ibb.co Open in urlscan Pro
185.150.189.72  Public Scan

9 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38

• https://media.vlitag.com/vid/?id=aOSRX0RXaas&t=y HTTP 302
• https://redirector.googlevideo.com/videoplayback?expire=1675826286&ei=DsDiY661DMqbkwbaurOQCg&ip=184.164.141.146&id=o-APxwmN_k_tMiWvt4cLZefSuBtr1pd0NKs5XaBVKatctt&itag=134&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=3a&mm=31%2C26&mn=sn-a5mekn6s%2Csn-q4flrnsd&ms=au%2Conr&mv=m&mvi=2&pl=19&initcwndbps=4688750&vprv=1&mime=video%2Fmp4&ns=Dk_nMUhGnNwjzBRB0oFtYKAL&gir=yes&clen=10427993&otfp=1&dur=207.340&lmt=1600678288117961&mt=1675804416&fvip=5&keepalive=yes&fexp=24007246&c=WEB&n=DxN66WpbNoSjh3&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIgTYf7SzZZwRktfh4X4ugfGb8f4n5emG4oWO8sbNVUUFYCIQDUWJCCaB4CIawzqJjVew4AMmQrK0ZvKzfEnUOTiFtWBg%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhANdAqsTJxDYr2A7xcCvNTTwuUJy8q8x_G7J1QyHwImcmAiEA7bYaWwOs34EPimXmlMF5nsiFGzQv39sDFH4qH91sNZI%3D HTTP 302
• https://r5---sn-4g5edns6.googlevideo.com/videoplayback?expire=1675826286&ei=DsDiY661DMqbkwbaurOQCg&ip=184.164.141.146&id=o-APxwmN_k_tMiWvt4cLZefSuBtr1pd0NKs5XaBVKatctt&itag=134&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&vprv=1&mime=video%2Fmp4&ns=Dk_nMUhGnNwjzBRB0oFtYKAL&gir=yes&clen=10427993&otfp=1&dur=207.340&lmt=1600678288117961&keepalive=yes&fexp=24007246&c=WEB&n=DxN66WpbNoSjh3&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIgTYf7SzZZwRktfh4X4ugfGb8f4n5emG4oWO8sbNVUUFYCIQDUWJCCaB4CIawzqJjVew4AMmQrK0ZvKzfEnUOTiFtWBg%3D%3D&cms_redirect=yes&mh=3a&mip=2001:1b60:2:240:3247::10&mm=31&mn=sn-4g5edns6&ms=au&mt=1675808705&mv=m&mvi=5&pl=29&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhANmma1I9XrDyv5TyPZMgMzJ8kGhO_Xy5je0FqykthJ0XAiAE64ShG8HgGNCu6iC8TphQcmK2u3fJ7FpR3trbBdK84g%3D%3D

43 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request 4jCDcnP Show response ibb.co/	22 KB 6 KB	373ms 120ms	Document text/html	185.150.189.72 RELIABLESITE
General Check archive.org Show headers Download Go to Full URL https://ibb.co/4jCDcnP Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.150.189.72 , United States, ASN23470 (RELIABLESITE, US), Reverse DNS Software nginx / Resource Hash fc11c31903383ba8826ce77981a3eecd6d200005919dda9ac7b456d52533e7ee Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Frame-Options DENY Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-encoding gzip content-type text/html; charset=UTF-8 date Tue, 07 Feb 2023 22:30:27 GMT server nginx strict-transport-security max-age=63072000; includeSubDomains; preload vary Accept-Encoding x-frame-options DENY
GET H2	200	css2 fonts.googleapis.com/	8 KB 1 KB	334ms 30ms	Stylesheet text/css	2a00:1450:4001:80b::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500&display=swap Requested by Host: ibb.co URL: https://ibb.co/4jCDcnP Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 2c459a692aed3357c56616259a74d4dab4ebdc2b8e8397b5b2d79e60ef9aa138 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Tue, 07 Feb 2023 22:30:28 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 07 Feb 2023 20:48:58 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 07 Feb 2023 22:30:28 GMT
GET H2	200	ibb.css simgbb.com/3991/	115 KB 26 KB	103ms 32ms	Stylesheet text/css	2606:4700:3032::ac43:83fb CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://simgbb.com/3991/ibb.css Requested by Host: ibb.co URL: https://ibb.co/4jCDcnP Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:83fb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d192a5e1527c429f7e465e41ecbf501e491bbb33365f4870a332ff497c4b12e8 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 07 Feb 2023 22:30:27 GMT content-encoding br cf-cache-status HIT last-modified Thu, 02 Feb 2023 10:55:40 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 3110 etag W/"63db96ac-1cd5c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EJpPHmjatRBL%2BZPwK1hLbZ1fxZYVrnN3n0IjKeDypmVv4VQK9sm6vNMievA0BA%2FhmnR3pPeoZLgWAQHLe3vZA51l1LRcQtdV3ZsDtTg6oYiDusehFwFvC1Uikbo4YQyLdZncb2DVwyJE"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * cache-control max-age=31536000 cf-ray 795f91f89d6a37c8-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	subscribe.js Show response cdn.usefulcontentsites.com/js/push/	5 KB 2 KB	120ms 47ms	Script application/javascript	2606:4700:e2::ac40:8c05 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.usefulcontentsites.com/js/push/subscribe.js?v=7 Requested by Host: ibb.co URL: https://ibb.co/4jCDcnP Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e2::ac40:8c05 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7c598d6dc2f040f82c608cb1ef063629ad52ade976a354e578cfab5f2fbb428d Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers x-id hk2-up-gc11 date Tue, 07 Feb 2023 22:30:28 GMT x-amz-version-id null content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id 1PP0VJH1JVFGCG7H age 6009 x-cached-since 2023-02-05T20:31:40+00:00 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-amz-id-2 cVdMZ/dQaI40sHUPoBwj0x9Arp/mAusHmudkT5WiUdYOm+RxINKmmxK7F3ZO1Q1qsEzSx3/Qrqw= last-modified Wed, 30 Mar 2022 12:06:36 GMT server cloudflare x-amz-meta-s3cmd-attrs atime:1648641987/ctime:1648641987/gid:0/gname:root/md5:531a7e657aea171bbfa47a0c45adfede/mode:33206/mtime:1648641987/uid:0/uname:root etag W/"531a7e657aea171bbfa47a0c45adfede" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T7mgItwlNPNWZUDNpiuPUe5KseWkesHavZFHA9%2BrJkrR4pEWvsVzErGb0G7W3MZdI9ZsZlrtB%2BUZAqbeG69iZdh%2BF6PtPdfZmu3LTeo6jFYQciiXCob4nviprrOnh2DaAvixqCOtnfjiJJL9s0ZtAzNv15ZJwA76qA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control max-age=14400 cache HIT cf-ray 795f91f94b6a921d-FRA
