ibb.co Open in urlscan Pro
213.174.132.224  Public Scan

9 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38

• https://media.vlitag.com/vid/?id=aOSRX0RXaas&t=y HTTP 302
• https://redirector.googlevideo.com/videoplayback?expire=1682148371&ei=szdDZP-MCveRsfIPnrGiwAo&ip=184.164.141.146&id=o-AAmnbKPYyFrjMn1t2TrtpgWolxBIJD4IyioV8CdsK_Wn&itag=136&aitags=134%2C136%2C137%2C160%2C243&source=youtube&requiressl=yes&mh=3a&mm=31%2C26&mn=sn-a5mekn6s%2Csn-q4fl6nsr&ms=au%2Conr&mv=m&mvi=2&pl=19&initcwndbps=2187500&vprv=1&mime=video%2Fmp4&ns=OMj-e95DmZgdwt4I_wLJBIcM&gir=yes&clen=30541471&dur=207.373&lmt=1676131234772774&mt=1682126500&fvip=4&keepalive=yes&fexp=24007246&c=WEB&txp=1216224&n=fzdXWJZDo4gg4BOy_&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhALEcbMm4zldMOEaz0mmnhhVs29XSZe9a7zeqfSHVzEi4AiEAvwsqaWsnGOcm5hFSuRYaUNx3cn2m6Ou0yw3t4cjC_Ho%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgTswB7G-uvl3YSozF7Ew6ccBEVwVNj3hL3z5Lf81LeIsCIQDcU5_xmOnepZnc6deP1Ebrb55pEoPQf9Cdkman4_E6FQ%3D%3D HTTP 302
• https://r5---sn-5hne6nzd.googlevideo.com/videoplayback?expire=1682148371&ei=szdDZP-MCveRsfIPnrGiwAo&ip=184.164.141.146&id=o-AAmnbKPYyFrjMn1t2TrtpgWolxBIJD4IyioV8CdsK_Wn&itag=136&aitags=134%2C136%2C137%2C160%2C243&source=youtube&requiressl=yes&vprv=1&mime=video%2Fmp4&ns=OMj-e95DmZgdwt4I_wLJBIcM&gir=yes&clen=30541471&dur=207.373&lmt=1676131234772774&keepalive=yes&fexp=24007246&c=WEB&txp=1216224&n=fzdXWJZDo4gg4BOy_&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhALEcbMm4zldMOEaz0mmnhhVs29XSZe9a7zeqfSHVzEi4AiEAvwsqaWsnGOcm5hFSuRYaUNx3cn2m6Ou0yw3t4cjC_Ho%3D&cms_redirect=yes&mh=3a&mip=2a03:1b20:6:f011::6e&mm=31&mn=sn-5hne6nzd&ms=au&mt=1682137764&mv=m&mvi=5&pl=48&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIfaCe1D-GR8Fh81bFTO6zyJSJ0T6tJ_R-3oLkX_h-_gAIhALUhR7K0_w3hNPeoBH9GIu0MfqcpCuhoWcJkNeCXi9tr

43 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request hVc69zd Show response ibb.co/	22 KB 6 KB	472ms 267ms	Document text/html	213.174.132.224 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://ibb.co/hVc69zd Protocol H2 Security TLS 1.3, , AES_128_GCM Server 213.174.132.224 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx / Resource Hash 85faa269fcc378333fdde954a2c4a81fb2f6e1831410d376966cec5d668569e7 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload max-age=63072000; includeSubDomains; preload X-Frame-Options DENY DENY Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-encoding gzip content-type text/html; charset=UTF-8 date Sat, 22 Apr 2023 04:36:40 GMT server nginx strict-transport-security max-age=63072000; includeSubDomains; preload max-age=63072000; includeSubDomains; preload vary Accept-Encoding x-frame-options DENY DENY
GET H2	200	css2 fonts.googleapis.com/	9 KB 1 KB	130ms 47ms	Stylesheet text/css	2a00:1450:4001:830::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500&display=swap Requested by Host: ibb.co URL: https://ibb.co/hVc69zd Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 32d124d690d96776f2b6ed435474c10fd83bf2c9a72e5149ad65fa06ae162068 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sat, 22 Apr 2023 04:36:40 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sat, 22 Apr 2023 04:20:23 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 22 Apr 2023 04:36:40 GMT
GET H2	200	ibb.css simgbb.com/3991/	115 KB 26 KB	42ms 15ms	Stylesheet text/css	2606:4700:3032::ac43:83fb CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://simgbb.com/3991/ibb.css Requested by Host: ibb.co URL: https://ibb.co/hVc69zd Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:83fb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d192a5e1527c429f7e465e41ecbf501e491bbb33365f4870a332ff497c4b12e8 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 22 Apr 2023 04:36:40 GMT content-encoding br cf-cache-status HIT last-modified Thu, 02 Feb 2023 10:55:40 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1915 etag W/"63db96ac-1cd5c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8NtsM3eZJy3mnsR3%2B4kckbG0UWUz3QC9Pww9lZmq%2BBNJqLaP3A8ZEwqCgVIdsGmTVpd5EkiNRSfP%2FuisTTYDWZGf4%2F8GoYxZN1irgOcKsTKNxXb0iEw2KftJLND%2FdYSBSKtm%2F%2FRGxYjr"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * cache-control