube&requiressl=yes&spc=qEK7BwYP_GRifVbEZY0ScrLoULZ-ttN4bbcLMTzpEQ&vprv=1&svpuc=1&mime=video%2Fmp4&ns=fNdz3XVwiik8AdeYqMq42FcN&gir=yes&clen=33307029&dur=200.909&lmt=1685781129302686&keepalive=yes&fexp=24007246%2C24363393%2C51000011&beids=24350018&c=WEB&txp=6216224&n=a53oZez_6ft4BW2&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAL3YC_RkR9mUsVW_-eIhCpKrUwMlN72NXpI4AbyRRwmrAiBRJjINrLE5lJuuhe2U43cScwV1HxmgKe9vCRK4wcTfsg%3D%3D&cms_redirect=yes&mh=d6&mip=2001:ac8:20:271::1e&mm=31&mn=sn-4g5lznes&ms=au&mt=1686963923&mv=m&mvi=4&pl=50&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhANRvYN9o-BKQ9E1LiAJCm4zVTO91W65uFPeIPO4pgKnKAiAjCt0B9fDtLe1E_z8A0A4WWb-SSD2QZNCLUCRVER46ow%3D%3D

43 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request jzBSBRX Show response ibb.co/	22 KB 6 KB	492ms 275ms	Document text/html	213.174.132.224 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://ibb.co/jzBSBRX Protocol H2 Security TLS 1.3, , AES_128_GCM Server 213.174.132.224 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx / Resource Hash bc184bf727781fb29c695eaf55d30cd8ae3c94b300b196b663e00dd3ec1695ef Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload max-age=63072000; includeSubDomains; preload X-Frame-Options DENY DENY Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-encoding gzip content-type text/html; charset=UTF-8 date Sat, 17 Jun 2023 01:13:04 GMT server nginx strict-transport-security max-age=63072000; includeSubDomains; preload max-age=63072000; includeSubDomains; preload vary Accept-Encoding x-frame-options DENY DENY
GET H2	200	css2 fonts.googleapis.com/	9 KB 1 KB	42ms 17ms	Stylesheet text/css	2a00:1450:4001:829::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500&display=swap Requested by Host: ibb.co URL: https://ibb.co/jzBSBRX Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 406982b8ecdd220a552875f3e7c224f577034e04d5d4e4da90ca5e4fed066e06 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sat, 17 Jun 2023 01:13:04 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sat, 17 Jun 2023 01:13:04 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 17 Jun 2023 01:13:04 GMT
GET H2	200	ibb.css simgbb.com/3991/	115 KB 26 KB	57ms 19ms	Stylesheet text/css	2606:4700:3032::ac43:83fb CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://simgbb.com/3991/ibb.css Requested by Host: ibb.co URL: https://ibb.co/jzBSBRX Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:83fb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d192a5e1527c429f7e465e41ecbf501e491bbb33365f4870a332ff497c4b12e8 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 17 Jun 2023 01:13:05 GMT content-encoding br cf-cache-status HIT last-modified Thu, 02 Feb 2023 10:55:40 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 81 etag W/"63db96ac-1cd5c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JzvKEVFo%2BuqKJWW%2FZOLwKPDAZ08ZFZqd8EfkCpzpJvlMpFrRu6Hlky9GBFiRp3bCg5vsXi1dS0mpVYue4jS56Znlaucgm9C%2FKMySUIrgtVOdngr1vQJhZVivI%2FTzJGescmu3hsYS21Qw"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * cache-control max-age=31536000 cf-ray 7d876d8e3c1c37ca-FRA alt-svc h3=":443"; ma=86400
GET H2	200	subscribe.js Show response cdn.usefulcontentsites.com/js/push/	5 KB 2 KB	69ms 13ms	Script application/javascript	2606:4700:e2::ac40:8c05 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.usefulcontentsites.com/js/push/subscribe.js?v=7 Requested by Host: ibb.co URL: https://ibb.co/jzBSBRX Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e2::ac40:8c05 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7c598d6dc2f040f82c608cb1ef063629ad52ade976a354e578cfab5f2fbb428d Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers x-id fr5-hw-edge-gc52 date Sat, 17 Jun 2023 01:13:05 GMT x-amz-version-id null content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id 8EC0MRNQSACJJN31 age 5972 x-cached-since 2023-05-28T08:48:08+00:00 x-nginx nginx-be alt-svc h3=":443"; ma=86400 x-amz-id-2 g9xNtQ0Xd8wT90dNS3fydL2ooTH/ZVvW9+RBP+VNMOAT1uDuKpm3uQ34dly4aPMbZqDxLsckGDc= last-modified Wed, 30 Mar 2022 12:06:36 GMT server cloudflare x-amz-meta-s3cmd-attrs atime:1648641987/ctime:1648641987/gid:0/gname:root/md5:531a7e657aea171bbfa47a0c45adfede/mode:33206/mtime:1648641987/uid:0/uname:root etag W/"531a7e657aea171bbfa47a0c45adfede" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FBzytP4w6FpsLdLZQPjSJKNqhvqknZ6AJH72XbKSLfY3RNnz2qYtDbmY1cyEh7rD6c1m4NtZYWXKaR0e9nuEnHSxKFxW0Lhk8sV2Nz2NLx0pl5ilDQPW9hDiqS%2F5pQySc%2Fzldk4rYLyq%2BGIRvCCL7pNGWDsgSVXkOg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control max-age=14400 cache UPDATING cf-ray 7d876d8eaae31c2a-FRA
GET H2	200	/ Show response services.vlitag.com/adv1/	554 KB 144 KB	84ms 29ms	Script application/javascript	2606:4700:10::6816:3bc7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1 Requested by Host: ibb.co URL: https://ibb.co/jzBSBRX Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:3bc7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 666f008adfea5528c6619cb83e20c93730367947daf103687b12cdc10aa0d813 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 17 Jun 2023 01:13:05 GMT content-encoding br cf-cache-status HIT cf-bgj minify server cloudflare age 340 cf-polished origSize=567252 etag W/"8e6637b4f4f57cc6ca9a8b8db5bcdcb1 2023-06-12T22:06:15 v1 default" vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control public, max-age=900, stale-while-revalidate=3600 x-robots-tag noindex, nofollow, noarchive, nosnippet cf-ray 7d876d8ebb072bc7-FRA alt-svc h3=":443"; ma=86400