GET H2	200	/ Show response services.vlitag.com/adv1/	537 KB 140 KB	122ms 41ms	Script application/javascript	2606:4700:10::6816:3ac7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1 Requested by Host: ibb.co URL: https://ibb.co/4jCDcnP Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:3ac7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ff562c69cc7a7f5e815c44308649949d7cc0071f903df7afad2405bfc7d18e2b Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 07 Feb 2023 22:30:28 GMT content-encoding br cf-cache-status HIT cf-bgj minify server cloudflare age 293 cf-polished origSize=549399 etag W/"8e6637b4f4f57cc6ca9a8b8db5bcdcb1 2023-02-02T05:00:15 v1 default" vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control public, max-age=900, stale-while-revalidate=3600 x-robots-tag noindex, nofollow, noarchive, nosnippet cf-ray 795f91fa1ffb9b80-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	logo.png simgbb.com/images/	938 B 1 KB	31ms 26ms	Image image/png	2606:4700:3032::ac43:83fb CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://simgbb.com/images/logo.png Requested by Host: ibb.co URL: https://ibb.co/4jCDcnP Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:83fb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 80329d457bd68a89b53ca393d3ba5f1c7b4f944c3c60ef8244a6969e10647c55 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 07 Feb 2023 22:30:28 GMT cf-cache-status HIT last-modified Thu, 02 Feb 2023 10:55:40 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 3111 etag "63db96ac-3aa" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=POM1QtGiX8gA6UtF6V6XgErpY741Nlwh58sGEc83VauGzaCEOIf4UOWY08kloTe8OhG0SuKNQuRxe%2FR6g5UxNbdnMMN3Ln7mLEJ9r0B9QlKzj8nih1e9mHTirfmKfDcwVv%2Fmhtk4cQmW"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=31536000 accept-ranges bytes cf-ray 795f91fa5eca37c8-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 938
GET H2	200	A47-FC388-DBAB-4282-9-EB4-5-B0-A66-E8-C67-A.jpg i.ibb.co/vJfrb6Z/	32 KB 32 KB	168ms 64ms	Image image/jpeg	162.19.58.161 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://i.ibb.co/vJfrb6Z/A47-FC388-DBAB-4282-9-EB4-5-B0-A66-E8-C67-A.jpg Requested by Host: ibb.co URL: https://ibb.co/4jCDcnP Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.19.58.161 , France, ASN16276 (OVH, FR), Reverse DNS ns3096669.ip-162-19-58.eu Software nginx / Resource Hash c57a39e774dbc7761110b7809ca76993e697b5f9120576de692e0be56ef83994 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 07 Feb 2023 22:30:28 GMT last-modified Tue, 07 Feb 2023 01:20:37 GMT server nginx access-control-allow-methods GET, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 32794 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	script Show response pt.protoawe.com/cifra/	2 KB 2 KB	114ms 46ms	Script application/javascript	93.93.51.191 DOCLER-AS
General Check archive.org Show headers Download Go to Full URL https://pt.protoawe.com/cifra/script?id=awe-customiframe-container&row=1&column=4&border=0&wide=0&padding=8px&model=0&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&legacyRedirect=1 Requested by Host: ibb.co URL: https://ibb.co/4jCDcnP Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 93.93.51.191 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash 3b5c79fa6438eb8abbfc5dbde134a7f49a7f5920a1099a47b5ffed5222b495f0 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 07 Feb 2023 22:30:28 GMT cache-control no-cache server unknown content-type application/javascript
GET H2	200	jquery2.js Show response simgbb.com/3991/	114 KB 41 KB	34ms 30ms	Script application/javascript	2606:4700:3032::ac43:83fb CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://simgbb.com/3991/jquery2.js Requested by Host: ibb.co URL: https://ibb.co/4jCDcnP Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:83fb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ff3ec271ef20383e3c4fd7f8a8bbab3610c6bd52fa7ca3a52059b97faf148b24 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 07 Feb 2023 22:30:28 GMT content-encoding br cf-cache-status HIT last-modified Thu, 02 Feb 2023 10:55:40 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 2015 etag W/"63db96ac-1c65d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I37C91tKM2C%2FBvKthPN8zNjzFJlSL9DCnYc%2FPKsrBhGVQ2RjhcWIz2XOQNMiVaKjfwAXRsPvInvFYpfWroRA8UuykDD5X3WNmNk7NnW2h2dJaJynYtXFAjix%2FV6nfAbh8cKyj8wL6npA"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control max-age=31536000 cf-ray 795f91fa5ecb37c8-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	ibb.js Show response simgbb.com/3991/	216 KB 62 KB	49ms 45ms	Script application/javascript	2606:4700:3032::ac43:83fb CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://simgbb.com/3991/ibb.js Requested by Host: ibb.co URL: https://ibb.co/4jCDcnP Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:83fb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4ca2cda436af69419be5a8c2a60d4c719bcc1a160f8b7aed3b1871428ca4731f Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 07 Feb 2023 22:30:28 GMT content-encoding br cf-cache-status HIT last-modified Thu, 02 Feb 2023 10:55:40 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 3111 etag W/"63db96ac-35eda" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FT3OtPPFxYKI0D%2Brdiw2n355eydSNODlUj%2FojrJyesn12DHllhJuT7n7hAzBfGt1JBzdZG4OgcZOAIYJaHw2DM%2FIuGXEHmgI28DprqpOIDH27KvmiKpQeBhO09uKEIRwB1cPPmQEEIiO"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control max-age=31536000 cf-ray 795f91fa5ecc37c8-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	cifra Show response pt.protoawe.com/ Frame 8B21	24 KB 7 KB	226ms 158ms	Document text/html	93.93.51.191 DOCLER-AS
General Check archive.org Show headers Download Go to Full URL https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1 Requested by Host: ibb.co URL: https://ibb.co/4jCDcnP Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 93.93.51.191 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash 356bd8b1ca7472bf35eefbfa3545e945dd693e4d79b5430e54af5df055a60858 Request headers Referer https://ibb.co/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control no-cache content-encoding gzip content-type text/html; charset=UTF-8 date Tue, 07 Feb 2023 22:30:28 GMT server unknown vary Accept-Encoding
GET H2	200	imgbb.woff2 simgbb.com/fonts/	8 KB 9 KB	193ms 136ms	Font font/woff2	2606:4700:3032::ac43:83fb CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://simgbb.com/fonts/imgbb.woff2 Requested by Host: simgbb.com URL: https://simgbb.com/3991/ibb.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:83fb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f46bf0c1c79af4187878ef33dc72a02a554013f943f2eaeb9ad5e88c246b6b13 Request headers Referer https://simgbb.com/3991/ibb.css Origin https://ibb.co accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 07 Feb 2023 22:30:28 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2462 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 8468 last-modified Thu, 02 Feb 2023 10:55:40 GMT server cloudflare etag "63db96ac-2114" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Ko9gb%2BH%2Bfh%2F8NSlpdUpv7SDPke3ZUP3xK2MnnQvZMKVqdjCuINu5a5pgGRkYhUxsT5ca%2F4ZruROlcbAeY9TNxHAkkud33U31nY6fKCOuCH7B00VQuWPj6vnUB5BUMTlfna1PHl3KLiK"}],"group":"cf-nel","max_age":604800} content-type font/woff2 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes cf-ray 795f91faad48381a-FRA
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 fonts.gstatic.com/s/opensans/v34/	44 KB 44 KB	80ms 21ms	Font font/woff2	2a00:1450:4001:82a::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://ibb.co accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Sat, 04 Feb 2023 04:22:26 GMT x-content-type-options nosniff age 324482 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 44856 x-xss-protection 0 last-modified Mon, 15 Aug 2022 18:20:18 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 04 Feb 2024 04:22:26 GMT
GET H2	200	js-cookie-muidn Show response cm.mgid.com/	0 399 B	213ms 122ms	Script application/javascript	2606:4700:1::6813:874e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cm.mgid.com/js-cookie-muidn Requested by Host: cdn.usefulcontentsites.com URL: https://cdn.usefulcontentsites.com/js/push/subscribe.js?v=7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers pragma no-cache date Tue, 07 Feb 2023 22:30:28 GMT cf-cache-status DYNAMIC server cloudflare content-type application/javascript cache-control no-store, no-cache, must-revalidate, max-age=0 cf-ray 795f91fae93091dd-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0
GET H3	200	8e6637b4f4f57cc6ca9a8b8db5bcdcb1.json Show response services.vlitag.com/cli/	42 B 376 B	207ms 162ms	XHR application/json	2606:4700:10::6816:3ac7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://services.vlitag.com/cli/8e6637b4f4f57cc6ca9a8b8db5bcdcb1.json?hn=https://ibb.co Requested by Host: services.vlitag.com URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:3ac7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 95c55e84ff127caecedcf3e79c3a78c9e0b657a1b67689e2577442df85609781 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers pragma no-cache date Tue, 07 Feb 2023 22:30:28 GMT cf-cache-status BYPASS server cloudflare vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin https://ibb.co cache-control private, no-cache, no-store, must-revalidate accept-ranges bytes x-robots-tag noindex, nofollow, noarchive, nosnippet cf-ray 795f91fb0abb2c42-FRA content-length 42 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	A47-FC388-DBAB-4282-9-EB4-5-B0-A66-E8-C67-A.jpg i.ibb.co/sFcDhdy/	170 KB 170 KB	99ms 94ms	Image image/jpeg	162.19.58.161 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://i.ibb.co/sFcDhdy/A47-FC388-DBAB-4282-9-EB4-5-B0-A66-E8-C67-A.jpg Requested by Host: ibb.co URL: https://ibb.co/4jCDcnP Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.19.58.161 , France, ASN16276 (OVH, FR), Reverse DNS ns3096669.ip-162-19-58.eu Software nginx / Resource Hash eeeb70d9082f855c096b6d738ccd8b7ef1d615583d09fc7bfba5aa9b1ae88b8c Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 07 Feb 2023 22:30:28 GMT last-modified Tue, 07 Feb 2023 01:20:37 GMT server nginx access-control-allow-methods GET, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 173609 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	di.min-v556482.js Show response pt-static3.awepsljan.com/npe/_common/script/incognito/ Frame 8B21	3 KB 2 KB	81ms 24ms	Script application/javascript	93.93.51.200 DOCLER-AS