max-age=31536000 cf-ray 7bbb2ac76ef1996e-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	subscribe.js Show response cdn.usefulcontentsites.com/js/push/	5 KB 2 KB	43ms 17ms	Script application/javascript	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.usefulcontentsites.com/js/push/subscribe.js?v=7 Requested by Host: ibb.co URL: https://ibb.co/hVc69zd Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7c598d6dc2f040f82c608cb1ef063629ad52ade976a354e578cfab5f2fbb428d Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers x-id fr5-hw-edge-gc36 date Sat, 22 Apr 2023 04:36:40 GMT x-amz-version-id null content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id 6HJCZFDPZ7RZJG5S age 203 x-cached-since 2023-04-22T02:23:47+00:00 x-nginx nginx-be alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-amz-id-2 Irbus21i3obu90d864kDeSZ1BPkQOelYm2UUOXTmkQEsulPiJa4XjbFkYcGL+19KBeLIU/AHDhI= last-modified Wed, 30 Mar 2022 12:06:36 GMT server cloudflare x-amz-meta-s3cmd-attrs atime:1648641987/ctime:1648641987/gid:0/gname:root/md5:531a7e657aea171bbfa47a0c45adfede/mode:33206/mtime:1648641987/uid:0/uname:root etag W/"531a7e657aea171bbfa47a0c45adfede" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pcyaBu1iy0qsWg4U4mN8X0HQ9codxsEb7jo5dBtdKTay7%2BOc1s8kyWFDmAHGcP0PA4Z40Xut0kiZBv65HKH34WhpY13Bck%2FKyJRJWvuFide26gzt6eUaUu9qKDXGHROyeN%2FglflEl6scQFAroWvhlk8SAFyfE%2F%2B5EQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control max-age=14400 cache HIT cf-ray 7bbb2ac7bd829bdc-FRA
GET H2	200	/ Show response services.vlitag.com/adv1/	550 KB 144 KB	73ms 33ms	Script application/javascript	2606:4700:10::6816:3ac7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1 Requested by Host: ibb.co URL: https://ibb.co/hVc69zd Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:3ac7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9f3cebae5ada834660f76029371b74cae2c5348ae0de2a89b5ed65a2ec0f7006 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 22 Apr 2023 04:36:40 GMT content-encoding br cf-cache-status HIT cf-bgj minify server cloudflare age 342 cf-polished origSize=563479 etag W/"8e6637b4f4f57cc6ca9a8b8db5bcdcb1 2023-04-21T01:20:57 v1 default" vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control public, max-age=900, stale-while-revalidate=3600 x-robots-tag noindex, nofollow, noarchive, nosnippet cf-ray 7bbb2ac80baf0414-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	logo.png simgbb.com/images/	938 B 1 KB	13ms 13ms	Image image/png	2606:4700:3032::ac43:83fb CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://simgbb.com/images/logo.png Requested by Host: ibb.co URL: https://ibb.co/hVc69zd Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:83fb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 80329d457bd68a89b53ca393d3ba5f1c7b4f944c3c60ef8244a6969e10647c55 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 22 Apr 2023 04:36:40 GMT cf-cache-status HIT last-modified Thu, 02 Feb 2023 10:55:40 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 958 etag "63db96ac-3aa" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8UujYsL9QWnMMLDsu4x0%2F%2BlSIp3NF74PoPerSEyv%2BirwntyAmISCg4DRLmJseqQf46SiW7HzWTgmg7I%2BBQARmGdgdNWWnEz32vjhSW5qKIsLi50MeOfsMsuo8dSGjotB9e6Bghovt6c%2B"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=31536000 accept-ranges bytes cf-ray 7bbb2ac81f79996e-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 938
GET H2	200	295539211-7693239984084531-6181689938595819402-n.jpg i.ibb.co/w47kgmQ/	103 KB 104 KB	155ms 17ms	Image image/jpeg	162.19.58.159 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://i.ibb.co/w47kgmQ/295539211-7693239984084531-6181689938595819402-n.jpg Requested by Host: ibb.co URL: https://ibb.co/hVc69zd Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.19.58.159 , France, ASN16276 (OVH, FR), Reverse DNS ns3096667.ip-162-19-58.eu Software nginx / Resource Hash 7518d4c24fb5d5e6d2b403b600efde27ca8a101d1cff6274b9f7e9547e7138c8 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 22 Apr 2023 04:36:40 GMT last-modified Sat, 22 Apr 2023 02:17:43 GMT server nginx access-control-allow-methods GET, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 105695 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	script Show response pt.protoawe.com/cifra/	2 KB 2 KB	62ms 25ms	Script application/javascript	93.93.51.191 DOCLER-AS
