ibb.co Open in urlscan Pro
213.174.132.224 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ibb.co/mB1hCdH
Submission: On September 19 via manual (September 19th 2023, 11:54:05 pm UTC) from IT — Scanned from IT

Summary HTTP 134 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 41 IPs in 6 countries across 27 domains to perform 134 HTTP transactions. The main IP is 213.174.132.224, located in Ashburn, United States and belongs to ADVANCEDHOSTERS-AS, NL. The main domain is ibb.co. The Cisco Umbrella rank of the primary domain is 9946.
TLS certificate: Issued by R3 on August 10th 2023. Valid for: 3 months.

This is the only time ibb.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	213.174.132.224 213.174.132.224	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
3	142.250.74.202 142.250.74.202	15169 (GOOGLE) (GOOGLE)
5	104.21.4.104 104.21.4.104	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 14	104.22.58.199 104.22.58.199	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	162.19.58.156 162.19.58.156	16276 (OVH) (OVH)
3	93.93.51.191 93.93.51.191	34655 (DOCLER-AS) (DOCLER-AS)
3	172.217.16.131 172.217.16.131	15169 (GOOGLE) (GOOGLE)
4	93.93.51.200 93.93.51.200	34655 (DOCLER-AS) (DOCLER-AS)
2	142.250.186.72 142.250.186.72	15169 (GOOGLE) (GOOGLE)
1	104.19.131.76 104.19.131.76	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	93.93.51.190 93.93.51.190	34655 (DOCLER-AS) (DOCLER-AS)
1	216.239.36.178 216.239.36.178	15169 (GOOGLE) (GOOGLE)
8	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
3	142.250.185.202 142.250.185.202	15169 (GOOGLE) (GOOGLE)
3	18.239.69.131 18.239.69.131	16509 (AMAZON-02) (AMAZON-02)
1	18.238.243.122 18.238.243.122	16509 (AMAZON-02) (AMAZON-02)
3	104.16.86.20 104.16.86.20	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	18.239.64.29 18.239.64.29	16509 (AMAZON-02) (AMAZON-02)
13	172.67.158.59 172.67.158.59	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	142.250.186.174 142.250.186.174	15169 (GOOGLE) (GOOGLE)
1	172.217.133.202 172.217.133.202	15169 (GOOGLE) (GOOGLE)
1	104.22.53.86 104.22.53.86	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	178.250.1.3 178.250.1.3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	172.217.18.1 172.217.18.1	15169 (GOOGLE) (GOOGLE)
2	172.67.75.64 172.67.75.64	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	142.250.186.161 142.250.186.161	15169 (GOOGLE) (GOOGLE)
1	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
2	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	162.19.138.119 162.19.138.119	16276 (OVH) (OVH)
6	142.250.179.99 142.250.179.99	15169 (GOOGLE) (GOOGLE)
11	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	64.233.166.157 64.233.166.157	15169 (GOOGLE) (GOOGLE)
1 1	142.250.186.46 142.250.186.46	15169 (GOOGLE) (GOOGLE)
2	172.217.133.233 172.217.133.233	15169 (GOOGLE) (GOOGLE)
1	146.75.122.132 146.75.122.132	54113 (FASTLY) (FASTLY)
2	184.30.17.67 184.30.17.67	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2.18.161.178 2.18.161.178	16625 (AKAMAI-AS) (AKAMAI-AS)
2	64.202.112.191 64.202.112.191	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
3	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1	216.58.206.36 216.58.206.36	15169 (GOOGLE) (GOOGLE)
134	41

1 213.174.132.224 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

ibb.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.74.202 (Old Bridge, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.21.4.104 (None, )

ASN13335 (CLOUDFLARENET, US)

simgbb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

cdn.usefulcontentsites.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.usefulcontentsites.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 104.22.58.199 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

services.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsp.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.19.58.156 (France)

ASN16276 (OVH, FR)
PTR: ns3096358.ip-162-19-58.eu

i.ibb.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 93.93.51.191 (Luxembourg)

ASN34655 (DOCLER-AS, LU)

pt.protoawe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.16.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 93.93.51.200 (Luxembourg)

ASN34655 (DOCLER-AS, LU)

pt-static5.awepsljan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pt-static1.awepsljan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pt-static2.awepsljan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.72 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.131.76 (None, )

ASN13335 (CLOUDFLARENET, US)

cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 93.93.51.190 (Luxembourg)

ASN34655 (DOCLER-AS, LU)

galleryn1.vcmdiawe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
galleryn0.vcmdiawe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.36.178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f10.1e100.net

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.239.69.131 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-69-131.ams58.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.238.243.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-243-122.ams58.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.16.86.20 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.239.64.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-64-29.ams58.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 172.67.158.59 (United States)

ASN13335 (CLOUDFLARENET, US)

px.vliplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.vliplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.174 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f14.1e100.net

redirector.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.133.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s67-in-f10.1e100.net

r5---sn-4g5edndk.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.22.53.86 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.18.1 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f1.1e100.net

bfa9ed82e61a589dc976c397d3ded1ae.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.75.64 (United States)

ASN13335 (CLOUDFLARENET, US)

adsystem.pocpoc.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.pocpoc.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.186.161 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.119 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.179.99 (United States)

ASN15169 (GOOGLE, US)
PTR: par21s20-in-f3.1e100.net

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.233.166.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wm-in-f157.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.46 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f14.1e100.net

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.133.233 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s68-in-f9.1e100.net

r4---sn-4g5edndr.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.122.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

odb.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.30.17.67 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-17-67.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.161.178 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-161-178.deploy.static.akamaitechnologies.com

images.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.202.112.191 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

log.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mcdp-nydc1.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.36 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	googlesyndication.com bfa9ed82e61a589dc976c397d3ded1ae.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 169 pagead2.googlesyndication.com — Cisco Umbrella Rank: 122 ade.googlesyndication.com — Cisco Umbrella Rank: 333	118 KB
14	vlitag.com 1 redirects services.vlitag.com — Cisco Umbrella Rank: 37074 assets.vlitag.com — Cisco Umbrella Rank: 46483 media.vlitag.com — Cisco Umbrella Rank: 65109 dsp.vlitag.com — Cisco Umbrella Rank: 63584	1020 KB
13	vliplatform.com px.vliplatform.com — Cisco Umbrella Rank: 31754 static.vliplatform.com — Cisco Umbrella Rank: 114589	13 KB
13	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 235 bid.g.doubleclick.net — Cisco Umbrella Rank: 1063 googleads.g.doubleclick.net — Cisco Umbrella Rank: 66 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 433	245 KB
9	gstatic.com fonts.gstatic.com csi.gstatic.com	79 KB
8	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 404 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 945 aax.amazon-adsystem.com — Cisco Umbrella Rank: 541	67 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 113 imasdk.googleapis.com — Cisco Umbrella Rank: 657	257 KB
5	simgbb.com simgbb.com — Cisco Umbrella Rank: 198301	139 KB
4	outbrain.com odb.outbrain.com — Cisco Umbrella Rank: 3344 widgets.outbrain.com — Cisco Umbrella Rank: 2157 mcdp-nydc1.outbrain.com — Cisco Umbrella Rank: 7469	18 KB
4	vcmdiawe.com galleryn1.vcmdiawe.com — Cisco Umbrella Rank: 18539 galleryn0.vcmdiawe.com — Cisco Umbrella Rank: 15400	111 KB
4	awepsljan.com pt-static5.awepsljan.com — Cisco Umbrella Rank: 826512 pt-static1.awepsljan.com pt-static2.awepsljan.com	122 KB
3	2mdn.net 1 redirects gcdn.2mdn.net — Cisco Umbrella Rank: 1461 r4---sn-4g5edndr.c.2mdn.net — Cisco Umbrella Rank: 593541	2 MB
3	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 558	12 KB
3	protoawe.com pt.protoawe.com — Cisco Umbrella Rank: 694087	9 KB
3	ibb.co ibb.co — Cisco Umbrella Rank: 9946 i.ibb.co — Cisco Umbrella Rank: 10068	394 KB
2	outbrainimg.com images.outbrainimg.com — Cisco Umbrella Rank: 3162 log.outbrainimg.com — Cisco Umbrella Rank: 3100	11 KB
2	criteo.com gum.criteo.com — Cisco Umbrella Rank: 640	6 KB
2	pocpoc.io adsystem.pocpoc.io — Cisco Umbrella Rank: 53775 px.pocpoc.io — Cisco Umbrella Rank: 56286	1 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1223 id5-sync.com — Cisco Umbrella Rank: 687	31 KB
2	googlevideo.com 1 redirects redirector.googlevideo.com — Cisco Umbrella Rank: 485 r5---sn-4g5edndk.googlevideo.com — Cisco Umbrella Rank: 197565	952 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 111	157 KB
2	usefulcontentsites.com cdn.usefulcontentsites.com — Cisco Umbrella Rank: 108742 c.usefulcontentsites.com — Cisco Umbrella Rank: 40558	3 KB
1	google.com www.google.com — Cisco Umbrella Rank: 11	1 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 254	57 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 897	14 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 96	21 KB
1	mgid.com cm.mgid.com — Cisco Umbrella Rank: 2276	381 B
134	27

	Domain	Requested by
12	px.vliplatform.com	ibb.co
10	pagead2.googlesyndication.com	bfa9ed82e61a589dc976c397d3ded1ae.safeframe.googlesyndication.com tpc.googlesyndication.com ibb.co securepubads.g.doubleclick.net
9	tpc.googlesyndication.com	bfa9ed82e61a589dc976c397d3ded1ae.safeframe.googlesyndication.com ibb.co imasdk.googleapis.com tpc.googlesyndication.com securepubads.g.doubleclick.net
8	securepubads.g.doubleclick.net	services.vlitag.com securepubads.g.doubleclick.net bfa9ed82e61a589dc976c397d3ded1ae.safeframe.googlesyndication.com
8	assets.vlitag.com	services.vlitag.com ibb.co
6	csi.gstatic.com	imasdk.googleapis.com
5	simgbb.com	ibb.co simgbb.com
4	aax.amazon-adsystem.com	c.amazon-adsystem.com
4	services.vlitag.com	ibb.co services.vlitag.com
3	googleads.g.doubleclick.net
3	bfa9ed82e61a589dc976c397d3ded1ae.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	cdn.jsdelivr.net	assets.vlitag.com securepubads.g.doubleclick.net ibb.co
3	c.amazon-adsystem.com	services.vlitag.com c.amazon-adsystem.com
3	imasdk.googleapis.com	services.vlitag.com bfa9ed82e61a589dc976c397d3ded1ae.safeframe.googlesyndication.com
3	fonts.gstatic.com	fonts.googleapis.com
3	pt.protoawe.com	ibb.co
3	fonts.googleapis.com	ibb.co bfa9ed82e61a589dc976c397d3ded1ae.safeframe.googlesyndication.com
2	widgets.outbrain.com	ibb.co
2	r4---sn-4g5edndr.c.2mdn.net	ibb.co
2	gum.criteo.com	static.criteo.net gum.criteo.com
2	galleryn0.vcmdiawe.com	pt.protoawe.com
2	galleryn1.vcmdiawe.com	pt.protoawe.com
2	www.googletagmanager.com	pt.protoawe.com www.googletagmanager.com
2	pt-static1.awepsljan.com	pt.protoawe.com
2	i.ibb.co	ibb.co
1	www.google.com	tpc.googlesyndication.com
1	googleads4.g.doubleclick.net
1	ade.googlesyndication.com
1	c.usefulcontentsites.com
1	mcdp-nydc1.outbrain.com	ibb.co
1	log.outbrainimg.com	ibb.co
1	images.outbrainimg.com	ibb.co
1	odb.outbrain.com	static.vliplatform.com
1	static.vliplatform.com	dsp.vlitag.com
1	gcdn.2mdn.net	1 redirects
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	id5-sync.com	cdn.id5-sync.com
1	www.googletagservices.com	ibb.co
1	px.pocpoc.io	ibb.co
1	adsystem.pocpoc.io	dsp.vlitag.com
1	dsp.vlitag.com	services.vlitag.com
1	static.criteo.net	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	r5---sn-4g5edndk.googlevideo.com	ibb.co
1	redirector.googlevideo.com	1 redirects
1	media.vlitag.com	1 redirects
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
1	www.google-analytics.com	www.googletagmanager.com
1	cm.mgid.com	cdn.usefulcontentsites.com
1	pt-static2.awepsljan.com	pt.protoawe.com
1	pt-static5.awepsljan.com	pt.protoawe.com
1	cdn.usefulcontentsites.com	ibb.co
1	ibb.co
134	53

This site contains links to these domains. Also see Links.

Domain
undefined
imgbb.com
api.imgbb.com
i.ibb.co

Subject Issuer	Validity	Valid
ibb.co R3	`2023-08-10` - `2023-11-08`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
simgbb.com GTS CA 1P5	`2023-08-12` - `2023-11-10`	3 months	crt.sh
usefulcontentsites.com GTS CA 1P5	`2023-08-25` - `2023-11-23`	3 months	crt.sh
vlitag.com GTS CA 1P5	`2023-07-31` - `2023-10-29`	3 months	crt.sh
pt.aweproto.com R3	`2023-07-21` - `2023-10-19`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
pt-static1.awepsljan.com R3	`2023-08-27` - `2023-11-25`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-11` - `2024-04-10`	a year	crt.sh
*.vcmdiawe.com Sectigo RSA Domain Validation Secure Server CA	`2023-05-02` - `2024-05-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2023-02-20` - `2024-03-20`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-31`	3 months	crt.sh
pocpoc.io GTS CA 1P5	`2023-07-24` - `2023-10-22`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
*.id5-sync.com R3	`2023-09-01` - `2023-11-30`	3 months	crt.sh
*.outbrain.com R3	`2023-07-25` - `2023-10-23`	3 months	crt.sh
*.outbrainimg.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-02` - `2024-03-02`	a year	crt.sh
*.c.docs.google.com GTS CA 1C3	`2023-09-12` - `2023-11-21`	2 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh

This page contains 13 frames:

Primary Page: https://ibb.co/mB1hCdH
Frame ID: 185BEDF702D93A1E0115FE0552418FF4
Requests: 62 HTTP requests in this frame

Frame: https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1
Frame ID: 295A0633A88FF0E869E5CFDCE53CF26C
Requests: 13 HTTP requests in this frame

Frame: https://bfa9ed82e61a589dc976c397d3ded1ae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7464119F23F96EF23C1F4A5C5DC162A0
Requests: 1 HTTP requests in this frame

Frame: https://bfa9ed82e61a589dc976c397d3ded1ae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: BAAD615C45CE84F66A6D87E189F05FA5
Requests: 3 HTTP requests in this frame

Frame: https://bfa9ed82e61a589dc976c397d3ded1ae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5F16B47786B561722FE2EF9ACD9A2694
Requests: 31 HTTP requests in this frame

Frame: https://bfa9ed82e61a589dc976c397d3ded1ae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 50671624070A9BFA4FA0A961A6083C15
Requests: 1 HTTP requests in this frame

Frame: https://dsp.vlitag.com/js/v1/adtag.js
Frame ID: 6EB5F83E7B176F006569309F0264CF75
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Frame ID: 326B1280BC00A274D78558F9C5C57E55
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=ibb.co
Frame ID: F23ED06773F0BC38617B67A8FF838F5A
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 0C9B261C3D036473718ABA4D774E4D45
Requests: 3 HTTP requests in this frame

Frame: https://widgets.outbrain.com/images/widgetIcons/ob_logo_16x16.svg
Frame ID: 82D95A127CBD607C813ABA40B3A481BC
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5ECEEC2E9E588551170470E0EA951054
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6E6B177332BF4364D84D26238E4985D5
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

DSC02259 hosted at ImgBB — ImgBB

Detected technologies

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

134
Requests

96 %
HTTPS

0 %
IPv6

27
Domains

53
Subdomains

41
IPs

6
Countries

5093 kB
Transfer

8986 kB
Size

11
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://undefined/?ref=ibb.co
Title: Valueimpression

Search URL Search Domain Scan URL

URL: https://imgbb.com/

Search URL Search Domain Scan URL

URL: https://imgbb.com/plugin
Title: Plugin

Search URL Search Domain Scan URL

URL: https://api.imgbb.com/
Title: API

Search URL Search Domain Scan URL

URL: https://imgbb.com/tos
Title: Terms of service

Search URL Search Domain Scan URL

URL: https://imgbb.com/privacy
Title: Privacy

Search URL Search Domain Scan URL

URL: https://imgbb.com/contact
Title: Contact

Search URL Search Domain Scan URL

URL: https://imgbb.com/upload
Title: Carica

Search URL Search Domain Scan URL

URL: https://imgbb.com/login
Title: Accedi

Search URL Search Domain Scan URL

URL: https://i.ibb.co/thkYMnb/DSC02259.jpg

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 56

https://media.vlitag.com/vid/?id=6Fk_i-JDmbY&t=y HTTP 302
https://redirector.googlevideo.com/videoplayback?expire=1695186195&ei=sygKZZaICqSzsfIPhuiT-AM&ip=184.164.141.146&id=o-AATAvzNeX5TcaTS1l_AZuo5vWCXP08jUNGndn-uz4Uk7&itag=136&aitags=134%2C136%2C160%2C243&source=youtube&requiressl=yes&mh=d6&mm=31%2C29&mn=sn-2puupm-2pue%2Csn-a5msenes&ms=au%2Crdu&mv=u&mvi=1&pl=19&spc=UWF9f2Lty4t3bSqbK4H6nQSclmiTw00IEuURVCohmg&vprv=1&svpuc=1&mime=video%2Fmp4&ns=hNc338eU2WQqlQ9T6oNhmeEP&gir=yes&clen=33307029&dur=200.909&lmt=1685781129302686&mt=1695164317&fvip=3&keepalive=yes&fexp=24007246&c=WEB&txp=6216224&n=Eb9xZkv3Bn1BHv3&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgSgncr5A5istbVZ51TZXXoT_Y432Rg6YqeNkhWvu4UOECIExeKHxFnpaL8U6XcD6y_m655sowgaaGOwf3xWGigQt-&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRgIhANFtwrXuHuuoW9mfBVsoA0DOmdWKysXdn2n2rhGFRpOhAiEAnudbId7aRO_t7q4yq6McWb6N9u-qUYw_dmdvuN1T9II%3D HTTP 302
https://r5---sn-4g5edndk.googlevideo.com/videoplayback?expire=1695186195&ei=sygKZZaICqSzsfIPhuiT-AM&ip=184.164.141.146&id=o-AATAvzNeX5TcaTS1l_AZuo5vWCXP08jUNGndn-uz4Uk7&itag=136&aitags=134%2C136%2C160%2C243&source=youtube&requiressl=yes&spc=UWF9f2Lty4t3bSqbK4H6nQSclmiTw00IEuURVCohmg&vprv=1&svpuc=1&mime=video%2Fmp4&ns=hNc338eU2WQqlQ9T6oNhmeEP&gir=yes&clen=33307029&dur=200.909&lmt=1685781129302686&keepalive=yes&fexp=24007246&c=WEB&txp=6216224&n=Eb9xZkv3Bn1BHv3&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgSgncr5A5istbVZ51TZXXoT_Y432Rg6YqeNkhWvu4UOECIExeKHxFnpaL8U6XcD6y_m655sowgaaGOwf3xWGigQt-&cms_redirect=yes&mh=d6&mip=185.198.62.232&mm=31&mn=sn-4g5edndk&ms=au&mt=1695165683&mv=u&mvi=5&pl=23&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgIsXa3-kwUhFuvZcEkv_MAhtQSDE-p2NTZfT95vjV_oMCIF7rIurvhTA8-pyjntuAxI4UW-sH6U7gOIheuWR5gE9l