GET H2	200	logo.png simgbb.com/images/	938 B 1 KB	15ms 13ms	Image image/png	2606:4700:3032::ac43:83fb CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://simgbb.com/images/logo.png Requested by Host: ibb.co URL: https://ibb.co/jzBSBRX Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:83fb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 80329d457bd68a89b53ca393d3ba5f1c7b4f944c3c60ef8244a6969e10647c55 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 17 Jun 2023 01:13:05 GMT cf-cache-status HIT last-modified Thu, 02 Feb 2023 10:55:40 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 3876 etag "63db96ac-3aa" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G6Kb1P9RznUWd%2BY6Vqy0CS88Sz96xkD%2FuM5nN2DMrQxJeMYLIV3EVKwY7A3hn56JCewmt5FZsxYedqiUjtlbqSl10wcyMfNL8VnhscCjnS92GwJbpir3uKvK0ChMkakEa%2FqVhvfF3eIO"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=31536000 accept-ranges bytes cf-ray 7d876d8ebc8337ca-FRA alt-svc h3=":443"; ma=86400 content-length 938
GET H2	200	6-F5-F3-BB3-C166-4-D8-B-9039-042-AB1-B8-C6-E3.jpg i.ibb.co/RNZqZyw/	59 KB 59 KB	81ms 14ms	Image image/jpeg	162.19.58.160 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://i.ibb.co/RNZqZyw/6-F5-F3-BB3-C166-4-D8-B-9039-042-AB1-B8-C6-E3.jpg Requested by Host: ibb.co URL: https://ibb.co/jzBSBRX Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.19.58.160 , France, ASN16276 (OVH, FR), Reverse DNS ns3096649.ip-162-19-58.eu Software nginx / Resource Hash abfbe760b2c5952eeec7ea2a3566cfa24620af4d5911e67b757182450d95158a Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 17 Jun 2023 01:13:05 GMT last-modified Sat, 17 Jun 2023 01:08:54 GMT server nginx access-control-allow-methods GET, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 59931 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	script Show response pt.protoawe.com/cifra/	2 KB 2 KB	84ms 27ms	Script application/javascript	93.93.51.191 DOCLER-AS
General Check archive.org Show headers Download Go to Full URL https://pt.protoawe.com/cifra/script?id=awe-customiframe-container&row=1&column=4&border=0&wide=0&padding=8px&model=0&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&legacyRedirect=1 Requested by Host: ibb.co URL: https://ibb.co/jzBSBRX Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 93.93.51.191 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash 3b5c79fa6438eb8abbfc5dbde134a7f49a7f5920a1099a47b5ffed5222b495f0 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 17 Jun 2023 01:13:05 GMT cache-control no-cache server unknown content-type application/javascript
GET H2	200	jquery2.js Show response simgbb.com/3991/	114 KB 41 KB	27ms 26ms	Script application/javascript	2606:4700:3032::ac43:83fb CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://simgbb.com/3991/jquery2.js Requested by Host: ibb.co URL: https://ibb.co/jzBSBRX Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:83fb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ff3ec271ef20383e3c4fd7f8a8bbab3610c6bd52fa7ca3a52059b97faf148b24 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 17 Jun 2023 01:13:05 GMT content-encoding br cf-cache-status HIT last-modified Thu, 02 Feb 2023 10:55:40 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 6391 etag W/"63db96ac-1c65d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8h5Rldg5mGQzP59I65lwpAO0M0xn7Pp6aSddrN7BKg3HO%2FgPGMwbWL8ZtDxsl8V4keWKqebazHONX%2BDlqR8h6nRXUqOccyhqct6s0dGs0Y1MEdnrw037icTg6%2FYGNUPFqBVFYhV6RDg4"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control max-age=31536000 cf-ray 7d876d8ecc8437ca-FRA alt-svc h3=":443"; ma=86400
GET H2	200	ibb.js Show response simgbb.com/3991/	216 KB 62 KB	19ms 18ms	Script application/javascript	2606:4700:3032::ac43:83fb CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://simgbb.com/3991/ibb.js Requested by Host: ibb.co URL: https://ibb.co/jzBSBRX Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:83fb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4ca2cda436af69419be5a8c2a60d4c719bcc1a160f8b7aed3b1871428ca4731f Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 17 Jun 2023 01:13:05 GMT content-encoding br cf-cache-status HIT last-modified Thu, 02 Feb 2023 10:55:40 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 121 etag W/"63db96ac-35eda" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FaeUkku9sgLt8JhIqHqPscexF8%2FZpToQeQBjsxGJPdJN3qCPCS576meG0gnsz0ENKMF6SCZtoHlKcL46k%2BTxl0%2FlMVAsTe0FziDcNnmqkE3LdiDnPWLksF8y83CLddkX5JlKWgJUbegX"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control max-age=31536000 cf-ray 7d876d8ecc8637ca-FRA alt-svc h3=":443"; ma=86400
GET H2	200	cifra Show response pt.protoawe.com/ Frame 86F8	26 KB 6 KB	138ms 85ms	Document text/html	93.93.51.191 DOCLER-AS