General Check archive.org Show headers Download Go to Full URL https://pt-static3.awepsljan.com/npe/_common/script/incognito/di.min-v556482.js Requested by Host: pt.protoawe.com URL: https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash 7d71a852775aba4b8dc1944e102cb58b344c544fe55e69da4caa73e8ccc1d2cb Request headers accept-language de-DE,de;q=0.9 Referer https://pt.protoawe.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers x-cdn-node defra date Tue, 07 Feb 2023 22:30:28 GMT content-encoding gzip last-modified Tue, 07 Feb 2023 07:48:40 GMT server unknown etag W/"63e20258-d47" x-cache-status R-HIT vary Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin *
GET H2	200	advertisement-v556482.js Show response pt-static1.awepsljan.com/npe/_common/script/adblock/ Frame 8B21	21 B 224 B	80ms 23ms	Script application/javascript	93.93.51.200 DOCLER-AS
General Check archive.org Show headers Download Go to Full URL https://pt-static1.awepsljan.com/npe/_common/script/adblock/advertisement-v556482.js Requested by Host: pt.protoawe.com URL: https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash e97a9988dce8067f81f57557b349dd481e0335e75175179b6b01322be2ff13a5 Request headers accept-language de-DE,de;q=0.9 Referer https://pt.protoawe.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers x-cdn-node defra date Tue, 07 Feb 2023 22:30:28 GMT last-modified Tue, 07 Feb 2023 07:48:40 GMT server unknown etag "63e20258-15" x-cache-status R-HIT content-type application/javascript access-control-allow-origin * accept-ranges bytes content-length 21
GET H2	200	cifra-v556482.css pt-static2.awepsljan.com/npe/cifra/styles/ Frame 8B21	13 KB 3 KB	392ms 28ms	Stylesheet text/css	93.93.51.200 DOCLER-AS
General Check archive.org Show headers Download Go to Full URL https://pt-static2.awepsljan.com/npe/cifra/styles/cifra-v556482.css Requested by Host: pt.protoawe.com URL: https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash 34d2333071921327ac524a9f4eb92c80da512896c91b145964aced3cf0c60f7d Request headers accept-language de-DE,de;q=0.9 Referer https://pt.protoawe.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers x-cdn-node defra date Tue, 07 Feb 2023 22:30:28 GMT content-encoding gzip last-modified Tue, 07 Feb 2023 07:48:41 GMT server unknown etag W/"63e20259-35cb" x-cache-status R-HIT vary Accept-Encoding, Accept-Encoding content-type text/css access-control-allow-origin *
GET H2	200	cifrafk-v556482.js Show response pt-static5.awepsljan.com/npe/cifra/script/ Frame 8B21	321 KB 115 KB	106ms 40ms	Script application/javascript	93.93.51.200 DOCLER-AS
General Check archive.org Show headers Download Go to Full URL https://pt-static5.awepsljan.com/npe/cifra/script/cifrafk-v556482.js Requested by Host: pt.protoawe.com URL: https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash 4cd856979227c27fd16c42b2594ab3e4c434de33db45403b8884e93c3b4c1e43 Request headers accept-language de-DE,de;q=0.9 Referer https://pt.protoawe.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers x-cdn-node defra date Tue, 07 Feb 2023 22:30:28 GMT content-encoding gzip last-modified Tue, 07 Feb 2023 07:48:41 GMT server unknown etag W/"63e20259-50456" x-cache-status R-HIT vary Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin *
GET H2	200	gtm.js Show response www.googletagmanager.com/ Frame 8B21	194 KB 66 KB	82ms 31ms	Script application/javascript	2a00:1450:4001:830::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-WXTGF28 Requested by Host: pt.protoawe.com URL: https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 1472a9399bc9014acac02d19ed066fab81e11407167e2295323b8a2fd3268de5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pt.protoawe.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 07 Feb 2023 22:30:28 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 66912 x-xss-protection 0 last-modified Tue, 07 Feb 2023 21:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 07 Feb 2023 22:30:28 GMT
GET H3	200	vl.json Show response services.vlitag.com/vld/1675666446/	13 B 284 B	148ms 148ms	XHR application/json	2606:4700:10::6816:3ac7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://services.vlitag.com/vld/1675666446/vl.json?page_url=https%3A%2F%2Fibb.co%2F4jCDcnP Requested by Host: services.vlitag.com URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:3ac7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 07 Feb 2023 22:30:28 GMT cf-cache-status HIT last-modified Tue, 07 Feb 2023 01:22:44 GMT server cloudflare vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin https://ibb.co cache-control public, immutable, max-age=31536000 accept-ranges bytes x-robots-tag noindex, nofollow, noarchive, nosnippet cf-ray 795f91fc1bcd2c42-FRA content-length 13 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	8e6637b4f4f57cc6ca9a8b8db5bcdcb1.json Show response