Request Chain 97

https://gcdn.2mdn.net/videoplayback/id/5c75bfbc1c1ca1a6/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1726703639/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/1D980C3A746A72AFFA09E9D46B227E0E63619C16.B53873F246ECC2962AF3E57991CBF3E6C4890C20/key/ck2/file/file.mp4 HTTP 302
https://r4---sn-4g5edndr.c.2mdn.net/videoplayback/id/5c75bfbc1c1ca1a6/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1726703639/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/01FD199790E27731B1E831F3A5D25B217C916FFC.15D34C5E68B33EDA56F22EBE8BD1ACD8154E466B/key/cms1/cms_redirect/yes/mh/wl/mip/185.198.62.232/mm/42/mn/sn-4g5edndr/ms/onc/mt/1695166190/mv/u/mvi/4/pl/23/file/file.mp4

134 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request mB1hCdH Show response
ibb.co/ 21 KB
6 KB 666ms
327ms Document
text/html 213.174.132.224
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ibb.co/mB1hCdH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

213.174.132.224 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

7db6d87048e8fbe8f4e217401c07e0f77c46251dda97cff99f943d2d47860793

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload max-age=63072000; includeSubDomains; preload
X-Frame-Options	DENY DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 19 Sep 2023 23:53:55 GMT
server: nginx
strict-transport-security: max-age=63072000; includeSubDomains; preload max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-frame-options: DENY DENY

GET
H2 200 css2
fonts.googleapis.com/ 9 KB
1 KB 503ms
71ms Stylesheet
text/css 142.250.74.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500&display=swap

Requested by

Host: ibb.co
URL: https://ibb.co/mB1hCdH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.202 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f10.1e100.net

Software

ESF /

Resource Hash

b5aacc837f3866c139e24a9c447f8ecc672b3e718536585ac1fd0ce9cc0e4e8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 19 Sep 2023 23:53:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 19 Sep 2023 23:09:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 19 Sep 2023 23:53:56 GMT

GET
H2 200 ibb.css
simgbb.com/2801/ 115 KB
26 KB 524ms
60ms Stylesheet
text/css 104.21.4.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://simgbb.com/2801/ibb.css
Requested by: Host: ibb.co
URL: https://ibb.co/mB1hCdH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.4.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d192a5e1527c429f7e465e41ecbf501e491bbb33365f4870a332ff497c4b12e8

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 23:53:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 02 Feb 2023 10:55:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6212
etag: W/"63db96ac-1cd5c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eKbFihCNv9lR44KLt6V9v%2BI0%2F0WMk%2FWKafny4mXx%2BMpDcmwdIanwgmPGUUhXwDXYPgK%2BtCxwUn05QvJCh9GlJsZV8%2BFvDGwH2Cu%2FE8LOFF1oJwhJm0NhdKPR0GvA"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 8095c04009b8d3ec-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 subscribe.js Show response
cdn.usefulcontentsites.com/js/push/ 5 KB
2 KB 505ms
56ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.usefulcontentsites.com/js/push/subscribe.js?v=7
Requested by: Host: ibb.co
URL: https://ibb.co/mB1hCdH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c598d6dc2f040f82c608cb1ef063629ad52ade976a354e578cfab5f2fbb428d

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-id: pa5-up-gc8
date: Tue, 19 Sep 2023 23:53:56 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: TKG2YNDB1XZQFWJD
age: 3483
x-cached-since: 2022-12-20T08:53:39+00:00
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 6gRGAmoH4EmrXfr/H/IRCNGPSUnCEe9ezUsSz7BGSsiuXdRtZyAzT5ggRAPkMr2jPZfhsDkyMLU=
last-modified: Wed, 30 Mar 2022 12:06:36 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1648641987/ctime:1648641987/gid:0/gname:root/md5:531a7e657aea171bbfa47a0c45adfede/mode:33206/mtime:1648641987/uid:0/uname:root
etag: W/"531a7e657aea171bbfa47a0c45adfede"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DDvB%2Fqpm%2Fvr8N8RiNTG14GEbwv8bmgRyuy4iclrMZoOq2lhjruPgtF0qJv0nGc8704jpXAr2z4tJidit1Ysz3pImok2YNF3q19W8O%2FfYRzuT%2BGrZKHTlVL47MrBhWdF8d%2FuP4JtIxz1krbWpjA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cache: STALE
cf-ray: 8095c0431e5602a5-CDG

GET
H2 200 / Show response
services.vlitag.com/adv1/ 574 KB
147 KB 479ms
55ms Script
application/javascript 104.22.58.199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1
Requested by: Host: ibb.co
URL: https://ibb.co/mB1hCdH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.58.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 547cf2960a26f2a2014a4d946809c87ce80676e964d5e14c7b6b16a9a48e4625

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 23:53:57 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 752
cf-polished: origSize=587646
etag: W/"8e6637b4f4f57cc6ca9a8b8db5bcdcb1 2023-09-11T22:19:40 v1 default"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, stale-while-revalidate=3600
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 8095c0435a104dbe-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 logo.png
simgbb.com/images/ 938 B
1 KB 62ms
60ms Image
image/png 104.21.4.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simgbb.com/images/logo.png
Requested by: Host: ibb.co
URL: https://ibb.co/mB1hCdH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.4.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80329d457bd68a89b53ca393d3ba5f1c7b4f944c3c60ef8244a6969e10647c55

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 23:53:56 GMT
cf-cache-status: HIT
last-modified: Thu, 02 Feb 2023 10:55:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 954
etag: "63db96ac-3aa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JF4X0MI3u72n%2BlzpwTlFd581cpRyk3uFSeRTL6axURQTRFOudAnE0Kf%2B%2B53ccEFxqgX9ChQ51Zft%2BrnPk2pSukkcrxXuuGcSeSAu83ZZwGClU9UBEyn78W3lF3iD"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8095c040ea09d3ec-CDG
alt-svc: h3=":443"; ma=86400
content-length: 938

GET
H2 200 DSC02259.jpg
i.ibb.co/X4NFZ6z/ 83 KB
83 KB 272ms
73ms Image
image/jpeg 162.19.58.156
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/X4NFZ6z/DSC02259.jpg
Requested by: Host: ibb.co
URL: https://ibb.co/mB1hCdH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.156 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096358.ip-162-19-58.eu
Software: nginx /
Resource Hash: dfd7b958b33c9fc76bed347e011983d0cc624cadea794b2a1a5a580eb6d18a0d

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 23:53:56 GMT
last-modified: Tue, 19 Sep 2023 23:47:06 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 85092
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 script Show response
pt.protoawe.com/cifra/ 2 KB
2 KB 218ms
65ms Script
application/javascript 93.93.51.191
DOCLER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pt.protoawe.com/cifra/script?id=awe-customiframe-container&row=1&column=4&border=0&wide=0&padding=8px&model=0&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&legacyRedirect=1
Requested by: Host: ibb.co
URL: https://ibb.co/mB1hCdH
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.93.51.191 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software: unknown /
Resource Hash: 3b5c79fa6438eb8abbfc5dbde134a7f49a7f5920a1099a47b5ffed5222b495f0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 23:53:50 GMT
cache-control: no-cache
x-ud-id: lpbLv/pZ2
server: unknown
x-cache-status: R-HIT
content-type: application/javascript

GET
H2 200 jquery2.js Show response
simgbb.com/2801/ 114 KB
41 KB 62ms
61ms Script
application/javascript 104.21.4.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://simgbb.com/2801/jquery2.js
Requested by: Host: ibb.co
URL: https://ibb.co/mB1hCdH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.4.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff3ec271ef20383e3c4fd7f8a8bbab3610c6bd52fa7ca3a52059b97faf148b24

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 23:53:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 02 Feb 2023 10:55:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2209
etag: W/"63db96ac-1c65d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m3AdjYt6hc6hVvvS1Gb5yFmOygW%2ByS8%2FkjP%2Bh1tz%2B%2B%2BYu3Id8dsSxmOl5U%2F6y%2BuVLk0OWQTfLGZ%2F%2FwswG4xhoFh5lf7fmD5%2FyoOnf1ySqDEwL8mIZvb9AHdiPBm7"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 8095c040ea0ad3ec-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 ibb.js Show response
simgbb.com/2801/ 215 KB
62 KB 128ms
127ms Script
application/javascript 104.21.4.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://simgbb.com/2801/ibb.js
Requested by: Host: ibb.co
URL: https://ibb.co/mB1hCdH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.4.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45906ccf25c34566708e3c7b29332f2d567c6fa53c72a64b2523928343be6cd1

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 23:53:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Aug 2023 17:15:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5824
etag: W/"64c93db0-35a95"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bVe9XPnl3tZ7JLZa%2FaOz08TPByh0F96w821%2BT2P0ArfEZchq58vqNAUvCzmKvizY8xHCTwyvPB7qISwPt6R2XfYiVxf7818CFdBGjUIaQv0tAdFIl1Q0CdQBccmX"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 8095c040ea0bd3ec-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 cifra Show response
pt.protoawe.com/ Frame 295A 27 KB
7 KB 298ms
146ms Document
text/html 93.93.51.191
DOCLER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1
Requested by: Host: ibb.co
URL: https://ibb.co/mB1hCdH
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.93.51.191 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software: unknown /
Resource Hash: cc6fb3d4db65607a51860c2cbaa1834ce0389978de4676beca49073a9e68a785

Request headers

Referer: https://ibb.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

cache-control: max-age=300, public
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 19 Sep 2023 23:53:56 GMT
server: unknown
vary: Accept-Encoding
x-cache-status: R-MISS
x-ud-id: vXe0G/TEO

GET
H2 200 imgbb.woff2
simgbb.com/fonts/ 8 KB
9 KB 492ms
53ms Font
font/woff2 104.21.4.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://simgbb.com/fonts/imgbb.woff2
Requested by: Host: simgbb.com
URL: https://simgbb.com/2801/ibb.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.4.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f46bf0c1c79af4187878ef33dc72a02a554013f943f2eaeb9ad5e88c246b6b13

Request headers

Referer: https://simgbb.com/2801/ibb.css
Origin: https://ibb.co
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 23:53:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5818
alt-svc: h3=":443"; ma=86400
content-length: 8468
last-modified: Thu, 02 Feb 2023 10:55:40 GMT
server: cloudflare
etag: "63db96ac-2114"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bY6ZK8Njs1yDNJXV%2B4qsgEsfDi9ypG5X1kSH7AxMlEzxhDlr%2BF2jDNmXa3qo%2Fv0I68tbHDh0GZ%2B2BMbkEddqR1d0WyP88qpv4Uc%2FekZM%2FB6PyEGgjnxnsoaEiW2W"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8095c043aaa44dba-FRA

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ 47 KB
48 KB 479ms
37ms Font
font/woff2 172.217.16.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f3.1e100.net

Software

sffe /

Resource Hash

9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ibb.co
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 18:16:19 GMT
x-content-type-options: nosniff
age: 452258
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48432
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Sep 2024 18:16:19 GMT

GET
H2 200 DSC02259.jpg
i.ibb.co/thkYMnb/ 304 KB
304 KB 97ms
74ms Image
image/jpeg 162.19.58.156
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/thkYMnb/DSC02259.jpg
Requested by: Host: ibb.co
URL: https://ibb.co/mB1hCdH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.156 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096358.ip-162-19-58.eu
Software: nginx /
Resource Hash: 9c0708679bedd56e14a891b53514d2c6e9bc375a1edfc061a01da7cce5145c91

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 23:53:56 GMT
last-modified: Tue, 19 Sep 2023 23:47:06 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 311034
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 di.min-v392658.js Show response
pt-static5.awepsljan.com/npe/_common/script/incognito/ Frame 295A 3 KB
2 KB 243ms
55ms Script
application/javascript 93.93.51.200
DOCLER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pt-static5.awepsljan.com/npe/_common/script/incognito/di.min-v392658.js
Requested by: Host: pt.protoawe.com
URL: https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software: unknown /
Resource Hash: 7d71a852775aba4b8dc1944e102cb58b344c544fe55e69da4caa73e8ccc1d2cb

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://pt.protoawe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-cdn-node: itmil
date: Tue, 19 Sep 2023 23:53:57 GMT
content-encoding: gzip
last-modified: Tue, 19 Sep 2023 11:37:23 GMT
server: unknown
etag: W/"650987f3-d47"
x-cache-status: R-HIT
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
expires: Tue, 03 Oct 2023 23:53:57 GMT

GET
H2 200 advertisement-v392658.js Show response
pt-static1.awepsljan.com/npe/_common/script/adblock/ Frame 295A 21 B
276 B 197ms
60ms Script
application/javascript 93.93.51.200
DOCLER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pt-static1.awepsljan.com/npe/_common/script/adblock/advertisement-v392658.js
Requested by: Host: pt.protoawe.com
URL: https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software: unknown /
Resource Hash: e97a9988dce8067f81f57557b349dd481e0335e75175179b6b01322be2ff13a5

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://pt.protoawe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-cdn-node: itmil
date: Tue, 19 Sep 2023 23:53:57 GMT
last-modified: Tue, 19 Sep 2023 11:37:23 GMT
server: unknown
etag: "650987f3-15"
x-cache-status: R-HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 21
expires: Tue, 03 Oct 2023 23:53:57 GMT

GET
H2 200 cifra-v392658.css
pt-static1.awepsljan.com/npe/cifra/styles/ Frame 295A 17 KB
4 KB 175ms
38ms Stylesheet
text/css 93.93.51.200
DOCLER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pt-static1.awepsljan.com/npe/cifra/styles/cifra-v392658.css
Requested by: Host: pt.protoawe.com
URL: https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software: unknown /
Resource Hash: 20cf474dea9c0f5240d01473977eeec6332beec6bcf12667c09745153435b1d2

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://pt.protoawe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-cdn-node: itmil
date: Tue, 19 Sep 2023 23:53:57 GMT
content-encoding: gzip
last-modified: Tue, 19 Sep 2023 11:37:24 GMT
server: unknown
etag: W/"650987f4-43a3"
x-cache-status: R-HIT
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=1209600
expires: Tue, 03 Oct 2023 23:53:57 GMT

GET
H2 200 cifrafk-v392658.js Show response
pt-static2.awepsljan.com/npe/cifra/script/ Frame 295A 323 KB
116 KB 164ms
45ms Script
application/javascript 93.93.51.200
DOCLER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pt-static2.awepsljan.com/npe/cifra/script/cifrafk-v392658.js
Requested by: Host: pt.protoawe.com
URL: https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software: unknown /
Resource Hash: b72b133f647545d0fa6ca3c13454dc5adca17490e714c9abb3b56c61fdadd294

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://pt.protoawe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-cdn-node: itmil
date: Tue, 19 Sep 2023 23:53:57 GMT
content-encoding: gzip
last-modified: Tue, 19 Sep 2023 11:37:24 GMT
server: unknown
etag: W/"650987f4-50a28"
x-cache-status: R-HIT
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
expires: Tue, 03 Oct 2023 23:53:57 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 295A 225 KB
76 KB 490ms
67ms Script
application/javascript 142.250.186.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WXTGF28

Requested by

Host: pt.protoawe.com
URL: https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

8a216b2f5c2b4c0e01b2d8cc8317389a20bf9876d0dbefaa5eed49849bac61cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://pt.protoawe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 23:53:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77519
x-xss-protection: 0
last-modified: Tue, 19 Sep 2023 22:51:29 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 19 Sep 2023 23:53:57 GMT

GET
H2 200 js-cookie-muidn Show response
cm.mgid.com/ 0
381 B 516ms
83ms Script
application/javascript 104.19.131.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/js-cookie-muidn
Requested by: Host: cdn.usefulcontentsites.com
URL: https://cdn.usefulcontentsites.com/js/push/subscribe.js?v=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.131.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Sep 2023 23:53:57 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 8095c0463f7abb26-MXP
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 8e6637b4f4f57cc6ca9a8b8db5bcdcb1.json Show response
services.vlitag.com/cli/ 42 B
344 B 575ms
173ms XHR
application/json 104.22.58.199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://services.vlitag.com/cli/8e6637b4f4f57cc6ca9a8b8db5bcdcb1.json?hn=https://ibb.co
Requested by: Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.58.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa178c4d46880590bcc3e79e8ba2fb51815827e8b5a39fa6701574c4415d51a7

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Sep 2023 23:53:57 GMT
cf-cache-status: BYPASS
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ibb.co
cache-control: private, no-cache, no-store, must-revalidate
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 8095c046dec2baf1-MXP
content-length: 42
alt-svc: h3=":443"; ma=86400
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 85b76828bc393223cb0d536491aaf8fc_glamour_460x345.jpg
galleryn1.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f18/ Frame 295A 58 KB
58 KB 200ms
74ms Image
image/jpeg 93.93.51.190
DOCLER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galleryn1.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f18/85b76828bc393223cb0d536491aaf8fc_glamour_460x345.jpg?cno=85b6

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.93.51.190 , Luxembourg, ASN34655 (DOCLER-AS, LU),

Reverse DNS

Software

unknown /

Resource Hash

13b366f758c2bb9410d91a6b7bb1efa9db2b58a161e4c7517688006b1223a4f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://pt.protoawe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 23:53:57 GMT
x-content-type-options: nosniff
x-cache-status: R-HIT
x-cache-source: Origin
content-length: 59098
x-cdn-node: itmil
last-modified: Thu, 27 Jul 2023 05:16:48 GMT
server: unknown
etag: "ecfb4f946a272c7668475527adad692e"
content-type: image/jpeg
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: max-age=1209600
x-real-source: -
accept-ranges: bytes
expires: Tue, 03 Oct 2023 23:53:57 GMT

GET
H2 200 9b6fb6c4d9c435f919931c488c9813f9_glamour_460x345.jpg
galleryn0.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f19/ Frame 295A 17 KB
17 KB 176ms
64ms Image
image/jpeg 93.93.51.190
DOCLER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galleryn0.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f19/9b6fb6c4d9c435f919931c488c9813f9_glamour_460x345.jpg?cno=229d

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.93.51.190 , Luxembourg, ASN34655 (DOCLER-AS, LU),

Reverse DNS

Software

unknown /

Resource Hash

7e83f0635bfd39bd3b447740cc7fce4c830522e7d4cd40596b41411745c37980

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://pt.protoawe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 23:53:57 GMT
x-content-type-options: nosniff
x-cache-status: R-HIT
x-cache-source: Origin
content-length: 17415
x-cdn-node: itmil
last-modified: Mon, 18 Sep 2023 21:52:09 GMT
server: unknown
etag: "7600701ef3336f7f7035e0f72550bd49"
content-type: image/jpeg
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: max-age=1209600
x-real-source: -
accept-ranges: bytes
expires: Tue, 03 Oct 2023 23:53:57 GMT

GET
H2 200 54cffc51876e4af4cf52855b5f660c09_glamour_460x345.jpg
galleryn0.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f15/ Frame 295A 17 KB
17 KB 190ms
78ms Image
image/jpeg 93.93.51.190
DOCLER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galleryn0.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f15/54cffc51876e4af4cf52855b5f660c09_glamour_460x345.jpg?cno=8956

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.93.51.190 , Luxembourg, ASN34655 (DOCLER-AS, LU),

Reverse DNS

Software

unknown /

Resource Hash

6b43a661386c8afb1ecccdc626598b87976ffe17d5d703521451d2efc8d009b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://pt.protoawe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 23:53:57 GMT
x-content-type-options: nosniff
x-cache-status: R-HIT
x-cache-source: Origin
content-length: 17438
x-cdn-node: itmil
last-modified: Tue, 19 Sep 2023 14:26:22 GMT
server: unknown
etag: "dd7ba591540e328021044b1d8abf0a8c"
content-type: image/jpeg
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: max-age=1209600
x-real-source: -
accept-ranges: bytes
expires: Tue, 03 Oct 2023 23:53:57 GMT