General Check archive.org Show headers Download Go to Full URL https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1 Requested by Host: ibb.co URL: https://ibb.co/jzBSBRX Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 93.93.51.191 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash 6d1ffcf1c4deed5b1e694dd82465d33de4c660f6960c0ceeec82fa20b540b7fa Request headers Referer https://ibb.co/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control no-cache content-encoding gzip content-type text/html; charset=UTF-8 date Sat, 17 Jun 2023 01:13:05 GMT server unknown vary Accept-Encoding
GET H2	200	imgbb.woff2 simgbb.com/fonts/	8 KB 9 KB	32ms 12ms	Font font/woff2	2606:4700:3032::ac43:83fb CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://simgbb.com/fonts/imgbb.woff2 Requested by Host: simgbb.com URL: https://simgbb.com/3991/ibb.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:83fb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f46bf0c1c79af4187878ef33dc72a02a554013f943f2eaeb9ad5e88c246b6b13 Request headers Referer https://simgbb.com/3991/ibb.css Origin https://ibb.co accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 17 Jun 2023 01:13:05 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 6522 alt-svc h3=":443"; ma=86400 content-length 8468 last-modified Thu, 02 Feb 2023 10:55:40 GMT server cloudflare etag "63db96ac-2114" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AGBWsxvmuiKFfFdEr8PLLP%2Fpx3o6duSKyU3XL33KHRWyuOqEOAjYw9w3k8QgJq2a0qPNXyoZY%2FOP1%2BEoVRjcu5UaZ1h4VlmphLpmQVqE%2FeRl4S4y%2BGKbenfwSwzDDFHEx2EXz%2BZ1ReSy"}],"group":"cf-nel","max_age":604800} content-type font/woff2 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes cf-ray 7d876d8eeeed91de-FRA
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 fonts.gstatic.com/s/opensans/v35/	47 KB 48 KB	34ms 7ms	Font font/woff2	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://ibb.co accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 10 Jun 2023 05:45:28 GMT x-content-type-options nosniff age 588457 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 48412 x-xss-protection 0 last-modified Tue, 02 May 2023 15:08:53 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 09 Jun 2024 05:45:28 GMT
GET H2	200	js-cookie-muidn Show response cm.mgid.com/	0 380 B	64ms 23ms	Script application/javascript	2606:4700:1::6813:844e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cm.mgid.com/js-cookie-muidn Requested by Host: cdn.usefulcontentsites.com URL: https://cdn.usefulcontentsites.com/js/push/subscribe.js?v=7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers pragma no-cache date Sat, 17 Jun 2023 01:13:05 GMT cf-cache-status DYNAMIC server cloudflare content-type application/javascript cache-control no-store, no-cache, must-revalidate, max-age=0 cf-ray 7d876d8f1a359a03-FRA alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	6-F5-F3-BB3-C166-4-D8-B-9039-042-AB1-B8-C6-E3.jpg i.ibb.co/W0qLqtJ/	3 MB 3 MB	14ms 14ms	Image image/jpeg	162.19.58.160 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://i.ibb.co/W0qLqtJ/6-F5-F3-BB3-C166-4-D8-B-9039-042-AB1-B8-C6-E3.jpg Requested by Host: ibb.co URL: https://ibb.co/jzBSBRX Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.19.58.160 , France, ASN16276 (OVH, FR), Reverse DNS ns3096649.ip-162-19-58.eu Software nginx / Resource Hash 8f57de932292514d26bae384baddbc84be0ff705b82db8076bb03cfb8e763ad3 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 17 Jun 2023 01:13:05 GMT last-modified Sat, 17 Jun 2023 01:08:54 GMT server nginx access-control-allow-methods GET, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 2747505 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	8e6637b4f4f57cc6ca9a8b8db5bcdcb1.json Show response services.vlitag.com/cli/	42 B 344 B	176ms 146ms	XHR application/json	2606:4700:10::6816:3bc7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://services.vlitag.com/cli/8e6637b4f4f57cc6ca9a8b8db5bcdcb1.json?hn=https://ibb.co Requested by Host: services.vlitag.com URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:3bc7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cebfa9d8f332ff627f7debf0c4e17bb8039a198947f93364cdf7f89234214371 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers pragma no-cache date Sat, 17 Jun 2023 01:13:05 GMT cf-cache-status BYPASS server cloudflare vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin https://ibb.co cache-control private, no-cache, no-store, must-revalidate accept-ranges bytes x-robots-tag noindex, nofollow, noarchive, nosnippet cf-ray 7d876d8fc9e0693a-FRA content-length 42 alt-svc h3=":443"; ma=86400 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	di.min-v477068.js Show response pt-static4.awepsljan.com/npe/_common/script/incognito/ Frame 86F8	3 KB 2 KB	63ms 13ms	Script application/javascript	93.93.51.200 DOCLER-AS
General Check archive.org Show headers Download Go to Full URL https://pt-static4.awepsljan.com/npe/_common/script/incognito/di.min-v477068.js Requested by Host: pt.protoawe.com URL: https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash 7d71a852775aba4b8dc1944e102cb58b344c544fe55e69da4caa73e8ccc1d2cb Request headers accept-language de-DE,de;q=0.9 Referer https://pt.protoawe.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers x-cdn-node defra date Sat, 17 Jun 2023 01:13:05 GMT content-encoding gzip last-modified Fri, 16 Jun 2023 09:24:22 GMT server unknown etag W/"648c2a46-d47" x-cache-status R-HIT vary Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=1209600 expires Sat, 01 Jul 2023 01:13:05 GMT
