ibb.co Open in urlscan Pro
213.174.132.224 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ibb.co/LY114nH
Submission: On November 23 via manual (November 23rd 2023, 5:04:51 am UTC) from SE — Scanned from SE

Summary HTTP 105 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 36 IPs in 6 countries across 25 domains to perform 105 HTTP transactions. The main IP is 213.174.132.224, located in Ashburn, United States and belongs to ADVANCEDHOSTERS-AS, NL. The main domain is ibb.co. The Cisco Umbrella rank of the primary domain is 11246.
TLS certificate: Issued by R3 on October 9th 2023. Valid for: 3 months.

This is the only time ibb.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	213.174.132.224 213.174.132.224	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	142.250.186.42 142.250.186.42	15169 (GOOGLE) (GOOGLE)
5	172.67.131.251 172.67.131.251	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 14	104.22.58.199 104.22.58.199	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	162.19.58.159 162.19.58.159	16276 (OVH) (OVH)
3	93.93.51.191 93.93.51.191	34655 (DOCLER-AS) (DOCLER-AS)
1	142.250.185.227 142.250.185.227	15169 (GOOGLE) (GOOGLE)
1	104.19.131.76 104.19.131.76	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	93.93.51.200 93.93.51.200	34655 (DOCLER-AS) (DOCLER-AS)
2	172.217.18.8 172.217.18.8	15169 (GOOGLE) (GOOGLE)
4	93.93.51.190 93.93.51.190	34655 (DOCLER-AS) (DOCLER-AS)
1	172.217.16.142 172.217.16.142	15169 (GOOGLE) (GOOGLE)
6	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1	142.250.181.234 142.250.181.234	15169 (GOOGLE) (GOOGLE)
3	108.138.1.25 108.138.1.25	16509 (AMAZON-02) (AMAZON-02)
1	99.86.4.71 99.86.4.71	16509 (AMAZON-02) (AMAZON-02)
2	104.16.85.20 104.16.85.20	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	52.222.253.136 52.222.253.136	16509 (AMAZON-02) (AMAZON-02)
12	172.67.158.59 172.67.158.59	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	142.250.185.174 142.250.185.174	15169 (GOOGLE) (GOOGLE)
1	74.125.111.73 74.125.111.73	15169 (GOOGLE) (GOOGLE)
1	172.67.38.106 172.67.38.106	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	178.250.1.3 178.250.1.3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	142.250.184.225 142.250.184.225	15169 (GOOGLE) (GOOGLE)
1	162.19.138.120 162.19.138.120	16276 (OVH) (OVH)
3	142.250.184.193 142.250.184.193	15169 (GOOGLE) (GOOGLE)
2	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	142.250.186.164 142.250.186.164	15169 (GOOGLE) (GOOGLE)
1	172.67.21.227 172.67.21.227	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	172.67.75.64 172.67.75.64	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	146.75.118.132 146.75.118.132	54113 (FASTLY) (FASTLY)
4	184.30.17.67 184.30.17.67	16625 (AKAMAI-AS) (AKAMAI-AS)
2	184.30.25.193 184.30.25.193	16625 (AKAMAI-AS) (AKAMAI-AS)
4	64.202.112.95 64.202.112.95	23352 (SERVERCEN...) (SERVERCENTRAL)
105	36

1 213.174.132.224 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

ibb.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.42 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.67.131.251 (United States)

ASN13335 (CLOUDFLARENET, US)

simgbb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

cdn.usefulcontentsites.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.usefulcontentsites.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 104.22.58.199 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

services.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsp.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.19.58.159 (France)

ASN16276 (OVH, FR)
PTR: ns3096667.ip-162-19-58.eu

i.ibb.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 93.93.51.191 (Luxembourg)

ASN34655 (DOCLER-AS, LU)

pt.protoawe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.131.76 (None, )

ASN13335 (CLOUDFLARENET, US)

cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 93.93.51.200 (Luxembourg)

ASN34655 (DOCLER-AS, LU)

pt-static4.awepsljan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pt-static2.awepsljan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pt-static3.awepsljan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.8 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 93.93.51.190 (Luxembourg)

ASN34655 (DOCLER-AS, LU)

galleryn1.vcmdiawe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
galleryn3.vcmdiawe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
galleryn2.vcmdiawe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.142 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f142.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f10.1e100.net

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.1.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-1-25.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-71.fra6.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.85.20 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.222.253.136 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-253-136.fra60.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 172.67.158.59 (United States)

ASN13335 (CLOUDFLARENET, US)

px.vliplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.vliplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.174 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f14.1e100.net

redirector.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.111.73 (United States)

ASN15169 (GOOGLE, US)
PTR: arn09s26-in-f9.1e100.net

r4---sn-5go7ynld.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.38.106 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f1.1e100.net

e48f20662d88e6a1d5eab5575788a2ec.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.120 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.193 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.164 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.21.227 (United States)

ASN13335 (CLOUDFLARENET, US)

dsp.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.67.75.64 (United States)

ASN13335 (CLOUDFLARENET, US)

adsystem.pocpoc.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.pocpoc.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 146.75.118.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

odb.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 184.30.17.67 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-17-67.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.30.25.193 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-25-193.deploy.static.akamaitechnologies.com

images.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 64.202.112.95 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

mcdp-nydc1.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
log.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	vlitag.com 1 redirects services.vlitag.com — Cisco Umbrella Rank: 35568 assets.vlitag.com — Cisco Umbrella Rank: 44068 media.vlitag.com — Cisco Umbrella Rank: 64551 dsp.vlitag.com — Cisco Umbrella Rank: 55095	1 MB
12	vliplatform.com px.vliplatform.com — Cisco Umbrella Rank: 30945 static.vliplatform.com — Cisco Umbrella Rank: 90592	22 KB
8	outbrain.com odb.outbrain.com — Cisco Umbrella Rank: 3605 widgets.outbrain.com — Cisco Umbrella Rank: 1799 mcdp-nydc1.outbrain.com — Cisco Umbrella Rank: 6774	36 KB
8	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 e48f20662d88e6a1d5eab5575788a2ec.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 149	42 KB
8	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 306 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 598 aax.amazon-adsystem.com — Cisco Umbrella Rank: 394	71 KB
6	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196	221 KB
5	simgbb.com simgbb.com — Cisco Umbrella Rank: 226834	139 KB
4	outbrainimg.com images.outbrainimg.com — Cisco Umbrella Rank: 2527 log.outbrainimg.com — Cisco Umbrella Rank: 2670	46 KB
4	pocpoc.io adsystem.pocpoc.io — Cisco Umbrella Rank: 50252 px.pocpoc.io — Cisco Umbrella Rank: 50585	2 KB
4	vcmdiawe.com galleryn1.vcmdiawe.com — Cisco Umbrella Rank: 30769 galleryn3.vcmdiawe.com — Cisco Umbrella Rank: 32320 galleryn2.vcmdiawe.com — Cisco Umbrella Rank: 33007	129 KB
4	awepsljan.com pt-static4.awepsljan.com pt-static2.awepsljan.com pt-static3.awepsljan.com	122 KB
4	ibb.co ibb.co — Cisco Umbrella Rank: 11246 i.ibb.co — Cisco Umbrella Rank: 11551	2 MB
3	protoawe.com pt.protoawe.com	9 KB
2	criteo.com gum.criteo.com — Cisco Umbrella Rank: 454	7 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 863 id5-sync.com — Cisco Umbrella Rank: 440	35 KB
2	googlevideo.com 1 redirects redirector.googlevideo.com — Cisco Umbrella Rank: 1101 r4---sn-5go7ynld.googlevideo.com	945 B
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 335	3 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	158 KB
2	usefulcontentsites.com cdn.usefulcontentsites.com — Cisco Umbrella Rank: 126900 c.usefulcontentsites.com — Cisco Umbrella Rank: 57978	3 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31 imasdk.googleapis.com — Cisco Umbrella Rank: 447	127 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 668	13 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
1	mgid.com cm.mgid.com — Cisco Umbrella Rank: 1536	417 B
1	gstatic.com fonts.gstatic.com	48 KB
105	25

	Domain	Requested by
10	px.vliplatform.com
8	assets.vlitag.com	services.vlitag.com
6	securepubads.g.doubleclick.net	services.vlitag.com securepubads.g.doubleclick.net
5	simgbb.com	ibb.co simgbb.com
4	widgets.outbrain.com	ibb.co
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	aax.amazon-adsystem.com	c.amazon-adsystem.com
4	services.vlitag.com	ibb.co services.vlitag.com
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
3	c.amazon-adsystem.com	services.vlitag.com c.amazon-adsystem.com
3	pt.protoawe.com	ibb.co
3	i.ibb.co	ibb.co services.vlitag.com
2	log.outbrainimg.com
2	mcdp-nydc1.outbrain.com
2	images.outbrainimg.com	ibb.co static.vliplatform.com
2	odb.outbrain.com	static.vliplatform.com
2	static.vliplatform.com	dsp.vlitag.com
2	px.pocpoc.io	ibb.co
2	adsystem.pocpoc.io	dsp.vlitag.com
2	dsp.vlitag.com	services.vlitag.com
2	gum.criteo.com	static.criteo.net gum.criteo.com
2	cdn.jsdelivr.net	assets.vlitag.com securepubads.g.doubleclick.net
2	galleryn3.vcmdiawe.com	pt.protoawe.com
2	www.googletagmanager.com	pt.protoawe.com www.googletagmanager.com
2	pt-static4.awepsljan.com	pt.protoawe.com
1	www.google.com	tpc.googlesyndication.com
1	id5-sync.com	cdn.id5-sync.com
1	e48f20662d88e6a1d5eab5575788a2ec.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	r4---sn-5go7ynld.googlevideo.com
1	redirector.googlevideo.com	1 redirects
1	media.vlitag.com	1 redirects
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
1	imasdk.googleapis.com	services.vlitag.com
1	c.usefulcontentsites.com
1	www.google-analytics.com	www.googletagmanager.com
1	galleryn2.vcmdiawe.com	pt.protoawe.com
1	galleryn1.vcmdiawe.com	pt.protoawe.com
1	pt-static3.awepsljan.com	pt.protoawe.com
1	pt-static2.awepsljan.com	pt.protoawe.com
1	cm.mgid.com	cdn.usefulcontentsites.com
1	fonts.gstatic.com	fonts.googleapis.com
1	cdn.usefulcontentsites.com	ibb.co
1	fonts.googleapis.com	ibb.co
1	ibb.co
105	46

This site contains links to these domains. Also see Links.

Domain
undefined
imgbb.com
api.imgbb.com
i.ibb.co

Subject Issuer	Validity	Valid
ibb.co R3	`2023-10-09` - `2024-01-07`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
simgbb.com GTS CA 1P5	`2023-10-10` - `2024-01-08`	3 months	crt.sh
usefulcontentsites.com GTS CA 1P5	`2023-10-23` - `2024-01-21`	3 months	crt.sh
vlitag.com GTS CA 1P5	`2023-09-28` - `2023-12-27`	3 months	crt.sh
pt.aweproto.com R3	`2023-11-19` - `2024-02-17`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-11` - `2024-04-10`	a year	crt.sh
pt-static1.awepsljan.com R3	`2023-10-26` - `2024-01-24`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.vcmdiawe.com Sectigo RSA Domain Validation Secure Server CA	`2023-05-02` - `2024-05-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2023-02-20` - `2024-03-20`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
*.id5-sync.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
pocpoc.io GTS CA 1P5	`2023-11-19` - `2024-02-17`	3 months	crt.sh
*.outbrain.com R3	`2023-11-21` - `2024-02-19`	3 months	crt.sh
*.outbrainimg.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-02` - `2024-03-02`	a year	crt.sh

This page contains 13 frames:

Primary Page: https://ibb.co/LY114nH
Frame ID: 0DD305ECD6E406F78657EB627C5CFE53
Requests: 61 HTTP requests in this frame

Frame: https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1
Frame ID: F9FCA787AF797A9CD6DFE66C9CE1D2EF
Requests: 13 HTTP requests in this frame

Frame: https://e48f20662d88e6a1d5eab5575788a2ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8CE6AC30FBD0E954C57EEA1FFD953DDF
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=ibb.co
Frame ID: 66B01325B59ECC7671054AE829C3B131
Requests: 2 HTTP requests in this frame

Frame: https://e48f20662d88e6a1d5eab5575788a2ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1E9E35C733EB35BA0C527A87BCDF6BFD
Requests: 1 HTTP requests in this frame

Frame: https://dsp.vlitag.com/js/v1/adtag.js
Frame ID: 988F1754D288E14FE375DEE343510C11
Requests: 7 HTTP requests in this frame

Frame: https://e48f20662d88e6a1d5eab5575788a2ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2DD874856A5C1202064AF9821F83F67D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 87A6BF497A81CB443FF7A98AA1B635A8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 555FA66975976BA188517E5BE11D6E96
Requests: 2 HTTP requests in this frame

Frame: https://e48f20662d88e6a1d5eab5575788a2ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E56E6E59366D083BE698B2D99EA80104
Requests: 1 HTTP requests in this frame

Frame: https://dsp.vlitag.com/js/v1/adtag.js
Frame ID: B1694859BC81F150AA67E701854A655B
Requests: 7 HTTP requests in this frame

Frame: https://widgets.outbrain.com/images/widgetIcons/ob_logo_16x16.svg
Frame ID: C66094ED1C0DEC16FAD01CBD3137E809
Requests: 3 HTTP requests in this frame