GET
H2 200 358496ff56c9c4247cd4baba0cefc40a_glamour_460x345.jpg
galleryn1.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f13/ Frame 295A 18 KB
18 KB 250ms
124ms Image
image/jpeg 93.93.51.190
DOCLER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galleryn1.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f13/358496ff56c9c4247cd4baba0cefc40a_glamour_460x345.jpg?cno=4b8a

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.93.51.190 , Luxembourg, ASN34655 (DOCLER-AS, LU),

Reverse DNS

Software

unknown /

Resource Hash

e51f30eaa1b837471eb36f9a0e16ee9193253126cddc3a81f1298739f6111105

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://pt.protoawe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 23:53:57 GMT
x-content-type-options: nosniff
x-cache-status: R-HIT
x-cache-source: Origin
content-length: 18534
x-cdn-node: itmil
last-modified: Wed, 17 May 2023 17:26:30 GMT
server: unknown
etag: "8e9f81cbe4fe8af35c2f0e38b498334e"
content-type: image/jpeg
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: max-age=1209600
x-real-source: -
accept-ranges: bytes
expires: Tue, 03 Oct 2023 23:53:57 GMT

GET
H2 200 vl.json Show response
services.vlitag.com/vld/1695163682/ 13 B
97 B 173ms
172ms XHR
application/json 104.22.58.199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://services.vlitag.com/vld/1695163682/vl.json?page_url=https%3A%2F%2Fibb.co%2FmB1hCdH
Requested by: Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.58.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 23:53:57 GMT
cf-cache-status: HIT
last-modified: Tue, 19 Sep 2023 23:48:52 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ibb.co
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 8095c047fef5baf1-MXP
content-length: 13
alt-svc: h3=":443"; ma=86400

GET
H2 200 8e6637b4f4f57cc6ca9a8b8db5bcdcb1.json Show response
services.vlitag.com/obj/1695163682/ 44 KB
5 KB 39ms
39ms XHR
application/json 104.22.58.199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://services.vlitag.com/obj/1695163682/8e6637b4f4f57cc6ca9a8b8db5bcdcb1.json?cc=IT&hn=https://ibb.co
Requested by: Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.58.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea20638db28636dd397c7d1e793bddb9b65bf3dea9fd6ddcb3ee208354a451aa

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 23:53:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 19 Sep 2023 22:49:21 GMT
server: cloudflare
age: 3563
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ibb.co
cache-control: public, immutable, max-age=31536000
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 8095c047fef7baf1-MXP
alt-svc: h3=":443"; ma=86400

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 295A 52 KB
21 KB 533ms
50ms Script
text/javascript 216.239.36.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WXTGF28

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.239.36.178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://pt.protoawe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 19 Sep 2023 23:48:21 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 337
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 20 Sep 2023 01:48:21 GMT

GET
H2 200 prebid-7.48.0.js Show response
assets.vlitag.com/prebid/default/ 561 KB
172 KB 81ms
64ms Script
application/javascript 104.22.58.199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js
Requested by: Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.58.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95dbbacaaa6b78654b2b74da75fa16e9986ff82fe674aea184b07e643295c871

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 23:53:57 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 08 May 2023 07:36:47 GMT
server: cloudflare
age: 1171475
cf-polished: origSize=575587
etag: W/"6458a68f-8c863"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=16070400
cf-ray: 8095c0487d564dbe-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 06 Sep 2023 10:59:22 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 99 KB
29 KB 593ms
125ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

fb895adcc4eece47885b10e10fe128aa1669db95ce26b04a04a19e20b103eb72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 23:53:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29424
x-xss-protection: 0
server: cafe
etag: 400 / 19619 / 31077994 / config-hash: 10560056370792808416
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 19 Sep 2023 23:53:58 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 359 KB
124 KB 510ms
68ms Script
text/javascript 142.250.185.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f10.1e100.net

Software

sffe /

Resource Hash

8be5f11b40d73f6965e5d69189d533173aca057616a3b573316868678c132bfd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 23:53:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125909
x-xss-protection: 0
expires: Tue, 19 Sep 2023 23:53:58 GMT

GET
H2 200 sf_host.min.js Show response
assets.vlitag.com/plugins/safeframe/src/js/ 38 KB
17 KB 63ms
47ms Script
application/javascript 104.22.58.199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vlitag.com/plugins/safeframe/src/js/sf_host.min.js
Requested by: Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.58.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 23:53:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 01 Nov 2019 05:04:50 GMT
server: cloudflare
age: 1171475
etag: W/"5dbbbcf2-9806"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=16070400
cf-ray: 8095c0487d544dbe-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 06 Sep 2023 10:59:22 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 249 KB
61 KB 212ms
75ms Script
application/javascript 18.239.69.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.69.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-69-131.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 07eb86d32844a4bae782c9a243f8db9a435b9fa116c5b19f7de310789b9d63a8

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 23:37:51 GMT
content-encoding: gzip
via: 1.1 8c08c39035033b8c904aa0e3f734d6c6.cloudfront.net (CloudFront), 1.1 21fa1f710ba39237a1fbf11df235dc68.cloudfront.net (CloudFront)
last-modified: Thu, 14 Sep 2023 19:03:55 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, AMS58-P4
age: 967
x-amz-server-side-encryption: AES256
etag: W/"c48a6ec54d501e77b70ec98cc7bfa1a9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: yMXxlq4dTHXpmZEmAYSNqSGO0bTt5hbKjP9D466aggf0RcpPcn1dQg==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 177ms
57ms XHR
application/javascript 18.239.69.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.69.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-69-131.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 033f456f54ceb7135f57b018b334dfdc.cloudfront.net (CloudFront)
date: Tue, 19 Sep 2023 03:18:37 GMT
x-amz-cf-pop: AMS58-P4
age: 74172
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: CoTzjHVG2Zs_a757w2iOGf1h_JAs4SFrEeey12PfekdfTFUeiaUPjA==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 295A 231 KB
81 KB 57ms
56ms Script
application/javascript 142.250.186.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-H7LMNP6Q9N&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WXTGF28

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

7c3e967b49ebfb1e6b5ce829cfe418bbb1639e42e98341bbe3c9295593042886

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://pt.protoawe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 23:53:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82818
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 19 Sep 2023 23:53:58 GMT

GET
H2 200 TEO.gif
pt.protoawe.com/vXe0G/ Frame 295A 43 B
297 B 55ms
54ms Image
image/gif 93.93.51.191
DOCLER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pt.protoawe.com/vXe0G/TEO.gif?psprogram=revs&pstool=212_1&site=jsm&campaign_id=&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&psid=mesaction&categoryName=girl&vp%5BautoPlay%5D=1&vp%5BshowChat%5D=0&vp%5BchatAutoHide%5D=0&im=0
Requested by: Host: ibb.co
URL: https://ibb.co/mB1hCdH
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.93.51.191 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software: unknown /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 23:53:58 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: unknown
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
content-length: 43
expires: Tue, 19 Sep 2023 23:53:57 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/ 409 KB
129 KB 38ms
38ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl.js?cb=31077994

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

520fd704b94c711b19d5c44660660a755d191c4400fd493bde84da71344e30e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 10:36:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47852
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131891
x-xss-protection: 0
server: cafe
etag: 12284941131365068139
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 18 Sep 2024 10:36:26 GMT

GET
H2 200 9cf0c4f1-7630-476b-9141-f4472e005192 Show response
config.aps.amazon-adsystem.com/configs/ 537 B
812 B 258ms
81ms Script
application/javascript 18.238.243.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/9cf0c4f1-7630-476b-9141-f4472e005192
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.243.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-243-122.ams58.r.cloudfront.net
Software: CloudFront /
Resource Hash: b25b9a7c5e3db18c4ecee3cc7d3162cd8d9ecd91f17ec185d768de267e3ba3f6

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 23:13:28 GMT
via: 1.1 941049c97e511f86acc1525badae21c2.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: AMS58-P1
age: 2430
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 537
x-amz-cf-id: c_MuW96AGKWxR0yzaPQmCbBmcCeaMlHU82XYlmU4haDcyWmVdLjf8Q==

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
302 B 41ms
41ms XHR
text/plain 18.239.69.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fibb.co&pubid=9cf0c4f1-7630-476b-9141-f4472e005192
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.69.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-69-131.ams58.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:47:36 GMT
via: 1.1 21fa1f710ba39237a1fbf11df235dc68.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: AMS58-P4
age: 7582
x-cache: Hit from cloudfront
access-control-allow-origin: https://ibb.co
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: v34E8DgFgEYTTJOtp1awfyTsUDp24j1sDechE9T9meM83L3uOCkHNg==

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
2 KB 450ms
48ms XHR
application/json 104.16.86.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230920

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.48.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.86.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a4dc19ff4252e47630d51b345780b1b96b9c6a21ff358266e9d60bf8c715ac2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ibb.co/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 19 Sep 2023 23:53:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 28390
x-jsd-version: 1.0.1818
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230103-FRA, cache-bma1654-BMA
x-jsd-version-type: version
server: cloudflare
etag: W/"63c-g7L8eUzQQd1oX2hmZmocfYLYIy8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FH6f2B0rqLnGiV8N%2FPjxKZCkhcC7KrTOcYc9cHTIIB1TbEHbXSfvqmbo95DHcPCb9BIgzY3a9JuQzNNPRBQUOmQnJv01R%2FQGM1Lr1JKFu3gZLJvyYCf9Z2xuswhssHaL9fc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 8095c04f3c6b4882-MXP

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
455 B 265ms
95ms XHR
text/javascript 18.239.64.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fibb.co%2FmB1hCdH&pid=QiZKjg99m7MAl&cb=0&ws=1600x1200&v=23.829.1852&t=1500&slots=%5B%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A1%2C%22id%22%3A%22Interdog_Media_RON_Instream%22%2C%22mt%22%3A%22v%22%2C%22s%22%3A%5B%22640x480%22%5D%7D%2C%7B%22sd%22%3A%22vi_22154111431_banner%22%2C%22s%22%3A%5B%22336x280%22%2C%22300x250%22%5D%2C%22sn%22%3A111431%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!pubpower.io%2C467%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.64.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-64-29.ams58.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 23:53:58 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 b12f8dbad5c96c988a65bc3df19995d0.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: AMS58-P4
x-amz-rid: T3PJVAR5Q04KJFZ3ZETJ
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://ibb.co
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: qgsd4_gIPtrCHM-FtdetqykuYFcBm5qwclNyPfx-QZMgyazPutPSBQ==

GET
H2 200 tf-v1.jpeg
px.vliplatform.com/ 0
258 B 593ms
168ms Image
image/jpeg 172.67.158.59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/tf-v1.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNZAqZUyUU-UTAt-PMea-qKyP-MKTYyTqAayTwRzyzNhqut_cotvRws0NA
Requested by: Host: ibb.co
URL: https://ibb.co/mB1hCdH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.158.59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 23:53:59 GMT
cf-cache-status: MISS
last-modified: Tue, 19 Sep 2023 23:53:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2m6393YHpU55lHHw6Qx4BKHqNoy16LOBM5ousdnFg1EvqTvfHZaYfqrJ6odvA%2BSUeCU1mDs%2B22xyHfXhJ4WcuLTev4%2F313c%2BWhc%2FVYKTOBJ62xsu1cZE0cDEfuTXM7rmZfEqbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 8095c04f9ec54daf-FRA
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 cc.jpeg
px.vliplatform.com/bi-v4/ 0
513 B 592ms
167ms Image
image/jpeg 172.67.158.59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNwwtUrBtA-PaKZ-Pwee-qtTK-UqKwTYTteTZURdzNcortg%20oflzktqdRlmNUPAbPMARwlNqdqmgfRkjmNUPAbPMARrdzNqdqmgfRwkjNARmNTTTPBTRleNplR_yszuNyqsltRedhNgyy
Requested by: Host: ibb.co
URL: https://ibb.co/mB1hCdH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.158.59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 23:53:59 GMT
cf-cache-status: MISS
last-modified: Tue, 19 Sep 2023 23:53:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YsVMxQ2b9fomx5PTz7YNV8EVGPwVPsngEz10EVlh1LlkP%2B2w8JCcHKTii6q%2FfnWxcG%2Buw1nol6jzgqenWhPbKb7lMqQrDbM4ZHg87mPJ2bIW4G48PnuV5JC45T3NUxTNYBY%2BEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 8095c04f9ec64daf-FRA
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 cc.jpeg
px.vliplatform.com/bi-v4/ 0
267 B 616ms
191ms Image
image/jpeg 172.67.158.59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNYaTMTraU-TUTT-PUUY-MZra-weMaeaqAtyyrRdzNwqfftkRlmNBBUbPMARwlNqdqmgfRkjmNBBUbYMA,BAAbYZARrdzNqdqmgfRwkjNARmNTTTPBTRleNplR_yszuNyqsltRedhNgyy
Requested by: Host: ibb.co
URL: https://ibb.co/mB1hCdH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.158.59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 23:53:59 GMT
cf-cache-status: MISS
last-modified: Tue, 19 Sep 2023 23:53:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Be5gu%2FJW%2BgyVPc7rHO1hBBHF8uV2ZKN1YV6g%2FJ5%2BCnWwuOnII%2FfWfrL3%2B%2BNSL9ZFzwZaI2fDo6MO4CF4MpQzSLiV%2F4yNjOj4KAWIKHPmWj0oZQ5MybBSG4ng6zz0wkflDBe9wA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 8095c04faeda4daf-FRA
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
456 B 258ms
99ms XHR
text/javascript 18.239.64.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fibb.co%2FmB1hCdH&pid=QiZKjg99m7MAl&cb=1&ws=1600x1200&v=23.829.1852&t=1500&slots=%5B%7B%22sd%22%3A%22vi_22154111432%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A111432%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!pubpower.io%2C467%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.64.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-64-29.ams58.r.cloudfront.net

Software

Server /

Resource Hash

89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 23:53:58 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 b12f8dbad5c96c988a65bc3df19995d0.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: AMS58-P4
x-amz-rid: DX938GNMV4MKHX1ZQCRW
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://ibb.co
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: jlyfJdknKbF_o-_XEu4S8UO7FALcNGOBK87uEYFkapR-mEgmf-Co_g==

GET
H2 200 cc.jpeg
px.vliplatform.com/bi-v4/ 0
257 B 583ms
168ms Image
image/jpeg 172.67.158.59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNArKMBYrU-KUaP-PYKB-aZUB-wyewBZTABPAPRdzNwqfftkRlmNKYMbaARwlNqdqmgfRkjmNKYMbaARrdzNqdqmgfRwkjNARmNTTTPBYRleNplR_yszuNyqsltRedhNgyy
Requested by: Host: ibb.co
URL: https://ibb.co/mB1hCdH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.158.59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 23:53:59 GMT
cf-cache-status: MISS
last-modified: Tue, 19 Sep 2023 23:53:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DYWvozdauYXfuD9jeiKmLseks8FOza1XIG2DzwQNwFWxXtyPN%2Fw24r34L3GZZ28gfkcQCLTFYmo%2BE7GEKrc9Jbz2MiyNe%2B5DskOGY9crbH9ftvjYhp9PErcdMELWrFLfzCNZPg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 8095c04f9ec74daf-FRA
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
456 B 252ms
97ms XHR
text/javascript 18.239.64.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fibb.co%2FmB1hCdH&pid=QiZKjg99m7MAl&cb=2&ws=1600x1200&v=23.829.1852&t=1500&slots=%5B%7B%22sd%22%3A%22vi_22154111430_7%22%2C%22s%22%3A%5B%22970x90%22%5D%2C%22sn%22%3A111430%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%2C%7B%22sd%22%3A%22vi_22154111430_8%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A111430%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!pubpower.io%2C467%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.64.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-64-29.ams58.r.cloudfront.net

Software

Server /

Resource Hash

5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 23:53:58 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 b12f8dbad5c96c988a65bc3df19995d0.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: AMS58-P4
x-amz-rid: CZEAPQD8X5JF7J9P851F
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://ibb.co
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: E01GYHq2DfIYfgL5MVjCfOgi-Dxb4W8oUgFbXQXT2mUS-SBQ-zMiTg==

GET
H2 200 cc.jpeg
px.vliplatform.com/bi-v4/ 0
266 B 603ms
192ms Image
image/jpeg 172.67.158.59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNAYUYTaMU-MrAB-Pqtt-ayta-YwYBerTaqeMKRdzNwqfftkRlmNaKAbaARwlNqdqmgfRkjmNaKAbaARrdzNqdqmgfRwkjNARmNTTTPBARleNplR_yszuNyqsltRedhNgyy
Requested by: Host: ibb.co
URL: https://ibb.co/mB1hCdH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.158.59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 23:53:59 GMT
cf-cache-status: MISS
last-modified: Tue, 19 Sep 2023 23:53:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4oVIGfFGh0QO45%2BOuM6X0Mcbdmp01%2BGBZ9zh6ilxRhoQw%2BWuN4AbrQR38v8XcO%2BX2VN6M76BHMJUtPhv%2F5lkMRnhDCCQCMH3Nanpav%2BVfGt%2BzZUi3TlX%2F1BHxbPqMaq%2BUfEqBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 8095c04faedb4daf-FRA
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 cc.jpeg
px.vliplatform.com/bi-v4/ 0
259 B 601ms
190ms Image
image/jpeg 172.67.158.59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNMAUKeZqA-eAPU-Pwre-qeBA-KeZtyqPayMqBRdzNwqfftkRlmNKYMbaARwlNqdqmgfRkjmNKYMbaARrdzNqdqmgfRwkjNARmNTTTPBARleNplR_yszuNyqsltRedhNgyy
Requested by: Host: ibb.co
URL: https://ibb.co/mB1hCdH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.158.59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 23:53:59 GMT
cf-cache-status: MISS
last-modified: Tue, 19 Sep 2023 23:53:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fd%2Bc%2FqChJLS%2BBf4rfheADEg2MpnCLYxK5R2b8fS74LWsJEHqSUk2MYGGgXJ9nSkI4a5ce2V%2FuJ2BcHzDfmqDvyQ37B5SkHkJOWa0xH%2B6S9K3tdqXjrSKh874InB6M6raOQ9lGA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 8095c04faedc4daf-FRA
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
456 B 218ms
93ms XHR
text/javascript 18.239.64.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fibb.co%2FmB1hCdH&pid=QiZKjg99m7MAl&cb=3&ws=1600x1200&v=23.829.1852&t=1500&slots=%5B%7B%22sd%22%3A%22vi_2215494532_1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A94532%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!pubpower.io%2C467%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.64.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-64-29.ams58.r.cloudfront.net

Software

Server /

Resource Hash

1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 23:53:58 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 b12f8dbad5c96c988a65bc3df19995d0.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: AMS58-P4
x-amz-rid: CFRAH5GZD51492MDG29S
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://ibb.co
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: NbZY1bbjJdA0R_yy27QmFoieMDE_HzdkMpFlbBcGoQO0t5qALWOLpA==

GET
H2 200 1679645040.png
assets.vlitag.com/widget/2023/03/24/ 98 KB
99 KB 105ms
103ms Image
image/webp 104.22.58.199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.vlitag.com/widget/2023/03/24/1679645040.png
Requested by: Host: ibb.co
URL: https://ibb.co/mB1hCdH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.58.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c43f2cfd502f8404bf58060207dfd8294ad0c7f1bc08e69db75713552f915795