General Check archive.org Show headers Download Go to Full URL https://pt.protoawe.com/cifra/script?id=awe-customiframe-container&row=1&column=4&border=0&wide=0&padding=8px&model=0&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&legacyRedirect=1 Requested by Host: ibb.co URL: https://ibb.co/hVc69zd Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 93.93.51.191 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash 3b5c79fa6438eb8abbfc5dbde134a7f49a7f5920a1099a47b5ffed5222b495f0 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 22 Apr 2023 04:36:40 GMT cache-control no-cache server unknown content-type application/javascript
GET H2	200	jquery2.js Show response simgbb.com/3991/	114 KB 41 KB	17ms 16ms	Script application/javascript	2606:4700:3032::ac43:83fb CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://simgbb.com/3991/jquery2.js Requested by Host: ibb.co URL: https://ibb.co/hVc69zd Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:83fb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ff3ec271ef20383e3c4fd7f8a8bbab3610c6bd52fa7ca3a52059b97faf148b24 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 22 Apr 2023 04:36:40 GMT content-encoding br cf-cache-status HIT last-modified Thu, 02 Feb 2023 10:55:40 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 256 etag W/"63db96ac-1c65d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WhcCIQQvRbcnAeUzCVO%2F%2Bs6Ewq7KF30I9L5onKJv%2B06B5F3g0n9LwU5%2FUIyGc0WEoaxH9xAeUJB8IxFRNEE5Nsne2bmCW0no5v3ze6NkoFxDwvnRwpPFIPILtFnZuE3MVAb6EzsnQ%2F7z"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control max-age=31536000 cf-ray 7bbb2ac81f81996e-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	ibb.js Show response simgbb.com/3991/	216 KB 62 KB	19ms 19ms	Script application/javascript	2606:4700:3032::ac43:83fb CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://simgbb.com/3991/ibb.js Requested by Host: ibb.co URL: https://ibb.co/hVc69zd Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:83fb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4ca2cda436af69419be5a8c2a60d4c719bcc1a160f8b7aed3b1871428ca4731f Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 22 Apr 2023 04:36:40 GMT content-encoding br cf-cache-status HIT last-modified Thu, 02 Feb 2023 10:55:40 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 646 etag W/"63db96ac-35eda" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9M4FFn6auTRaBFKyNJWwE5ukp25Fk6gwaZ%2BvSE%2FY%2FjW8VVw%2BCcnVQDJyauIKcr5yv%2BN6NnlKmAboj4IpJ6ES7qTb7LnRPnH5Pko9LyRs%2BejTz9KXAVt6Uho75wrdNyqdFbI8RorJwm2V"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control max-age=31536000 cf-ray 7bbb2ac81f83996e-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	cifra Show response pt.protoawe.com/ Frame 89E4	24 KB 7 KB	153ms 117ms	Document text/html	93.93.51.191 DOCLER-AS
General Check archive.org Show headers Download Go to Full URL https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1 Requested by Host: ibb.co URL: https://ibb.co/hVc69zd Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 93.93.51.191 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash 0a04b7ac5a2a7969e9697649465e7ec35fdf4e1f36a5061f19eb5b527d03cb42 Request headers Referer https://ibb.co/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control no-cache content-encoding gzip content-type text/html; charset=UTF-8 date Sat, 22 Apr 2023 04:36:40 GMT server unknown vary Accept-Encoding