services.vlitag.com/obj/1675666446/	32 KB 5 KB	28ms 27ms	XHR application/json	2606:4700:10::6816:3ac7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://services.vlitag.com/obj/1675666446/8e6637b4f4f57cc6ca9a8b8db5bcdcb1.json?cc=DE&hn=https://ibb.co Requested by Host: services.vlitag.com URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:3ac7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 41903d06af2be0e9256dce1d6d7e986557169b4c491a764b9e09dbfef0aeb862 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 07 Feb 2023 22:30:28 GMT content-encoding br cf-cache-status HIT last-modified Mon, 06 Feb 2023 06:54:23 GMT server cloudflare age 142393 vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin https://ibb.co cache-control public, immutable, max-age=31536000 x-robots-tag noindex, nofollow, noarchive, nosnippet cf-ray 795f91fc1bce2c42-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	prebid-7.34.0.js Show response assets.vlitag.com/prebid/default/	564 KB 169 KB	63ms 37ms	Script application/javascript	2606:4700:10::6816:3ac7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://assets.vlitag.com/prebid/default/prebid-7.34.0.js Requested by Host: services.vlitag.com URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:3ac7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5e0cd7c93caed8ff26db1c4ebd8e053f8a76e7127b9f4b036c2af89653e68737 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 07 Feb 2023 22:30:28 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 583698 cf-polished origSize=579129 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block cf-bgj minify last-modified Wed, 01 Feb 2023 04:21:56 GMT server cloudflare etag W/"63d9e8e4-8d639" vary Accept-Encoding content-type application/javascript cache-control max-age=16070400 x-robots-tag noindex, nofollow cf-ray 795f91fc7a209b80-FRA expires Wed, 01 Feb 2023 04:52:01 GMT
GET H2	200	gpt.js Show response www.googletagservices.com/tag/js/	79 KB 27 KB	198ms 70ms	Script text/javascript	2a00:1450:400d:808::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/tag/js/gpt.js Requested by Host: services.vlitag.com URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2a1b4778ede68b8a3a5da3f866ccb305412627b4747c44e79b48518dbe72c827 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 07 Feb 2023 22:30:28 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 27210 x-xss-protection 0 server sffe etag "1476 / 626 of 1000 / last-modified: 1675786334" vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Tue, 07 Feb 2023 22:30:28 GMT
GET H2	200	ima3.js Show response imasdk.googleapis.com/js/sdkloader/	367 KB 123 KB	234ms 106ms	Script text/javascript	2a00:1450:400d:803::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://imasdk.googleapis.com/js/sdkloader/ima3.js Requested by Host: services.vlitag.com URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:803::200a , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 96653b9b6b919a16dcfce983c42fa78193d2b2e5cec34cceb23a02572c994485 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 07 Feb 2023 22:30:28 GMT content-encoding gzip x-content-type-options nosniff server sffe cross-origin-opener-policy same-origin; report-to="ads-doubleclick-instream-static" vary Accept-Encoding report-to {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]} content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 125826 x-xss-protection 0 expires Tue, 07 Feb 2023 22:30:28 GMT
GET H2	200	sf_host.min.js Show response assets.vlitag.com/plugins/safeframe/src/js/	38 KB 17 KB	55ms 29ms	Script application/javascript	2606:4700:10::6816:3ac7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://assets.vlitag.com/plugins/safeframe/src/js/sf_host.min.js Requested by Host: services.vlitag.com URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:3ac7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 07 Feb 2023 22:30:28 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 267026 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Fri, 01 Nov 2019 05:04:50 GMT server cloudflare etag W/"5dbbbcf2-9806" vary Accept-Encoding content-type application/javascript cache-control max-age=16070400 x-robots-tag noindex, nofollow cf-ray 795f91fc7a219b80-FRA expires Fri, 27 Jan 2023 09:41:42 GMT
GET H2	200	apstag.js Show response c.amazon-adsystem.com/aax2/	193 KB 47 KB	79ms 23ms	Script application/javascript	13.32.28.197 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/aax2/apstag.js Requested by Host: services.vlitag.com URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.28.197 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-28-197.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash cc063466fc42fe1b789888a932cc7f3a8bdde1c2d70a8a04b4d9896975620da7 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 07 Feb 2023 21:51:33 GMT content-encoding gzip via 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront), 1.1 95adda0bdbd310a1a9e4f54f540543e2.cloudfront.net (CloudFront) last-modified Wed, 01 Feb 2023 21:25:55 GMT server AmazonS3 x-amz-cf-pop FRA60-P1, FRA56-C2 age 2336 x-amz-server-side-encryption AES256 etag W/"a32dad266af898d87dd85cf65ca93536" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control public, max-age=3600 x-amz-cf-id 818y7RZKABx9Hzz7LSCpoxtUc8vEU9lKq2EBGmM2ErKSfySynKe0Ow==