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 23:53:58 GMT
cf-cache-status: HIT
age: 1171471
cf-polished: origFmt=png, origSize=323185
content-disposition: inline; filename="1679645040.webp"
alt-svc: h3=":443"; ma=86400
content-length: 100856
cf-bgj: imgq:85,h2pri
last-modified: Fri, 24 Mar 2023 08:04:00 GMT
server: cloudflare
etag: "641d5970-4ee71"
vary: Accept
content-type: image/webp
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 8095c04d390a4dbe-FRA
expires: Wed, 06 Sep 2023 10:59:22 GMT

GET
H2 200 1648753545.jpg
assets.vlitag.com/widget/2022/03/31/ 97 KB
97 KB 105ms
103ms Image
image/webp 104.22.58.199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.vlitag.com/widget/2022/03/31/1648753545.jpg
Requested by: Host: ibb.co
URL: https://ibb.co/mB1hCdH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.58.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 191a98003e98b429276e8f3daefd3849a1603a4ddee78efc0168ba41a131a5bb

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 23:53:58 GMT
cf-cache-status: HIT
age: 1171469
cf-polished: qual=85, origFmt=jpeg, origSize=133932
content-disposition: inline; filename="1648753545.webp"
alt-svc: h3=":443"; ma=86400
content-length: 99048
cf-bgj: imgq:85,h2pri
last-modified: Thu, 31 Mar 2022 19:05:45 GMT
server: cloudflare
etag: "6245fb89-20b2c"
vary: Accept
content-type: image/webp
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 8095c04d390b4dbe-FRA
expires: Wed, 06 Sep 2023 10:59:22 GMT

GET
H2 200 1572962830.jpg
assets.vlitag.com/widget/2019/11/05/ 170 KB
171 KB 43ms
42ms Image
image/jpeg 104.22.58.199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.vlitag.com/widget/2019/11/05/1572962830.jpg
Requested by: Host: ibb.co
URL: https://ibb.co/mB1hCdH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.58.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a24a1cdd313ab6fa435e1a0f9f4f0395f864a11c9a5ff9610beafe91548d1a8d

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 23:53:58 GMT
cf-cache-status: HIT
age: 1171469
cf-polished: degrade=85, origSize=227959, status=webp_bigger
alt-svc: h3=":443"; ma=86400
content-length: 174276
cf-bgj: imgq:85,h2pri
last-modified: Tue, 05 Nov 2019 14:07:11 GMT
server: cloudflare
etag: "5dc1820f-37a77"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 8095c04d390c4dbe-FRA
expires: Wed, 06 Sep 2023 10:59:22 GMT

GET
H2 200 1592801729.jpg
assets.vlitag.com/widget/2020/06/22/ 74 KB
74 KB 104ms
103ms Image
image/webp 104.22.58.199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.vlitag.com/widget/2020/06/22/1592801729.jpg
Requested by: Host: ibb.co
URL: https://ibb.co/mB1hCdH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.58.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8341f341848ee9eec71870d976b0895ef1084190c2e0b0349d2ba1c9b9ef64e

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 23:53:58 GMT
cf-cache-status: HIT
age: 1171469
cf-polished: qual=85, origFmt=jpeg, origSize=103053
content-disposition: inline; filename="1592801729.webp"
alt-svc: h3=":443"; ma=86400
content-length: 75514
cf-bgj: imgq:85,h2pri
last-modified: Mon, 22 Jun 2020 04:55:29 GMT
server: cloudflare
etag: "5ef039c1-1928d"
vary: Accept
content-type: image/webp
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 8095c04d390d4dbe-FRA
expires: Wed, 06 Sep 2023 10:59:22 GMT

GET
H2 200 1572962870.jpg
assets.vlitag.com/widget/2019/11/05/ 107 KB
107 KB 104ms
104ms Image
image/webp 104.22.58.199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.vlitag.com/widget/2019/11/05/1572962870.jpg
Requested by: Host: ibb.co
URL: https://ibb.co/mB1hCdH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.58.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45fe766308841d0d4a2068ef014d83df899ef6623f6bb4bde509431657b1c707

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 23:53:58 GMT
cf-cache-status: HIT
age: 1171469
cf-polished: qual=85, origFmt=jpeg, origSize=151033
content-disposition: inline; filename="1572962870.webp"
alt-svc: h3=":443"; ma=86400
content-length: 109336
cf-bgj: imgq:85,h2pri
last-modified: Tue, 05 Nov 2019 14:07:50 GMT
server: cloudflare
etag: "5dc18236-24df9"
vary: Accept
content-type: image/webp
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 8095c04d390f4dbe-FRA
expires: Wed, 06 Sep 2023 10:59:22 GMT

GET
H2 200 1596163502.jpg
assets.vlitag.com/widget/2020/07/30/ 104 KB
105 KB 104ms
104ms Image
image/webp 104.22.58.199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.vlitag.com/widget/2020/07/30/1596163502.jpg
Requested by: Host: ibb.co
URL: https://ibb.co/mB1hCdH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.58.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5db53bf6a77148dae0aece6b6512e4a6bf94603af72e449a0f23ed03e8b96ff3

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 23:53:58 GMT
cf-cache-status: HIT
age: 1171469
cf-polished: qual=85, origFmt=jpeg, origSize=140376
content-disposition: inline; filename="1596163502.webp"
alt-svc: h3=":443"; ma=86400
content-length: 106784
cf-bgj: imgq:85,h2pri
last-modified: Fri, 31 Jul 2020 02:45:02 GMT
server: cloudflare
etag: "5f2385ae-22458"
vary: Accept
content-type: image/webp
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 8095c04d39104dbe-FRA
expires: Wed, 06 Sep 2023 10:59:22 GMT

GET
H2 200 cc.jpeg
px.vliplatform.com/bi-v4/ 0
263 B 181ms
181ms Image
image/jpeg 172.67.158.59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNqTwMerqe-MarY-Pyet-qUtY-BqeKeeKqtwKaRdzNwqfftkRlmNBAAbYZARwlNqdqmgfRkjmNBAAbYZARrdzNqdqmgfRwkjNARmNaPZBYRleNplR_yszuNyqsltRedhNgyy
Requested by: Host: ibb.co
URL: https://ibb.co/mB1hCdH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.158.59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 23:53:59 GMT
cf-cache-status: MISS
last-modified: Tue, 19 Sep 2023 23:53:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K27dZkDWycJHDDmPjs%2BvMbwj%2FvDsG%2B%2Ff7acrtyN8CkBMf61w2e9oebc5aQ15%2Bvdhp4ifuUsbf1wMvhp%2F4yP%2BozM8TkP6GP6yRZz0EpvP1WspmHuus%2By%2FPPATH43y1KuOuvs8dQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 8095c04faedf4daf-FRA
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H/1.1

206
Partial Content

videoplayback
r5---sn-4g5edndk.googlevideo.com/
Redirect Chain

https://media.vlitag.com/vid/?id=6Fk_i-JDmbY&t=y
https://redirector.googlevideo.com/videoplayback?expire=1695186195&ei=sygKZZaICqSzsfIPhuiT-AM&ip=184.164.141.146&id=o-AATAvzNeX5TcaTS1l_AZuo5vWCXP08jUNGndn-uz4Uk7&itag=136&aitags=134%2C136%2C160%2C...
https://r5---sn-4g5edndk.googlevideo.com/videoplayback?expire=1695186195&ei=sygKZZaICqSzsfIPhuiT-AM&ip=184.164.141.146&id=o-AATAvzNeX5TcaTS1l_AZuo5vWCXP08jUNGndn-uz4Uk7&itag=136&aitags=134%2C136%2C...

384 KB
0

485ms
50ms

Media
video/mp4

172.217.133.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-4g5edndk.googlevideo.com/videoplayback?expire=1695186195&ei=sygKZZaICqSzsfIPhuiT-AM&ip=184.164.141.146&id=o-AATAvzNeX5TcaTS1l_AZuo5vWCXP08jUNGndn-uz4Uk7&itag=136&aitags=134%2C136%2C160%2C243&source=youtube&requiressl=yes&spc=UWF9f2Lty4t3bSqbK4H6nQSclmiTw00IEuURVCohmg&vprv=1&svpuc=1&mime=video%2Fmp4&ns=hNc338eU2WQqlQ9T6oNhmeEP&gir=yes&clen=33307029&dur=200.909&lmt=1685781129302686&keepalive=yes&fexp=24007246&c=WEB&txp=6216224&n=Eb9xZkv3Bn1BHv3&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgSgncr5A5istbVZ51TZXXoT_Y432Rg6YqeNkhWvu4UOECIExeKHxFnpaL8U6XcD6y_m655sowgaaGOwf3xWGigQt-&cms_redirect=yes&mh=d6&mip=185.198.62.232&mm=31&mn=sn-4g5edndk&ms=au&mt=1695165683&mv=u&mvi=5&pl=23&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgIsXa3-kwUhFuvZcEkv_MAhtQSDE-p2NTZfT95vjV_oMCIF7rIurvhTA8-pyjntuAxI4UW-sH6U7gOIheuWR5gE9l

Requested by

Host: ibb.co
URL: https://ibb.co/mB1hCdH

Protocol

HTTP/1.1

Server

172.217.133.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s67-in-f10.1e100.net

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date: Tue, 19 Sep 2023 23:53:59 GMT
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Last-Modified: Sat, 03 Jun 2023 08:32:09 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-33307028/33307029
Cache-Control: private, max-age=18256
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 33307029
Expires: Tue, 19 Sep 2023 23:53:59 GMT

Redirect headers

pragma: no-cache
date: Tue, 19 Sep 2023 23:53:59 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r5---sn-4g5edndk.googlevideo.com/videoplayback?expire=1695186195&ei=sygKZZaICqSzsfIPhuiT-AM&ip=184.164.141.146&id=o-AATAvzNeX5TcaTS1l_AZuo5vWCXP08jUNGndn-uz4Uk7&itag=136&aitags=134%2C136%2C160%2C243&source=youtube&requiressl=yes&spc=UWF9f2Lty4t3bSqbK4H6nQSclmiTw00IEuURVCohmg&vprv=1&svpuc=1&mime=video%2Fmp4&ns=hNc338eU2WQqlQ9T6oNhmeEP&gir=yes&clen=33307029&dur=200.909&lmt=1685781129302686&keepalive=yes&fexp=24007246&c=WEB&txp=6216224&n=Eb9xZkv3Bn1BHv3&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgSgncr5A5istbVZ51TZXXoT_Y432Rg6YqeNkhWvu4UOECIExeKHxFnpaL8U6XcD6y_m655sowgaaGOwf3xWGigQt-&cms_redirect=yes&mh=d6&mip=185.198.62.232&mm=31&mn=sn-4g5edndk&ms=au&mt=1695165683&mv=u&mvi=5&pl=23&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgIsXa3-kwUhFuvZcEkv_MAhtQSDE-p2NTZfT95vjV_oMCIF7rIurvhTA8-pyjntuAxI4UW-sH6U7gOIheuWR5gE9l
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1264
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 466ms
70ms Script
application/javascript 104.16.86.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl.js?cb=31077994

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.86.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 23:53:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 19470
x-jsd-version: master
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230042-FRA, cache-jnb7027-JNB
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=673PtrjfsM6%2BBqPU3zYsOzRH9rle96z%2F%2F6pZDjP%2FpMVYpDlw08YqfZKtCud9oMeLRqC67yXK1qu8JDOBKcNjiCIoy0cPlv5EPpX4KudbMZ1UPh1ID%2FHVpdFTX6vzBobqZA8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 8095c0518ece3757-MXP

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 139 KB
31 KB 485ms
53ms Script
text/javascript 104.22.53.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl.js?cb=31077994

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.53.86 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccebb3668d65d3268223556ecdbe14e98305dd0abeffe6308c75e7fb21188fc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 23:53:59 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 08 Sep 2023 09:30:49 GMT
server: cloudflare
x-amz-request-id: VK2SRF16D02X5ZN2
age: 2084
etag: W/"1a5f44cdb786ba83a7fa05963228f464"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 8095c051be834d8a-FRA
x-amz-id-2: W86YinNW2dsuZPfS+ZTkYpgh0FatBDvKhVeIE0/ciWbe7u4JzKj0+uiv//jSw9oMSxGGGz5knYw=

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 43 KB
14 KB 510ms
77ms Script
text/javascript 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl.js?cb=31077994

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

c746ca687b3e79023240e45eb684f036fd9a1312b454758a6018b3ece635dafb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 23:53:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 07 Sep 2023 09:22:37 GMT
server: nginx
etag: W/"64f9965d-ab99"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 20 Sep 2023 23:53:59 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 84 KB
27 KB 314ms
314ms XHR
text/plain 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=119937664302648&correlator=2983605728089525&eid=31077366%2C31077994%2C31077693%2C31077899&output=ldjh&gdfp_req=1&vrg=202309180101&ptt=17&impl=fifs&iu_parts=21724377464%3A22155214454%2Cibb.co_vli94532&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&sfv=1-0-40&fsfs=1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1695167638844&lmt=1695160438&adxs=985&adys=265&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fibb.co%2FmB1hCdH&vis=1&psz=300x-1&msz=300x-1&fws=0&ohw=0&ga_vid=2056875247.1695167639&ga_sid=1695167639&ga_hid=1561782154&ga_fc=false&a3p=EhkKCnB1YmNpZC5vcmcYuNr1_qoxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGLja9f6qMUgAUgIIZBIbCgxpZDUtc3luYy5jb20YuNr1_qoxSABSAghk&dlt=1695167635994&idt=2632&prev_scp=vli_adslot%3D94532%26vli_acc%3D152media%26vli_adtype%3Ddisplay%26hb_width%3D300%26hb_height%3D250%26pw_tagid%3D94532%26vli_sf%3D1%26pw_network%3Dtrue%26vli_ad_type%3Dpassback%26pw_pb%3D0.01&cust_params=hb_domain%3Dibb.co&adks=902507607&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl.js?cb=31077994

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

3fd9718577e933c7afc3721d8f700103505378b8533032b41780d0774c60103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 23:53:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26960
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ibb.co
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cc.jpeg
px.vliplatform.com/bi-v4/ 0
258 B 183ms
182ms Image
image/jpeg 172.67.158.59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNPKrrtZKe-wYBZ-Pryr-MYtA-AeeUaMtBqwZPRdzNwqfftkRwlNqrb_TZYdtroqRkjmNBAAbYZARrdzNuggustRwkjNTRmNaPZBYRleNplR_yszuNyqsltRedhNgyy
Requested by: Host: ibb.co
URL: https://ibb.co/mB1hCdH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.158.59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 23:53:59 GMT
cf-cache-status: MISS
last-modified: Tue, 19 Sep 2023 23:53:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VG0ZSEmy%2FQHyMST39VYTBfL7FAgzbC9N%2B19rk%2BDivX8Rgt8qMC3ZIEK7ZrzA5pNPdMuNry86UDYpIRsS2ZVZPJH3XJrd3XftbECaitTYjwyAakfGqJfPtGo80kSoEyng4Lsvrg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 8095c04faee04daf-FRA
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 container.html Show response
bfa9ed82e61a589dc976c397d3ded1ae.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7464 6 KB
3 KB 476ms
40ms Document
text/html 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bfa9ed82e61a589dc976c397d3ded1ae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl.js?cb=31077994

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ibb.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Sep 2023 23:53:59 GMT
expires: Wed, 18 Sep 2024 23:53:59 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 46 KB
16 KB 244ms
243ms XHR
text/plain 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=119937664302648&correlator=3147751122322022&eid=31077366%2C31077994%2C31077693%2C31077899&output=ldjh&gdfp_req=1&vrg=202309180101&ptt=17&impl=fifs&iu_parts=21724377464%3A22155214454%2Cibb.co_vli111431&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=2&sfv=1-0-40&fsfs=1&ists=1&fas=8&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1695167638864&lmt=1695160438&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fibb.co%2FmB1hCdH&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=2056875247.1695167639&ga_sid=1695167639&ga_hid=1561782154&ga_fc=false&a3p=EhkKCnB1YmNpZC5vcmcYuNr1_qoxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGLja9f6qMUgAUgIIZBIbCgxpZDUtc3luYy5jb20YuNr1_qoxSABSAghk&dlt=1695167635994&idt=2632&prev_scp=vli_adslot%3D111431%26vli_acc%3D152media%26vli_adtype%3Ddisplay%26hb_width%3D336%26hb_height%3D280%26vli_sf%3D1%26vli_slot%3Dvi_22154111431_banner%26pw_tagid%3D111431%26pw_network%3Dtrue%26vli_ad_type%3Dpassback%26pw_pb%3D0.01&cust_params=hb_domain%3Dibb.co&adks=988992857&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl.js?cb=31077994

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

f2d2bb84ffb7a5e500ecfdf719af30927460bc16051cd1a1bc520eebc971d731

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 23:53:59 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16099
x-xss-protection: 0
google-lineitem-id: 5877303303
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138377370654
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ibb.co
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cc.jpeg
px.vliplatform.com/bi-v4/ 0
255 B 181ms
181ms Image
image/jpeg 172.67.158.59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNqtqwwrAY-YaqA-PZUB-aYTU-BZKYeTUATAMYRdzNwqfftkRwlNqrb_TZYdtroqRkjmNBYAbPMA,BBUbYMA,BAAbYZARrdzNuggustRwkjNTRmNTTTPBTRleNplR_yszuNyqsltRedhNgyy
Requested by: Host: ibb.co
URL: https://ibb.co/mB1hCdH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.158.59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 23:53:59 GMT
cf-cache-status: MISS
last-modified: Tue, 19 Sep 2023 23:53:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CqtCXAUBYf7Df9Rln2KoipbwPvxgSZ2GlpP5UV23iuaaiCpsxMvO4%2FZxBW%2FLf2qm58YbsFjujetgeTpf2ev%2FlmcehO7YWE87iSBMAVBHPqcOmAEoMJV3rMptNwfV3buUEBf8Lg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 8095c04faee14daf-FRA
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/ 38 KB
13 KB 37ms
36ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl_page_level_ads.js?cb=31077994

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl.js?cb=31077994

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

4a3f733fef7fef6fa38e1fbdebc344c91949dae96eeed5cc5d10c4e024b5339f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 10:42:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47501
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13596
x-xss-protection: 0
server: cafe
etag: 6741345839911793024
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 18 Sep 2024 10:42:17 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
12 KB 238ms
238ms XHR
text/plain 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=119937664302648&correlator=45403825778764&eid=31077366%2C31077994%2C31077693%2C31077899&output=ldjh&gdfp_req=1&vrg=202309180101&ptt=17&impl=fifs&iu_parts=21724377464%3A22155214454%2Cibb.co_vli111430&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90&ifi=3&sfv=1-0-40&fsfs=1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1695167638948&lmt=1695160438&adxs=436&adys=1226&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fibb.co%2FmB1hCdH&vis=1&psz=1600x-1&msz=728x-1&fws=512&ohw=0&ga_vid=2056875247.1695167639&ga_sid=1695167639&ga_hid=1561782154&ga_fc=false&a3p=EhkKCnB1YmNpZC5vcmcYuNr1_qoxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGLja9f6qMUgAUgIIZBIbCgxpZDUtc3luYy5jb20YuNr1_qoxSABSAghk&dlt=1695167635994&idt=2632&prev_scp=vli_adslot%3D111430%26vli_acc%3D152media%26vli_adtype%3Ddisplay%26hb_width%3D970%26hb_height%3D90%26pw_tagid%3D111430%26vli_sf%3D1%26pw_network%3Dtrue%26vli_ad_type%3Dpassback%26pw_pb%3D0.01&cust_params=hb_domain%3Dibb.co&adks=3672933460&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl.js?cb=31077994