GET H2	200	advertisement-v477068.js Show response pt-static3.awepsljan.com/npe/_common/script/adblock/ Frame 86F8	21 B 277 B	86ms 8ms	Script application/javascript	93.93.51.200 DOCLER-AS
General Check archive.org Show headers Download Go to Full URL https://pt-static3.awepsljan.com/npe/_common/script/adblock/advertisement-v477068.js Requested by Host: pt.protoawe.com URL: https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash e97a9988dce8067f81f57557b349dd481e0335e75175179b6b01322be2ff13a5 Request headers accept-language de-DE,de;q=0.9 Referer https://pt.protoawe.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers x-cdn-node defra date Sat, 17 Jun 2023 01:13:05 GMT last-modified Fri, 16 Jun 2023 09:24:22 GMT server unknown etag "648c2a46-15" x-cache-status R-HIT content-type application/javascript access-control-allow-origin * cache-control max-age=1209600 accept-ranges bytes content-length 21 expires Sat, 01 Jul 2023 01:13:05 GMT
GET H2	200	cifra-v477068.css pt-static1.awepsljan.com/npe/cifra/styles/ Frame 86F8	16 KB 4 KB	55ms 10ms	Stylesheet text/css	93.93.51.200 DOCLER-AS
General Check archive.org Show headers Download Go to Full URL https://pt-static1.awepsljan.com/npe/cifra/styles/cifra-v477068.css Requested by Host: pt.protoawe.com URL: https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash c27249b2c0e9f32fef6ae59a52d27ca65366d82fc31bcf52f5daa858937a4504 Request headers accept-language de-DE,de;q=0.9 Referer https://pt.protoawe.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers x-cdn-node defra date Sat, 17 Jun 2023 01:13:05 GMT content-encoding gzip last-modified Fri, 16 Jun 2023 09:24:23 GMT server unknown etag W/"648c2a47-40d9" x-cache-status R-HIT vary Accept-Encoding, Accept-Encoding content-type text/css access-control-allow-origin * cache-control max-age=1209600 expires Sat, 01 Jul 2023 01:13:05 GMT
GET H2	200	cifrafk-v477068.js Show response pt-static5.awepsljan.com/npe/cifra/script/ Frame 86F8	322 KB 116 KB	69ms 10ms	Script application/javascript	93.93.51.200 DOCLER-AS
General Check archive.org Show headers Download Go to Full URL https://pt-static5.awepsljan.com/npe/cifra/script/cifrafk-v477068.js Requested by Host: pt.protoawe.com URL: https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash f8e284439a2862a0f6989ac2e038dc9b80852572876ef1fcff9976a65b99bbab Request headers accept-language de-DE,de;q=0.9 Referer https://pt.protoawe.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers x-cdn-node defra date Sat, 17 Jun 2023 01:13:05 GMT content-encoding gzip last-modified Fri, 16 Jun 2023 09:24:23 GMT server unknown etag W/"648c2a47-507c2" x-cache-status R-HIT vary Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=1209600 expires Sat, 01 Jul 2023 01:13:05 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/ Frame 86F8	206 KB 70 KB	40ms 15ms	Script application/javascript	2a00:1450:4001:82f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-WXTGF28 Requested by Host: pt.protoawe.com URL: https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 8980aadf535b56ccdc97bd4c631b73648d5a69a3291bf01ffe997775157bd863 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pt.protoawe.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 17 Jun 2023 01:13:05 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 71224 x-xss-protection 0 last-modified Sat, 17 Jun 2023 00:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sat, 17 Jun 2023 01:13:05 GMT
GET H3	200	vl.json Show response services.vlitag.com/vld/1685418631/	13 B 265 B	142ms 141ms	XHR application/json	2606:4700:10::6816:3bc7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://services.vlitag.com/vld/1685418631/vl.json?page_url=https%3A%2F%2Fibb.co%2FjzBSBRX Requested by Host: services.vlitag.com URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:3bc7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 17 Jun 2023 01:13:05 GMT cf-cache-status HIT last-modified Sat, 17 Jun 2023 01:10:35 GMT server cloudflare vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin https://ibb.co cache-control public, immutable, max-age=31536000 accept-ranges bytes x-robots-tag noindex, nofollow, noarchive, nosnippet cf-ray 7d876d90ff7b381c-FRA content-length 13 alt-svc h3=":443"; ma=86400
GET H3	200	8e6637b4f4f57cc6ca9a8b8db5bcdcb1.json Show response services.vlitag.com/obj/1685418631/	30 KB 4 KB	20ms 19ms	XHR application/json	2606:4700:10::6816:3bc7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://services.vlitag.com/obj/1685418631/8e6637b4f4f57cc6ca9a8b8db5bcdcb1.json?cc=DE&hn=https://ibb.co Requested by Host: services.vlitag.com URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:3bc7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f832a66c98b28f44d98a72036caa223129cdca3eec2c57f1e3532af830afbd20 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 17 Jun 2023 01:13:05 GMT content-encoding br cf-cache-status HIT last-modified Tue, 30 May 2023 03:50:58 GMT server cloudflare age 1545543 vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin https://ibb.co cache-control public, immutable, max-age=31536000 x-robots-tag noindex, nofollow, noarchive, nosnippet cf-ray 7d876d90ff7f381c-FRA alt-svc h3=":443"; ma=86400