Frame: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjkyNGJhYzBmMDA4OGNhZWY3ODBhZTQyZTA3MmNjNDViMDNhMTg1OTY5NTkwZWI2ZDhhNTkzNDIwY2IyNTlkMGYiLCJ3IjozMjAsImgiOjE4MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Frame ID: A001FDCF924962C364C665442DEB277F
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Screenshot-20231122-195858-Instagram hosted at ImgBB — ImgBB

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

105
Requests

96 %
HTTPS

0 %
IPv6

25
Domains

46
Subdomains

36
IPs

6
Countries

4183 kB
Transfer

7704 kB
Size

11
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://undefined/?ref=ibb.co
Title: Valueimpression

Search URL Search Domain Scan URL

URL: https://imgbb.com/

Search URL Search Domain Scan URL

URL: https://imgbb.com/plugin
Title: Plugin

Search URL Search Domain Scan URL

URL: https://api.imgbb.com/
Title: API

Search URL Search Domain Scan URL

URL: https://imgbb.com/tos
Title: Terms of service

Search URL Search Domain Scan URL

URL: https://imgbb.com/privacy
Title: Privacy

Search URL Search Domain Scan URL

URL: https://imgbb.com/contact
Title: Contact

Search URL Search Domain Scan URL

URL: https://imgbb.com/upload
Title: Upload

Search URL Search Domain Scan URL

URL: https://imgbb.com/login
Title: Sign in

Search URL Search Domain Scan URL

URL: https://i.ibb.co/jbDD7gs/Screenshot-20231122-195858-Instagram.jpg

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 58

https://media.vlitag.com/vid/?id=6Fk_i-JDmbY&t=y HTTP 302
https://redirector.googlevideo.com/videoplayback?expire=1700735159&ei=V9ReZYvdD_SKsfIPy5qDwAw&ip=184.164.141.146&id=o-ADcgPXaQwwj2ivsjgk1a9kGl6Ded55vuUBdGHb-9K5EQ&itag=18&source=youtube&requiressl=yes&mh=d6&mm=31%2C29&mn=sn-2puupm-2pue%2Csn-p5qlsndk&ms=au%2Crdu&mv=u&mvi=1&pcm2cms=yes&pl=21&spc=UWF9f7pwQC1MkPZsXDEBxM3UruWTsA4QrBr4XJGbSg&vprv=1&svpuc=1&mime=video%2Fmp4&ns=THEs87MUpOvfmT0z73yJlpIP&cnr=14&ratebypass=yes&dur=200.968&lmt=1685781175523295&mt=1700711379&fvip=3&fexp=24007246&c=WEB&txp=6219224&n=rFYUDUvk3sn2GRarEF&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=ANLwegAwRQIgZKOaAAlSx24g3GGCmmnNc32WYcq3qNguXBztGq5U3f8CIQCwATHP_wzSwETaxw7V_ynbymwhh6A7oQWlvulv3zXRuA%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpcm2cms%2Cpl&lsig=AM8Gb2swRAIgR7xp6udWngxUexLBjkx4_NmMhP9MUumg5oHrDtyW6mUCIGavUbJVbvTa_Dup3RdDZjW5-4d1px55m-NeatW5PPIU HTTP 302
https://r4---sn-5go7ynld.googlevideo.com/videoplayback?expire=1700735159&ei=V9ReZYvdD_SKsfIPy5qDwAw&ip=184.164.141.146&id=o-ADcgPXaQwwj2ivsjgk1a9kGl6Ded55vuUBdGHb-9K5EQ&itag=18&source=youtube&requiressl=yes&spc=UWF9f7pwQC1MkPZsXDEBxM3UruWTsA4QrBr4XJGbSg&vprv=1&svpuc=1&mime=video%2Fmp4&ns=THEs87MUpOvfmT0z73yJlpIP&cnr=14&ratebypass=yes&dur=200.968&lmt=1685781175523295&fexp=24007246&c=WEB&txp=6219224&n=rFYUDUvk3sn2GRarEF&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=ANLwegAwRQIgZKOaAAlSx24g3GGCmmnNc32WYcq3qNguXBztGq5U3f8CIQCwATHP_wzSwETaxw7V_ynbymwhh6A7oQWlvulv3zXRuA%3D%3D&cms_redirect=yes&mh=d6&mip=185.147.213.188&mm=31&mn=sn-5go7ynld&ms=au&mt=1700715436&mv=m&mvi=4&pl=24&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AM8Gb2swRQIhAJYvpDz8i5-NxoWfKYO_OvR80vbvKdBu8CsjadMGkqh_AiB7-EvXHuYvAFcyqMUBCzBa4RNiiTpTIJFEkLZAfgwUTA%3D%3D

105 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request LY114nH Show response
ibb.co/ 21 KB
6 KB 605ms
327ms Document
text/html 213.174.132.224
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ibb.co/LY114nH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

213.174.132.224 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

b741f4d0ad14fbb859f5654ad9239fee977c48a560349178c9712d411e1c70c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload max-age=63072000; includeSubDomains; preload
X-Frame-Options	DENY DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 23 Nov 2023 05:04:42 GMT
server: nginx
strict-transport-security: max-age=63072000; includeSubDomains; preload max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-frame-options: DENY DENY

GET
H2 200 css2
fonts.googleapis.com/ 9 KB
1 KB 184ms
64ms Stylesheet
text/css 142.250.186.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500&display=swap

Requested by

Host: ibb.co
URL: https://ibb.co/LY114nH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.42 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f10.1e100.net

Software

ESF /

Resource Hash

b5aacc837f3866c139e24a9c447f8ecc672b3e718536585ac1fd0ce9cc0e4e8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 23 Nov 2023 05:04:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 23 Nov 2023 04:25:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 23 Nov 2023 05:04:43 GMT

GET
H2 200 ibb.css
simgbb.com/2801/ 115 KB
26 KB 179ms
60ms Stylesheet
text/css 172.67.131.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://simgbb.com/2801/ibb.css
Requested by: Host: ibb.co
URL: https://ibb.co/LY114nH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.131.251 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d192a5e1527c429f7e465e41ecbf501e491bbb33365f4870a332ff497c4b12e8

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 05:04:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 02 Feb 2023 10:55:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4286
etag: W/"63db96ac-1cd5c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G2QKBOVLTSOsFXA%2FfedPCAUb2m5vSmD9JAQf%2B7eulhKGtNk6jNEt3j1nH8L7BYFM%2FKUt0enOnDg0Ianr8xlKbpnJU590LcmHY3I9Rhs2J%2By5%2B6VS%2FQHxA933XYIo"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 82a6df7cb9c26706-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 subscribe.js Show response
cdn.usefulcontentsites.com/js/push/ 5 KB
2 KB 177ms
61ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.usefulcontentsites.com/js/push/subscribe.js?v=7
Requested by: Host: ibb.co
URL: https://ibb.co/LY114nH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c598d6dc2f040f82c608cb1ef063629ad52ade976a354e578cfab5f2fbb428d

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-id: am3-hw-edge-gc74
date: Thu, 23 Nov 2023 05:04:43 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: NWTZHFT3D7X3DQCQ
age: 697
x-cached-since: 2023-11-09T02:37:18+00:00
x-id-fe: am3-hw-edge-gc74
alt-svc: h3=":443"; ma=86400
x-amz-id-2: OvmEjG9Ug0Hax+ctPGY80g34gFlmXdGSmB3V6TJtNEMTnzKHWOibESQs8gIo7mF/nlmPPIPtc1w=
last-modified: Wed, 30 Mar 2022 12:06:36 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1648641987/ctime:1648641987/gid:0/gname:root/md5:531a7e657aea171bbfa47a0c45adfede/mode:33206/mtime:1648641987/uid:0/uname:root
etag: W/"531a7e657aea171bbfa47a0c45adfede"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kagkDNvx5p1CZUENiMp9kGbC208%2BWerU1FmPVd5rpcR1BIuQ2UHxfsr0zkfUUHFpJfYop3FSTiRB0bDY4mdxULf%2FghUlDq5oXrOJbPJpQp0cLeC2HzC0H7AKi71SNvLzypWEwlt6PBiawC6HbA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cache: STALE
cf-ray: 82a6df7ddf07b97a-AMS

GET
H2 200 / Show response
services.vlitag.com/adv1/ 578 KB
148 KB 121ms
50ms Script
application/javascript 104.22.58.199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1
Requested by: Host: ibb.co
URL: https://ibb.co/LY114nH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.58.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95472ae7e5c43b4b628b85d8edcfa2259a2ec1b40570dd08952337f31a198e13

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 05:04:43 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 703
cf-polished: origSize=591583
etag: W/"8e6637b4f4f57cc6ca9a8b8db5bcdcb1 2023-11-22T04:43:25 v1 default"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, stale-while-revalidate=3600
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82a6df7d8f520a43-ARN
alt-svc: h3=":443"; ma=86400

GET
H2 200 logo.png
simgbb.com/images/ 938 B
1 KB 59ms
57ms Image
image/png 172.67.131.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simgbb.com/images/logo.png
Requested by: Host: ibb.co
URL: https://ibb.co/LY114nH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.131.251 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80329d457bd68a89b53ca393d3ba5f1c7b4f944c3c60ef8244a6969e10647c55

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 05:04:43 GMT
cf-cache-status: HIT
last-modified: Thu, 02 Feb 2023 10:55:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6488
etag: "63db96ac-3aa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L1y51p8bT0UxWk3THTGAoZ91cYmbpCyDZ9yYrnlnO090KAIhGiesakoMCEc4aUbvK6aGEBYhunP1jFcw%2BhNskXuxiRzGYk8VEor1DFRQLpXqO%2F5bfINLn4PbMzWb"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 82a6df7d29ff6706-AMS
alt-svc: h3=":443"; ma=86400
content-length: 938

GET
H2 200 Screenshot-20231122-195858-Instagram.jpg
i.ibb.co/q7ppbkV/ 100 KB
100 KB 205ms
63ms Image
image/jpeg 162.19.58.159
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/q7ppbkV/Screenshot-20231122-195858-Instagram.jpg
Requested by: Host: ibb.co
URL: https://ibb.co/LY114nH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.159 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096667.ip-162-19-58.eu
Software: nginx /
Resource Hash: 7875286b55ea460e378e7a7f0614c9e0e57f595de9667852e0b7617e1a0f1df5

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 05:04:43 GMT
last-modified: Thu, 23 Nov 2023 03:59:18 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 102123
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 script Show response
pt.protoawe.com/cifra/ 2 KB
2 KB 179ms
55ms Script
application/javascript 93.93.51.191
DOCLER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pt.protoawe.com/cifra/script?id=awe-customiframe-container&row=1&column=4&border=0&wide=0&padding=8px&model=0&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&legacyRedirect=1
Requested by: Host: ibb.co
URL: https://ibb.co/LY114nH
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.93.51.191 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software: unknown /
Resource Hash: 3b5c79fa6438eb8abbfc5dbde134a7f49a7f5920a1099a47b5ffed5222b495f0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 05:04:32 GMT
cache-control: no-cache
x-ud-id: nHdG3/OOH
server: unknown
x-cache-status: R-HIT
content-type: application/javascript

GET
H2 200 jquery2.js Show response
simgbb.com/2801/ 114 KB
41 KB 60ms
60ms Script
application/javascript 172.67.131.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://simgbb.com/2801/jquery2.js
Requested by: Host: ibb.co
URL: https://ibb.co/LY114nH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.131.251 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff3ec271ef20383e3c4fd7f8a8bbab3610c6bd52fa7ca3a52059b97faf148b24

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 05:04:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 02 Feb 2023 10:55:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3753
etag: W/"63db96ac-1c65d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X%2FCv3SpafEJw9%2FiXKkqiHVMYc68XD1yPCkDZNU2jCTIDO7nXs4exNRdXKoZxZNKKpd1oZ%2BgJVGasLLo%2BUb4y%2FlP34ZIBOAIGkIvutjH0ZkLE9DFZFQ8F0cV%2BNXC9"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 82a6df7d2a006706-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 ibb.js Show response
simgbb.com/2801/ 215 KB
62 KB 64ms
63ms Script
application/javascript 172.67.131.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://simgbb.com/2801/ibb.js
Requested by: Host: ibb.co
URL: https://ibb.co/LY114nH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.131.251 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45906ccf25c34566708e3c7b29332f2d567c6fa53c72a64b2523928343be6cd1

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 05:04:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Aug 2023 17:15:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 987
etag: W/"64c93db0-35a95"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mAER2t5zQSoFvi1DjckT8rEVjdWNLZkKT68B7xz26xwFm367w16%2F6Aw2KWagCEaRlA4utDcc0cw%2B4LqUmOMHFCugaHT%2BCXKqy3XRjlfZfeLNZHfzozkDjdVNbgS7"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 82a6df7d2a016706-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 cifra Show response
pt.protoawe.com/ Frame F9FC 27 KB
7 KB 272ms
149ms Document
text/html 93.93.51.191
DOCLER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1
Requested by: Host: ibb.co
URL: https://ibb.co/LY114nH
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.93.51.191 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software: unknown /
Resource Hash: dff68aad39e6bf97d964f0763b13d6ce7cc83082d84f193f12c5bbbc07a7c907

Request headers

Referer: https://ibb.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

cache-control: max-age=300, public
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 23 Nov 2023 05:04:43 GMT
server: unknown
vary: Accept-Encoding
x-cache-status: R-MISS
x-ud-id: PZLSK/VhG

GET
H2 200 imgbb.woff2
simgbb.com/fonts/ 8 KB
9 KB 166ms
58ms Font
font/woff2 172.67.131.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://simgbb.com/fonts/imgbb.woff2
Requested by: Host: simgbb.com
URL: https://simgbb.com/2801/ibb.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.131.251 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f46bf0c1c79af4187878ef33dc72a02a554013f943f2eaeb9ad5e88c246b6b13