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

569fe0084160ae6cb43aad05cdad1b12c4a9b9f8b511e0549e2042cce9c2a96b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 23:53:59 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12371
x-xss-protection: 0
google-lineitem-id: 5877303303
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138377346455
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ibb.co
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cc.jpeg
px.vliplatform.com/bi-v4/ 0
255 B 189ms
189ms Image
image/jpeg 172.67.158.59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNyUqBTwAM-PYZT-PYaA-aZPa-yyYrMUKetPPrRdzNwqfftkRwlNqrb_TZYdtroqRkjmNKYMbaA,aKAbaARrdzNuggustRwkjNTRmNTTTPBARleNplR_yszuNyqsltRedhNgyy
Requested by: Host: ibb.co
URL: https://ibb.co/mB1hCdH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.158.59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 23:53:59 GMT
cf-cache-status: MISS
last-modified: Tue, 19 Sep 2023 23:53:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=utceSNayoFq6X9VImszPbdg9gqH%2BuWyXQe4aKJ6uNcaMAU%2BosvvBYEALyqH85RtbltbaDgT7KbrzGntyJ6OYEHMbsQX2Q0NmHwHs4aC7yltcWjzOCm%2BG0zIVmxF37piZYaQpbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 8095c04faede4daf-FRA
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 container.html Show response
bfa9ed82e61a589dc976c397d3ded1ae.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BAAD 6 KB
3 KB 225ms
54ms Document
text/html 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bfa9ed82e61a589dc976c397d3ded1ae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl.js?cb=31077994

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ibb.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Sep 2023 23:53:59 GMT
expires: Wed, 18 Sep 2024 23:53:59 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
bfa9ed82e61a589dc976c397d3ded1ae.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5F16 6 KB
3 KB 145ms
52ms Document
text/html 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bfa9ed82e61a589dc976c397d3ded1ae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl.js?cb=31077994

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ibb.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Sep 2023 23:53:59 GMT
expires: Wed, 18 Sep 2024 23:53:59 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cc.jpeg
px.vliplatform.com/imp-v4/ 0
497 B 167ms
166ms Image
image/jpeg 172.67.158.59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/imp-v4/cc.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNPUPaBttY-TPwM-PBqK-wayZ-rraeaBaPMYwBRqxeNRwNqrb_TZYdtroqRhNARlmNxfrtyoftrbxfrtyoftrRdzNwqfftkRrdzNuggustRwkhNzkxtRmNaPZBYRleNplR_yszuNyqsltRedhNgyy
Requested by: Host: ibb.co
URL: https://ibb.co/mB1hCdH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.158.59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 23:53:59 GMT
cf-cache-status: MISS
last-modified: Tue, 19 Sep 2023 23:53:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=870U3%2FeAPvUSUt2QuRHAQwycmOw%2BimQrGo6XJq4a9NLVQc0WGpP6Doj2zpUOMxm0xgiPEV9qiC1m3xLLhamPS4xDZVnwPPZJjy5%2BQYK3xJklqpYGPwlzrgMXSD5rOBfpeoSaWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 8095c05138384daf-FRA
content-length: 0
alt-svc: h3=":443"; ma=86400

GET container.html
bfa9ed82e61a589dc976c397d3ded1ae.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5067 0
0

GET
H2 200 adtag.js Show response
dsp.vlitag.com/js/v1/ Frame 6EB5 102 KB
26 KB 65ms
48ms Script
application/javascript 104.22.58.199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dsp.vlitag.com/js/v1/adtag.js
Requested by: Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.58.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44d1c878ee2c022361cfcae57d526f0c92c2c42f553973579c07fcebeac26502

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 23:53:59 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 183
cf-polished: origSize=104022
etag: W/"2023-09-19T02:46:59"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=300, stale-while-revalidate=3600
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 8095c0517be24dbe-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 bidding Show response
adsystem.pocpoc.io/adv/v1/ Frame 6EB5 2 B
579 B 626ms
181ms XHR
application/json 172.67.75.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adsystem.pocpoc.io/adv/v1/bidding?dv=desktop&dm=ibb.co&tid=VLI1-111430&sz=1&asz=970x90&at=native,banner
Requested by: Host: dsp.vlitag.com
URL: https://dsp.vlitag.com/js/v1/adtag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.75.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 23:53:59 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 2
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fMLy9MjF4lRoSzZ4nRpPfvxpBXs%2FC8d4pnQT12RbkFJH7Qv%2BfHDGMNpfU9yrnjzYjTegQmCXfNB%2BvFa4akntZ%2FOLKxs%2BOhZAH0ZI3qlygEOAlTqw6Wbi6HI0O5vzNcxd52cFuA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ibb.co
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 8095c054fbe59205-FRA
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tfa.jpeg
px.pocpoc.io/v1/ Frame 6EB5 0
504 B 640ms
196ms Image
image/jpeg 172.67.75.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.pocpoc.io/v1/tfa.jpeg?e=rtNrtl0zghRzdNtTaUrywY-twtK-PUrr-aMrq-ePwaYUTZtKYwRrdNowwGegRzorNcsoT-TTTPBARleNpl
Requested by: Host: ibb.co
URL: https://ibb.co/mB1hCdH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.75.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 23:53:59 GMT
cf-cache-status: MISS
last-modified: Tue, 19 Sep 2023 23:53:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UL7Ap51ILxwtFskx6Jsq4K8WuY6rktVp%2BLm39f0IFxdCOhppfeyNt2QnyM83LAdsNVU%2FejjsOFexnywC2ESW3wIvQzunNuxbwvER%2F6cwCnntbiVC4V1gjCDUAbJaWA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, immutable, max-age=864000
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 8095c0550a45023a-CDG
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230918/r20110914/ Frame 5F16 23 KB
9 KB 536ms
90ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/abg_lite_fy2021.js

Requested by

Host: bfa9ed82e61a589dc976c397d3ded1ae.safeframe.googlesyndication.com
URL: https://bfa9ed82e61a589dc976c397d3ded1ae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bfa9ed82e61a589dc976c397d3ded1ae.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 19:58:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14129
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Oct 2023 19:58:30 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 5F16 8 KB
846 B 50ms
50ms Stylesheet
text/css 142.250.74.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: bfa9ed82e61a589dc976c397d3ded1ae.safeframe.googlesyndication.com
URL: https://bfa9ed82e61a589dc976c397d3ded1ae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.202 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f10.1e100.net

Software

ESF /

Resource Hash

98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bfa9ed82e61a589dc976c397d3ded1ae.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 19 Sep 2023 23:53:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 19 Sep 2023 23:25:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 19 Sep 2023 23:53:59 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/ Frame 5F16 15 KB
3 KB 42ms
42ms Stylesheet
text/css 142.250.185.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.css

Requested by

Host: bfa9ed82e61a589dc976c397d3ded1ae.safeframe.googlesyndication.com
URL: https://bfa9ed82e61a589dc976c397d3ded1ae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f10.1e100.net

Software

sffe /

Resource Hash

29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bfa9ed82e61a589dc976c397d3ded1ae.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 22:32:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 177671
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2920
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 10:38:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 16 Sep 2024 22:32:48 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/ Frame 5F16 368 KB
128 KB 43ms
42ms Script
text/javascript 142.250.185.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js

Requested by

Host: bfa9ed82e61a589dc976c397d3ded1ae.safeframe.googlesyndication.com
URL: https://bfa9ed82e61a589dc976c397d3ded1ae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f10.1e100.net

Software

sffe /

Resource Hash

0dc2dfbb8a7cfd95b7e26cd31635911739b4ee1fb41363e062a9673fdca156f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bfa9ed82e61a589dc976c397d3ded1ae.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 22:32:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 177671
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 130842
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 10:38:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 16 Sep 2024 22:32:48 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/ Frame 5F16 20 KB
8 KB 500ms
56ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: bfa9ed82e61a589dc976c397d3ded1ae.safeframe.googlesyndication.com
URL: https://bfa9ed82e61a589dc976c397d3ded1ae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bfa9ed82e61a589dc976c397d3ded1ae.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 19:58:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14129
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Oct 2023 19:58:30 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame BAAD 4 KB
744 B 64ms
63ms Stylesheet
text/css 142.250.74.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: bfa9ed82e61a589dc976c397d3ded1ae.safeframe.googlesyndication.com
URL: https://bfa9ed82e61a589dc976c397d3ded1ae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.202 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f10.1e100.net

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bfa9ed82e61a589dc976c397d3ded1ae.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 19 Sep 2023 23:53:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 19 Sep 2023 22:30:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 19 Sep 2023 23:53:59 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 326B 24 KB
7 KB 502ms
67ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: ibb.co
URL: https://ibb.co/mB1hCdH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bfa9ed82e61a589dc976c397d3ded1ae.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 07:26:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59269
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 18 Sep 2024 07:26:10 GMT

GET
H2 200 creative.js Show response
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame 326B 26 KB
9 KB 49ms
48ms Script
application/javascript 104.16.86.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js

Requested by

Host: ibb.co
URL: https://ibb.co/mB1hCdH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.86.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0bfcf41c566f571ea252620518b4bee4496dba2b1df9a1aa3e436f81592e1b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bfa9ed82e61a589dc976c397d3ded1ae.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 23:53:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 19274
x-jsd-version: 1.15.0
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230064-FRA, cache-yyz4549-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"6658-uUC6DsKFQz3nsj0JP3lp528lwJQ"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GDAMxLWwe6dfeJu53mBwM16CrsG1MfGOxpOFZ8irtylWF4FzOSR2CRVNNHVZMDYL2i%2Fc%2B4ZGwbV5UkREX3OnTcSntnd5irvtcHPkcZyPpCRPYMlwkUi5d9vnsdB0TsUIalA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 8095c0525ee93757-MXP

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 326B 182 KB
57 KB 506ms
50ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ibb.co
URL: https://ibb.co/mB1hCdH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bfa9ed82e61a589dc976c397d3ded1ae.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 23:53:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57988
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694604874705780"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Sep 2023 23:53:59 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230918/r20110914/elements/html/ Frame BAAD 20 KB
8 KB 512ms
78ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: bfa9ed82e61a589dc976c397d3ded1ae.safeframe.googlesyndication.com
URL: https://bfa9ed82e61a589dc976c397d3ded1ae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

cafe /

Resource Hash

bd91080d2c7f2120ad82727f5c07bbb439b810ed4035993ddb1825ca1611396b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bfa9ed82e61a589dc976c397d3ded1ae.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 20:01:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13964
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8566
x-xss-protection: 0
server: cafe
etag: 5625731030761120726
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Oct 2023 20:01:15 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame F23E 15 KB
6 KB 514ms
78ms Document
text/html 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=ibb.co

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ibb.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 19 Sep 2023 23:53:59 GMT
server: Kestrel
server-processing-duration-in-ticks: 336078
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
315 B 228ms
47ms XHR
text/plain 162.19.138.119
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533570.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://ibb.co/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ibb.co
date: Tue, 19 Sep 2023 23:53:59 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

POST
H2 204 csi
csi.gstatic.com/ Frame 5F16 0
225 B 515ms
50ms Ping
image/gif 142.250.179.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lmqz1lvz&c=476523037447&slotId=238261518723.5&qqid=CNvVzsfvt4EDFWGe_QcdUl0Irg&fb=outstream-lima&sei=44730425%2C44752538%2C75259414%2C324123032%2C420706098&nsei=44714510%2C44729911%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.179.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: par21s20-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bfa9ed82e61a589dc976c397d3ded1ae.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Sep 2023 23:54:00 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5F16 15 KB
16 KB 38ms
38ms Font
font/woff2 172.217.16.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f3.1e100.net

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bfa9ed82e61a589dc976c397d3ded1ae.safeframe.googlesyndication.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 19:52:03 GMT
x-content-type-options: nosniff
age: 532916
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Sep 2024 19:52:03 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5F16 15 KB
15 KB 57ms
57ms Font
font/woff2 172.217.16.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f3.1e100.net

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bfa9ed82e61a589dc976c397d3ded1ae.safeframe.googlesyndication.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 22:08:16 GMT
x-content-type-options: nosniff
age: 524743
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Sep 2024 22:08:16 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5F16 0
349 B 537ms
84ms Image
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CCBw_ljQKZduyN-G89u8P0rqh8Aqmz7zVbs-9wp30EOnxtOzNOBABIJ3CrWlgyQbIAQWoAwHIA5sEqgSKAk_Q9XeZb6z_8lSr_cpb_-Lbdm6z-el5IQidYJOXr81HPZvXewxSh4evnsg0xo9yXors-jOWi382qxF-08uLGfJYhEocDRkU4uq3t-YB9P-D9U4SilCBpXU8E4R9NrvpMrx1ie-LwpHmwISpVIE1iBEAPdel9Rri0dg_IpOH_8KsvOrFLGuKDmo23GmlO5Pa-WBEWL7mI6YOslgjnW32OEqvErdAqVsagksuEo7kBw8rGUUrc3uA3YysOh4CbQuR0AljVo5nM0XecUzf0oI6FbC6pkR2DmvnEx4lH1yRyN5_1Ep6zVu3Psjz22Bn19jrHzDTjuXurPBTKveMeYPX-_vCO61Fv2LHL3afwATKwtWfpATgBAOIBYrNxolJkAYBoAZ2gAfU-oTjA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAYBABGB0yAssCOgKAQEi9_cE6gAoByAsB4AsBgAwBqg0CVVPIDQGwE4rj1hTIE-a_3uED2BMKiBQG2BQB0BUB-BYBgBcB6BcF&eventType=clickstring&clientTime=1695167639589&ai=CCBw_ljQKZduyN-G89u8P0rqh8Aqmz7zVbs-9wp30EOnxtOzNOBABIJ3CrWlgyQbIAQWoAwHIA5sEqgSKAk_Q9XeZb6z_8lSr_cpb_-Lbdm6z-el5IQidYJOXr81HPZvXewxSh4evnsg0xo9yXors-jOWi382qxF-08uLGfJYhEocDRkU4uq3t-YB9P-D9U4SilCBpXU8E4R9NrvpMrx1ie-LwpHmwISpVIE1iBEAPdel9Rri0dg_IpOH_8KsvOrFLGuKDmo23GmlO5Pa-WBEWL7mI6YOslgjnW32OEqvErdAqVsagksuEo7kBw8rGUUrc3uA3YysOh4CbQuR0AljVo5nM0XecUzf0oI6FbC6pkR2DmvnEx4lH1yRyN5_1Ep6zVu3Psjz22Bn19jrHzDTjuXurPBTKveMeYPX-_vCO61Fv2LHL3afwATKwtWfpATgBAOIBYrNxolJkAYBoAZ2gAfU-oTjA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAYBABGB0yAssCOgKAQEi9_cE6gAoByAsB4AsBgAwBqg0CVVPIDQGwE4rj1hTIE-a_3uED2BMKiBQG2BQB0BUB-BYBgBcB6BcF

Requested by

Host: bfa9ed82e61a589dc976c397d3ded1ae.safeframe.googlesyndication.com
URL: https://bfa9ed82e61a589dc976c397d3ded1ae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bfa9ed82e61a589dc976c397d3ded1ae.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Sep 2023 23:54:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 5F16 0
45 B 523ms
71ms Ping
image/gif 142.250.179.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lmqz1lwn&c=476523037447&slotId=238261518723.5&qqid=CNvVzsfvt4EDFWGe_QcdUl0Irg&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.l0&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.179.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: par21s20-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bfa9ed82e61a589dc976c397d3ded1ae.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Sep 2023 23:54:00 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 5F16 30 KB
18 KB 286ms
104ms XHR
text/xml 64.233.166.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-Bf1chNvrjXjvpFHzAlIbpgsd0k7BzXjkAPWXjMZrN6i1LQOIpgtzSsksK0wISQsuc-sWT3OQrp0iuMckljob0VvACMHA&cry=1&dbm_d=AKAmf-AO_LMeaVCc0x8hR4G_nXIgspZ0QaJ6VUF1su58M46KIhKWq6SAur5PM3XvzEBmzwP56G9pccLbR4hKRrJUSOMtGM_fzPrj5mAK-84Tc3_Xp_AmZFfDosabVpNFhJW0JhmAfx1Bkjq4bL2_5Z4i4_uvIP3DEaPt7iQMKnw-mku9kYd0r09d7d0HpUsAmOUS8r3qNmIa8B59VAWuLgtG8hX7ES2H1W9FJyIWkP8vyZpoos1CC4o6Zqoq7PDdawVVym0SRWWCu7Ohby9t3As6JZk-rQId-eIKcKlx4ttZ9rc62U3-1UiRu2TBdZvna7DQevvzZfIMVYofwu4Xm4nNPWGVAgTQB670S_i_72LOmQkFem7N-9VLAHIBXSC-0EYotL-o6-vhC3UimTHIFn0rMu8u-mQx07h-y49qlXYGbv57NdsTDEpEETmiAdUaUgRwgykbUBdLy6JvRqoyMYFQf3itlodSNPuGJIH4b61yOqWH0WdiDzOd_MYRJPfZN8wTkvog3eCYzzK54uvGUwPWQ_ZpitW0caob9hdwCJsGkGBr94vTZXudk8l1X57hmSSeL5gJbVO5yRwyG76D58IiHVn5tDGDs7SamSjqkHcxnmiYPxfArQ17CBnzG9v6vWBBr5R1EgmHbmUl0YizW72kfX59_mPe0wmm6ysKQgYI_dOA7TJHD3dWDIRw7q1ttT3K-StzbYXa9VMpl2ypDvrE9ryWkAnqBUghN4ye0BSFvsl1Gzn9GGhb6YKNVeW8kpWnMcMsozQVr9Rt6okqbxJ2kpZr2JqcVj3HY8uCPI_8LQcEhBXnQM0iyqTmnYaJnw6-NQoWatv7Nwi1wmZsj1BQzLlT4HgoXmxQmo0fjr2AJYy5uoYm5cdxsvCn_ypHx5Jpyl-pk7XbzdtVJuk_1avH2C8W0wYOcDqZrOb6VzQW67EOSAGqPfGeQwoNHqCn7QBIGYiNPW6ZkMLyPfrWK8bueBx9_27YVOG_SrGLCfuWI6KRpy8uMxxrYBiSevKD0d9d50U3UhSeT7wkcre5NPoSU911I6cFP4dxX4WqH1AAaSEkaBan1-hIu92UmshVBVYLaoGHFow3e3dHM14ffS720-gf3n0G8XhwL4VRvTk0kpkbb6Wavm3xMBXiJaY90Rb5OhdgAXUEQFscox8eRA6g3bX03MRDeavSSNXddW514L6Qzq4kx1munZviv15MapooLYsY5gSnSu3PXj4KB6qe4Dp-WsgroQnSu0uZCuYJ3kyosTH3juGiIUo9XZO29Yyt_98ViNTbb5QH_XYSb2dxS_XeQ7OQZdA7-AUvk7W0dFxJSgP0ld2NDDZaLZccrqhOETp6Xkd7ZSaog1xrbEbTsY_zWfD4rzYRyQ8y_U--n2rEqdAun3OJTo_pX9evMPfRveqGzU4SnH9YsK9axEFGMCC6hhJFIJrvTeBWUtrw7U2eBkS5LH2kpPUpAm8_LlhDzUq8j5dR9HdHenYsToYFl6qnSV7MKr31g9FB7859CIiFlTyq6CGTYRVZ5TdtGxKIRMZIZYpTpoXei_qdW4kQVCw4hLvw4fXOcpchGq_MCMBNlXpXGi2x3plFo-rHLPRe08pcOndDUr7bCEhsztVh6RLYJNiBYlScqaQOmnFmP-UZHpvivJzDWFG4THVVwR78tuAfI8FtUHxT8KET_0Kn7_-ISq9OLwgCWiar1XDb9zSOVAxN1cNG97XIjkdjZ0vWLyFHKiUjvN-4u4jl42PaJRKtyUxGE_QOmX5sbzFImJ2sqJn9zw_R7AntcxHGbIy9m-O-W0Uo7BRLZuWjU1Rfizfud_i5MO8rpi4JZR1r5DtIbSqUrmgueW_gjWZMlf2Pl-d47wsFErm0OOvoKcsug6Aqxd0lkuYwFD3ixYMCHTsUD4-Uj2CyHsYNaGdJzAhuQ29gSbHHA19NRlkIK8gYbyR60wFdwK__QXUDnozvzQnlLeUMV2NrnzmnfU7aQDXiCdAxIKtHUPBZ6x-H6dP32qGb-1ZYDnwY77Y2rXKCuoNwIvr9yG6FL94HvuekhVNTW2NmHHwwRuwCyEHQtiTKG_Qab7Ob190fnSskpQXLsNsgG0ssUq6ekK1VGblzkfELicy4X3LOTN3rcsoHmn1eotlMELvtjzzkF94FZvRFVdQ8zCh-zfdF_UZyz7ETiseLRFTu9hkl7kAnzB9wVx4TiG9TYsS0uv1mogvHLGi5laYpGnom7JLY-RhNiaham-PXd6-VFIBcZApR9nMgPDDd-gxactoSBWQ584ujZoFmp0XsQ6YEOFA1ixBh7r5fkmB_sWfyaEjB7WKu5K58BvkqPvJa1mfu3ZFLsXzIrhfQbrNIVS767UrAxKPBtfYWzNFwRVNB2bdT2Fdv-FHcEAvHRtZe7Wfj1o_wS6R0tMyZg0n2iiUoNKVPwhio6it--rPN1WBOPht3GUSDT5Po7jt4g6Bf3fJGZUHL0zAlIH1P0PVSrR7W1MhDFIHHTS5b_WMDxuBu53B72tExBLg9cev_aORH-6Eb1PHwZvy9HZ3Q5E8HaptTHOooURfp-K6bW52bUQySGkQrF3Z8e4KxWFrqvP503P6Zod2rr9wDy582mCCZkd9aXeQqM63KW-xiW-xIECn7qLQiZrn-cvMGm7NAtJZZq7i6gSzOBdo_BcGkp5kIi1Bzg26oy9L_cdBdCMpqYTew9E-ob1BWtI5A8xT-BJ38mVdqwHSyYJobgy3gTlGx82zX7R7erJrJXfQIE6thBo6VTLSO64pBrmFQI8gF6_MDihbK_iVHLcyM4KBtTUauX4TB-cf5yaYquyalSh8t3Wihe4SXqgakVR5a4-T72wGkseKt0J7qjzkAnFyIeLEB0VkMqUc1w_yZPOLQfoVJAXM_pQqjjY9bBe7zy5VEdcvCU6Qra0WIcZNKb4-RmqCuFAcWmJQCz1z57AIWT6s6B4M7EJYpILM17gHSjha9OeTsD4r1qd5XbxvnhLWJx0dnEQ_V9lHHxJ-PHdjN2XQWbGTMumbjSuscakrbCw_j1TwB0rTUE0HJo9pGABjVVF0ljK4rnz0Av29v9bzl78c9J6R5UKVQZS_yKBRaXQP4zF9zgsBP8_OJN2pkAisJqxMYeR1WFQMiWBYt0GEWca4nfbAOXnRySj3L9SO7Qz36SYfHPFw9m6EaKLPbvpPyVzt9_Pi7PyEpF93Kne2gHHVwMKof0w2KbRg9gytd4d8K6mUatrNzgq31xTlvduZN0etVOjM8YpbIt1yDdkKwZ8x74fg-JvKuSMya5jy9KWZUrfAUE8B0OrPHunGzNQyXoix6nNRyshuT6x7mg3Th8ERNsSjpZAHYPFvxZaFxthwZ67iGmyX3CFn2SVzepN_xFXRa2CVK4_AI17gjS70rSvJjPdeJ1ZX3cdMENGfjWe7x-Pf212AFXI3S5hGJLNvES9BXH5QAvrGWRtjz_pMznkqZdCrV1q-l00-5z59RzD-uljY_ziS-7x98CwCKJAkeqhYilmfJ77Lp4To_-q2GkYZLmTWliH4RolIn910JoZ5mQKj5serphxtHWjIk1OyF-5JQjOzLt8yaOBPGIGi7kdAPN_KhC_qzreoiNMwt4eX7k-qS42GSRAd4RhX47ddG4pFOVp9BaEFSF129_jYXzwB9HUt-TAvR&cid=CAQSTABpAlJWwhsJ3bAJZbOTo9YMUkkDxogoa2n41o3SivyFMP2-CSc3nPWG68ZV581kvvggghGJzJa09WBhI6CjkCKQ0jiqQYblRBOZ9iAYAQ&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.166.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wm-in-f157.1e100.net