GET H2	200	c542e8fa932911e192e74d5de69e6668_glamour_460x345.jpg galleryn0.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f1c/ Frame 86F8	37 KB 37 KB	46ms 11ms	Image image/jpeg	93.93.51.190 DOCLER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://galleryn0.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f1c/c542e8fa932911e192e74d5de69e6668_glamour_460x345.jpg?cno=f176 Requested by Host: pt.protoawe.com URL: https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.93.51.190 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash d7190dd0903a1e85fa745524ec71ca543890cdecc67d8c2475607b18984c359c Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://pt.protoawe.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers x-cdn-node defra date Sat, 17 Jun 2023 01:13:05 GMT x-content-type-options nosniff last-modified Wed, 14 Dec 2022 22:06:14 GMT server unknown etag "e0069d1f4a27d2b6a9a9742527c4fc43" x-cache-status R-HIT content-type image/jpeg access-control-allow-origin * x-cache-source Origin cache-control max-age=1209600 x-real-source - accept-ranges bytes content-length 37452 expires Sat, 01 Jul 2023 01:13:05 GMT
GET H2	200	8684b4cf605b0fe12632a5042e6a6d2d_glamour_460x345.jpg galleryn3.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f18/ Frame 86F8	21 KB 21 KB	50ms 12ms	Image image/jpeg	93.93.51.190 DOCLER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://galleryn3.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f18/8684b4cf605b0fe12632a5042e6a6d2d_glamour_460x345.jpg?cno=6d50 Requested by Host: pt.protoawe.com URL: https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.93.51.190 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash 0d58774c3bba8ef1f1b584162e72c7853e695902da70a2b636e3e644a5687da5 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://pt.protoawe.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers x-cdn-node defra date Sat, 17 Jun 2023 01:13:05 GMT x-content-type-options nosniff last-modified Fri, 09 Jun 2023 10:46:23 GMT server unknown etag "48638a7236c21d74c822d9dcce4ac822" x-cache-status R-HIT content-type image/jpeg access-control-allow-origin * x-cache-source Origin cache-control max-age=1209600 x-real-source - accept-ranges bytes content-length 21220 expires Sat, 01 Jul 2023 01:13:05 GMT
GET H2	200	884d23c01d75048bf5f8e0959eca5d42_glamour_460x345.jpg galleryn1.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f18/ Frame 86F8	26 KB 27 KB	50ms 11ms	Image image/jpeg	93.93.51.190 DOCLER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://galleryn1.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f18/884d23c01d75048bf5f8e0959eca5d42_glamour_460x345.jpg?cno=7229 Requested by Host: pt.protoawe.com URL: https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.93.51.190 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash 6acba3aa42e9e484647119a19534439981f83ba9afe3b4ba40d56170ea4fb6d3 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://pt.protoawe.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers x-cdn-node defra date Sat, 17 Jun 2023 01:13:05 GMT x-content-type-options nosniff last-modified Sun, 11 Jun 2023 02:16:27 GMT server unknown etag "f3aba6e78086dfbf5a396937d3ab1fb4" x-cache-status R-HIT content-type image/jpeg access-control-allow-origin * x-cache-source Origin cache-control max-age=1209600 x-real-source - accept-ranges bytes content-length 26819 expires Sat, 01 Jul 2023 01:13:05 GMT
GET H2	200	16b8523c27361f6668047fb764d5d35a_glamour_460x345.jpg galleryn1.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f11/ Frame 86F8	32 KB 32 KB	53ms 15ms	Image image/jpeg	93.93.51.190 DOCLER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://galleryn1.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f11/16b8523c27361f6668047fb764d5d35a_glamour_460x345.jpg?cno=5092 Requested by Host: pt.protoawe.com URL: https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.93.51.190 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash 4dfd9910c3b9ba15e65887c7b9c3a1e3ce0001068fddf4eff48438afc6a31573 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://pt.protoawe.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers x-cdn-node defra date Sat, 17 Jun 2023 01:13:05 GMT x-content-type-options nosniff last-modified Sun, 14 May 2023 06:37:22 GMT server unknown etag "7b961ef0ae89a3654219663aaf1ab489" x-cache-status R-HIT content-type image/jpeg access-control-allow-origin * x-cache-source Origin cache-control max-age=1209600 x-real-source - accept-ranges bytes content-length 32599 expires Sat, 01 Jul 2023 01:13:05 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/ Frame 86F8	51 KB 21 KB	29ms 6ms	Script text/javascript	2a00:1450:4001:80b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WXTGF28 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://pt.protoawe.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Sat, 17 Jun 2023 01:04:42 GMT last-modified Mon, 17 Apr 2023 22:36:01 GMT server Golfe2 age 503 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20737 expires Sat, 17 Jun 2023 03:04:42 GMT