Request headers

Referer: https://simgbb.com/2801/ibb.css
Origin: https://ibb.co
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 05:04:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5329
alt-svc: h3=":443"; ma=86400
content-length: 8468
last-modified: Thu, 02 Feb 2023 10:55:40 GMT
server: cloudflare
etag: "63db96ac-2114"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rO42DBlElPWpBn29Vo3AS0SNAY41gM%2F5Gq6kUCR4Mo9YxMdiODhBP8SnqjyYFH%2BnGerjo5lOtnt5RV%2FCiqpImf3Dzlwhv3wH0KLHfB%2FC69hwMQWVxaWCacrHGMA7"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 82a6df7dd879664b-AMS

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ 47 KB
48 KB 180ms
57ms Font
font/woff2 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ibb.co
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:29:28 GMT
x-content-type-options: nosniff
age: 484515
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48432
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Nov 2024 14:29:28 GMT

GET
H2 200 Screenshot-20231122-195858-Instagram.jpg
i.ibb.co/jbDD7gs/ 879 KB
880 KB 62ms
61ms Image
image/jpeg 162.19.58.159
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/jbDD7gs/Screenshot-20231122-195858-Instagram.jpg
Requested by: Host: ibb.co
URL: https://ibb.co/LY114nH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.159 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096667.ip-162-19-58.eu
Software: nginx /
Resource Hash: 2ecfd44706303034daf63e843a560bca259d1ef51f26b1aeadf8c448619e53e0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 05:04:43 GMT
last-modified: Thu, 23 Nov 2023 03:59:18 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 899739
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js-cookie-muidn Show response
cm.mgid.com/ 0
417 B 127ms
60ms Script
application/javascript 104.19.131.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.mgid.com/js-cookie-muidn

Requested by

Host: cdn.usefulcontentsites.com
URL: https://cdn.usefulcontentsites.com/js/push/subscribe.js?v=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.131.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 05:04:43 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 82a6df7e98539933-ARN
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 8e6637b4f4f57cc6ca9a8b8db5bcdcb1.json Show response
services.vlitag.com/cli/ 42 B
358 B 665ms
604ms XHR
application/json 104.22.58.199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://services.vlitag.com/cli/8e6637b4f4f57cc6ca9a8b8db5bcdcb1.json?hn=https://ibb.co
Requested by: Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.22.58.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 190a895ec4e79f036f87ad9b39009f8a0307acb9e61c31555b3f42279b99882b

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 05:04:43 GMT
cf-cache-status: BYPASS
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ibb.co
cache-control: private, no-cache, no-store, must-revalidate
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82a6df7eaa625f0e-ARN
content-length: 42
alt-svc: h3=":443"; ma=86400
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 di.min-v903332.js Show response
pt-static4.awepsljan.com/npe/_common/script/incognito/ Frame F9FC 3 KB
2 KB 109ms
32ms Script
application/javascript 93.93.51.200
DOCLER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pt-static4.awepsljan.com/npe/_common/script/incognito/di.min-v903332.js
Requested by: Host: pt.protoawe.com
URL: https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software: unknown /
Resource Hash: 7d71a852775aba4b8dc1944e102cb58b344c544fe55e69da4caa73e8ccc1d2cb

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://pt.protoawe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-cdn-node: sesto
date: Thu, 23 Nov 2023 05:04:43 GMT
content-encoding: gzip
last-modified: Wed, 22 Nov 2023 08:21:17 GMT
server: unknown
etag: W/"655db9fd-d47"
x-cache-status: R-HIT
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
expires: Thu, 07 Dec 2023 05:04:43 GMT

GET
H2 200 advertisement-v903332.js Show response
pt-static2.awepsljan.com/npe/_common/script/adblock/ Frame F9FC 21 B
278 B 101ms
27ms Script
application/javascript 93.93.51.200
DOCLER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pt-static2.awepsljan.com/npe/_common/script/adblock/advertisement-v903332.js
Requested by: Host: pt.protoawe.com
URL: https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software: unknown /
Resource Hash: e97a9988dce8067f81f57557b349dd481e0335e75175179b6b01322be2ff13a5

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://pt.protoawe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-cdn-node: sesto
date: Thu, 23 Nov 2023 05:04:43 GMT
last-modified: Wed, 22 Nov 2023 08:21:17 GMT
server: unknown
etag: "655db9fd-15"
x-cache-status: R-HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 21
expires: Thu, 07 Dec 2023 05:04:43 GMT

GET
H2 200 cifra-v903332.css
pt-static4.awepsljan.com/npe/cifra/styles/ Frame F9FC 18 KB
4 KB 105ms
28ms Stylesheet
text/css 93.93.51.200
DOCLER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pt-static4.awepsljan.com/npe/cifra/styles/cifra-v903332.css
Requested by: Host: pt.protoawe.com
URL: https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software: unknown /
Resource Hash: be0b980bcf443bd5f3cd143844756418dea36a7d3083f76fe3932890f5955740

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://pt.protoawe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-cdn-node: sesto
date: Thu, 23 Nov 2023 05:04:43 GMT
content-encoding: gzip
last-modified: Wed, 22 Nov 2023 08:21:18 GMT
server: unknown
etag: W/"655db9fe-4645"
x-cache-status: R-HIT
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=1209600
expires: Thu, 07 Dec 2023 05:04:43 GMT

GET
H2 200 cifrafk-v903332.js Show response
pt-static3.awepsljan.com/npe/cifra/script/ Frame F9FC 324 KB
116 KB 102ms
28ms Script
application/javascript 93.93.51.200
DOCLER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pt-static3.awepsljan.com/npe/cifra/script/cifrafk-v903332.js
Requested by: Host: pt.protoawe.com
URL: https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software: unknown /
Resource Hash: 2dc37eeeb346edd7286ac5fbd4d78aed9c22129d81fce5b3c06ddc069d2cc08c

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://pt.protoawe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-cdn-node: sesto
date: Thu, 23 Nov 2023 05:04:43 GMT
content-encoding: gzip
last-modified: Wed, 22 Nov 2023 08:21:18 GMT
server: unknown
etag: W/"655db9fe-50e9f"
x-cache-status: R-HIT
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
expires: Thu, 07 Dec 2023 05:04:43 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame F9FC 229 KB
77 KB 175ms
61ms Script
application/javascript 172.217.18.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WXTGF28

Requested by

Host: pt.protoawe.com
URL: https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

c4ed2b44dfcf6f8ab50c4b13dc0d3405d6320e31f6b064407e09d3769fc072f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://pt.protoawe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 05:04:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78302
x-xss-protection: 0
last-modified: Thu, 23 Nov 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 23 Nov 2023 05:04:43 GMT

GET
H2 200 76faa8727c2dc649621f4f0e4c18428e_glamour_460x345.jpg
galleryn1.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f17/ Frame F9FC 22 KB
23 KB 117ms
54ms Image
image/jpeg 93.93.51.190
DOCLER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galleryn1.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f17/76faa8727c2dc649621f4f0e4c18428e_glamour_460x345.jpg?cno=296c

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.93.51.190 , Luxembourg, ASN34655 (DOCLER-AS, LU),

Reverse DNS

Software

unknown /

Resource Hash

ea41ce7e8fcd21b1460b4afd6bfc7a98e5268726af31a4fc275e65e2a7f62d86

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://pt.protoawe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 05:04:43 GMT
x-content-type-options: nosniff
x-cache-status: R-HIT
x-cache-source: Origin
content-length: 23024
x-cdn-node: sesto
last-modified: Tue, 07 Nov 2023 01:36:39 GMT
server: unknown
etag: "8a20edbc66bec9dcbd71acfb7e9c0356"
content-type: image/jpeg
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: max-age=1209600
x-real-source: -
accept-ranges: bytes
expires: Thu, 07 Dec 2023 05:04:43 GMT

GET
H2 200 4055df9118bff3a167d3a9aa61b1dc79_glamour_460x345.jpg
galleryn3.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f14/ Frame F9FC 35 KB
35 KB 144ms
81ms Image
image/jpeg 93.93.51.190
DOCLER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galleryn3.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f14/4055df9118bff3a167d3a9aa61b1dc79_glamour_460x345.jpg?cno=7f8f

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.93.51.190 , Luxembourg, ASN34655 (DOCLER-AS, LU),

Reverse DNS

Software

unknown /

Resource Hash

e9cc059b999d6ae6df1afdae67e1128d5b6bc81ed011dc354861b259e06d76e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://pt.protoawe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 05:04:43 GMT
x-content-type-options: nosniff
x-cache-status: R-HIT
x-cache-source: Origin
content-length: 35627
x-cdn-node: sesto
last-modified: Thu, 26 Oct 2023 20:05:33 GMT
server: unknown
etag: "d7bd9f3904807d02ffb5d4eb1fde47ad"
content-type: image/jpeg
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: max-age=1209600
x-real-source: -
accept-ranges: bytes
expires: Thu, 07 Dec 2023 05:04:43 GMT

GET
H2 200 125414bb8fe7a3fa7a11095dbf0c0506_glamour_460x345.jpg
galleryn3.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f11/ Frame F9FC 37 KB
37 KB 90ms
27ms Image
image/jpeg 93.93.51.190
DOCLER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galleryn3.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f11/125414bb8fe7a3fa7a11095dbf0c0506_glamour_460x345.jpg?cno=1799

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.93.51.190 , Luxembourg, ASN34655 (DOCLER-AS, LU),

Reverse DNS

Software

unknown /

Resource Hash

8a958c3cb5068317e97fddd28d331312c4a34fa1b25f99776c36ffeb3302819b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://pt.protoawe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 05:04:43 GMT
x-content-type-options: nosniff
x-cache-status: R-HIT
x-cache-source: Origin
content-length: 37452
x-cdn-node: sesto
last-modified: Fri, 27 Oct 2023 22:50:33 GMT
server: unknown
etag: "28d2525c5bdd87e069c69efb6599f101"
content-type: image/jpeg
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: max-age=1209600
x-real-source: -
accept-ranges: bytes
expires: Thu, 07 Dec 2023 05:04:43 GMT

GET
H2 200 7af3d86503425111a3bd3a2f8461b1f4_glamour_460x345.jpg
galleryn2.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f17/ Frame F9FC 34 KB
34 KB 112ms
54ms Image
image/jpeg 93.93.51.190
DOCLER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galleryn2.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f17/7af3d86503425111a3bd3a2f8461b1f4_glamour_460x345.jpg?cno=b4ca

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.93.51.190 , Luxembourg, ASN34655 (DOCLER-AS, LU),

Reverse DNS

Software

unknown /

Resource Hash

81e5e4b6c715a3d96da514af5e1e3de52fc2a4a1b1b1f0ce54abe791d8e98f23

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://pt.protoawe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 05:04:43 GMT
x-content-type-options: nosniff
x-cache-status: R-HIT
x-cache-source: Origin
content-length: 34788
x-cdn-node: sesto
last-modified: Sun, 26 Mar 2023 05:10:12 GMT
server: unknown
etag: "4b1729209869a08aacd17fd39a373f39"
content-type: image/jpeg
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: max-age=1209600
x-real-source: -
accept-ranges: bytes
expires: Thu, 07 Dec 2023 05:04:43 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame F9FC 52 KB
21 KB 177ms
54ms Script
text/javascript 172.217.16.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WXTGF28

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f142.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://pt.protoawe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 23 Nov 2023 03:49:38 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 4505
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 23 Nov 2023 05:49:38 GMT

GET
H2 200 push-event-counter
c.usefulcontentsites.com/ 43 B
446 B 291ms
281ms Image
image/gif 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.usefulcontentsites.com/push-event-counter?permission=default&domain=ibb.co
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 05:04:43 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-mg-request-uuid: 8ee2e76a-f899-4861-9178-142f3d2d9d48
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lEaeTJcStvaTMc7JNm%2FKayBJCwYCUEg4AnOgIcyNQ5%2Fb7lnyxE7Ef2p9l1zMSG6jyhLAfiXLCY89cjVsKmSnekdsSW%2BiXpiEyeycLJd9ahxhJh2OSQySxWKCGRKCqOUCpHWZh1NTG4ZhgQQ%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: https://ibb.co
content-type: image/gif
cf-ray: 82a6df818904b97a-AMS
access-control-allow-headers: *
alt-svc: h3=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame F9FC 234 KB
81 KB 71ms
70ms Script
application/javascript 172.217.18.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-H7LMNP6Q9N&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WXTGF28

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

eab5ce81f487c1353a833ca5375a92215cd73db89609ce1d5ee198cd602dbfee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://pt.protoawe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 05:04:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83082
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 23 Nov 2023 05:04:43 GMT

GET
H2 200 VUS.gif
pt.protoawe.com/19CK7/ Frame F9FC 43 B
296 B 54ms
54ms Image
image/gif 93.93.51.191
DOCLER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pt.protoawe.com/19CK7/VUS.gif?psprogram=revs&pstool=212_1&site=jsm&campaign_id=&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&psid=mesaction&categoryName=girl&vp%5BautoPlay%5D=1&vp%5BshowChat%5D=0&vp%5BchatAutoHide%5D=0&im=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.93.51.191 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software: unknown /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 05:04:43 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: unknown
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
content-length: 43
expires: Thu, 23 Nov 2023 05:04:42 GMT

GET
H3 200 vl.json Show response
services.vlitag.com/vld/1700715785/ 13 B
268 B 175ms
175ms XHR
application/json 104.22.58.199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://services.vlitag.com/vld/1700715785/vl.json?page_url=https%3A%2F%2Fibb.co%2FLY114nH
Requested by: Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.22.58.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 05:04:44 GMT
cf-cache-status: MISS
last-modified: Thu, 23 Nov 2023 05:04:43 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ibb.co
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82a6df827c185f0e-ARN
content-length: 13
alt-svc: h3=":443"; ma=86400