Software

cafe /

Resource Hash

24fc145aca56469bbad858de9c200d10f3289d9c0f80c9386b8c49fdb3742639

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bfa9ed82e61a589dc976c397d3ded1ae.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 23:53:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17060
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://bfa9ed82e61a589dc976c397d3ded1ae.safeframe.googlesyndication.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cc.jpeg
px.vliplatform.com/iv-v4/ 0
250 B 165ms
165ms Image
image/jpeg 172.67.158.59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/iv-v4/cc.jpeg?e=rNYYTZPRrtNrtl0zghRzodtgxzNTZAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNoc-PUPaBttY-TPwM-PBqK-wayZ-rraeaBaPMYwBRqxeNRwNqrb_TZYdtroqRlmNxfrtyoftrbxfrtyoftrRdzNwqfftkRrdzNuggustRmNaPZBYRleNplR_yszuNyqslt
Requested by: Host: ibb.co
URL: https://ibb.co/mB1hCdH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.158.59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 23:53:59 GMT
cf-cache-status: MISS
last-modified: Tue, 19 Sep 2023 23:53:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=43maBaiAjj9ws3jDRe9orvT59AbIeSmvHLIqFZOkOZoobZYqecenk5286c2FUsS6Vr8ANoipY8PgMpat2WUAJ0f1GQLmWVhdendu2nUswwtVuQwgiAWu6jChyjrXlrRRkkWfFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 8095c053ba664daf-FRA
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ Frame 5F16 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4d74b4351d4e0e3553cb30759f88cafd67dd469cae9a883810b46ef53c7af4b2

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 204 csi
csi.gstatic.com/ Frame 5F16 0
54 B 188ms
70ms Ping
image/gif 142.250.179.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lmqz1lx0&c=476523037447&slotId=238261518723.5&qqid=CNvVzsfvt4EDFWGe_QcdUl0Irg&fb=outstream-lima&vast_v=2.0&vmfc=12&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.179.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: par21s20-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bfa9ed82e61a589dc976c397d3ded1ae.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Sep 2023 23:54:00 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 5F16 41 KB
15 KB 39ms
39ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bfa9ed82e61a589dc976c397d3ded1ae.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 22:32:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 177670
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 16 Sep 2024 22:32:49 GMT

HEAD
H/1.1

200
OK

file.mp4
r4---sn-4g5edndr.c.2mdn.net/videoplayback/id/5c75bfbc1c1ca1a6/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1726703639/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 5F16
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/5c75bfbc1c1ca1a6/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1726703639/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
https://r4---sn-4g5edndr.c.2mdn.net/videoplayback/id/5c75bfbc1c1ca1a6/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1726703639/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

506ms
42ms

Fetch
video/mp4

172.217.133.233
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r4---sn-4g5edndr.c.2mdn.net/videoplayback/id/5c75bfbc1c1ca1a6/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1726703639/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/01FD199790E27731B1E831F3A5D25B217C916FFC.15D34C5E68B33EDA56F22EBE8BD1ACD8154E466B/key/cms1/cms_redirect/yes/mh/wl/mip/185.198.62.232/mm/42/mn/sn-4g5edndr/ms/onc/mt/1695166190/mv/u/mvi/4/pl/23/file/file.mp4

Requested by

Host: ibb.co
URL: https://ibb.co/mB1hCdH

Protocol

HTTP/1.1

Server

172.217.133.233 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s68-in-f9.1e100.net

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bfa9ed82e61a589dc976c397d3ded1ae.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date: Tue, 19 Sep 2023 23:54:01 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 2238462
Last-Modified: Wed, 25 Jan 2023 18:21:19 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Tue, 19 Sep 2023 23:54:01 GMT

Redirect headers

date: Tue, 19 Sep 2023 23:54:00 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 644
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://bfa9ed82e61a589dc976c397d3ded1ae.safeframe.googlesyndication.com
location: https://r4---sn-4g5edndr.c.2mdn.net/videoplayback/id/5c75bfbc1c1ca1a6/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1726703639/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/01FD199790E27731B1E831F3A5D25B217C916FFC.15D34C5E68B33EDA56F22EBE8BD1ACD8154E466B/key/cms1/cms_redirect/yes/mh/wl/mip/185.198.62.232/mm/42/mn/sn-4g5edndr/ms/onc/mt/1695166190/mv/u/mvi/4/pl/23/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://bfa9ed82e61a589dc976c397d3ded1ae.safeframe.googlesyndication.com
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 5F16 0
54 B 180ms
71ms Ping
image/gif 142.250.179.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lmqz1m69&c=476523037447&slotId=238261518723.5&qqid=CNvVzsfvt4EDFWGe_QcdUl0Irg&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=992&mt=video%2Fmp4&vs=640x360&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=344&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.ug~videopreviewvisible.um&ua_e=1&ape=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.179.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: par21s20-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bfa9ed82e61a589dc976c397d3ded1ae.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Sep 2023 23:54:00 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame F23E 436 B
560 B 88ms
88ms Fetch
application/json 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=publishertagids&domain=ibb.co&sn=ChromeSyncframe&so=0&topUrl=ibb.co&cw=1&lsw=1&topicsavail=0&fledgeavail=0

Requested by

Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=ibb.co

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

672f68032c8f505b4d4c6adab0006116a049a0822244a4fe8708de007575e53a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Sep 2023 23:53:59 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1209036
expires: 0

GET
H2 200 creative.min.js Show response
static.vliplatform.com/plugins/pbnative/ Frame 6EB5 36 KB
9 KB 114ms
52ms Script
application/javascript 172.67.158.59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.vliplatform.com/plugins/pbnative/creative.min.js?v=1.05
Requested by: Host: dsp.vlitag.com
URL: https://dsp.vlitag.com/js/v1/adtag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.158.59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03a4b8eeed06bd5b9c5a4a3f160407a0417175cc2068df1a2a37b67b821c0e8c

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 23:54:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 29 Aug 2023 09:09:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1865811
etag: W/"64edb5d6-8eb1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oI9TCyZhSjNlxyGceW%2FRRkmKAI%2FlfZ2Lty1v%2BnWiz3mF2AU6%2B8u8TdJMjc0NahcYeaOeYISpEV7YhBfs8zknBnxmnl2xlE2B2H2d70PNBv4wXTm3%2Fh2bTwtlfT6XEHVuqz2%2B7U7MPZU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 8095c0567c714daf-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 29 Aug 2023 10:07:09 GMT

GET
H2 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 0C9B 23 KB
8 KB 40ms
38ms Document
text/html 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bfa9ed82e61a589dc976c397d3ded1ae.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

accept-ranges: bytes
age: 177671
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 7799
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 17 Sep 2023 22:32:49 GMT
expires: Mon, 16 Sep 2024 22:32:49 GMT
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 lpPsQPhuNrCvbaydJTyaX7eGKZY1JWLsUtPa-zNjVhE.js Show response
pagead2.googlesyndication.com/bg/ Frame 0C9B 37 KB
15 KB 37ms
37ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lpPsQPhuNrCvbaydJTyaX7eGKZY1JWLsUtPa-zNjVhE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

9693ec40f86e36b0af6dac9d253c9a5fb7862996352562ec52d3dafb33635611

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 22:32:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 177671
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14603
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 20:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 16 Sep 2024 22:32:49 GMT

GET
H2 200 platforms Show response
odb.outbrain.com/utils/ Frame 6EB5 5 KB
3 KB 347ms
225ms XHR
application/json 146.75.122.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/platforms?contentUrl=https://ibb.co/mB1hCdH&widgetJSId=APP_1&key=INTER1JBG3BD8Q2B763PIB4G3&idx=0&format=vjnc&cors=true&extid=vli-111430
Requested by: Host: static.vliplatform.com
URL: https://static.vliplatform.com/plugins/pbnative/creative.min.js?v=1.05
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.122.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7c71c92c388bb8a89ad6be917e29a6aae6aa5b6fc2ca8aa8dc9a0ef344d748fd

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-cache-hits: 0, 0
date: Tue, 19 Sep 2023 23:54:00 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, FRA, Europe1
x-cache: MISS, MISS
x-traceid: 270f5be30e3888cf0a81b10ec8942d18
content-length: 2858
x-served-by: cache-lga21950-LGA, cache-fra-etou8220098-FRA
x-timer: S1695167640.268328,VS0,VE188
vary: Accept-Encoding, User-Agent
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://ibb.co
access-control-allow-credentials: true
accept-ranges: bytes
expires: Thu, 01 Jan 1970 00:00:00 GMT

OPTIONS
H2 204 adview
securepubads.g.doubleclick.net/pagead/ Frame 0
0 580ms
103ms Preflight
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/adview?ai=C3BOuljQKZduyN-G89u8P0rqh8Aqmz7zVbs-9wp30EOnxtOzNOBABIJ3CrWlgyQbIAQWoAwGqBIcCT9D1d5lvrP_yVKv9ylv_4tt2brP56XkhCJ1gk5evzUc9m9d7DFKHh6-eyDTGj3Jeiuz6M5aLfzarEX7Ty4sZ8liEShwNGRTi6re35gH0_4P1ThKKUIGldTwThH02u-kyvHWJ74vCkebAhKlUgTWIEQA916X1GuLR2D8ik4f_wqy86sUsa4oOajbcaaU7k9r5YERYvuYjpg6yWCOdbfY4Sq8St0CpWxqCSy4SjuQHDysZRStze4DdjKw6HgJtC5HQCWNWjmczRYZw1ipBEHyHYQxIbdPgPSiUO-iYQzJU79tgaV7H374X0GVZ5FZzZkwyHssiDnGJPfaj3aBhUFQN0mcgSMys2VTABMrC1Z-kBOAEA4gFis3GiUmSBQYIAxABGAGSBQYIGxABGAGSBQ0IIhACGAFI2I7iAVABkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZ2gAfU-oTjA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcKEMS0EhiFt8HfAdIIFgiA4YBgEAEYHTICywI6AoBASL39wTqACgHICwGwE4rj1hTIE-a_3uED2BMKiBQG2BQB0BUBgBcBshceChwIABIUcHViLTgyNzg0MTY5MzkzNzc4OTYY0q5t6BcF&sigh=sKzXkJCQzbk&uach_m=[UACH]&ase=2&cid=CAQSTABpAlJWwhsJ3bAJZbOTo9YMUkkDxogoa2n41o3SivyFMP2-CSc3nPWG68ZV581kvvggghGJzJa09WBhI6CjkCKQ0jiqQYblRBOZ9iAYAQ&vt=10&cbvp=2&vis=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://bfa9ed82e61a589dc976c397d3ded1ae.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://bfa9ed82e61a589dc976c397d3ded1ae.safeframe.googlesyndication.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 19 Sep 2023 23:54:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 5F16 0
0 79ms
76ms Fetch
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: bfa9ed82e61a589dc976c397d3ded1ae.safeframe.googlesyndication.com
URL: https://bfa9ed82e61a589dc976c397d3ded1ae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bfa9ed82e61a589dc976c397d3ded1ae.safeframe.googlesyndication.com/
Attribution-Reporting-Eligible: event-source
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 19 Sep 2023 23:54:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://bfa9ed82e61a589dc976c397d3ded1ae.safeframe.googlesyndication.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0C9B 0
56 B 77ms
76ms Image
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BzmtvlzQKZd6rM8PbzQa424CoCQAAAAA4AeAEAg&bg=!SUqlSgXNAAZQjyUVcI87ADQBe5WfOBjWuDFaW9DDQmAFxu4QE4dtUSCpRmslgpOld3_gEHJL-GkWu0C0-Cqndg4NvSgmAgAAADtSAAAABmgBB5kC-1mYFbDKuCKPM_N6CLSctA7U0GW7KpYSTwJyIdbzgvcEzIkwcKwI_lKWLd_nMX0Fi-Dc2lYe_cZSmE8c9zZJeylDUVfO3K3HyTpS1QQEeMV3leLZFUjVA9KmADdPDl00rlAN0VmiG7o9GAonzYXgQGFiXQ8gHxZsqFouLd8i4Hb3M47piQaiWPFWI9xl5CQfz9y0GXlU7yZc77X2b-ygMNI0f5i9GgXBLURJ9X1uPbPD1Q0pA3XCYGKVBgbtObzThSyoklsvWS2vsdNkfC42x0RcqnoVSNyZuzqKTNq7Vr1lpI2Q_kohu1CGop7zTgSQU5Vr8mTJySkMiJqrZ8gniUxko8B1sNjAn2DWctze74vkqIfiyHPvg6-0Uc4h2Xov5WupKY8JH2r1W1QXtwjRonC3GgbOuiEDc3ZXb0rCUC_R05IWU2_RnO8I4yIOad_ybSfEBAICI8FJf9t6wfokEl1VwQuj4C2eRvsRvFRrjGxsxQI0CBNwkG1NJXqIgEUNvcyFQ4WzjEs3k1TGBcYS3sHlZ6TTj_eMlwdgYddMCfXupuhVk3NAKQxNN_CmQ2EQczG7RpGuvspVq15twDCvM2yooDAb3rk5LlMBhcyuBbdW9632tV0HNxzLhWB0qv2swdO5SjBZAyJAWkeKfP9UmMs291rWXIH-dKZ-qOuBkcbGiTVh2hWDJcasTZ_YZ9o6i1gJa7N4obOO0sIeP7QRc41YNtYL6KvSlyNgs5Aa5UIcXfnFcxu17ddr-pcaEIRJA2FBTpoUkqMWyASHLVJzMGTbJLnwKDNKK0TlOZE6hqesPnNEMhkT7bEFp9RdEc1Us-ckGG5B6WR4opXhhvRUsmYuJTNnWi9xvlYP41nJFfigZ40vNF8NjxIGoc_FvBTdz7iMkyphBqXz0iRXDGwrNys1QBt26tjaTTETFFLdqeZvGSSPJoNqBESeAjcMjTPjoKyzJaOIB3hA_MbPELIYDYFRimEyFuGyFTWyFGw-LaugaSxcYSBmaejYoEY

Requested by

Host: ibb.co
URL: https://ibb.co/mB1hCdH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Sep 2023 23:54:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ob_logo_16x16.svg
widgets.outbrain.com/images/widgetIcons/ Frame 82D9 13 KB
14 KB 215ms
66ms Image
image/svg+xml 184.30.17.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/ob_logo_16x16.svg
Requested by: Host: ibb.co
URL: https://ibb.co/mB1hCdH
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: c3c89d5295be3c6415416b83a9e4c0fc67a790e55713ddc3f2d0c07185779acf