GET H2	200	prebid-7.48.0.js Show response assets.vlitag.com/prebid/default/	561 KB 172 KB	43ms 27ms	Script application/javascript	2606:4700:10::6816:3bc7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://assets.vlitag.com/prebid/default/prebid-7.48.0.js Requested by Host: services.vlitag.com URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:3bc7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 95dbbacaaa6b78654b2b74da75fa16e9986ff82fe674aea184b07e643295c871 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 17 Jun 2023 01:13:05 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 754559 cf-polished origSize=575587 alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block cf-bgj minify last-modified Mon, 08 May 2023 07:36:47 GMT server cloudflare etag W/"6458a68f-8c863" vary Accept-Encoding content-type application/javascript cache-control max-age=16070400 x-robots-tag noindex, nofollow cf-ray 7d876d915d342bc7-FRA expires Thu, 08 Jun 2023 08:06:53 GMT
GET H2	200	gpt.js Show response www.googletagservices.com/tag/js/	80 KB 27 KB	62ms 24ms	Script text/javascript	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/tag/js/gpt.js Requested by Host: services.vlitag.com URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 23c9e4148fda72b71521b117d3cbfd35068f4d591ca9c5291a59bc82bf08071c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 17 Jun 2023 01:13:05 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 26700 x-xss-protection 0 server cafe etag 204 / 19525 / 31075490 / config-hash: 4553594699066521459 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * expires Sat, 17 Jun 2023 01:13:05 GMT
GET H2	200	ima3.js Show response imasdk.googleapis.com/js/sdkloader/	361 KB 121 KB	52ms 20ms	Script text/javascript	2a00:1450:4001:82a::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://imasdk.googleapis.com/js/sdkloader/ima3.js Requested by Host: services.vlitag.com URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5a9863314577494b778cade4d77d719a27fca818d6091efe35b972cac31026f8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 17 Jun 2023 01:13:05 GMT content-encoding gzip x-content-type-options nosniff server sffe cross-origin-opener-policy same-origin; report-to="ads-doubleclick-instream-static" vary Accept-Encoding report-to {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]} content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 123120 x-xss-protection 0 expires Sat, 17 Jun 2023 01:13:05 GMT
GET H2	200	sf_host.min.js Show response assets.vlitag.com/plugins/safeframe/src/js/	38 KB 17 KB	31ms 17ms	Script application/javascript	2606:4700:10::6816:3bc7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://assets.vlitag.com/plugins/safeframe/src/js/sf_host.min.js Requested by Host: services.vlitag.com URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:3bc7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 17 Jun 2023 01:13:05 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 1203694 alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Fri, 01 Nov 2019 05:04:50 GMT server cloudflare etag W/"5dbbbcf2-9806" vary Accept-Encoding content-type application/javascript cache-control max-age=16070400 x-robots-tag noindex, nofollow cf-ray 7d876d915d322bc7-FRA expires Sat, 03 Jun 2023 03:20:56 GMT
GET H2	200	apstag.js Show response c.amazon-adsystem.com/aax2/	236 KB 58 KB	39ms 6ms	Script application/javascript	108.138.1.25 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/aax2/apstag.js Requested by Host: services.vlitag.com URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.1.25 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-1-25.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash dbc211260f3fb81e545fbebe8be8c367ebe670a585e60e1ec58524c06723ecbc Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 17 Jun 2023 00:17:43 GMT content-encoding gzip via 1.1 0dec5f752f0f332c449471a83f050dd2.cloudfront.net (CloudFront), 1.1 f61953901038b0c4b4c82c311140f1b8.cloudfront.net (CloudFront) last-modified Thu, 15 Jun 2023 18:14:55 GMT server AmazonS3 x-amz-cf-pop FRA60-P1, FRA56-P6 age 3323 x-amz-server-side-encryption AES256 etag W/"9352f20e556bff9fea6fd0461aac850d" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control public, max-age=3600 x-amz-cf-id ayqp5KqJOjgFBCXPEKbbrU8TqYP4VfhioW1HqKiFmNNF-GvOdDP6Ew==
GET H2	200	aps_csm.js Show response c.amazon-adsystem.com/bao-csm/aps-comm/	6 KB 3 KB	20ms 6ms	XHR application/javascript	108.138.1.25 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.1.25 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-1-25.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers x-amz-version-id Zm_tZQQ808JKRizBfXGgSN2OWn8Z6JUU content-encoding gzip via 1.1 0ece2d48b2ca1badca11fa675b7785ea.cloudfront.net (CloudFront) date Fri, 16 Jun 2023 04:50:13 GMT x-amz-cf-pop FRA56-P6 age 73375 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Fri, 26 May 2023 01:35:48 GMT server AmazonS3 etag W/"a4d296427fc806b21335359e398c025c" access-control-max-age 3000 access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control public, max-age=86400 vary Accept-Encoding,Origin x-amz-cf-id IFHPMv6aKRf-1VFIiAR_r23or81aAi_ebDJBsIfTP_xqFwKsqds8Wg==