GET H2	200	imgbb.woff2 simgbb.com/fonts/	8 KB 9 KB	31ms 13ms	Font font/woff2	2606:4700:3032::ac43:83fb CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://simgbb.com/fonts/imgbb.woff2 Requested by Host: simgbb.com URL: https://simgbb.com/3991/ibb.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:83fb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f46bf0c1c79af4187878ef33dc72a02a554013f943f2eaeb9ad5e88c246b6b13 Request headers Referer https://simgbb.com/3991/ibb.css Origin https://ibb.co accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 22 Apr 2023 04:36:40 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 6843 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 8468 last-modified Thu, 02 Feb 2023 10:55:40 GMT server cloudflare etag "63db96ac-2114" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SBwqQ802648Dceol06oVh8m6Vv86b2oQWqwHm6ct2zB0y8jjX1rN4RtthKLNtxguu2xlzK2mxfuhW7E8L%2Bo8h1EgPwhwgkhufdTYgnPog%2B9XxAzKNPlAzVHbVOBpRqeS7Tus%2F4uVaR26"}],"group":"cf-nel","max_age":604800} content-type font/woff2 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes cf-ray 7bbb2ac83a625c62-FRA
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 fonts.gstatic.com/s/opensans/v34/	44 KB 44 KB	115ms 36ms	Font font/woff2	2a00:1450:4001:812::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://ibb.co accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 18 Apr 2023 02:01:11 GMT x-content-type-options nosniff age 354929 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 44856 x-xss-protection 0 last-modified Mon, 15 Aug 2022 18:20:18 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 17 Apr 2024 02:01:11 GMT
GET H2	200	js-cookie-muidn Show response cm.mgid.com/	0 399 B	132ms 106ms	Script application/javascript	2606:4700:1::6813:844e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cm.mgid.com/js-cookie-muidn Requested by Host: cdn.usefulcontentsites.com URL: https://cdn.usefulcontentsites.com/js/push/subscribe.js?v=7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma no-cache date Sat, 22 Apr 2023 04:36:40 GMT cf-cache-status DYNAMIC server cloudflare content-type application/javascript cache-control no-store, no-cache, must-revalidate, max-age=0 cf-ray 7bbb2ac85e9f049f-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0
GET H2	200	295539211-7693239984084531-6181689938595819402-n.jpg i.ibb.co/7KQfCmp/	170 KB 171 KB	96ms 17ms	Image image/jpeg	162.19.58.159 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://i.ibb.co/7KQfCmp/295539211-7693239984084531-6181689938595819402-n.jpg Requested by Host: ibb.co URL: https://ibb.co/hVc69zd Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.19.58.159 , France, ASN16276 (OVH, FR), Reverse DNS ns3096667.ip-162-19-58.eu Software nginx / Resource Hash b619947b2db9ba6464683a86bdb544af8a221f510ad076f7006f570294e671d6 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 22 Apr 2023 04:36:40 GMT last-modified Sat, 22 Apr 2023 02:17:43 GMT server nginx access-control-allow-methods GET, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 174452 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	8e6637b4f4f57cc6ca9a8b8db5bcdcb1.json Show response services.vlitag.com/cli/	42 B 363 B	169ms 152ms	XHR application/json	2606:4700:10::6816:3ac7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://services.vlitag.com/cli/8e6637b4f4f57cc6ca9a8b8db5bcdcb1.json?hn=https://ibb.co Requested by Host: services.vlitag.com URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:3ac7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 06b3258a04972a1d7f68be72590027398d11c5a8b9a2643aba80d99baa293315 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma no-cache date Sat, 22 Apr 2023 04:36:40 GMT cf-cache-status BYPASS server cloudflare vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin https://ibb.co cache-control private, no-cache, no-store, must-revalidate accept-ranges bytes x-robots-tag noindex, nofollow, noarchive, nosnippet cf-ray 7bbb2ac8ba802c5f-FRA content-length 42 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	di.min-v366638.js Show response pt-static2.awepsljan.com/npe/_common/script/incognito/ Frame 89E4	3 KB 2 KB	57ms 8ms	Script application/javascript	93.93.51.200 DOCLER-AS
General Check archive.org Show headers Download Go to Full URL https://pt-static2.awepsljan.com/npe/_common/script/incognito/di.min-v366638.js Requested by Host: pt.protoawe.com URL: https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash 7d71a852775aba4b8dc1944e102cb58b344c544fe55e69da4caa73e8ccc1d2cb Request headers accept-language de-DE,de;q=0.9 Referer https://pt.protoawe.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers x-cdn-node defra date Sat, 22 Apr 2023 04:36:40 GMT content-encoding gzip last-modified Thu, 20 Apr 2023 11:53:27 GMT server unknown etag W/"644127b7-d47" x-cache-status R-HIT vary Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=1209600 expires Sat, 06 May 2023 04:36:40 GMT