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

expires: Thu, 19 Oct 2023 23:54:00 GMT
date: Tue, 19 Sep 2023 23:54:00 GMT
last-modified: Tue, 10 Jan 2023 16:40:08 GMT
server: AkamaiNetStorage
etag: "af7be0711fb1cf2f41bb793256c8f148:1673369412.559449"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 13687
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ Frame 82D9 990 B
1 KB 213ms
65ms Image
image/svg+xml 184.30.17.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by: Host: ibb.co
URL: https://ibb.co/mB1hCdH
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

expires: Thu, 19 Oct 2023 23:54:00 GMT
date: Tue, 19 Sep 2023 23:54:00 GMT
last-modified: Tue, 10 Jan 2023 16:40:08 GMT
server: AkamaiNetStorage
etag: "5ab8e16b5f46213840bcd403e349419c:1673369393.880194"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 990
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H2 200 eyJpdSI6ImVmYWQxZGIxODc3YWU3ZTJlNjk4YjEyZTE4N2RjZTljMmYwYTIxN2I4OTdjOGE3NTU3MGQwNWE5ZGRmYTAwMjgiLCJ3IjozMjAsImgiOjE4MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ Frame 82D9 10 KB
10 KB 203ms
62ms Image
image/webp 2.18.161.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImVmYWQxZGIxODc3YWU3ZTJlNjk4YjEyZTE4N2RjZTljMmYwYTIxN2I4OTdjOGE3NTU3MGQwNWE5ZGRmYTAwMjgiLCJ3IjozMjAsImgiOjE4MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: ibb.co
URL: https://ibb.co/mB1hCdH
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.161.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-161-178.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 126c11c64e3f9349bf18e639ed3383fcdd7c6495f7e6b1c362e040a98b25b83a

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 23:54:00 GMT
last-modified: Wed, 06 Sep 2023 12:41:27 GMT
access-control-allow-methods: GET,POST
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=1380268
access-control-allow-credentials: false
x-traceid: df70a156e10a0482a7b5664bc3946c46
timing-allow-origin: *, *
content-length: 10230

GET
H/1.1 200
OK log-viewability
log.outbrainimg.com/loggerServices/ Frame 6EB5 4 B
325 B 541ms
122ms Image
application/json 64.202.112.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.outbrainimg.com/loggerServices/log-viewability?requestId=1aae6cd6eb26b664daed88e14efbe4f0&position=0
Requested by: Host: ibb.co
URL: https://ibb.co/mB1hCdH
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 19 Sep 2023 23:54:00 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 63269212b10ca6cbb636de018312003e
Content-Length: 4
Expires: 0

GET
H/1.1 200
OK l
mcdp-nydc1.outbrain.com/ Frame 6EB5 2 B
278 B 527ms
120ms Image
text/plain 64.202.112.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mcdp-nydc1.outbrain.com/l?token=1aae6cd6eb26b664daed88e14efbe4f0_198067_1695167640409
Requested by: Host: ibb.co
URL: https://ibb.co/mB1hCdH
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date: Tue, 19 Sep 2023 23:54:00 GMT
content-encoding: br
X-TraceId: d944192322214b9ca54597f2e4a85ad7
Content-Length: 6
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: text/plain; charset=UTF-8

GET
H/1.1 206
Partial Content file.mp4
r4---sn-4g5edndr.c.2mdn.net/videoplayback/id/5c75bfbc1c1ca1a6/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1726703639/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 5F16 2 MB
2 MB 212ms
48ms Media
video/mp4 172.217.133.233
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: ibb.co
URL: https://ibb.co/mB1hCdH

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

172.217.133.233 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s68-in-f9.1e100.net

Software

gvs 1.0 /

Resource Hash

ccf9e7107118026e9bcc1af9be597940d0f3fb160be6489cbd2f944a80583233

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bfa9ed82e61a589dc976c397d3ded1ae.safeframe.googlesyndication.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Range: bytes=0-

Response headers

Date: Tue, 19 Sep 2023 23:54:01 GMT
X-Content-Type-Options: nosniff
Content-Range: bytes 0-2238461/2238462
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 2238462
Last-Modified: Wed, 25 Jan 2023 18:21:19 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: https://bfa9ed82e61a589dc976c397d3ded1ae.safeframe.googlesyndication.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://bfa9ed82e61a589dc976c397d3ded1ae.safeframe.googlesyndication.com
Expires: Tue, 19 Sep 2023 23:54:01 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 555ms
101ms XHR
application/json 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202309180101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl.js?cb=31077994

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

bf86da2dab73d8c8f5be9b5522b44419bc8947930de2ba7979aa78e52798cbc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 23:54:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12127
x-xss-protection: 0

GET
H2 200 push-event-counter
c.usefulcontentsites.com/ 43 B
473 B 199ms
181ms Image
image/gif 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.usefulcontentsites.com/push-event-counter?permission=default&domain=ibb.co
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 23:54:01 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-mg-request-uuid: 2a9329cf-4aad-48ff-8a3f-d6a34861248e
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7dO%2F4ZRUt0FNOljAI1bHBxZiaunUD%2Bz%2Fbw8LuKIqxDHS830vopHfL9Y1en8rL%2BSGstb7WbknKGrDQT8Zn%2FTV418jI0libSaWB3CGnZm1g%2FhyABk1J2nP8NjR0KywLNDERwBnF6iKH3vtsZY%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: https://ibb.co
content-type: image/gif
cf-ray: 8095c05d9ce402a5-CDG
access-control-allow-headers: *
alt-svc: h3=":443"; ma=86400

POST
H2 204 csi
csi.gstatic.com/ Frame 5F16 0
54 B 59ms
54ms Ping
image/gif 142.250.179.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=5~lmqz1m6j&c=476523037447&slotId=238261518723.5&qqid=CNvVzsfvt4EDFWGe_QcdUl0Irg&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=992&mt=video%2Fmp4&vs=640x360&ple=0&umsem=0&event_name=first_play&asset_bytes=194860&video_bytes=300&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=9&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=0&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.179.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: par21s20-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bfa9ed82e61a589dc976c397d3ded1ae.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Sep 2023 23:54:01 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMIntOHyO-3gQMVw23TCh24LQCVEAAYACCsyMVYOhoI_LT4iQQQysLVn6QEGOa_3uEDIM-9wp30EEITCNvVzsfvt4EDFWGe_QcdUl0Irg;dc_rmcid=CAQSTABpAlJWwhsJ3bAJZbOTo9YMUkkDxogoa2n41o3SivyFMP2-CSc3nPWG68ZV581kvvggghG...
ade.googlesyndication.com/ddm/activity/ Frame 5F16 42 B
401 B 296ms
84ms Image
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIntOHyO-3gQMVw23TCh24LQCVEAAYACCsyMVYOhoI_LT4iQQQysLVn6QEGOa_3uEDIM-9wp30EEITCNvVzsfvt4EDFWGe_QcdUl0Irg;dc_rmcid=CAQSTABpAlJWwhsJ3bAJZbOTo9YMUkkDxogoa2n41o3SivyFMP2-CSc3nPWG68ZV581kvvggghGJzJa09WBhI6CjkCKQ0jiqQYblRBOZ9iAYAQ;eps=CIDhgGAQARgdMgLLAjoCgEBIvf3BOg;met=1;acvw=sv%3D954%26v%3D20230802%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15040%26vmtime%3D5%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D756133402%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1695167641359;dc_rfl=%5BURL_SIGNALS%5D;ecn1=1;etm1=0;eid1=11;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bfa9ed82e61a589dc976c397d3ded1ae.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Sep 2023 23:54:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 5F16 42 B
108 B 536ms
88ms Image
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CCBw_ljQKZduyN-G89u8P0rqh8Aqmz7zVbs-9wp30EOnxtOzNOBABIJ3CrWlgyQbIAQWoAwHIA5sEqgSKAk_Q9XeZb6z_8lSr_cpb_-Lbdm6z-el5IQidYJOXr81HPZvXewxSh4evnsg0xo9yXors-jOWi382qxF-08uLGfJYhEocDRkU4uq3t-YB9P-D9U4SilCBpXU8E4R9NrvpMrx1ie-LwpHmwISpVIE1iBEAPdel9Rri0dg_IpOH_8KsvOrFLGuKDmo23GmlO5Pa-WBEWL7mI6YOslgjnW32OEqvErdAqVsagksuEo7kBw8rGUUrc3uA3YysOh4CbQuR0AljVo5nM0XecUzf0oI6FbC6pkR2DmvnEx4lH1yRyN5_1Ep6zVu3Psjz22Bn19jrHzDTjuXurPBTKveMeYPX-_vCO61Fv2LHL3afwATKwtWfpATgBAOIBYrNxolJkAYBoAZ2gAfU-oTjA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAYBABGB0yAssCOgKAQEi9_cE6gAoByAsB4AsBgAwBqg0CVVPIDQGwE4rj1hTIE-a_3uED2BMKiBQG2BQB0BUB-BYBgBcB6BcF&sigh=eeAWFox3yM4&label=part2viewed&ad_mt=6&acvw=sv%3D954%26v%3D20230802%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15040%26vmtime%3D5%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D756133402%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1695167641359

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bfa9ed82e61a589dc976c397d3ded1ae.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Sep 2023 23:54:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5F16 0
406 B 103ms
88ms Image
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv_leDlv5M1ziRt0WMqFLX4DwQ_svzhTHPnARZN55ETZUmXcD8yii9v26hCTd7oUb81hSfSjuTOzN0cgeOsN7Yl36363NW_nsfJHraI6UZeQzit7SkwZyeTxc6o0PKs1seAySziNu0nYyCZRPDLyZiaktnuBKs5kM_yx6u4_HUS5zLJ4FzosKWmZdFNvmu0hzfeyyx_lGEj-fe7ODAsZR2O1OEfVan3JZfzNAAQ96GMG3lLGl69WZ4htz6rmHV5ZtV3stQydpuQk28DfBQuXLl1DUtUaaRHD3r6u2qdSMXnoBbQaszNxvmlkIFqT02V9KyT3LTqNhPjCCNhjJ73_YaAnmQyqyT99yFULVSj_ulfJ9DWf2avo5mBWbJCM3M1j-J-C5uthqYkoargAcCKLaDGKycvvTF879wMrbCm3QJ6Zzb9ywoWPU8DAm3ENE_TP7kD0vWFHzcDB5_fqJnD42RRaVgmJGSfbBxkuIC8BEj6d2_wF500A5UDM8iJyUF7Hp4mizhLWPfyl5E0tgNiT3e8lNHT_TEcwOzjvQ8CuqgExw-hAfCfoh0SGKRZ64f8lUFPh1_Bj6AcvZln7nEpu1O4RDrY0jbV5Rboi7JCcj9dtX6TvVhOnsTeU8IOXGSye4mx--BlzOUZFqcUtn8GJNChIzW0yi1X3XVLD8cPoBbp5mDkA-TQQ5TuzbLbKza4BYq1LIvS-rRW82GHXOiOaT1sA8lAbaFxgLy2dz-1OgKFWzKt2Fjzc09F_V1w-Ehux3P7ms6TTqk87Px7thXmwHn9FKkdZ_MAMWtlzMfrhSlVC-36YXN2OIje9x_g4Y_GLOeOQmth5Pqq-5Ij1J4UknIfvStpZVi5x6XiVilVZnaEBzKK26ZyuFfycWvMvx-lldeVMT7HYv1aXWAmvtCPcNUuF9uk5_4_TMaxwNyyZFAj7jf4UxdEOgGdFehrW0fi6djZpMFVh3OOhUqcSWFG5u4dbEpGvV9O_fH0KWX-tlfcesxLCW21J6cCbaIawWjeOUc8sHwhfTBUZFsS-sfxWWIHnwf0RLj1LLS64J1YYQ2D5XyiguHrlnyHPnHr2mshGVKTdS5IuaNruIkQW-LdTCIug5CJDMGGx5Yye8weN7W__gw9PPK7fFJULHTTaYKQXdo5b-0GlzK7PROlXk4sibIv0moBdACXVuCv8sMmeS_ic9C2n9rK1ME3qW7ZkXZlYUErdYTELwCeDPYOdehcV27-J3z_qEuWK2SptcYGgQ&sai=AMfl-YTWTeExfjOfYQFLdss37a6mfzRTfcFAG8GPm1aYg4NGQChpC7CT_h5gOTTPq0y_HbflVkEQzcYk2DzhBO-sKrS4-Z97tyfOh-cwkgIrwQ3sisR-kFqZ5FWGW4Nd2eyMlkPWuumLrdbuHL_bPeenyYyCExuBOOkTdcsVmKkw1ReVMUw1wj_IGwj6Ms7Wtk1p-OBaJHJoD8pfsfvZGTM0xl3y0SJP-eYQVSS1NSpgbjt1guM6ZxET8lPoUMocoY5oGTFCXfHZ1_Gmvi5CXDwn_dg4Yed3XBFS59WN&sig=Cg0ArKJSzINrfulCqQqjEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bfa9ed82e61a589dc976c397d3ded1ae.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 19 Sep 2023 23:54:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 pixel
googleads.g.doubleclick.net/xbbe/ Frame 5F16 0
0 510ms
62ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLf37gIQ_LT4iQQYhbfB3wEgATAB&v=APEucNWvNEpdO0r4mIBW4PeuzYixSQLVt-AzStD8tS_5nPr2ZhbZLtXDX66Q9FUVTLqUpyAJA7XgZrgD7CYL4iGb1VsRxYOQBg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bfa9ed82e61a589dc976c397d3ded1ae.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5F16 0
56 B 74ms
72ms Image
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bfa9ed82e61a589dc976c397d3ded1ae.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Sep 2023 23:54:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 5F16 42 B
113 B 79ms
77ms Image
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvQIA4Ey01xtodrDEksD6O47co9UTqpqBfecwEUif1t_ikJNzozeyh4eREMcFeY1TW0qaqoUPWoU6D5Yea3tFKzePWQRKx5FqtN0eoyaeRIQ_H3FahrtVO_FIaE11vqWqw&sai=AMfl-YQgt7LXURU74_nXaa2mJkLA4Smw0zy-cCmg-S3__tYUaNoswqsW29mUbmRbsWFcwu4CXs5rI0fCIibkmyj0XXP8Sz_eOYSprhrJu8P5S8XxTWi0oaRT_F53t5uOQ39Z8U4V61b8Gcj05y5XQw&sig=Cg0ArKJSzNF6GRPpa-NDEAE&cid=CAQSTABpAlJWwhsJ3bAJZbOTo9YMUkkDxogoa2n41o3SivyFMP2-CSc3nPWG68ZV581kvvggghGJzJa09WBhI6CjkCKQ0jiqQYblRBOZ9iAYAQ&id=lidarv&acvw=sv%3D954%26v%3D20230802%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15040%26vmtime%3D5%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26ic%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D756133402%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1695167641359&avm=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bfa9ed82e61a589dc976c397d3ded1ae.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Sep 2023 23:54:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 5F16 42 B
176 B 535ms
88ms Image
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CCBw_ljQKZduyN-G89u8P0rqh8Aqmz7zVbs-9wp30EOnxtOzNOBABIJ3CrWlgyQbIAQWoAwHIA5sEqgSKAk_Q9XeZb6z_8lSr_cpb_-Lbdm6z-el5IQidYJOXr81HPZvXewxSh4evnsg0xo9yXors-jOWi382qxF-08uLGfJYhEocDRkU4uq3t-YB9P-D9U4SilCBpXU8E4R9NrvpMrx1ie-LwpHmwISpVIE1iBEAPdel9Rri0dg_IpOH_8KsvOrFLGuKDmo23GmlO5Pa-WBEWL7mI6YOslgjnW32OEqvErdAqVsagksuEo7kBw8rGUUrc3uA3YysOh4CbQuR0AljVo5nM0XecUzf0oI6FbC6pkR2DmvnEx4lH1yRyN5_1Ep6zVu3Psjz22Bn19jrHzDTjuXurPBTKveMeYPX-_vCO61Fv2LHL3afwATKwtWfpATgBAOIBYrNxolJkAYBoAZ2gAfU-oTjA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAYBABGB0yAssCOgKAQEi9_cE6gAoByAsB4AsBgAwBqg0CVVPIDQGwE4rj1hTIE-a_3uED2BMKiBQG2BQB0BUB-BYBgBcB6BcF&sigh=eeAWFox3yM4&label=vast_creativeview&ad_mt=6&acvw=sv%3D954%26v%3D20230802%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15040%26vmtime%3D5%26is%3D33554450%26i0%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D756133402%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1695167641359

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bfa9ed82e61a589dc976c397d3ded1ae.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Sep 2023 23:54:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 5F16 0
54 B 51ms
49ms Ping
image/gif 142.250.179.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=6~lmqz1n6h&c=476523037447&slotId=238261518723.5&qqid=CNvVzsfvt4EDFWGe_QcdUl0Irg&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=992&mt=video%2Fmp4&vs=640x360&dm=15000&met.4=vil.1xt~ff.1y7~videopreviewstarted.1y9
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.179.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: par21s20-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bfa9ed82e61a589dc976c397d3ded1ae.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Sep 2023 23:54:01 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 51ms
51ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl.js?cb=31077994

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 23:54:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 19 Sep 2023 23:54:01 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5ECE 13 KB
5 KB 38ms
37ms Document
text/html 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ibb.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

accept-ranges: bytes
age: 22911
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Sep 2023 17:32:10 GMT
expires: Wed, 18 Sep 2024 17:32:10 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6E6B 829 B
1 KB 519ms
57ms Document
text/html 216.58.206.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.36 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f4.1e100.net

Software

GSE /

Resource Hash

0535d4fc35189f465897db9b77706b94125e4f227fed7db9cae500e18957c25a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-EZsvynaZUmG85usRAJ_dsA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ibb.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 536
content-security-policy: script-src 'report-sample' 'nonce-EZsvynaZUmG85usRAJ_dsA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 19 Sep 2023 23:54:02 GMT
expires: Tue, 19 Sep 2023 23:54:02 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 D38i8ocviMyns63bFlxz04547CGgVcdJsS8VZS_5djY.js Show response
pagead2.googlesyndication.com/bg/ Frame 5ECE 37 KB
14 KB 38ms
38ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/D38i8ocviMyns63bFlxz04547CGgVcdJsS8VZS_5djY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

0f7f22f2872f88cca7b3addb165c73d38e78ec21a055c749b12f15652ff97636

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 22:57:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3408
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14739
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 20:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Sep 2024 22:57:13 GMT