GET
H3 200 8e6637b4f4f57cc6ca9a8b8db5bcdcb1.json Show response
services.vlitag.com/obj/1700715785/ 44 KB
5 KB 37ms
37ms XHR
application/json 104.22.58.199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://services.vlitag.com/obj/1700715785/8e6637b4f4f57cc6ca9a8b8db5bcdcb1.json?cc=SE&hn=https://ibb.co
Requested by: Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.22.58.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7649c2ef4b499c01a1117a8adba8e35d993f3053e8eb0ae77447589fb433784

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 05:04:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Nov 2023 05:03:06 GMT
server: cloudflare
age: 97
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ibb.co
cache-control: public, immutable, max-age=31536000
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82a6df827c1a5f0e-ARN
alt-svc: h3=":443"; ma=86400

GET
H2 200 prebid-8.21.0.js Show response
assets.vlitag.com/prebid/default/ 615 KB
187 KB 57ms
48ms Script
application/javascript 104.22.58.199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Requested by: Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.58.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3531c1a6993ccc3e7b0f3e1495768e3464aecd55193ef112cb5555422ae6c90

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 05:04:43 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 03 Nov 2023 08:25:02 GMT
server: cloudflare
age: 445780
cf-polished: origSize=630565
etag: W/"6544ae5e-99f25"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=16070400
cf-ray: 82a6df82c9a80a43-ARN
alt-svc: h3=":443"; ma=86400
expires: Sat, 11 Nov 2023 09:19:28 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 101 KB
31 KB 227ms
109ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

946d2750e91aa97d4f5d0363b09dc436fd2e7df097eeeb4d3f8baae7817f3e40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 05:04:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31492
x-xss-protection: 0
server: cafe
etag: 227 / 19684 / 31079657 / config-hash: 16204867678510254442
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 23 Nov 2023 05:04:44 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 365 KB
126 KB 191ms
66ms Script
text/javascript 142.250.181.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f10.1e100.net

Software

sffe /

Resource Hash

4a32283aaba0418ac1b0953af32fbe71948d43e7cdc08abeca552a9373809087

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 05:04:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128094
x-xss-protection: 0
expires: Thu, 23 Nov 2023 05:04:44 GMT

GET
H2 200 sf_host.min.js Show response
assets.vlitag.com/plugins/safeframe/src/js/ 38 KB
17 KB 49ms
40ms Script
application/javascript 104.22.58.199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vlitag.com/plugins/safeframe/src/js/sf_host.min.js
Requested by: Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.58.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 05:04:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 01 Nov 2019 05:04:50 GMT
server: cloudflare
age: 1981977
etag: W/"5dbbbcf2-9806"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=16070400
cf-ray: 82a6df82c9a90a43-ARN
alt-svc: h3=":443"; ma=86400
expires: Sat, 07 Oct 2023 10:59:23 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 267 KB
65 KB 197ms
63ms Script
application/javascript 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4c8fe936e012d2d229577704c34c41a451d7a98aa5c2566ea5c3930aa7e3f40f

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 04:07:56 GMT
content-encoding: gzip
via: 1.1 6b17c6258978715ba0681e1d5589502c.cloudfront.net (CloudFront), 1.1 57eb57a4c7d431365ab5b2e18c495bf4.cloudfront.net (CloudFront)
last-modified: Mon, 13 Nov 2023 20:18:45 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P6
age: 3409
x-amz-server-side-encryption: AES256
etag: W/"2d08dd94de483579c1dc3f3783c06f6e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: uKTZJ86sH21zg-182cX8YKXZkDEZNWytC5jVUs8pzweOnG4U36Pr0w==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 164ms
55ms XHR
application/javascript 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
date: Wed, 22 Nov 2023 09:03:49 GMT
x-amz-cf-pop: FRA56-P6
age: 72375
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: mMcsz4eP6ZtVh3UFQzm4WZEionj1hsWQDyhBoDoifuCZLKkLDt8opQ==

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/ 429 KB
135 KB 56ms
55ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:37:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41255
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137535
x-xss-protection: 0
server: cafe
etag: 18342593356503948095
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 21 Nov 2024 17:37:09 GMT

GET
H2 200 9cf0c4f1-7630-476b-9141-f4472e005192 Show response
config.aps.amazon-adsystem.com/configs/ 537 B
803 B 176ms
55ms Script
application/javascript 99.86.4.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/9cf0c4f1-7630-476b-9141-f4472e005192
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-71.fra6.r.cloudfront.net
Software: CloudFront /
Resource Hash: e00bcedee317ad37acfd512166eb950fbc370e6f59668388e8bddf8b425d8334

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 04:35:40 GMT
via: 1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA6-C1
age: 1744
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 537
x-amz-cf-id: vkavCXFYmxCHbwFmy0drqKTuine42XG2ZdXrNT8dDRwQjJ9eCIt1cA==

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
305 B 55ms
55ms XHR
text/plain 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fibb.co&pubid=9cf0c4f1-7630-476b-9141-f4472e005192
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 04:23:53 GMT
via: 1.1 57eb57a4c7d431365ab5b2e18c495bf4.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
age: 2450
x-cache: Hit from cloudfront
access-control-allow-origin: https://ibb.co
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: Ah8r-93iBHaMZNXOLhpwg7jPA5WTdLtrCaPMfORTxOHNPddRW5aVoQ==

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
2 KB 93ms
34ms Fetch
application/json 104.16.85.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231123

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.85.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41cc6ed5297c362dea13bb01065b4f1933beeb375a989da1b8ba76f709818cde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ibb.co/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 23 Nov 2023 05:04:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3825
x-jsd-version: 1.0.1882
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230103-FRA, cache-bma1682-BMA
x-jsd-version-type: version
server: cloudflare
etag: W/"63a-NecRQpEq1uzv2Kl3Q8ftGEfSD4M"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A28hqU1ihYRVPQ7IohfbXf0tStivNTp4YsCdmyEYS3%2Bcff2EluQU7%2FiM5GhXgZuKq%2FCydv3ygB3QciWPz%2F%2FjI4Pkly0krLIavalPn3WQg%2BrMlUZrCZJf0Cl5G60YLLkZyKw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 82a6df855fae5f01-ARN

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
456 B 265ms
99ms XHR
text/javascript 52.222.253.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fibb.co%2FLY114nH&pid=io4PvAkw4l1F9&cb=0&ws=1600x1200&v=23.1108.2350&t=1500&slots=%5B%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A1%2C%22id%22%3A%22Interdog_Media_RON_Instream%22%2C%22mt%22%3A%22v%22%2C%22s%22%3A%5B%22640x480%22%5D%7D%2C%7B%22sd%22%3A%22vi_22154111431_banner%22%2C%22s%22%3A%5B%22336x280%22%2C%22300x250%22%5D%2C%22sn%22%3A111431%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!pubpower.io%2C467%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.253.136 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-253-136.fra60.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 05:04:44 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 5b6e22c950501920595c86fc25834582.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P3
x-amz-rid: MQXXNYNS4KZ0PBTAY99V
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://ibb.co
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: xciC2OS048H90m6-Cvbq9yp9zZqHyf6zQWgK_hab5HauIsIWBstV9A==

GET
H2 200 tf-v1.jpeg
px.vliplatform.com/ 0
257 B 304ms
218ms Image
image/jpeg 172.67.158.59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/tf-v1.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNMPZKrAZT-MwAY-PKMw-MtMe-aqKtrBTPAKwTRzyzNhqut_cotvRws0NA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.158.59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 05:04:44 GMT
cf-cache-status: MISS
last-modified: Thu, 23 Nov 2023 05:04:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yjMvniH%2FYZ9qsmBROigrBVfZl%2FwS2yEEwfSZKvqix9860ukl7HnKgsGipJWSt8xeuY5vEn9xqlg6Fo5NouXGXrOUr5QkCs4J33mBDC0blZKoG01M7wod6xXI%2FxonKEqdwd4V9g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82a6df85ae2fdf68-HEL
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 cc.jpeg
px.vliplatform.com/bi-v4/ 0
257 B 319ms
234ms Image
image/jpeg 172.67.158.59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNqqYyqetq-ZqUY-PBwt-qPZT-BUTUAPKrPrAMRdzNcortg%20oflzktqdRlmNUPAbPMARwlNqdqmgfRkjmNUPAbPMARrdzNqdqmgfRwkjNARmNTTTPBTRleNplR_yszuNyqsltRedhNgyy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.158.59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 05:04:44 GMT
cf-cache-status: MISS
last-modified: Thu, 23 Nov 2023 05:04:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EOtDknOcwWHbEVaPCMXCFXK%2BWtc02lwcujtYwEKoziH36QkOucLljfJNz%2F6jhoaiI7vPgJafX1%2FKRMxmBGoJlmT5pcA2oa3lDIkWBB7vkMChsOjTn3R%2FevVo9IkwhYlT01rijQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82a6df85ae33df68-HEL
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 cc.jpeg
px.vliplatform.com/bi-v4/ 0
260 B 306ms
221ms Image
image/jpeg 172.67.158.59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNaKMqAMAe-PZBM-PYTT-MBta-tqABBAtTwKywRdzNwqfftkRlmNBBUbPMARwlNqdqmgfRkjmNBBUbYMA,BAAbYZARrdzNqdqmgfRwkjNARmNTTTPBTRleNplR_yszuNyqsltRedhNgyy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.158.59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 05:04:44 GMT
cf-cache-status: MISS
last-modified: Thu, 23 Nov 2023 05:04:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WzX3bkWa6hryayz8JbkNe%2BNxQ%2F6Ga6F%2ByhBgi%2F6wTbebQ4gZCozmNG1Pq4eEFKa1U9a9lbOwhErE%2F0RgeN8NMOspTOhWZB6iCL%2FrrMhx5xrR3SFYnPE20xuOVpJcGlkSgdq5vg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82a6df85ae3adf68-HEL
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
455 B 253ms
94ms XHR
text/javascript 52.222.253.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fibb.co%2FLY114nH&pid=io4PvAkw4l1F9&cb=1&ws=1600x1200&v=23.1108.2350&t=1500&slots=%5B%7B%22sd%22%3A%22vi_22154111432%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A111432%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!pubpower.io%2C467%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.253.136 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-253-136.fra60.r.cloudfront.net

Software

Server /

Resource Hash

89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 05:04:44 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 5b6e22c950501920595c86fc25834582.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P3
x-amz-rid: 5P7WYJ3KN34GFWH7S6FT
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://ibb.co
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: NuyfHkapoyaZwoR0GMdhippYsaE0mCZGps8qE_-x3HL4kmYpQ6n2nA==

GET
H2 200 Screenshot-20231122-195858-Instagram.jpg
i.ibb.co/jbDD7gs/ 879 KB
880 KB 60ms
59ms Image
image/jpeg 162.19.58.159
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/jbDD7gs/Screenshot-20231122-195858-Instagram.jpg
Requested by: Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.159 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096667.ip-162-19-58.eu
Software: nginx /
Resource Hash: 2ecfd44706303034daf63e843a560bca259d1ef51f26b1aeadf8c448619e53e0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 05:04:44 GMT
last-modified: Thu, 23 Nov 2023 03:59:18 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 899739
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 cc.jpeg
px.vliplatform.com/bi-v4/ 0
257 B 295ms
218ms Image
image/jpeg 172.67.158.59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNKBwTqTYU-ZBwa-Ptqe-arMZ-MMAMZewwqPTqRdzNwqfftkRlmNKYMbaARwlNqdqmgfRkjmNKYMbaARrdzNqdqmgfRwkjNARmNTTTPBYRleNplR_yszuNyqsltRedhNgyy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.158.59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 05:04:44 GMT
cf-cache-status: MISS
last-modified: Thu, 23 Nov 2023 05:04:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yvKxPbh2mXL2g6Vt2PxP%2B8pAVg95apZUHesvootqYBpjfK0zLdKaflFpPHFtoXwCze173cjMxC2ZH3YpTDkRJe31aaxy%2Fn760K8b1ucDM2OElijrVvuslu%2BvMowCb5tG%2Fn1%2BdA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82a6df85ae39df68-HEL
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
457 B 245ms
93ms XHR
text/javascript 52.222.253.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fibb.co%2FLY114nH&pid=io4PvAkw4l1F9&cb=2&ws=1600x1200&v=23.1108.2350&t=1500&slots=%5B%7B%22sd%22%3A%22vi_22154111430_7%22%2C%22s%22%3A%5B%22970x90%22%5D%2C%22sn%22%3A111430%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%2C%7B%22sd%22%3A%22vi_22154111430_8%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A111430%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!pubpower.io%2C467%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.253.136 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-253-136.fra60.r.cloudfront.net

Software

Server /

Resource Hash

5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 05:04:44 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 5b6e22c950501920595c86fc25834582.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P3
x-amz-rid: YX6YDQQH472FB8HWMM8H
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://ibb.co
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: Bem3D9FmOjaa63yP8l9BqJo_7HlFOgqZSotVN2bRzlj8FkFAOqFytw==