GET H2	200	advertisement-v366638.js Show response pt-static4.awepsljan.com/npe/_common/script/adblock/ Frame 89E4	21 B 277 B	56ms 8ms	Script application/javascript	93.93.51.200 DOCLER-AS
General Check archive.org Show headers Download Go to Full URL https://pt-static4.awepsljan.com/npe/_common/script/adblock/advertisement-v366638.js Requested by Host: pt.protoawe.com URL: https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash e97a9988dce8067f81f57557b349dd481e0335e75175179b6b01322be2ff13a5 Request headers accept-language de-DE,de;q=0.9 Referer https://pt.protoawe.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers x-cdn-node defra date Sat, 22 Apr 2023 04:36:40 GMT last-modified Thu, 20 Apr 2023 11:53:27 GMT server unknown etag "644127b7-15" x-cache-status R-HIT content-type application/javascript access-control-allow-origin * cache-control max-age=1209600 accept-ranges bytes content-length 21 expires Sat, 06 May 2023 04:36:40 GMT
GET H2	200	cifra-v366638.css pt-static1.awepsljan.com/npe/cifra/styles/ Frame 89E4	13 KB 3 KB	46ms 9ms	Stylesheet text/css	93.93.51.200 DOCLER-AS
General Check archive.org Show headers Download Go to Full URL https://pt-static1.awepsljan.com/npe/cifra/styles/cifra-v366638.css Requested by Host: pt.protoawe.com URL: https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash 4de64056b7dddc368212a00df583e9d77dd739388610f49a4839fe1c83f90205 Request headers accept-language de-DE,de;q=0.9 Referer https://pt.protoawe.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers x-cdn-node defra date Sat, 22 Apr 2023 04:36:40 GMT content-encoding gzip last-modified Thu, 20 Apr 2023 11:53:27 GMT server unknown etag W/"644127b7-35cb" x-cache-status R-HIT vary Accept-Encoding, Accept-Encoding content-type text/css access-control-allow-origin * cache-control max-age=1209600 expires Sat, 06 May 2023 04:36:40 GMT
GET H2	200	cifrafk-v366638.js Show response pt-static5.awepsljan.com/npe/cifra/script/ Frame 89E4	322 KB 116 KB	62ms 11ms	Script application/javascript	93.93.51.200 DOCLER-AS
General Check archive.org Show headers Download Go to Full URL https://pt-static5.awepsljan.com/npe/cifra/script/cifrafk-v366638.js Requested by Host: pt.protoawe.com URL: https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash 1cb944527f6d652c8517cf9f67b5fc8460070fe00d73fa38112f3a809e5c2cfd Request headers accept-language de-DE,de;q=0.9 Referer https://pt.protoawe.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers x-cdn-node defra date Sat, 22 Apr 2023 04:36:40 GMT content-encoding gzip last-modified Thu, 20 Apr 2023 11:53:27 GMT server unknown etag W/"644127b7-50776" x-cache-status R-HIT vary Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=1209600 expires Sat, 06 May 2023 04:36:40 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/ Frame 89E4	198 KB 67 KB	134ms 46ms	Script application/javascript	2a00:1450:4001:830::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-WXTGF28 Requested by Host: pt.protoawe.com URL: https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 8a093a87caf61d2f46ad5934b6dff9ef77a53b3cba21cb1c945bb16d96888ed4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pt.protoawe.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 22 Apr 2023 04:36:40 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 68422 x-xss-protection 0 last-modified Sat, 22 Apr 2023 03:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sat, 22 Apr 2023 04:36:40 GMT