GET
H2 204 generate_204
tpc.googlesyndication.com/ Frame 5ECE 0
40 B 37ms
37ms Image
text/plain 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Nzl7pQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s08-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 23:54:02 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6E6B 0
0 72ms
72ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202309180101&jk=119937664302648&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 74ms
74ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202309180101&jk=119937664302648&bg=!gYKlgs3NAAbP3fMH7907ADQBe5WfONppZiLHFu5hxZ4OpidIAZ84MRF976lJP40MwuMwVGiHq7aXvm7ZkYgfv5MaMUSDAgAAAEBSAAAABWgBBwoA1EthWkHpIg4XPGEUN83CZoQ8y2TZLGtZyEUZy54_rrBjLeYMyvO1oRIX2tdC0lDF6kfFsSQ7nHdKjl5iEVzjQhohTW6-sTydXGOqsIY_BxHg7FNiYRorquWW4TWuPUuUa2NMuBHHzUeVMbMxz3S2v1EkvHMZH3rK2bNrPhZ2p9HJAstsIIllOdYPcYftXWRJXAMi3okKNJbFthTyPxuxr34X37t-HTKi76lQTYXWrKrUNjLxrGFmPNHUoF6uDckc3SOwSih1gsuSphk6PQ8pFANYsTyMmQK1e2S3E1SmgTvIoplOslCMmkYlZO7n4L0Qut38-Qpzk3qzJxDSnDEjGOdZfbvlharJs9DdLybjJLlGRCRkdi3P-xwiNFDWCYRd49sGI4EH1SjkqUmQv2kOkP5J9W8Pfg6SjoF6Sz1fvw8WnbUM8aT6D1BrokoaITOJDtqI9BmdvN9IGUTi8nApISNtbSMAT8Wr7ypcCIu2A1NNfzfDnFgnd4vjF9BPU0nq-Ogje3JGPJMCmVXpvAzkHsHJYkFKdt-nMMFQ0Zdt0HFZRtrkzSg_Y7kkHBdF9pyeVbCgjsAkTZxpHxnxj3Nx0Ycgr2b__8GWDFpfKfufKq37E-PviE5uKo3E91MFl20ULZO5ItjAojMI-A6gnTUIPl08J-_lWhN8k_Xi1CHKYbOo6_krp-1nwJ1MhPArI6AD6dEVAf_NRbWfSS_ASwyAJ1ctPIV2vd8u03TZRwbNoEOe1LCxcCMHUgMhoIaBvh109wfhKCKN1somGVyi4yCG12hTTctvE7KZ6w0iT9V3u87loYia26ovCMNY4IdhFRKtdYN3dR2J_yrmz1id6e6_S7lPDygWCK9tflD_T9QVdo3p-FhlnDt9kjw4u3g-yZ1a_MM5ARDNHz0NG1wBnljnXKiDGXTPvcveKNHfDvgCBeFcl7z8nTPQhGETH0qRLwq6JyrDPSmRG-_nBCveuVz4XZrqSh6zkyyjNM_VSvSyij4YHiONyaHec2wwvRXSn9tThIUZEbtschXV7ddDxM-NRxH2VCUVYjaqgo7W05pk2vidXn7HY5QjIMSNPCGH-quSC4X5ZQUrV6h3ignCiXl4j4BvpXOsZb9Fu0uBp1QjBKbvfxUmwGhPDFl6eEgl-3cSjoN0bZ55bKYI-uyqu4hDVHTDRcZpyMkL7XuSYqTIZg_esObEssxOR0sG4AML
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ibb.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 5F16 42 B
108 B 78ms
77ms Image
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvQIA4Ey01xtodrDEksD6O47co9UTqpqBfecwEUif1t_ikJNzozeyh4eREMcFeY1TW0qaqoUPWoU6D5Yea3tFKzePWQRKx5FqtN0eoyaeRIQ_H3FahrtVO_FIaE11vqWqw&sai=AMfl-YQgt7LXURU74_nXaa2mJkLA4Smw0zy-cCmg-S3__tYUaNoswqsW29mUbmRbsWFcwu4CXs5rI0fCIibkmyj0XXP8Sz_eOYSprhrJu8P5S8XxTWi0oaRT_F53t5uOQ39Z8U4V61b8Gcj05y5XQw&sig=Cg0ArKJSzNF6GRPpa-NDEAE&cid=CAQSTABpAlJWwhsJ3bAJZbOTo9YMUkkDxogoa2n41o3SivyFMP2-CSc3nPWG68ZV581kvvggghGJzJa09WBhI6CjkCKQ0jiqQYblRBOZ9iAYAQ&id=lidarv&acvw=sv%3D954%26v%3D20230802%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,169,299%26tos%3D2023,0,0,0,0%26mtos%3D2023,2023,2023,2023,2023%26amtos%3D0,0,0,0,0%26mcvt%3D2023%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2186%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D41%26pst%3D202%26dur%3D15040%26vmtime%3D2193%26dtos%3D2023%26dtoss%3D1%26dvs%3D2023%26dfvs%3D2023%26dvpt%3D2186%26is%3D33554707%26i0%3D33554450%26ic%3D16777473%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D756133402%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2023&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1695167641359

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bfa9ed82e61a589dc976c397d3ded1ae.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Sep 2023 23:54:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET dc_oe=ChMIntOHyO-3gQMVw23TCh24LQCVEAAYACCsyMVYOhoI_LT4iQQQysLVn6QEGOa_3uEDIM-9wp30EEITCNvVzsfvt4EDFWGe_QcdUl0Irg;dc_rmcid=CAQSTABpAlJWwhsJ3bAJZbOTo9YMUkkDxogoa2n41o3SivyFMP2-CSc3nPWG68ZV581kvvggghG...
ade.googlesyndication.com/ddm/activity/ Frame 5F16 0
0

GET /
googleads.g.doubleclick.net/pagead/interaction/ Frame 5F16 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: bfa9ed82e61a589dc976c397d3ded1ae.safeframe.googlesyndication.com
URL: https://bfa9ed82e61a589dc976c397d3ded1ae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Domain: ade.googlesyndication.com
URL: https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIntOHyO-3gQMVw23TCh24LQCVEAAYACCsyMVYOhoI_LT4iQQQysLVn6QEGOa_3uEDIM-9wp30EEITCNvVzsfvt4EDFWGe_QcdUl0Irg;dc_rmcid=CAQSTABpAlJWwhsJ3bAJZbOTo9YMUkkDxogoa2n41o3SivyFMP2-CSc3nPWG68ZV581kvvggghGJzJa09WBhI6CjkCKQ0jiqQYblRBOZ9iAYAQ;eps=CIDhgGAQARgdMgLLAjoCgEBIvf3BOg;met=1;acvw=sv%3D954%26v%3D20230802%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,169,299%26tos%3D3753,0,0,0,0%26mtos%3D3753,3753,3753,3753,3753%26amtos%3D0,0,0,0,0%26mcvt%3D3753%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3916%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D42%26pst%3D202%26dur%3D15040%26vmtime%3D3924%26dtos%3D1730%26dtoss%3D2%26dvs%3D1730%26dfvs%3D1730%26dvpt%3D1730%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26ic%3D0%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3753,3753,3753,3753,3753%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D756133402%26psm%3D15%26psv%3D14%26psfv%3D14%26psa%3D0%26pngs%3D9s,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,3753;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1695167641359;ecn1=1;etm1=0;eid1=960584;

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/interaction/?ai=CCBw_ljQKZduyN-G89u8P0rqh8Aqmz7zVbs-9wp30EOnxtOzNOBABIJ3CrWlgyQbIAQWoAwHIA5sEqgSKAk_Q9XeZb6z_8lSr_cpb_-Lbdm6z-el5IQidYJOXr81HPZvXewxSh4evnsg0xo9yXors-jOWi382qxF-08uLGfJYhEocDRkU4uq3t-YB9P-D9U4SilCBpXU8E4R9NrvpMrx1ie-LwpHmwISpVIE1iBEAPdel9Rri0dg_IpOH_8KsvOrFLGuKDmo23GmlO5Pa-WBEWL7mI6YOslgjnW32OEqvErdAqVsagksuEo7kBw8rGUUrc3uA3YysOh4CbQuR0AljVo5nM0XecUzf0oI6FbC6pkR2DmvnEx4lH1yRyN5_1Ep6zVu3Psjz22Bn19jrHzDTjuXurPBTKveMeYPX-_vCO61Fv2LHL3afwATKwtWfpATgBAOIBYrNxolJkAYBoAZ2gAfU-oTjA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAYBABGB0yAssCOgKAQEi9_cE6gAoByAsB4AsBgAwBqg0CVVPIDQGwE4rj1hTIE-a_3uED2BMKiBQG2BQB0BUB-BYBgBcB6BcF&sigh=eeAWFox3yM4&label=videoplaytime25&ad_mt=3924&acvw=sv%3D954%26v%3D20230802%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,169,299%26tos%3D3753,0,0,0,0%26mtos%3D3753,3753,3753,3753,3753%26amtos%3D0,0,0,0,0%26mcvt%3D3753%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3916%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D42%26pst%3D202%26dur%3D15040%26vmtime%3D3924%26dtos%3D1730%26dtoss%3D2%26dvs%3D1730%26dfvs%3D1730%26dvpt%3D1730%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26ic%3D0%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3753,3753,3753,3753,3753%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D756133402%26psm%3D15%26psv%3D14%26psfv%3D14%26psa%3D0%26pngs%3D9s,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,3753&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1695167641359

Verdicts & Comments Add Verdict or Comment

113 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
pt.protoawe.com/	1970-01-20 15:35:59	Name: psui Value: 256b5533593fc4a41f391489e6b8b442
.mgid.com/	1970-01-20 14:52:49	Name: __cf_bm Value: Biv.6FSc3JlBpO2iXQSLq0RzuXEMmiDHJtrXXptoHD8-1695167637-0-AXgj8j2aagDY+b5X8uJb3xtQ83fWqLpqFDI4GoAm5WFNLgzKEmQk4JswqvgwZyunMU6FwvYFUtqtaHYX4owVS8Y=
ibb.co/	1970-01-20 16:19:11	Name: __ppIdCC Value: ivv_xo210.5107037899
ibb.co/	1970-01-20 15:35:59	Name: _pbjs_userid_consent_data Value: 3524755945110770
.ibb.co/	1970-01-20 15:33:06	Name: sharedid Value: acade40f-836f-40c3-b0b6-67e19bd43b89
.ibb.co/	1970-01-21 00:14:23	Name: __gads Value: ID=ccc42fc681ee8493:T=1695167638:RT=1695167638:S=ALNI_MaP5duYHaUNUMgiyf-7Lhc7PevAJg
.ibb.co/	1970-01-21 00:14:23	Name: __gpi Value: UID=00000c790e8bdc0d:T=1695167638:RT=1695167638:S=ALNI_MYlkl8oiQhaUJIp6ZbsEb1cgU0Wlg
.doubleclick.net/	1970-01-21 00:28:47	Name: IDE Value: AHWqTUmpwL_Zj9BEbYwq7HmimQgBu9FE9wpHD8C4mzFuREbD6tcmEfIa0X8lyX_VPiE
.doubleclick.net/	1970-01-20 19:11:59	Name: APC Value: AfxxVi4n_K0YpbZU1LITE81s-69WaTm15AM6GoH8lg-8p_KEhhkzxw
.criteo.com/	1970-01-21 00:14:23	Name: uid Value: 4c0da3c6-add8-433f-a4d0-9f7d05f0fc9d
.ibb.co/	1970-01-21 00:14:23	Name: cto_bundle Value: N8jUw193bmFJMzcxR2NzODhYbkx6dmtWNFMlMkZXQkk2OFhGaEEzME1OZTdYdGxUa0pLblVlUktuekk4JTJGbTZwREMxNEdHS00yM01MUmxPWlZ5UmZFSXVVbEVQbnBwc251SFZnZFdwT3ZwVHBScThBSXRIRWtzWTRIeE5NQ3lwJTJGbm1pMnNsM3BSZzF5RTNqNVhlRnVDdWlMQ3RJN1ElM0QlM0Q

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1(Line 6) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	error	URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js(Line 3) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://ibb.co') does not match the recipient window's origin ('https://bfa9ed82e61a589dc976c397d3ded1ae.safeframe.googlesyndication.com').

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload max-age=63072000; includeSubDomains; preload
X-Frame-Options	DENY DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax.amazon-adsystem.com
ade.googlesyndication.com
adsystem.pocpoc.io
assets.vlitag.com
bfa9ed82e61a589dc976c397d3ded1ae.safeframe.googlesyndication.com
bid.g.doubleclick.net
c.amazon-adsystem.com
c.usefulcontentsites.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.usefulcontentsites.com
cm.mgid.com
config.aps.amazon-adsystem.com
csi.gstatic.com
dsp.vlitag.com
fonts.googleapis.com
fonts.gstatic.com
galleryn0.vcmdiawe.com
galleryn1.vcmdiawe.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
i.ibb.co
ibb.co
id5-sync.com
images.outbrainimg.com
imasdk.googleapis.com
log.outbrainimg.com
mcdp-nydc1.outbrain.com
media.vlitag.com
odb.outbrain.com
pagead2.googlesyndication.com
pt-static1.awepsljan.com
pt-static2.awepsljan.com
pt-static5.awepsljan.com
pt.protoawe.com
px.pocpoc.io
px.vliplatform.com
r4---sn-4g5edndr.c.2mdn.net
r5---sn-4g5edndk.googlevideo.com
redirector.googlevideo.com
securepubads.g.doubleclick.net
services.vlitag.com
simgbb.com
static.criteo.net
static.vliplatform.com
tpc.googlesyndication.com
widgets.outbrain.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
ade.googlesyndication.com
bfa9ed82e61a589dc976c397d3ded1ae.safeframe.googlesyndication.com
googleads.g.doubleclick.net
104.16.86.20
104.19.131.76
104.21.4.104
104.22.53.86
104.22.58.199
142.250.179.99
142.250.184.226
142.250.185.194
142.250.185.202
142.250.186.161
142.250.186.174
142.250.186.34
142.250.186.46
142.250.186.72
142.250.74.202
146.75.122.132
162.19.138.119
162.19.58.156
172.217.133.202
172.217.133.233
172.217.16.131
172.217.18.1
172.217.18.2
172.67.158.59
172.67.75.64
178.250.1.11
178.250.1.3
18.238.243.122
18.239.64.29
18.239.69.131
184.30.17.67
188.114.97.3
2.18.161.178
213.174.132.224
216.239.36.178
216.58.206.34
216.58.206.36
64.202.112.191
64.233.166.157
93.93.51.190
93.93.51.191
93.93.51.200
03a4b8eeed06bd5b9c5a4a3f160407a0417175cc2068df1a2a37b67b821c0e8c
04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63
0535d4fc35189f465897db9b77706b94125e4f227fed7db9cae500e18957c25a
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07eb86d32844a4bae782c9a243f8db9a435b9fa116c5b19f7de310789b9d63a8
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
0dc2dfbb8a7cfd95b7e26cd31635911739b4ee1fb41363e062a9673fdca156f6
0f7f22f2872f88cca7b3addb165c73d38e78ec21a055c749b12f15652ff97636
126c11c64e3f9349bf18e639ed3383fcdd7c6495f7e6b1c362e040a98b25b83a
13b366f758c2bb9410d91a6b7bb1efa9db2b58a161e4c7517688006b1223a4f1
1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0
191a98003e98b429276e8f3daefd3849a1603a4ddee78efc0168ba41a131a5bb
1a4dc19ff4252e47630d51b345780b1b96b9c6a21ff358266e9d60bf8c715ac2
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
20cf474dea9c0f5240d01473977eeec6332beec6bcf12667c09745153435b1d2
24fc145aca56469bbad858de9c200d10f3289d9c0f80c9386b8c49fdb3742639
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3b5c79fa6438eb8abbfc5dbde134a7f49a7f5920a1099a47b5ffed5222b495f0
3fd9718577e933c7afc3721d8f700103505378b8533032b41780d0774c60103f
44d1c878ee2c022361cfcae57d526f0c92c2c42f553973579c07fcebeac26502
45906ccf25c34566708e3c7b29332f2d567c6fa53c72a64b2523928343be6cd1
45fe766308841d0d4a2068ef014d83df899ef6623f6bb4bde509431657b1c707
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4a3f733fef7fef6fa38e1fbdebc344c91949dae96eeed5cc5d10c4e024b5339f
4d74b4351d4e0e3553cb30759f88cafd67dd469cae9a883810b46ef53c7af4b2
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
520fd704b94c711b19d5c44660660a755d191c4400fd493bde84da71344e30e1
547cf2960a26f2a2014a4d946809c87ce80676e964d5e14c7b6b16a9a48e4625
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
569fe0084160ae6cb43aad05cdad1b12c4a9b9f8b511e0549e2042cce9c2a96b
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5db53bf6a77148dae0aece6b6512e4a6bf94603af72e449a0f23ed03e8b96ff3
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
672f68032c8f505b4d4c6adab0006116a049a0822244a4fe8708de007575e53a
6b43a661386c8afb1ecccdc626598b87976ffe17d5d703521451d2efc8d009b2
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554
7c3e967b49ebfb1e6b5ce829cfe418bbb1639e42e98341bbe3c9295593042886
7c598d6dc2f040f82c608cb1ef063629ad52ade976a354e578cfab5f2fbb428d
7c71c92c388bb8a89ad6be917e29a6aae6aa5b6fc2ca8aa8dc9a0ef344d748fd
7d71a852775aba4b8dc1944e102cb58b344c544fe55e69da4caa73e8ccc1d2cb
7db6d87048e8fbe8f4e217401c07e0f77c46251dda97cff99f943d2d47860793
7e83f0635bfd39bd3b447740cc7fce4c830522e7d4cd40596b41411745c37980
80329d457bd68a89b53ca393d3ba5f1c7b4f944c3c60ef8244a6969e10647c55
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8a216b2f5c2b4c0e01b2d8cc8317389a20bf9876d0dbefaa5eed49849bac61cd
8be5f11b40d73f6965e5d69189d533173aca057616a3b573316868678c132bfd
95dbbacaaa6b78654b2b74da75fa16e9986ff82fe674aea184b07e643295c871
9693ec40f86e36b0af6dac9d253c9a5fb7862996352562ec52d3dafb33635611
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034
9c0708679bedd56e14a891b53514d2c6e9bc375a1edfc061a01da7cce5145c91
a24a1cdd313ab6fa435e1a0f9f4f0395f864a11c9a5ff9610beafe91548d1a8d
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
b25b9a7c5e3db18c4ecee3cc7d3162cd8d9ecd91f17ec185d768de267e3ba3f6
b5aacc837f3866c139e24a9c447f8ecc672b3e718536585ac1fd0ce9cc0e4e8c
b72b133f647545d0fa6ca3c13454dc5adca17490e714c9abb3b56c61fdadd294
b8341f341848ee9eec71870d976b0895ef1084190c2e0b0349d2ba1c9b9ef64e
bd91080d2c7f2120ad82727f5c07bbb439b810ed4035993ddb1825ca1611396b
bf86da2dab73d8c8f5be9b5522b44419bc8947930de2ba7979aa78e52798cbc5
c3c89d5295be3c6415416b83a9e4c0fc67a790e55713ddc3f2d0c07185779acf
c43f2cfd502f8404bf58060207dfd8294ad0c7f1bc08e69db75713552f915795
c746ca687b3e79023240e45eb684f036fd9a1312b454758a6018b3ece635dafb
cc6fb3d4db65607a51860c2cbaa1834ce0389978de4676beca49073a9e68a785
ccebb3668d65d3268223556ecdbe14e98305dd0abeffe6308c75e7fb21188fc5
ccf9e7107118026e9bcc1af9be597940d0f3fb160be6489cbd2f944a80583233
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d192a5e1527c429f7e465e41ecbf501e491bbb33365f4870a332ff497c4b12e8
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dfd7b958b33c9fc76bed347e011983d0cc624cadea794b2a1a5a580eb6d18a0d
e0bfcf41c566f571ea252620518b4bee4496dba2b1df9a1aa3e436f81592e1b0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e51f30eaa1b837471eb36f9a0e16ee9193253126cddc3a81f1298739f6111105
e97a9988dce8067f81f57557b349dd481e0335e75175179b6b01322be2ff13a5
ea20638db28636dd397c7d1e793bddb9b65bf3dea9fd6ddcb3ee208354a451aa
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2d2bb84ffb7a5e500ecfdf719af30927460bc16051cd1a1bc520eebc971d731
f46bf0c1c79af4187878ef33dc72a02a554013f943f2eaeb9ad5e88c246b6b13
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fa178c4d46880590bcc3e79e8ba2fb51815827e8b5a39fa6701574c4415d51a7
fb895adcc4eece47885b10e10fe128aa1669db95ce26b04a04a19e20b103eb72
ff3ec271ef20383e3c4fd7f8a8bbab3610c6bd52fa7ca3a52059b97faf148b24

ibb.co Open in urlscan Pro 213.174.132.224 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

134 Requests

96 %HTTPS

0 %IPv6

27 Domains

53 Subdomains

41 IPs

6 Countries

5093 kBTransfer

8986 kBSize

11 Cookies

10 Outgoing links

Redirected requests

134 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ibb.co Open in urlscan Pro
213.174.132.224 Public Scan

Screenshot
Live screenshot

Full Image

134
Requests

96 %
HTTPS

0 %
IPv6

27
Domains

53
Subdomains

41
IPs

6
Countries

5093 kB
Transfer

8986 kB
Size

11
Cookies

134 HTTP transactions
1 data transactions