GET
H2 200 cc.jpeg
px.vliplatform.com/bi-v4/ 0
256 B 293ms
221ms Image
image/jpeg 172.67.158.59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNtBAAeqPA-TYPy-PYrZ-qqeY-aqBZUwtraByqRdzNwqfftkRlmNaKAbaARwlNqdqmgfRkjmNaKAbaARrdzNqdqmgfRwkjNARmNTTTPBARleNplR_yszuNyqsltRedhNgyy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.158.59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 05:04:44 GMT
cf-cache-status: MISS
last-modified: Thu, 23 Nov 2023 05:04:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wDszjGOjm1Gp0fC6Wyhlvkj8aD35rzm36k5F3S9G1VvZg4WV5um7GOhZh9uIOlehNE36uRC7GNSCBOEqBZ0qWwESGD80kjHG%2BoteYNuyJXCaSsHXOs2q7%2FTtRliKLiEsvYf5IQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82a6df85ae38df68-HEL
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 cc.jpeg
px.vliplatform.com/bi-v4/ 0
257 B 290ms
219ms Image
image/jpeg 172.67.158.59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNtBMZrYKr-wMKA-PAyP-wPer-yBZMPeUZyMtARdzNwqfftkRlmNKYMbaARwlNqdqmgfRkjmNKYMbaARrdzNqdqmgfRwkjNARmNTTTPBARleNplR_yszuNyqsltRedhNgyy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.158.59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 05:04:44 GMT
cf-cache-status: MISS
last-modified: Thu, 23 Nov 2023 05:04:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0oAh9TNx2wLGNQSAcV%2BKpzKZY9gP0T5SuJlhT30Ukq1bzGBxN5kEktAmZrrXRlxodyLl8bH9zL%2Bi6ZG9yhl5FjRR0TVEPxn4Ta3GBMHizUOAwDbwfD7D9%2BF1MDAeqDrionWbGw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82a6df85ae35df68-HEL
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
456 B 223ms
98ms XHR
text/javascript 52.222.253.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fibb.co%2FLY114nH&pid=io4PvAkw4l1F9&cb=3&ws=1600x1200&v=23.1108.2350&t=1500&slots=%5B%7B%22sd%22%3A%22vi_2215494532_1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A94532%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!pubpower.io%2C467%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.253.136 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-253-136.fra60.r.cloudfront.net

Software

Server /

Resource Hash

1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 05:04:44 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 5b6e22c950501920595c86fc25834582.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P3
x-amz-rid: ZCBHEPYVVX62V5HPVZQS
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://ibb.co
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: dTp0fuU80g0p-k9S5lO1ffary3KuUt-jpNHn9PDtFtEnMUxJQ5afvA==

GET
H2 200 1679645040.png
assets.vlitag.com/widget/2023/03/24/ 98 KB
99 KB 49ms
47ms Image
image/webp 104.22.58.199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.vlitag.com/widget/2023/03/24/1679645040.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.58.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c43f2cfd502f8404bf58060207dfd8294ad0c7f1bc08e69db75713552f915795

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 05:04:44 GMT
cf-cache-status: HIT
age: 1041723
cf-polished: origFmt=png, origSize=323185
content-disposition: inline; filename="1679645040.webp"
alt-svc: h3=":443"; ma=86400
content-length: 100856
cf-bgj: imgq:85,h2pri
last-modified: Fri, 24 Mar 2023 08:04:00 GMT
server: cloudflare
etag: "641d5970-4ee71"
vary: Accept
content-type: image/webp
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 82a6df856b310a43-ARN
expires: Fri, 10 Nov 2023 20:08:44 GMT

GET
H2 200 1648753545.jpg
assets.vlitag.com/widget/2022/03/31/ 97 KB
97 KB 37ms
35ms Image
image/webp 104.22.58.199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.vlitag.com/widget/2022/03/31/1648753545.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.58.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 191a98003e98b429276e8f3daefd3849a1603a4ddee78efc0168ba41a131a5bb

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 05:04:44 GMT
cf-cache-status: HIT
age: 1133524
cf-polished: qual=85, origFmt=jpeg, origSize=133932
content-disposition: inline; filename="1648753545.webp"
alt-svc: h3=":443"; ma=86400
content-length: 99048
cf-bgj: imgq:85,h2pri
last-modified: Thu, 31 Mar 2022 19:05:45 GMT
server: cloudflare
etag: "6245fb89-20b2c"
vary: Accept
content-type: image/webp
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 82a6df856b330a43-ARN
expires: Sat, 04 Nov 2023 08:20:28 GMT

GET
H2 200 1572962830.jpg
assets.vlitag.com/widget/2019/11/05/ 170 KB
171 KB 45ms
44ms Image
image/jpeg 104.22.58.199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.vlitag.com/widget/2019/11/05/1572962830.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.58.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a24a1cdd313ab6fa435e1a0f9f4f0395f864a11c9a5ff9610beafe91548d1a8d

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 05:04:44 GMT
cf-cache-status: HIT
age: 1126856
cf-polished: degrade=85, origSize=227959, status=webp_bigger
alt-svc: h3=":443"; ma=86400
content-length: 174276
cf-bgj: imgq:85,h2pri
last-modified: Tue, 05 Nov 2019 14:07:11 GMT
server: cloudflare
etag: "5dc1820f-37a77"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 82a6df856b340a43-ARN
expires: Wed, 01 Nov 2023 15:47:05 GMT

GET
H2 200 1592801729.jpg
assets.vlitag.com/widget/2020/06/22/ 74 KB
74 KB 43ms
41ms Image
image/webp 104.22.58.199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.vlitag.com/widget/2020/06/22/1592801729.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.58.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8341f341848ee9eec71870d976b0895ef1084190c2e0b0349d2ba1c9b9ef64e

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 05:04:44 GMT
cf-cache-status: HIT
age: 1307506
cf-polished: qual=85, origFmt=jpeg, origSize=103053
content-disposition: inline; filename="1592801729.webp"
alt-svc: h3=":443"; ma=86400
content-length: 75514
cf-bgj: imgq:85,h2pri
last-modified: Mon, 22 Jun 2020 04:55:29 GMT
server: cloudflare
etag: "5ef039c1-1928d"
vary: Accept
content-type: image/webp
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 82a6df856b350a43-ARN
expires: Tue, 07 Nov 2023 19:58:05 GMT

GET
H2 200 1572962870.jpg
assets.vlitag.com/widget/2019/11/05/ 107 KB
107 KB 40ms
39ms Image
image/webp 104.22.58.199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.vlitag.com/widget/2019/11/05/1572962870.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.58.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45fe766308841d0d4a2068ef014d83df899ef6623f6bb4bde509431657b1c707

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 05:04:44 GMT
cf-cache-status: HIT
age: 159601
cf-polished: qual=85, origFmt=jpeg, origSize=151033
content-disposition: inline; filename="1572962870.webp"
alt-svc: h3=":443"; ma=86400
content-length: 109336
cf-bgj: imgq:85,h2pri
last-modified: Tue, 05 Nov 2019 14:07:50 GMT
server: cloudflare
etag: "5dc18236-24df9"
vary: Accept
content-type: image/webp
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 82a6df856b360a43-ARN
expires: Thu, 02 Nov 2023 12:03:01 GMT

GET
H2 200 1596163502.jpg
assets.vlitag.com/widget/2020/07/30/ 104 KB
105 KB 43ms
41ms Image
image/webp 104.22.58.199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.vlitag.com/widget/2020/07/30/1596163502.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.58.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5db53bf6a77148dae0aece6b6512e4a6bf94603af72e449a0f23ed03e8b96ff3

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 05:04:44 GMT
cf-cache-status: HIT
age: 963323
cf-polished: qual=85, origFmt=jpeg, origSize=140376
content-disposition: inline; filename="1596163502.webp"
alt-svc: h3=":443"; ma=86400
content-length: 106784
cf-bgj: imgq:85,h2pri
last-modified: Fri, 31 Jul 2020 02:45:02 GMT
server: cloudflare
etag: "5f2385ae-22458"
vary: Accept
content-type: image/webp
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 82a6df856b370a43-ARN
expires: Sat, 11 Nov 2023 13:09:07 GMT

GET
H2 200 cc.jpeg
px.vliplatform.com/bi-v4/ 0
514 B 213ms
212ms Image
image/jpeg 172.67.158.59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNyUBaKBaU-waZq-Pqtq-wyMK-taKtMwPAyZaeRdzNwqfftkRlmNBAAbYZARwlNqdqmgfRkjmNBAAbYZARrdzNqdqmgfRwkjNARmNaPZBYRleNplR_yszuNyqsltRedhNgyy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.158.59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 05:04:44 GMT
cf-cache-status: MISS
last-modified: Thu, 23 Nov 2023 05:04:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gXjIjV4PMIzePoJcSK2n625t9ap4u%2B%2BVmvag6OTj54GMuC3KM%2FMD2Pr96lMb2oTAX9cDnFOEXoRp3dyvKVy0ew9b4PCzSPyV9wLMdr5y8OJ9TWhg0YAZ%2F04iSUc8Ldy5kGsnNA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82a6df85ae41df68-HEL
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H3

206

videoplayback
r4---sn-5go7ynld.googlevideo.com/
Redirect Chain

https://media.vlitag.com/vid/?id=6Fk_i-JDmbY&t=y
https://redirector.googlevideo.com/videoplayback?expire=1700735159&ei=V9ReZYvdD_SKsfIPy5qDwAw&ip=184.164.141.146&id=o-ADcgPXaQwwj2ivsjgk1a9kGl6Ded55vuUBdGHb-9K5EQ&itag=18&source=youtube&requiressl=...
https://r4---sn-5go7ynld.googlevideo.com/videoplayback?expire=1700735159&ei=V9ReZYvdD_SKsfIPy5qDwAw&ip=184.164.141.146&id=o-ADcgPXaQwwj2ivsjgk1a9kGl6Ded55vuUBdGHb-9K5EQ&itag=18&source=youtube&requi...

395 KB
0

113ms
29ms

Media
video/mp4

74.125.111.73
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r4---sn-5go7ynld.googlevideo.com/videoplayback?expire=1700735159&ei=V9ReZYvdD_SKsfIPy5qDwAw&ip=184.164.141.146&id=o-ADcgPXaQwwj2ivsjgk1a9kGl6Ded55vuUBdGHb-9K5EQ&itag=18&source=youtube&requiressl=yes&spc=UWF9f7pwQC1MkPZsXDEBxM3UruWTsA4QrBr4XJGbSg&vprv=1&svpuc=1&mime=video%2Fmp4&ns=THEs87MUpOvfmT0z73yJlpIP&cnr=14&ratebypass=yes&dur=200.968&lmt=1685781175523295&fexp=24007246&c=WEB&txp=6219224&n=rFYUDUvk3sn2GRarEF&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=ANLwegAwRQIgZKOaAAlSx24g3GGCmmnNc32WYcq3qNguXBztGq5U3f8CIQCwATHP_wzSwETaxw7V_ynbymwhh6A7oQWlvulv3zXRuA%3D%3D&cms_redirect=yes&mh=d6&mip=185.147.213.188&mm=31&mn=sn-5go7ynld&ms=au&mt=1700715436&mv=m&mvi=4&pl=24&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AM8Gb2swRQIhAJYvpDz8i5-NxoWfKYO_OvR80vbvKdBu8CsjadMGkqh_AiB7-EvXHuYvAFcyqMUBCzBa4RNiiTpTIJFEkLZAfgwUTA%3D%3D

Protocol

Server

74.125.111.73 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

arn09s26-in-f9.1e100.net

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

client-protocol: quic
date: Thu, 23 Nov 2023 05:04:44 GMT
x-content-type-options: nosniff
last-modified: Sat, 03 Jun 2023 08:32:55 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
Content-Range: bytes 0-14185952/14185953
cache-control: private, max-age=18975
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 14185953
expires: Thu, 23 Nov 2023 05:04:44 GMT

Redirect headers

pragma: no-cache
date: Thu, 23 Nov 2023 05:04:44 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r4---sn-5go7ynld.googlevideo.com/videoplayback?expire=1700735159&ei=V9ReZYvdD_SKsfIPy5qDwAw&ip=184.164.141.146&id=o-ADcgPXaQwwj2ivsjgk1a9kGl6Ded55vuUBdGHb-9K5EQ&itag=18&source=youtube&requiressl=yes&spc=UWF9f7pwQC1MkPZsXDEBxM3UruWTsA4QrBr4XJGbSg&vprv=1&svpuc=1&mime=video%2Fmp4&ns=THEs87MUpOvfmT0z73yJlpIP&cnr=14&ratebypass=yes&dur=200.968&lmt=1685781175523295&fexp=24007246&c=WEB&txp=6219224&n=rFYUDUvk3sn2GRarEF&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=ANLwegAwRQIgZKOaAAlSx24g3GGCmmnNc32WYcq3qNguXBztGq5U3f8CIQCwATHP_wzSwETaxw7V_ynbymwhh6A7oQWlvulv3zXRuA%3D%3D&cms_redirect=yes&mh=d6&mip=185.147.213.188&mm=31&mn=sn-5go7ynld&ms=au&mt=1700715436&mv=m&mvi=4&pl=24&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AM8Gb2swRQIhAJYvpDz8i5-NxoWfKYO_OvR80vbvKdBu8CsjadMGkqh_AiB7-EvXHuYvAFcyqMUBCzBa4RNiiTpTIJFEkLZAfgwUTA%3D%3D
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 73ms
40ms Script
application/javascript 104.16.85.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.85.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 05:04:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 5868
x-jsd-version: master
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230042-FRA, cache-bma1678-BMA
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F%2FVsffecfzqrVp0sN6X02K%2FGexATK%2BQJ1Dunl8oRL4Tz7krOx8GDKfDg4fWqtCf1kYHUcO1mWudS8bhhU3fqMFanugCFITKuFz%2BrCjfv9rZz4n%2BvtH1I9OoL0wEomPvqTlI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 82a6df873bec2e0b-ARN