GET H2	200	aps_csm.js Show response c.amazon-adsystem.com/bao-csm/aps-comm/	6 KB 3 KB	61ms 20ms	XHR application/javascript	13.32.28.197 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.28.197 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-28-197.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers x-amz-version-id UbKifkjYJEpp9kioi5dZ9KFE2QW1MpFD content-encoding gzip via 1.1 aff6ac5c98fa897349204752e5877c80.cloudfront.net (CloudFront) date Mon, 06 Feb 2023 23:38:37 GMT x-amz-cf-pop FRA56-C2 age 82331 x-cache Hit from cloudfront last-modified Fri, 03 Feb 2023 23:37:41 GMT server AmazonS3 etag W/"a4d296427fc806b21335359e398c025c" access-control-max-age 3000 access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control public, max-age=86400 vary Accept-Encoding,Origin x-amz-cf-id 4QiQ2ibIMMoZ9eUeKiDwZBxUETZ_tU6q-LWnjpmrM9EuLR_ILevVeA==
GET H2	200	analytics.js Show response www.google-analytics.com/ Frame 8B21	49 KB 20 KB	142ms 38ms	Script text/javascript	2a00:1450:400d:806::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WXTGF28 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://pt.protoawe.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Tue, 07 Feb 2023 21:12:08 GMT last-modified Tue, 10 Jan 2023 21:29:14 GMT server Golfe2 age 4700 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20085 expires Tue, 07 Feb 2023 23:12:08 GMT
GET H2	200	abe4931d4ffe75331adf2288ae1f9634_glamour_460x345.jpg galleryn1.awemdia.com/ff268cab8d9fbae1ed7506f97496274f1a/ Frame 8B21	31 KB 32 KB	157ms 57ms	Image image/jpeg	93.93.51.190 DOCLER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://galleryn1.awemdia.com/ff268cab8d9fbae1ed7506f97496274f1a/abe4931d4ffe75331adf2288ae1f9634_glamour_460x345.jpg?cno=ffd9 Requested by Host: pt.protoawe.com URL: https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.93.51.190 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash fe6de79dc517df07eb427c1fa32e829764e638d217b9512e95636b571dfe4c4f Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://pt.protoawe.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers x-cdn-node defra date Tue, 07 Feb 2023 22:30:29 GMT x-content-type-options nosniff last-modified Tue, 17 Jan 2023 16:08:13 GMT server unknown etag "ea9697d5d11b1d364397852d6120fcf4" x-cache-status R-HIT content-type image/jpeg access-control-allow-origin * x-cache-source Origin cache-control max-age=1209600 x-real-source - accept-ranges bytes content-length 32211 expires Tue, 21 Feb 2023 22:30:29 GMT
GET H2	200	22c23911f9e4370b9da1a6f0c8f0a5ec_glamour_460x345.jpg galleryn3.awemdia.com/ff268cab8d9fbae1ed7506f97496274f12/ Frame 8B21	26 KB 26 KB	162ms 46ms	Image image/jpeg	93.93.51.190 DOCLER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://galleryn3.awemdia.com/ff268cab8d9fbae1ed7506f97496274f12/22c23911f9e4370b9da1a6f0c8f0a5ec_glamour_460x345.jpg?cno=8677 Requested by Host: pt.protoawe.com URL: https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.93.51.190 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash 5331767a6cf85711137c97e1b7b8233814d320e3415ad8bea12c35c70d584139 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://pt.protoawe.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers x-cdn-node defra date Tue, 07 Feb 2023 22:30:29 GMT x-content-type-options nosniff last-modified Fri, 02 Dec 2022 01:06:16 GMT server unknown etag "6a3a0fb45632865d8fd8a0d7d5d428db" x-cache-status R-HIT content-type image/jpeg access-control-allow-origin * x-cache-source Origin cache-control max-age=1209600 x-real-source - accept-ranges bytes content-length 26121 expires Tue, 21 Feb 2023 22:30:29 GMT
GET H2	200	1525e79c6b491bdb11dd3de836d0d847_glamour_460x345.jpg galleryn0.awemdia.com/ff268cab8d9fbae1ed7506f97496274f11/ Frame 8B21	29 KB 29 KB	154ms 38ms	Image image/jpeg	93.93.51.190 DOCLER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://galleryn0.awemdia.com/ff268cab8d9fbae1ed7506f97496274f11/1525e79c6b491bdb11dd3de836d0d847_glamour_460x345.jpg?cno=6d2c Requested by Host: pt.protoawe.com URL: https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.93.51.190 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash 207b748f00bd2133571d36960b1406495780ffac06d33d7e12db060cb92709c7 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://pt.protoawe.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers x-cdn-node defra date Tue, 07 Feb 2023 22:30:29 GMT x-content-type-options nosniff last-modified Sat, 04 Feb 2023 19:35:24 GMT server unknown etag "2bd87d9ba49d57cdc7e258ac4822b345" x-cache-status R-HIT content-type image/jpeg access-control-allow-origin * x-cache-source Origin cache-control max-age=1209600 x-real-source - accept-ranges bytes content-length 29589 expires Tue, 21 Feb 2023 22:30:29 GMT