GET H2	200	js Show response www.googletagmanager.com/gtag/ Frame 86F8	227 KB 80 KB	16ms 15ms	Script application/javascript	2a00:1450:4001:82f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-H7LMNP6Q9N&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WXTGF28 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 40e2c7bbcbb5bf59ddcf703314e98e99bc6ad33acabf9efabb0bf48ce50252d4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pt.protoawe.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 17 Jun 2023 01:13:05 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 81357 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Sat, 17 Jun 2023 01:13:05 GMT
GET H2	200	gjZ.gif pt.protoawe.com/qYPe1/ Frame 86F8	43 B 296 B	11ms 10ms	Image image/gif	93.93.51.191 DOCLER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://pt.protoawe.com/qYPe1/gjZ.gif?psprogram=revs&pstool=212_1&site=jsm&campaign_id=&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&psid=mesaction&categoryName=girl&vp%5BautoPlay%5D=1&vp%5BshowChat%5D=0&vp%5BchatAutoHide%5D=0&im=1 Requested by Host: ibb.co URL: https://ibb.co/jzBSBRX Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 93.93.51.191 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers accept-language de-DE,de;q=0.9 Referer https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 17 Jun 2023 01:13:05 GMT last-modified Mon, 28 Sep 1970 06:00:00 GMT server unknown content-type image/gif access-control-allow-origin * cache-control no-cache content-length 43 expires Sat, 17 Jun 2023 01:13:04 GMT
GET H2	200	pubads_impl.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/	411 KB 127 KB	50ms 7ms	Script text/javascript	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js?cb=31075490 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7f295fdb1019a3c2ff2479582f5eda1915c67e8d8634f8b089920f86b6cc4fb7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Fri, 16 Jun 2023 20:36:07 GMT content-encoding br x-content-type-options nosniff age 16618 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 129960 x-xss-protection 0 server cafe etag 10643696450713337328 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 timing-allow-origin * expires Sat, 15 Jun 2024 20:36:07 GMT
GET H2	200	ppub_config Show response securepubads.g.doubleclick.net/pagead/	39 B 581 B	96ms 15ms	XHR application/json	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ibb.co&ppc_eid=31075025 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 15f26c097dff91e28add0976b58d2067e2c29113e098aad9f90a5b1a6b9c3a7e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 17 Jun 2023 01:13:05 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private, max-age=3600, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 39 x-xss-protection 0 expires Sat, 17 Jun 2023 01:13:05 GMT
GET H2	204	config Show response c.amazon-adsystem.com/cdn/prod/	0 304 B	6ms 6ms	XHR text/plain	108.138.1.25 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fibb.co&pubid=9cf0c4f1-7630-476b-9141-f4472e005192 Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.1.25 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-1-25.fra56.r.cloudfront.net Software Server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Fri, 16 Jun 2023 19:19:17 GMT via 1.1 f61953901038b0c4b4c82c311140f1b8.cloudfront.net (CloudFront) server Server x-amz-cf-pop FRA56-P6 age 21227 x-cache Hit from cloudfront access-control-allow-origin https://ibb.co cache-control max-age=21550, s-maxage=21600 access-control-allow-credentials true x-amz-cf-id SEXDXQT3XHJt1_eKAp0qbXQWc2w68ZKqSBwukjtiOLtvmUc8SJ640A==
GET H2	200	latest.json Show response cdn.jsdelivr.net/gh/prebid/currency-file@1/	2 KB 1 KB	50ms 7ms	XHR application/json	2a04:4e42::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230617 Requested by Host: assets.vlitag.com URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 2763df125b4e51506053d05c7d294f30031c805b97d645388650579b47c307e5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://ibb.co/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Content-Type text/plain Response headers strict-transport-security max-age=31536000; includeSubDomains; preload date Sat, 17 Jun 2023 01:13:05 GMT x-content-type-options nosniff content-encoding br age 33142 x-jsd-version 1.0.1722 x-cache HIT cross-origin-resource-policy cross-origin alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 854 x-served-by cache-fra-eddf8230069-FRA x-jsd-version-type version etag W/"63d-220AJ07IjLAUXRN60Jhah900CHQ" vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 accept-ranges bytes timing-allow-origin *