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 156 KB
34 KB 110ms
40ms Script
text/javascript 172.67.38.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.38.106 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22a1257891d7523261ed7426751d43a5dfeb83e2211aed3b71f085b5a45149ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 05:04:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 22 Nov 2023 08:19:05 GMT
server: cloudflare
x-amz-request-id: R93FA6T79DEQR87Q
age: 1244
etag: W/"6d1031a5affe091aafc4dbcf111418ee"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 82a6df876a5e0a3c-ARN
x-amz-id-2: ITUzsy4lrCuwiS4D5Dx487CjNOD5LTHZRDRjoTvGt0GW79Vla7DxoK2aqqDs/oo3/hY/Kp0gcZ17kKD19w8ABA==

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 237ms
105ms Script
text/javascript 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 05:04:44 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 27 Oct 2023 06:43:26 GMT
server: nginx
etag: W/"653b5c0e-a9a7"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 24 Nov 2023 05:04:44 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 29 KB
13 KB 367ms
365ms Fetch
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2248969355064982&correlator=226628797382925&eid=31079657%2C44807409%2C31079525&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fifs&iu_parts=21724377464%3A22155214454%2Cibb.co_vli94532&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&sfv=1-0-40&fsfs=1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1700715884612&lmt=1700715884&adxs=985&adys=265&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fibb.co%2FLY114nH&vis=1&psz=300x-1&msz=300x-1&fws=0&ohw=0&ga_vid=518751392.1700715885&ga_sid=1700715885&ga_hid=607486922&ga_fc=false&a3p=EhkKCnB1YmNpZC5vcmcYweDD1L8xSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGMHgw9S_MUgAUgIIZBIbCgxpZDUtc3luYy5jb20YweDD1L8xSABSAghk&dlt=1700715882840&idt=1562&prev_scp=vli_adslot%3D94532%26vli_acc%3D152media%26vli_adtype%3Ddisplay%26hb_width%3D300%26hb_height%3D250%26pw_tagid%3D94532%26vli_sf%3D1%26pw_network%3Dtrue%26vli_ad_type%3Dpassback%26pw_pb%3D0.01&cust_params=hb_domain%3Dibb.co&adks=902507607&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

63d745e9d01f4ebdf7cd7eb0561db0164a45b4a1497858e76aa8b79624a6eadd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 05:04:44 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12881
x-xss-protection: 0
google-lineitem-id: 5877303303
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138377370651
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ibb.co
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cc.jpeg
px.vliplatform.com/bi-v4/ 0
257 B 231ms
226ms Image
image/jpeg 172.67.158.59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNUUyyYMMw-ZwAZ-PZKt-aayZ-ZrYaTwqtZMUMRdzNwqfftkRwlNqrb_TZYdtroqRkjmNBAAbYZARrdzNuggustRwkjNTRmNaPZBYRleNplR_yszuNyqsltRedhNgyy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.158.59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 05:04:44 GMT
cf-cache-status: MISS
last-modified: Thu, 23 Nov 2023 05:04:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V9vl78qd2q%2FbVzMcbNH3hnYMIt7fPmvQhpKXrPARMCTIKa2zFAt83vbCCNQm7f3Sqj06i14nVDBBMplIZY0%2FGq42TtaCj%2F8z9hRBUzZNtxCAfBvKBIiJfT49i5bu%2Fm3sm3Xc1w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82a6df8708bedf68-HEL
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 202ms
74ms XHR
application/json 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311090101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

61c1717be43c059119fabec7d2d724946eefd6823ac615a4214ebdace9197cd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 05:04:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12267
x-xss-protection: 0

GET
H2 200 container.html Show response
e48f20662d88e6a1d5eab5575788a2ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8CE6 6 KB
3 KB 237ms
62ms Document
text/html 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e48f20662d88e6a1d5eab5575788a2ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ibb.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 23 Nov 2023 05:04:44 GMT
expires: Fri, 22 Nov 2024 05:04:44 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 48 KB
16 KB 358ms
358ms Fetch
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2248969355064982&correlator=2791960773697189&eid=31079657%2C44807409%2C31079525&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fifs&iu_parts=21724377464%3A22155214454%2Cibb.co_vli111431&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=2&sfv=1-0-40&fsfs=1&ists=1&fas=8&ifs=%5B%5B%5B2%2C1%5D%5D%5D&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1700715884635&lmt=1700715884&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fibb.co%2FLY114nH&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=518751392.1700715885&ga_sid=1700715885&ga_hid=607486922&ga_fc=false&a3p=EhkKCnB1YmNpZC5vcmcYweDD1L8xSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGMHgw9S_MUgAUgIIZBIbCgxpZDUtc3luYy5jb20YweDD1L8xSABSAghk&dlt=1700715882840&idt=1562&prev_scp=vli_adslot%3D111431%26vli_acc%3D152media%26vli_adtype%3Ddisplay%26hb_width%3D336%26hb_height%3D280%26vli_sf%3D1%26vli_slot%3Dvi_22154111431_banner%26pw_tagid%3D111431%26pw_network%3Dtrue%26vli_ad_type%3Dpassback%26pw_pb%3D0.01&cust_params=hb_domain%3Dibb.co&adks=988992857&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

1588f28b24db6b8f402eef28454e05f34f947789806c5a65754fa9715c689e6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 05:04:44 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16601
x-xss-protection: 0
google-lineitem-id: 5877303303
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138377370660
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ibb.co
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cc.jpeg
px.vliplatform.com/bi-v4/ 0
261 B 219ms
219ms Image
image/jpeg 172.67.158.59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNqTyMaYqq-aPMA-Pqwr-ayaq-aaBKTPeqUUqyRdzNwqfftkRwlNqrb_TZYdtroqRkjmNBYAbPMA,BBUbYMA,BAAbYZARrdzNuggustRwkjNTRmNTTTPBTRleNplR_yszuNyqsltRedhNgyy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.158.59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 05:04:44 GMT
cf-cache-status: MISS
last-modified: Thu, 23 Nov 2023 05:04:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kNItdGK%2Bz%2FDshZp%2BUMMqQDieWivJitvxC4oVHEsgSDDDdt5T53gb4ydSTd16RAUAlqcz7WNo7C%2FTS04B6INUXfPUTMJKg8n2owsRHiCVeQmPR%2BpWH6YZxIs7LiG%2BwPLlqURwdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82a6df8718e3df68-HEL
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/ 39 KB
13 KB 55ms
55ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl_page_level_ads.js?cb=31079657

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e329117bbdc12ee0649ed6654138a9ba8e600eaddf9138752631a50d236d135a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:37:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41248
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13750
x-xss-protection: 0
server: cafe
etag: 15254217830347453119
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 21 Nov 2024 17:37:16 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 29 KB
13 KB 353ms
352ms Fetch
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2248969355064982&correlator=884778585040894&eid=31079657%2C44807409%2C31079525&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fifs&iu_parts=21724377464%3A22155214454%2Cibb.co_vli111430&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90&ifi=3&sfv=1-0-40&fsfs=1&ifs=%5B%5B%5B2%2C1%5D%5D%5D&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1700715884759&lmt=1700715884&adxs=436&adys=1226&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fibb.co%2FLY114nH&vis=1&psz=1600x-1&msz=728x-1&fws=512&ohw=0&ga_vid=518751392.1700715885&ga_sid=1700715885&ga_hid=607486922&ga_fc=false&a3p=EhkKCnB1YmNpZC5vcmcYmeHD1L8xSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGMHgw9S_MUgAUgIIZBIbCgxpZDUtc3luYy5jb20YweDD1L8xSABSAghk&dlt=1700715882840&idt=1562&prev_scp=vli_adslot%3D111430%26vli_acc%3D152media%26vli_adtype%3Ddisplay%26hb_width%3D970%26hb_height%3D90%26pw_tagid%3D111430%26vli_sf%3D1%26pw_network%3Dtrue%26vli_ad_type%3Dpassback%26pw_pb%3D0.01&cust_params=hb_domain%3Dibb.co&adks=3672933460&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e59891985779721048f0ed9fc2051027dcfe324a0a8dd9dc3ad63fb59f1072da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 05:04:45 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12880
x-xss-protection: 0
google-lineitem-id: 5877303303
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138377370633
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ibb.co
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cc.jpeg
px.vliplatform.com/bi-v4/ 0
521 B 211ms
211ms Image
image/jpeg 172.67.158.59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNPTKZwTqA-YyPY-PaaM-wyKr-ZKwwKKPeTtwyRdzNwqfftkRwlNqrb_TZYdtroqRkjmNKYMbaA,aKAbaARrdzNuggustRwkjNTRmNTTTPBARleNplR_yszuNyqsltRedhNgyy
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.158.59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 05:04:44 GMT
cf-cache-status: MISS
last-modified: Thu, 23 Nov 2023 05:04:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2gRqcwi5Oq1X59168Dxzh6oMkhHAUh1D3p62xavw%2FqxSEgfav3s635pGiqQtkgYwRvshQ2wlN4KSkNYDv8aCtKAh3MNZO4ounR4i%2F4HY%2Batn9pVO1lc2gNQU3GkKxDJdNgQLOA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82a6df87e83c4c8e-HEL
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 204 increment Show response
id5-sync.com/api/esp/ 0
222 B 187ms
59ms XHR
text/plain 162.19.138.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://ibb.co/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ibb.co
date: Thu, 23 Nov 2023 05:04:44 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 215ms
86ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 05:04:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 23 Nov 2023 05:04:45 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 66B0 15 KB
6 KB 173ms
58ms Document
text/html 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=ibb.co

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ibb.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 23 Nov 2023 05:04:44 GMT
server: Kestrel
server-processing-duration-in-ticks: 289891
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET container.html
e48f20662d88e6a1d5eab5575788a2ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1E9E 0
0

GET
H2 200 adtag.js Show response
dsp.vlitag.com/js/v1/ Frame 988F 102 KB
26 KB 57ms
48ms Script
application/javascript 104.22.58.199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dsp.vlitag.com/js/v1/adtag.js
Requested by: Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.58.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e00cb88738adfce7ad329a09432c6bb494decc964b1b1c311c34d2f180e56b65

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 05:04:45 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 48
cf-polished: origSize=104022
etag: W/"2023-11-17T05:03:23"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=300, stale-while-revalidate=3600
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82a6df89fd790a43-ARN
alt-svc: h3=":443"; ma=86400

GET container.html
e48f20662d88e6a1d5eab5575788a2ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2DD8 0
0

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame 66B0 422 B
554 B 54ms
54ms Fetch
application/json 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=publishertagids&domain=ibb.co&sn=ChromeSyncframe&so=0&topUrl=ibb.co&cw=1&lsw=1&topicsavail=0&fledgeavail=0

Requested by

Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=ibb.co

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

90c59c1e7bd0faa14fd9152b9d0ae93505a76498ab6d3f73bae5f123290a7d72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 05:04:45 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1193683
expires: 0

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 87A6 13 KB
5 KB 56ms
54ms Document
text/html 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ibb.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

accept-ranges: bytes
age: 62622
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 11:41:03 GMT
expires: Thu, 21 Nov 2024 11:41:03 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 555F 829 B
1 KB 189ms
64ms Document
text/html 142.250.186.164
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f4.1e100.net

Software

GSE /

Resource Hash

3e6e53d2343307876944422e504dca5962c6d1c0d3a028ca2ef3a7b6d9f8f1e8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-jx_xncKL0Hn5wQdTdDV3wQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ibb.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-jx_xncKL0Hn5wQdTdDV3wQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 23 Nov 2023 05:04:45 GMT
expires: Thu, 23 Nov 2023 05:04:45 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET container.html
e48f20662d88e6a1d5eab5575788a2ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E56E 0
0

GET
H3 200 adtag.js Show response
dsp.vlitag.com/js/v1/ Frame B169 102 KB
26 KB 39ms
39ms Script
application/javascript 172.67.21.227
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dsp.vlitag.com/js/v1/adtag.js
Requested by: Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.21.227 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e00cb88738adfce7ad329a09432c6bb494decc964b1b1c311c34d2f180e56b65

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 05:04:45 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 48
cf-polished: origSize=104022
etag: W/"2023-11-17T05:03:23"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=300, stale-while-revalidate=3600
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82a6df8a3ab25f01-ARN
alt-svc: h3=":443"; ma=86400

GET
H2 200 bidding Show response
adsystem.pocpoc.io/adv/v1/ Frame 988F 2 B
575 B 296ms
174ms XHR
application/json 172.67.75.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adsystem.pocpoc.io/adv/v1/bidding?dv=desktop&dm=ibb.co&tid=VLI1-94532&sz=1&asz=300x250&at=native,banner
Requested by: Host: dsp.vlitag.com
URL: https://dsp.vlitag.com/js/v1/adtag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.75.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 05:04:45 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 2
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qXbzg1cc2%2BEGn0Y29pf50jyaRIbx%2Bpkr8IT9C3s%2Brotui8UxYe3n7%2FYTmdwOwbuJdY0nkjBayYwcTSpJ1OXWkvf5bnEaDcEgjWfeePJgB3afH3ZUOBo3lgPNi49HAGNgJ0vwvA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ibb.co
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82a6df8b29b1b96c-AMS
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tfa.jpeg
px.pocpoc.io/v1/ Frame 988F 0
247 B 306ms
176ms Image
image/jpeg 172.67.75.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.pocpoc.io/v1/tfa.jpeg?e=rtNrtl0zghRzdNtqTYPYMw-PPUy-Paar-waTr-AqPqKZTrYeYPRrdNowwGegRzorNcsoT-aPZBYRleNpl
Requested by: Host: ibb.co
URL: https://ibb.co/LY114nH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.75.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 05:04:45 GMT
cf-cache-status: MISS
last-modified: Thu, 23 Nov 2023 05:04:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zk0tmorVNXq82RemU5n9MGgLPv4MFm7MZ8tjpTTEH2RjF45KZtr3YO84vxKP3p8rL3pttNL2%2F8aSEVhn60%2Bsr8jn65soTPqhNijotGm6ONlMyhbmFYepkrAslefy6g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, immutable, max-age=864000
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82a6df8b38c46654-AMS
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 87A6 39 KB
15 KB 176ms
58ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:20:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45828
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 21 Nov 2024 16:20:57 GMT