GET H2	200	1afc921549bf08c521aa33776f5bf714_glamour_460x345.jpg galleryn0.awemdia.com/ff268cab8d9fbae1ed7506f97496274f11/ Frame 8B21	46 KB 47 KB	181ms 66ms	Image image/jpeg	93.93.51.190 DOCLER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://galleryn0.awemdia.com/ff268cab8d9fbae1ed7506f97496274f11/1afc921549bf08c521aa33776f5bf714_glamour_460x345.jpg?cno=216a Requested by Host: pt.protoawe.com URL: https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.93.51.190 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash 618743faa961421fa8a2dec4f99e9a57c8e86c7ea8d27f2b33e7990839532e33 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://pt.protoawe.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers x-cdn-node defra date Tue, 07 Feb 2023 22:30:29 GMT x-content-type-options nosniff last-modified Thu, 12 Jan 2023 21:00:14 GMT server unknown etag "5372e833bbecf79c027c6f29f67104d8" x-cache-status R-HIT content-type image/jpeg access-control-allow-origin * x-cache-source Origin cache-control max-age=1209600 x-real-source - accept-ranges bytes content-length 47409 expires Tue, 21 Feb 2023 22:30:29 GMT
GET H2	200	pubads_impl_2023020201.js Show response securepubads.g.doubleclick.net/gpt/	383 KB 130 KB	108ms 39ms	Script text/javascript	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d3dbe61c0d4bd6843709a0c3287613e78c6699b608001771c5d02fc4927a81ff Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 07 Feb 2023 21:18:24 GMT content-encoding gzip x-content-type-options nosniff age 4325 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 132430 x-xss-protection 0 last-modified Thu, 02 Feb 2023 09:36:36 GMT server sffe vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control public, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Wed, 07 Feb 2024 21:18:24 GMT
GET H2	200	ppub_config Show response securepubads.g.doubleclick.net/pagead/	28 B 574 B	107ms 39ms	XHR application/json	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ibb.co Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c1c7a23390293d0ffeed4e1affd2ddae7eb2a2548fb76a8fd884d84e547e0464 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 07 Feb 2023 22:30:29 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private, max-age=3600, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 32 x-xss-protection 0 expires Tue, 07 Feb 2023 22:30:29 GMT
GET H2	204	config Show response c.amazon-adsystem.com/cdn/prod/	0 305 B	39ms 39ms	XHR text/plain	13.32.28.197 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fibb.co&pubid=9cf0c4f1-7630-476b-9141-f4472e005192 Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.28.197 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-28-197.fra56.r.cloudfront.net Software Server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 07 Feb 2023 21:09:17 GMT via 1.1 95adda0bdbd310a1a9e4f54f540543e2.cloudfront.net (CloudFront) server Server x-amz-cf-pop FRA56-C2 age 4871 x-cache Hit from cloudfront access-control-allow-origin https://ibb.co cache-control max-age=21550, s-maxage=21600 access-control-allow-credentials true x-amz-cf-id 4gkY_DfCh8oTMGHGjqBjqZBIHB_igmJEBRVdMdxu-8jSybx_vhLMCw==
GET H2	200	latest.json Show response cdn.jsdelivr.net/gh/prebid/currency-file@1/	2 KB 1 KB	128ms 21ms	XHR application/json	2a04:4e42:400::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230207 Requested by Host: assets.vlitag.com URL: https://assets.vlitag.com/prebid/default/prebid-7.34.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash e73ed25748bc77dff50a602e122e6833592e40f36a5c31228fb5ec0b74dff976 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://ibb.co/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Content-Type text/plain Response headers strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 07 Feb 2023 22:30:29 GMT x-content-type-options nosniff content-encoding gzip age 23381 x-jsd-version 1.0.1611 x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 823 x-served-by cache-fra-eddf8230021-FRA, cache-hhn-etou8220089-HHN x-jsd-version-type version etag W/"63c-Wragkk4KW82PDEbsthKnUslq6u4" vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 accept-ranges bytes timing-allow-origin *
GET H2	200	1572962830.jpg assets.vlitag.com/widget/2019/11/05/	192 KB 192 KB	35ms 31ms	Image image/jpeg	2606:4700:10::6816:3ac7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.vlitag.com/widget/2019/11/05/1572962830.jpg Requested by Host: ibb.co URL: https://ibb.co/4jCDcnP Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:3ac7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 31370f14534e5bb78d3da68b6cf0e72369feea1bd68aaeac1b61d07094aa1deb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 07 Feb 2023 22:30:29 GMT x-content-type-options nosniff cf-cache-status HIT age 998318 cf-polished degrade=85, origSize=227959, status=webp_bigger alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 196267 x-xss-protection 1; mode=block cf-bgj imgq:85,h2pri last-modified Tue, 05 Nov 2019 14:07:11 GMT server cloudflare etag "5dc1820f-37a77" vary Accept-Encoding content-type image/jpeg cache-control max-age=16070400 accept-ranges bytes x-robots-tag noindex, nofollow cf-ray 795f91ff8d039b80-FRA expires Fri, 27 Jan 2023 09:41:44 GMT