GET H3	200	vl.json Show response services.vlitag.com/vld/1682068313/	13 B 284 B	155ms 155ms	XHR application/json	2606:4700:10::6816:3ac7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://services.vlitag.com/vld/1682068313/vl.json?page_url=https%3A%2F%2Fibb.co%2FhVc69zd Requested by Host: services.vlitag.com URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:3ac7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 22 Apr 2023 04:36:40 GMT cf-cache-status HIT last-modified Sat, 22 Apr 2023 02:19:32 GMT server cloudflare vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin https://ibb.co cache-control public, immutable, max-age=31536000 accept-ranges bytes x-robots-tag noindex, nofollow, noarchive, nosnippet cf-ray 7bbb2ac9bad89972-FRA content-length 13 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	8e6637b4f4f57cc6ca9a8b8db5bcdcb1.json Show response services.vlitag.com/obj/1682068313/	31 KB 5 KB	24ms 23ms	XHR application/json	2606:4700:10::6816:3ac7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://services.vlitag.com/obj/1682068313/8e6637b4f4f57cc6ca9a8b8db5bcdcb1.json?cc=DE&hn=https://ibb.co Requested by Host: services.vlitag.com URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:3ac7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a84fa1973ec2d4619d44fdbdf051818433bafaf3d14aca39d1118a78815282b4 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 22 Apr 2023 04:36:40 GMT content-encoding br cf-cache-status HIT last-modified Fri, 21 Apr 2023 09:12:09 GMT server cloudflare age 69832 vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin https://ibb.co cache-control public, immutable, max-age=31536000 x-robots-tag noindex, nofollow, noarchive, nosnippet cf-ray 7bbb2ac9badc9972-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	prebid-7.34.0.js Show response assets.vlitag.com/prebid/default/	564 KB 169 KB	46ms 37ms	Script application/javascript	2606:4700:10::6816:3ac7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://assets.vlitag.com/prebid/default/prebid-7.34.0.js Requested by Host: services.vlitag.com URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:3ac7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5e0cd7c93caed8ff26db1c4ebd8e053f8a76e7127b9f4b036c2af89653e68737 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 22 Apr 2023 04:36:40 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 1556067 cf-polished origSize=579129 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block cf-bgj minify last-modified Wed, 01 Feb 2023 04:21:56 GMT server cloudflare etag W/"63d9e8e4-8d639" vary Accept-Encoding content-type application/javascript cache-control max-age=16070400 x-robots-tag noindex, nofollow cf-ray 7bbb2aca1e3c0414-FRA expires Fri, 31 Mar 2023 09:09:29 GMT
GET H2	200	gpt.js Show response www.googletagservices.com/tag/js/	74 KB 25 KB	219ms 137ms	Script text/javascript	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/tag/js/gpt.js Requested by Host: services.vlitag.com URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 081513f054ad2bfb51dda3bccd22dee1fd03cadc4274a8e12d4228198235aa6d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 22 Apr 2023 04:36:40 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 25057 x-xss-protection 0 server cafe etag 671 / 19469 / 31074053 / config-hash: 6342739278968460252 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * expires Sat, 22 Apr 2023 04:36:40 GMT
GET H2	200	ima3.js Show response imasdk.googleapis.com/js/sdkloader/	360 KB 121 KB	53ms 47ms	Script text/javascript	2a00:1450:4001:830::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://imasdk.googleapis.com/js/sdkloader/ima3.js Requested by Host: services.vlitag.com URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3151e33d06603419c364949fc9d2644045fea83bd9580886fd5388cbff467e36 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 22 Apr 2023 04:36:40 GMT content-encoding gzip x-content-type-options nosniff server sffe cross-origin-opener-policy same-origin; report-to="ads-doubleclick-instream-static" vary Accept-Encoding report-to {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]} content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 123415 x-xss-protection 0 expires Sat, 22 Apr 2023 04:36:40 GMT