GET
H2 200 bidding Show response
adsystem.pocpoc.io/adv/v1/ Frame B169 2 B
275 B 325ms
284ms XHR
application/json 172.67.75.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adsystem.pocpoc.io/adv/v1/bidding?dv=desktop&dm=ibb.co&tid=VLI1-111430&sz=1&asz=970x90&at=native,banner
Requested by: Host: dsp.vlitag.com
URL: https://dsp.vlitag.com/js/v1/adtag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.75.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 05:04:45 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 2
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o9tl4DSlSDjBu47rXqiO99AvwMcPhIEK6X7ah9zUbnJ9X2RsUj9InOxUEAx8cz9NbQGLO4JmrVgLQkQBfbNj0TDwmOrhEnmtwsJyggQsBQ%2FRzfgcJyruxagak4nva11yA6EaWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ibb.co
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82a6df8b29b2b96c-AMS
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tfa.jpeg
px.pocpoc.io/v1/ Frame B169 0
514 B 225ms
175ms Image
image/jpeg 172.67.75.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.pocpoc.io/v1/tfa.jpeg?e=rtNrtl0zghRzdNPBBtrAtP-UyeT-PUMU-MwBe-ePayKrqMTqAKRrdNowwGegRzorNcsoT-TTTPBARleNpl
Requested by: Host: ibb.co
URL: https://ibb.co/LY114nH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.75.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 05:04:45 GMT
cf-cache-status: MISS
last-modified: Thu, 23 Nov 2023 05:04:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ooTaq4z3qacfzwyT%2FnQCJrbSsVif5AL4r0fy25Eh%2B8Nwh2%2FX6Il1G56vt85SuouO8SC7Ee358PUzElKXCXWAXasTqUeKkB%2Bm%2FbTEAIQ%2FmZ%2BvO2VyN%2FGRu0I5jGW1Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, immutable, max-age=864000
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82a6df8b38c66654-AMS
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 555F 0
0 92ms
91ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311090101&jk=2248969355064982&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 87A6 0
10 B 54ms
54ms Image
text/plain 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?KtGHRg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s11-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 05:04:45 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 creative.min.js Show response
static.vliplatform.com/plugins/pbnative/ Frame 988F 36 KB
9 KB 62ms
53ms Script
application/javascript 172.67.158.59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.vliplatform.com/plugins/pbnative/creative.min.js?v=1.06
Requested by: Host: dsp.vlitag.com
URL: https://dsp.vlitag.com/js/v1/adtag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.158.59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f1b8610e956324918230ac2715a40b0b09f6668dda455871f11924a15a53fa9

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 05:04:45 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 19694
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 17 Nov 2023 09:53:08 GMT
server: cloudflare
etag: W/"65573804-8ec5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=glqFdjv5YPQEqbV5fjIs5npb463ONJLp2GzbrJKjR8lWNXXio9PhUyWd9e5wRhENKE7L0a6814q%2F4J2Jhk4dS8sdZc4hums%2BUixv%2B1G8ugkRUnvnfjSO2lPBPFsRvZ6lZC9xVR4wKF8%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 82a6df8c4a75df68-HEL
expires: Thu, 23 Nov 2023 00:06:31 GMT

GET
H2 200 platforms Show response
odb.outbrain.com/utils/ Frame 988F 4 KB
3 KB 304ms
188ms XHR
application/json 146.75.118.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/platforms?contentUrl=https%3A%2F%2Fibb.co%2FLY114nH&widgetJSId=APP_1&key=INTER1JBG3BD8Q2B763PIB4G3&idx=0&format=vjnc&cors=true&extid=vli-94532
Requested by: Host: static.vliplatform.com
URL: https://static.vliplatform.com/plugins/pbnative/creative.min.js?v=1.06
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.118.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37156b190c41796d5c63f4660b6626ae143c17095c68471669beb9c21df6af4d

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-cache-hits: 0, 0
date: Thu, 23 Nov 2023 05:04:45 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, FRA, Europe1
x-cache: MISS, MISS
x-traceid: 3678f1ca4bc066912f802da73a5e4b7f
content-length: 2682
x-served-by: cache-lga21922-LGA, cache-fra-eddf8230050-FRA
x-timer: S1700715886.669075,VS0,VE137
vary: Accept-Encoding, User-Agent
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://ibb.co
access-control-allow-credentials: true
accept-ranges: bytes
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 creative.min.js Show response
static.vliplatform.com/plugins/pbnative/ Frame B169 36 KB
9 KB 46ms
46ms Script
application/javascript 172.67.158.59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.vliplatform.com/plugins/pbnative/creative.min.js?v=1.06
Requested by: Host: dsp.vlitag.com
URL: https://dsp.vlitag.com/js/v1/adtag.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.158.59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f1b8610e956324918230ac2715a40b0b09f6668dda455871f11924a15a53fa9

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 05:04:45 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 19694
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 17 Nov 2023 09:53:08 GMT
server: cloudflare
etag: W/"65573804-8ec5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dNzC67Axj9QGSk1Ayf3W1lxjDtay6ZxdOWhgptyGlLEKkVo3JPJxdynpOi5sHIZu%2BXwXYt8tvAIfTqXMWyKaNS%2FxS1vHNUOhswvSVDB%2B%2BvoYiRSTbI3hl5sGuPdsLT%2F7gpFLSmN09Kk%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 82a6df8cd8e34c8e-HEL
expires: Thu, 23 Nov 2023 00:06:31 GMT

GET
H2 200 platforms Show response
odb.outbrain.com/utils/ Frame B169 4 KB
3 KB 218ms
186ms XHR
application/json 146.75.118.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/platforms?contentUrl=https%3A%2F%2Fibb.co%2FLY114nH&widgetJSId=APP_1&key=INTER1JBG3BD8Q2B763PIB4G3&idx=0&format=vjnc&cors=true&extid=vli-111430
Requested by: Host: static.vliplatform.com
URL: https://static.vliplatform.com/plugins/pbnative/creative.min.js?v=1.06
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.118.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 74d0373a85892e057313ab43c70ef0d42dbdc3168d1069f989b2f68ab7bf82de

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-cache-hits: 0, 0
date: Thu, 23 Nov 2023 05:04:45 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, FRA, Europe1
x-cache: MISS, MISS
x-traceid: 41c3f30ea1f730209b875a0696ad3cd2
content-length: 2685
x-served-by: cache-lga21964-LGA, cache-fra-eddf8230050-FRA
x-timer: S1700715886.669164,VS0,VE134
vary: Accept-Encoding, User-Agent
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://ibb.co
access-control-allow-credentials: true
accept-ranges: bytes
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 ob_logo_16x16.svg
widgets.outbrain.com/images/widgetIcons/ Frame C660 13 KB
14 KB 162ms
49ms Image
image/svg+xml 184.30.17.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/ob_logo_16x16.svg
Requested by: Host: ibb.co
URL: https://ibb.co/LY114nH
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: c3c89d5295be3c6415416b83a9e4c0fc67a790e55713ddc3f2d0c07185779acf

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires: Sat, 23 Dec 2023 05:04:45 GMT
date: Thu, 23 Nov 2023 05:04:45 GMT
last-modified: Tue, 10 Jan 2023 16:40:08 GMT
server: AkamaiNetStorage
etag: "af7be0711fb1cf2f41bb793256c8f148:1673369412.559449"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 13687
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ Frame C660 990 B
1 KB 161ms
48ms Image
image/svg+xml 184.30.17.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by: Host: ibb.co
URL: https://ibb.co/LY114nH
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires: Sat, 23 Dec 2023 05:04:45 GMT
date: Thu, 23 Nov 2023 05:04:45 GMT
last-modified: Tue, 10 Jan 2023 16:40:08 GMT
server: AkamaiNetStorage
etag: "5ab8e16b5f46213840bcd403e349419c:1673369393.880194"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 990
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H2 200 eyJpdSI6IjkyNGJhYzBmMDA4OGNhZWY3ODBhZTQyZTA3MmNjNDViMDNhMTg1OTY5NTkwZWI2ZDhhNTkzNDIwY2IyNTlkMGYiLCJ3IjozMjAsImgiOjE4MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ Frame C660 23 KB
23 KB 163ms
49ms Image
image/webp 184.30.25.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjkyNGJhYzBmMDA4OGNhZWY3ODBhZTQyZTA3MmNjNDViMDNhMTg1OTY5NTkwZWI2ZDhhNTkzNDIwY2IyNTlkMGYiLCJ3IjozMjAsImgiOjE4MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: ibb.co
URL: https://ibb.co/LY114nH
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.25.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-25-193.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 486c6aa9e89c29337b94693a3c2037192f68108251d930f30a4fd062e108b779

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 05:04:45 GMT
last-modified: Fri, 17 Nov 2023 09:40:33 GMT
access-control-allow-methods: GET,POST
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2008370
access-control-allow-credentials: false
x-traceid: e7250c541f7db38217d11fd15ceafcbd
timing-allow-origin: *, *
content-length: 23116

GET
H2 200 eyJpdSI6IjkyNGJhYzBmMDA4OGNhZWY3ODBhZTQyZTA3MmNjNDViMDNhMTg1OTY5NTkwZWI2ZDhhNTkzNDIwY2IyNTlkMGYiLCJ3IjozMjAsImgiOjE4MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ Frame A001 23 KB
23 KB 202ms
98ms Image
image/webp 184.30.25.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjkyNGJhYzBmMDA4OGNhZWY3ODBhZTQyZTA3MmNjNDViMDNhMTg1OTY5NTkwZWI2ZDhhNTkzNDIwY2IyNTlkMGYiLCJ3IjozMjAsImgiOjE4MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: static.vliplatform.com
URL: https://static.vliplatform.com/plugins/pbnative/creative.min.js?v=1.06
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.25.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-25-193.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 486c6aa9e89c29337b94693a3c2037192f68108251d930f30a4fd062e108b779

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 05:04:45 GMT
last-modified: Fri, 17 Nov 2023 09:40:33 GMT
access-control-allow-methods: GET,POST
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2008370
access-control-allow-credentials: false
x-traceid: e7250c541f7db38217d11fd15ceafcbd
timing-allow-origin: *, *
content-length: 23116

GET
H2 200 ob_logo_16x16.svg
widgets.outbrain.com/images/widgetIcons/ Frame A001 13 KB
14 KB 191ms
89ms Image
image/svg+xml 184.30.17.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/ob_logo_16x16.svg
Requested by: Host: ibb.co
URL: https://ibb.co/LY114nH
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: c3c89d5295be3c6415416b83a9e4c0fc67a790e55713ddc3f2d0c07185779acf

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires: Sat, 23 Dec 2023 05:04:45 GMT
date: Thu, 23 Nov 2023 05:04:45 GMT
last-modified: Tue, 10 Jan 2023 16:40:08 GMT
server: AkamaiNetStorage
etag: "af7be0711fb1cf2f41bb793256c8f148:1673369412.559449"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 13687
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ Frame A001 990 B
1 KB 202ms
100ms Image
image/svg+xml 184.30.17.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by: Host: ibb.co
URL: https://ibb.co/LY114nH
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires: Sat, 23 Dec 2023 05:04:45 GMT
date: Thu, 23 Nov 2023 05:04:45 GMT
last-modified: Tue, 10 Jan 2023 16:40:08 GMT
server: AkamaiNetStorage
etag: "5ab8e16b5f46213840bcd403e349419c:1673369393.880194"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 990
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H/1.1 200
OK l
mcdp-nydc1.outbrain.com/ Frame B169 2 B
278 B 531ms
129ms Image
text/plain 64.202.112.95
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mcdp-nydc1.outbrain.com/l?token=67b3c1727494a3497a8c970826194218_198067_1700715885754
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.95 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 23 Nov 2023 05:04:46 GMT
content-encoding: br
X-TraceId: afdb76df401b52d884ccb933dc601cf4
Content-Length: 6
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: text/plain; charset=UTF-8

GET
H/1.1 200
OK log-viewability
log.outbrainimg.com/loggerServices/ Frame B169 4 B
325 B 538ms
127ms Image
application/json 64.202.112.95
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.outbrainimg.com/loggerServices/log-viewability?requestId=67b3c1727494a3497a8c970826194218&position=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.95 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 23 Nov 2023 05:04:46 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 288ef9e043f1bfa8bf1a45a4272fd2f7
Content-Length: 4
Expires: 0

GET
H/1.1 200
OK l
mcdp-nydc1.outbrain.com/ Frame 988F 2 B
278 B 538ms
133ms Image
text/plain 64.202.112.95
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mcdp-nydc1.outbrain.com/l?token=02b472d8c8a1f9127d968a310a5cf126_198067_1700715885762
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.95 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 23 Nov 2023 05:04:46 GMT
content-encoding: br
X-TraceId: 424f608f5e7a935037f0eb68a85417ad
Content-Length: 6
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: text/plain; charset=UTF-8