GET H3	206	videoplayback r5---sn-4g5edns6.googlevideo.com/ Redirect Chain https://media.vlitag.com/vid/?id=aOSRX0RXaas&t=y https://redirector.googlevideo.com/videoplayback?expire=1675826286&ei=DsDiY661DMqbkwbaurOQCg&ip=184.164.141.146&id=o-APxwmN_k_tMiWvt4cLZefSuBtr1pd0NKs5XaBVKatctt&itag=134&aitags=133%2C134%2C135%2C1... https://r5---sn-4g5edns6.googlevideo.com/videoplayback?expire=1675826286&ei=DsDiY661DMqbkwbaurOQCg&ip=184.164.141.146&id=o-APxwmN_k_tMiWvt4cLZefSuBtr1pd0NKs5XaBVKatctt&itag=134&aitags=133%2C134%2C1...	129 KB 0	179ms 20ms	Media video/mp4	2a00:1450:4001:6d::a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://r5---sn-4g5edns6.googlevideo.com/videoplayback?expire=1675826286&ei=DsDiY661DMqbkwbaurOQCg&ip=184.164.141.146&id=o-APxwmN_k_tMiWvt4cLZefSuBtr1pd0NKs5XaBVKatctt&itag=134&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&vprv=1&mime=video%2Fmp4&ns=Dk_nMUhGnNwjzBRB0oFtYKAL&gir=yes&clen=10427993&otfp=1&dur=207.340&lmt=1600678288117961&keepalive=yes&fexp=24007246&c=WEB&n=DxN66WpbNoSjh3&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIgTYf7SzZZwRktfh4X4ugfGb8f4n5emG4oWO8sbNVUUFYCIQDUWJCCaB4CIawzqJjVew4AMmQrK0ZvKzfEnUOTiFtWBg%3D%3D&cms_redirect=yes&mh=3a&mip=2001:1b60:2:240:3247::10&mm=31&mn=sn-4g5edns6&ms=au&mt=1675808705&mv=m&mvi=5&pl=29&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhANmma1I9XrDyv5TyPZMgMzJ8kGhO_Xy5je0FqykthJ0XAiAE64ShG8HgGNCu6iC8TphQcmK2u3fJ7FpR3trbBdK84g%3D%3D Requested by Host: ibb.co URL: https://ibb.co/4jCDcnP Protocol H3 Server 2a00:1450:4001:6d::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software gvs 1.0 / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers client-protocol quic date Tue, 07 Feb 2023 22:30:29 GMT x-restrict-formats-hint None x-content-type-options nosniff last-modified Mon, 21 Sep 2020 08:51:28 GMT server gvs 1.0 vary Origin content-type video/mp4 Content-Range bytes 0-10427992/10427993 cache-control private, max-age=16957 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" Content-Length 10427993 expires Tue, 07 Feb 2023 22:30:29 GMT Redirect headers pragma no-cache date Tue, 07 Feb 2023 22:30:29 GMT x-content-type-options nosniff server ClientMapServer x-frame-options SAMEORIGIN content-type text/html; charset=UTF-8 location https://r5---sn-4g5edns6.googlevideo.com/videoplayback?expire=1675826286&ei=DsDiY661DMqbkwbaurOQCg&ip=184.164.141.146&id=o-APxwmN_k_tMiWvt4cLZefSuBtr1pd0NKs5XaBVKatctt&itag=134&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&vprv=1&mime=video%2Fmp4&ns=Dk_nMUhGnNwjzBRB0oFtYKAL&gir=yes&clen=10427993&otfp=1&dur=207.340&lmt=1600678288117961&keepalive=yes&fexp=24007246&c=WEB&n=DxN66WpbNoSjh3&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIgTYf7SzZZwRktfh4X4ugfGb8f4n5emG4oWO8sbNVUUFYCIQDUWJCCaB4CIawzqJjVew4AMmQrK0ZvKzfEnUOTiFtWBg%3D%3D&cms_redirect=yes&mh=3a&mip=2001:1b60:2:240:3247::10&mm=31&mn=sn-4g5edns6&ms=au&mt=1675808705&mv=m&mvi=5&pl=29&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhANmma1I9XrDyv5TyPZMgMzJ8kGhO_Xy5je0FqykthJ0XAiAE64ShG8HgGNCu6iC8TphQcmK2u3fJ7FpR3trbBdK84g%3D%3D cache-control no-cache, must-revalidate alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1261 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/ Frame 8B21	208 KB 73 KB	29ms 28ms	Script application/javascript	2a00:1450:4001:830::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-H7LMNP6Q9N&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WXTGF28 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 9e912d93d1722941e1b39375a4c3807476bd4903c3608bc6fa39e0b260892544 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pt.protoawe.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 07 Feb 2023 22:30:29 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 74363 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 07 Feb 2023 22:30:29 GMT
GET H2	200	Kaa.gif pt.protoawe.com/qF9aP/ Frame 8B21	43 B 295 B	24ms 24ms	Image image/gif	93.93.51.191 DOCLER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://pt.protoawe.com/qF9aP/Kaa.gif?psprogram=revs&pstool=212_1&site=jsm&campaign_id=&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&psid=mesaction&categoryName=girl&vp%5BautoPlay%5D=1&vp%5BshowChat%5D=0&vp%5BchatAutoHide%5D=0&im=1 Requested by Host: ibb.co URL: https://ibb.co/4jCDcnP Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 93.93.51.191 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers accept-language de-DE,de;q=0.9 Referer https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 07 Feb 2023 22:30:29 GMT last-modified Mon, 28 Sep 1970 06:00:00 GMT server unknown content-type image/gif access-control-allow-origin * cache-control no-cache content-length 43 expires Tue, 07 Feb 2023 22:30:28 GMT
GET H2	200	push-event-counter c.usefulcontentsites.com/	43 B 485 B	170ms 154ms	Image image/gif	2606:4700:e2::ac40:8c05 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://c.usefulcontentsites.com/push-event-counter?permission=default&domain=ibb.co Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e2::ac40:8c05 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 07 Feb 2023 22:30:29 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-mg-request-uuid ed0fd8ef-6e8a-4cdf-9cb3-a0c51de547a7 server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OazXZGGtSCzAGBPQX1hFgQOgTxcRrhAz1uOAKKIH6qLoLJsOU0ARrPnxchc97O74F%2By5P2KWrcyXTKgwANIqZATyQ%2F9B1Q7TZpOIKwYN0kmVbwCOeEvZZohTECBRV5y%2FcLBsgkM3tSv%2FPCnTQp1PBB59l9nHV8o%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-methods POST, OPTIONS access-control-allow-origin https://ibb.co content-type image/gif cf-ray 795f920429e9921d-FRA access-control-allow-headers * alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400