GET H2	200	1679645040.png assets.vlitag.com/widget/2023/03/24/	98 KB 99 KB	16ms 15ms	Image image/webp	2606:4700:10::6816:3bc7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.vlitag.com/widget/2023/03/24/1679645040.png Requested by Host: ibb.co URL: https://ibb.co/jzBSBRX Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:3bc7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c43f2cfd502f8404bf58060207dfd8294ad0c7f1bc08e69db75713552f915795 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 17 Jun 2023 01:13:05 GMT x-content-type-options nosniff cf-cache-status HIT age 1203701 cf-polished origFmt=png, origSize=323185 content-disposition inline; filename="1679645040.webp" alt-svc h3=":443"; ma=86400 content-length 100856 x-xss-protection 1; mode=block cf-bgj imgq:85,h2pri last-modified Fri, 24 Mar 2023 08:04:00 GMT server cloudflare etag "641d5970-4ee71" vary Accept content-type image/webp cache-control max-age=16070400 accept-ranges bytes x-robots-tag noindex, nofollow cf-ray 7d876d933e622bc7-FRA expires Tue, 30 May 2023 21:31:32 GMT
GET H3	206	videoplayback r4---sn-4g5lznes.googlevideo.com/ Redirect Chain https://media.vlitag.com/vid/?id=6Fk_i-JDmbY&t=y https://redirector.googlevideo.com/videoplayback?expire=1686977402&ei=GueMZLWgCsGikgb3o7n4DA&ip=184.164.141.146&id=o-AM6ESDFX5K_oUpiaCeoCLAKwIYR_l6u-k63rA1u7exLn&itag=136&aitags=134%2C136%2C160%2C2... https://r4---sn-4g5lznes.googlevideo.com/videoplayback?expire=1686977402&ei=GueMZLWgCsGikgb3o7n4DA&ip=184.164.141.146&id=o-AM6ESDFX5K_oUpiaCeoCLAKwIYR_l6u-k63rA1u7exLn&itag=136&aitags=134%2C136%2C1...	160 KB 0	81ms 8ms	Media video/mp4	2a00:1450:4001:10::9 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://r4---sn-4g5lznes.googlevideo.com/videoplayback?expire=1686977402&ei=GueMZLWgCsGikgb3o7n4DA&ip=184.164.141.146&id=o-AM6ESDFX5K_oUpiaCeoCLAKwIYR_l6u-k63rA1u7exLn&itag=136&aitags=134%2C136%2C160%2C243&source=youtube&requiressl=yes&spc=qEK7BwYP_GRifVbEZY0ScrLoULZ-ttN4bbcLMTzpEQ&vprv=1&svpuc=1&mime=video%2Fmp4&ns=fNdz3XVwiik8AdeYqMq42FcN&gir=yes&clen=33307029&dur=200.909&lmt=1685781129302686&keepalive=yes&fexp=24007246%2C24363393%2C51000011&beids=24350018&c=WEB&txp=6216224&n=a53oZez_6ft4BW2&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAL3YC_RkR9mUsVW_-eIhCpKrUwMlN72NXpI4AbyRRwmrAiBRJjINrLE5lJuuhe2U43cScwV1HxmgKe9vCRK4wcTfsg%3D%3D&cms_redirect=yes&mh=d6&mip=2001:ac8:20:271::1e&mm=31&mn=sn-4g5lznes&ms=au&mt=1686963923&mv=m&mvi=4&pl=50&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhANRvYN9o-BKQ9E1LiAJCm4zVTO91W65uFPeIPO4pgKnKAiAjCt0B9fDtLe1E_z8A0A4WWb-SSD2QZNCLUCRVER46ow%3D%3D Requested by Host: ibb.co URL: https://ibb.co/jzBSBRX Protocol H3 Server 2a00:1450:4001:10::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software gvs 1.0 / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers client-protocol quic date Sat, 17 Jun 2023 01:13:06 GMT x-restrict-formats-hint None x-content-type-options nosniff last-modified Sat, 03 Jun 2023 08:32:09 GMT server gvs 1.0 vary Origin content-type video/mp4 Content-Range bytes 0-33307028/33307029 cache-control private, max-age=12716 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46" Content-Length 33307029 expires Sat, 17 Jun 2023 01:13:06 GMT Redirect headers pragma no-cache date Sat, 17 Jun 2023 01:13:06 GMT x-content-type-options nosniff server ClientMapServer x-frame-options SAMEORIGIN content-type text/html; charset=UTF-8 location https://r4---sn-4g5lznes.googlevideo.com/videoplayback?expire=1686977402&ei=GueMZLWgCsGikgb3o7n4DA&ip=184.164.141.146&id=o-AM6ESDFX5K_oUpiaCeoCLAKwIYR_l6u-k63rA1u7exLn&itag=136&aitags=134%2C136%2C160%2C243&source=youtube&requiressl=yes&spc=qEK7BwYP_GRifVbEZY0ScrLoULZ-ttN4bbcLMTzpEQ&vprv=1&svpuc=1&mime=video%2Fmp4&ns=fNdz3XVwiik8AdeYqMq42FcN&gir=yes&clen=33307029&dur=200.909&lmt=1685781129302686&keepalive=yes&fexp=24007246%2C24363393%2C51000011&beids=24350018&c=WEB&txp=6216224&n=a53oZez_6ft4BW2&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAL3YC_RkR9mUsVW_-eIhCpKrUwMlN72NXpI4AbyRRwmrAiBRJjINrLE5lJuuhe2U43cScwV1HxmgKe9vCRK4wcTfsg%3D%3D&cms_redirect=yes&mh=d6&mip=2001:ac8:20:271::1e&mm=31&mn=sn-4g5lznes&ms=au&mt=1686963923&mv=m&mvi=4&pl=50&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhANRvYN9o-BKQ9E1LiAJCm4zVTO91W65uFPeIPO4pgKnKAiAjCt0B9fDtLe1E_z8A0A4WWb-SSD2QZNCLUCRVER46ow%3D%3D cache-control no-cache, must-revalidate alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1325 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	push-event-counter c.usefulcontentsites.com/	43 B 489 B	151ms 134ms	Image image/gif	2606:4700:e2::ac40:8c05 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://c.usefulcontentsites.com/push-event-counter?permission=default&domain=ibb.co Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e2::ac40:8c05 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 17 Jun 2023 01:13:06 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-mg-request-uuid d7695c97-0fdb-48d2-8bb7-2ab363d2b31a server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=POb6Qsk%2B1%2Fbkq75PAmH2jsSLJPtwv%2FwzqzfAmgSQsOdqQukMmSH%2BDSVlKHqqETic%2FDI8vWOV8hehVfaF%2FECrvvXmebgdcWL%2FlafPI9nK39iTcNfNtsqtWk3qe0gByonAvGqkscPl7dEdEPo%2B3OFPUb%2B1GFuf7X8%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-methods POST, OPTIONS access-control-allow-origin https://ibb.co content-type image/gif cf-ray 7d876d95f8691c2a-FRA access-control-allow-headers * alt-svc h3=":443"; ma=86400