GET
H/1.1 200
OK log-viewability
log.outbrainimg.com/loggerServices/ Frame 988F 4 B
325 B 543ms
130ms Image
application/json 64.202.112.95
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.outbrainimg.com/loggerServices/log-viewability?requestId=02b472d8c8a1f9127d968a310a5cf126&position=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.95 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 23 Nov 2023 05:04:46 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 4d4a212f7adea0cad501d2ba806d6dd7
Content-Length: 4
Expires: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 95ms
94ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311090101&jk=2248969355064982&bg=!WlmlWRbNAAZxrfrxUa07ADQBe5WfOOuIYCutVLg4E7zCZPHjlpDaNI_KpW43T42VT1s6-OqCGmRrL2yWT2O_1dWdbugTAgAAAFNSAAAABGgBB5kCuEBGl7qTqqK1VBcJd3ercrzaux9GWeJIvfMnD0bxlHBeDlyP9HNoq1U5CFWi2VWvVvFNuIZfateB70TYbisQaUx7fkRwukseIpnXPsCCc0NeWPbLKYJ9xDXTyvRus6katI1ql5YwPbCgGeyOwcDxuQUgjWwIycfesmldGc7JVjFMCwRC4cM87SgJSim3VgXXQGf6nDQS32i_RGdH1n0odMjDzC-5YQtgPuv_nDQ9vaVpYrR0zVC8NMLhArTHf3vup-dDXKTcusLZ_AXcMKE7QfN6eJ3xntpU_15z9QSW-W6rLfFO6YaSdMYnNvGwFKEyT7ZznpOHGpc4SwJK3gfo4B20vaoO_k4Ykf-lqcTAbO9m3iETRKknx4NzaajYGPhdVNpBboBkCKyU26JHoLxwUnTLRC8ioB5biuewWPl5qc7TmHC-fPTy1VEHQWL8rqXl4jo4BbSDUej6MoRLS0KhVqWxI1NujSHLWMp_0383f_ga0v8oW3LXlRhHhy3ppkkv8mHXWV7gA5Us9wYLl7lqsiiIbfDd0bdltLZw_f-pv5bO148WwjWpih4X9FB5RGHEV0SIId2m5dqAs1yNJJczZrhCszI0En5_gXp2AUdZCNR5j6IFLZMb2UnJPytlJeQkZ5H9I2rnfGEMeo9tYaqhTq1p-E6naFgViLJEWt1TgNWhaXToPTJVoHEI0T702094ClrlpCoCwwVBbDaWnQeT0HW_2Bt2J82F-WIhBqLW7jIrfjhnCOx9obF02yy38XjE3ffaYPZyOBp3eCdjn91oAei8AIO0QfqCvTSBizX-faKM1EvRC4xXNq26QAUQppLMSu0hXvkYAfikv3OVdHxSstT1jgKrHhBAaaQRJpeuc1yiV8h-1YRGlGkYoCzzA3sVXJwhynnH90c9TG5yrUMke9JtiJIUUytvRg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: e48f20662d88e6a1d5eab5575788a2ec.safeframe.googlesyndication.com
URL: https://e48f20662d88e6a1d5eab5575788a2ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Domain: e48f20662d88e6a1d5eab5575788a2ec.safeframe.googlesyndication.com
URL: https://e48f20662d88e6a1d5eab5575788a2ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Domain: e48f20662d88e6a1d5eab5575788a2ec.safeframe.googlesyndication.com
URL: https://e48f20662d88e6a1d5eab5575788a2ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Verdicts & Comments Add Verdict or Comment

107 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
pt.protoawe.com/	1970-01-20 17:08:27	Name: psui Value: 1e62e27e34e85fc2c55bb803e1cfcd50
.mgid.com/	1970-01-20 16:25:17	Name: __cf_bm Value: FUnIqiuL_4h_nuyjVFDSfIrv3HtONZEYILoYq0Uppnk-1700715883-0-Adq/LGdaH3koA8b1gCg+4S8sZoqkJkSlgqHzUkylLXpp22xD6BK/wlIaMLoENW+lKkhV3MWWYdbOVz4NWzlY9Xg=
ibb.co/	1970-01-20 17:51:39	Name: __ppIdCC Value: ivv_xo21799715883.3.
.ibb.co/	1970-01-20 17:05:35	Name: sharedid Value: d959606d-51eb-467b-9ea8-d060a4ae1ceb
.ibb.co/	1970-01-20 17:05:35	Name: sharedid_cst Value: zix7LPQsHA%3D%3D
.doubleclick.net/	1970-01-20 16:25:16	Name: test_cookie Value: CheckForPermission
.criteo.com/	1970-01-21 01:46:51	Name: receive-cookie-deprecation Value: 1
.criteo.com/	1970-01-21 01:46:51	Name: uid Value: 9e36d19c-3985-4545-81a5-d5aacfea52eb
.ibb.co/	1970-01-21 01:46:51	Name: __gads Value: ID=0c590c7a50f9405f:T=1700715884:RT=1700715884:S=ALNI_MYIYC9WsQ3vd6Ab5XY51eMNmNJToQ
.ibb.co/	1970-01-21 01:46:51	Name: __gpi Value: UID=00000cd89ccf7570:T=1700715884:RT=1700715884:S=ALNI_MZ-GqCHLWg3D3CLvRv2qfiz9etdIg
.ibb.co/	1970-01-21 01:46:51	Name: cto_bundle Value: lsJzIF9IaEdGS2tiV0Y3aDNlJTJGaFdPOEV2cjB2V085TjJNTVJnUlRLOUczMW9qWDZYMEtUQzZWQzNDamtkMHZkdGtydlBScFFXWDlGS3ZEVEFRSFIxZWFjaWpNenR0NG9Uc0RLMm5FOWFQNjFCcEtadUNYOWFlNWVDQWs2RjJTWVgyWGEyWTFXJTJCWE5yVGQlMkZTZWIwVk93ZFdxVXclM0QlM0Q

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1(Line 6) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1(Line 6) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload max-age=63072000; includeSubDomains; preload
X-Frame-Options	DENY DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax.amazon-adsystem.com
adsystem.pocpoc.io
assets.vlitag.com
c.amazon-adsystem.com
c.usefulcontentsites.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.usefulcontentsites.com
cm.mgid.com
config.aps.amazon-adsystem.com
dsp.vlitag.com
e48f20662d88e6a1d5eab5575788a2ec.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
galleryn1.vcmdiawe.com
galleryn2.vcmdiawe.com
galleryn3.vcmdiawe.com
gum.criteo.com
i.ibb.co
ibb.co
id5-sync.com
images.outbrainimg.com
imasdk.googleapis.com
log.outbrainimg.com
mcdp-nydc1.outbrain.com
media.vlitag.com
odb.outbrain.com
pagead2.googlesyndication.com
pt-static2.awepsljan.com
pt-static3.awepsljan.com
pt-static4.awepsljan.com
pt.protoawe.com
px.pocpoc.io
px.vliplatform.com
r4---sn-5go7ynld.googlevideo.com
redirector.googlevideo.com
securepubads.g.doubleclick.net
services.vlitag.com
simgbb.com
static.criteo.net
static.vliplatform.com
tpc.googlesyndication.com
widgets.outbrain.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
e48f20662d88e6a1d5eab5575788a2ec.safeframe.googlesyndication.com
104.16.85.20
104.19.131.76
104.22.58.199
108.138.1.25
142.250.181.226
142.250.181.234
142.250.184.193
142.250.184.225
142.250.185.174
142.250.185.227
142.250.186.162
142.250.186.164
142.250.186.42
146.75.118.132
162.19.138.120
162.19.58.159
172.217.16.142
172.217.18.8
172.67.131.251
172.67.158.59
172.67.21.227
172.67.38.106
172.67.75.64
178.250.1.11
178.250.1.3
184.30.17.67
184.30.25.193
188.114.97.3
213.174.132.224
52.222.253.136
64.202.112.95
74.125.111.73
93.93.51.190
93.93.51.191
93.93.51.200
99.86.4.71
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
1588f28b24db6b8f402eef28454e05f34f947789806c5a65754fa9715c689e6f
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
190a895ec4e79f036f87ad9b39009f8a0307acb9e61c31555b3f42279b99882b
1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0
191a98003e98b429276e8f3daefd3849a1603a4ddee78efc0168ba41a131a5bb
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
22a1257891d7523261ed7426751d43a5dfeb83e2211aed3b71f085b5a45149ed
2dc37eeeb346edd7286ac5fbd4d78aed9c22129d81fce5b3c06ddc069d2cc08c
2ecfd44706303034daf63e843a560bca259d1ef51f26b1aeadf8c448619e53e0
37156b190c41796d5c63f4660b6626ae143c17095c68471669beb9c21df6af4d
3b5c79fa6438eb8abbfc5dbde134a7f49a7f5920a1099a47b5ffed5222b495f0
3e6e53d2343307876944422e504dca5962c6d1c0d3a028ca2ef3a7b6d9f8f1e8
41cc6ed5297c362dea13bb01065b4f1933beeb375a989da1b8ba76f709818cde
45906ccf25c34566708e3c7b29332f2d567c6fa53c72a64b2523928343be6cd1
45fe766308841d0d4a2068ef014d83df899ef6623f6bb4bde509431657b1c707
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
486c6aa9e89c29337b94693a3c2037192f68108251d930f30a4fd062e108b779
4a32283aaba0418ac1b0953af32fbe71948d43e7cdc08abeca552a9373809087
4c8fe936e012d2d229577704c34c41a451d7a98aa5c2566ea5c3930aa7e3f40f
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5db53bf6a77148dae0aece6b6512e4a6bf94603af72e449a0f23ed03e8b96ff3
61c1717be43c059119fabec7d2d724946eefd6823ac615a4214ebdace9197cd2
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63d745e9d01f4ebdf7cd7eb0561db0164a45b4a1497858e76aa8b79624a6eadd
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
74d0373a85892e057313ab43c70ef0d42dbdc3168d1069f989b2f68ab7bf82de
76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554
7875286b55ea460e378e7a7f0614c9e0e57f595de9667852e0b7617e1a0f1df5
7c598d6dc2f040f82c608cb1ef063629ad52ade976a354e578cfab5f2fbb428d
7d71a852775aba4b8dc1944e102cb58b344c544fe55e69da4caa73e8ccc1d2cb
80329d457bd68a89b53ca393d3ba5f1c7b4f944c3c60ef8244a6969e10647c55
81e5e4b6c715a3d96da514af5e1e3de52fc2a4a1b1b1f0ce54abe791d8e98f23
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8a958c3cb5068317e97fddd28d331312c4a34fa1b25f99776c36ffeb3302819b
8f1b8610e956324918230ac2715a40b0b09f6668dda455871f11924a15a53fa9
90c59c1e7bd0faa14fd9152b9d0ae93505a76498ab6d3f73bae5f123290a7d72
946d2750e91aa97d4f5d0363b09dc436fd2e7df097eeeb4d3f8baae7817f3e40
95472ae7e5c43b4b628b85d8edcfa2259a2ec1b40570dd08952337f31a198e13
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034
a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9
a24a1cdd313ab6fa435e1a0f9f4f0395f864a11c9a5ff9610beafe91548d1a8d
a3531c1a6993ccc3e7b0f3e1495768e3464aecd55193ef112cb5555422ae6c90
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66
b5aacc837f3866c139e24a9c447f8ecc672b3e718536585ac1fd0ce9cc0e4e8c
b741f4d0ad14fbb859f5654ad9239fee977c48a560349178c9712d411e1c70c1
b8341f341848ee9eec71870d976b0895ef1084190c2e0b0349d2ba1c9b9ef64e
be0b980bcf443bd5f3cd143844756418dea36a7d3083f76fe3932890f5955740
c3c89d5295be3c6415416b83a9e4c0fc67a790e55713ddc3f2d0c07185779acf
c43f2cfd502f8404bf58060207dfd8294ad0c7f1bc08e69db75713552f915795
c4ed2b44dfcf6f8ab50c4b13dc0d3405d6320e31f6b064407e09d3769fc072f1
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d192a5e1527c429f7e465e41ecbf501e491bbb33365f4870a332ff497c4b12e8
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dff68aad39e6bf97d964f0763b13d6ce7cc83082d84f193f12c5bbbc07a7c907
e00bcedee317ad37acfd512166eb950fbc370e6f59668388e8bddf8b425d8334
e00cb88738adfce7ad329a09432c6bb494decc964b1b1c311c34d2f180e56b65
e329117bbdc12ee0649ed6654138a9ba8e600eaddf9138752631a50d236d135a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e59891985779721048f0ed9fc2051027dcfe324a0a8dd9dc3ad63fb59f1072da
e97a9988dce8067f81f57557b349dd481e0335e75175179b6b01322be2ff13a5
e9cc059b999d6ae6df1afdae67e1128d5b6bc81ed011dc354861b259e06d76e3
ea41ce7e8fcd21b1460b4afd6bfc7a98e5268726af31a4fc275e65e2a7f62d86
eab5ce81f487c1353a833ca5375a92215cd73db89609ce1d5ee198cd602dbfee
f46bf0c1c79af4187878ef33dc72a02a554013f943f2eaeb9ad5e88c246b6b13
f7649c2ef4b499c01a1117a8adba8e35d993f3053e8eb0ae77447589fb433784
ff3ec271ef20383e3c4fd7f8a8bbab3610c6bd52fa7ca3a52059b97faf148b24

ibb.co Open in urlscan Pro 213.174.132.224 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

105 Requests

96 %HTTPS

0 %IPv6

25 Domains

46 Subdomains

36 IPs

6 Countries

4183 kBTransfer

7704 kBSize

11 Cookies

10 Outgoing links

Redirected requests

105 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ibb.co Open in urlscan Pro
213.174.132.224 Public Scan

Screenshot
Live screenshot

Full Image

105
Requests

96 %
HTTPS

0 %
IPv6

25
Domains

46
Subdomains

36
IPs

6
Countries

4183 kB
Transfer

7704 kB
Size

11
Cookies

105 HTTP transactions
0 data transactions