GET H2	200	sf_host.min.js Show response assets.vlitag.com/plugins/safeframe/src/js/	38 KB 17 KB	32ms 24ms	Script application/javascript	2606:4700:10::6816:3ac7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://assets.vlitag.com/plugins/safeframe/src/js/sf_host.min.js Requested by Host: services.vlitag.com URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:3ac7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 22 Apr 2023 04:36:40 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 1239395 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Fri, 01 Nov 2019 05:04:50 GMT server cloudflare etag W/"5dbbbcf2-9806" vary Accept-Encoding content-type application/javascript cache-control max-age=16070400 x-robots-tag noindex, nofollow cf-ray 7bbb2aca1e3e0414-FRA expires Thu, 30 Mar 2023 09:41:46 GMT
GET H2	200	apstag.js Show response c.amazon-adsystem.com/aax2/	226 KB 56 KB	36ms 8ms	Script application/javascript	13.224.192.181 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/aax2/apstag.js Requested by Host: services.vlitag.com URL: https://services.vlitag.com/adv1/?q=8e6637b4f4f57cc6ca9a8b8db5bcdcb1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.192.181 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-192-181.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 49262cbd305b40a32de0c41a27e4a5aafc65927c0b7f0e6163e0e5b3739eab85 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 22 Apr 2023 04:15:15 GMT content-encoding gzip via 1.1 adc51edbb4dc468fb382e40b115a2f62.cloudfront.net (CloudFront), 1.1 c3b74c81fdcb7942211a6c721efa13fc.cloudfront.net (CloudFront) last-modified Wed, 19 Apr 2023 20:25:04 GMT server AmazonS3 x-amz-cf-pop FRA60-P1, FRA2-C1 age 1286 x-amz-server-side-encryption AES256 etag W/"d0373f28cbce103f094bc2631a9c8dd5" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control public, max-age=3600 x-amz-cf-id vIGhka7VxUl_FiO54Kb67kuaG66XFDSAf5OPE_BruCcWZACKwcStHA==
GET H2	200	748f62f3b3364158e1d2754ed21baa58_glamour_460x345.jpg galleryn1.awemdia.com/ff268cab8d9fbae1ed7506f97496274f17/ Frame 89E4	29 KB 29 KB	35ms 7ms	Image image/jpeg	93.93.51.190 DOCLER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://galleryn1.awemdia.com/ff268cab8d9fbae1ed7506f97496274f17/748f62f3b3364158e1d2754ed21baa58_glamour_460x345.jpg?cno=b98a Requested by Host: pt.protoawe.com URL: https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.93.51.190 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash d6ea39964e0a609599f1f0504ff3367a387e26f2dc02ac8025a5c8b526371c02 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://pt.protoawe.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers x-cdn-node defra date Sat, 22 Apr 2023 04:36:40 GMT x-content-type-options nosniff last-modified Mon, 17 Apr 2023 20:19:31 GMT server unknown etag "cfd5aa32d46afe35756950f12fd390c1" x-cache-status R-HIT content-type image/jpeg access-control-allow-origin * x-cache-source Origin cache-control max-age=1209600 x-real-source - accept-ranges bytes content-length 29417 expires Sat, 06 May 2023 04:36:40 GMT
GET H2	200	d67f0d012e1a802ac561f541a2c62aa3_glamour_460x345.jpg galleryn0.awemdia.com/ff268cab8d9fbae1ed7506f97496274f1d/ Frame 89E4	21 KB 22 KB	27ms 6ms	Image image/jpeg	93.93.51.190 DOCLER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://galleryn0.awemdia.com/ff268cab8d9fbae1ed7506f97496274f1d/d67f0d012e1a802ac561f541a2c62aa3_glamour_460x345.jpg?cno=d163 Requested by Host: pt.protoawe.com URL: https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.93.51.190 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash 292f1a4e07344fc401c6895b2aebc055617338c008669f1c029ef6642568fee7 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://pt.protoawe.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers x-cdn-node defra date Sat, 22 Apr 2023 04:36:40 GMT x-content-type-options nosniff last-modified Thu, 06 Apr 2023 06:55:41 GMT server unknown etag "8b313703be0435a7007a555c30da67b0" x-cache-status R-HIT content-type image/jpeg access-control-allow-origin * x-cache-source Origin cache-control max-age=1209600 x-real-source - accept-ranges bytes content-length 21683 expires Sat, 06 May 2023 04:36:40 GMT
GET H2	200	c90af09ce916946e244e8277b5c81049_glamour_460x345.jpg galleryn3.awemdia.com/ff268cab8d9fbae1ed7506f97496274f1c/ Frame 89E4	35 KB 36 KB	35ms 7ms	Image image/jpeg	93.93.51.190 DOCLER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://galleryn3.awemdia.com/ff268cab8d9fbae1ed7506f97496274f1c/c90af09ce916946e244e8277b5c81049_glamour_460x345.jpg?cno=1e12 Requested by Host: pt.protoawe.com URL: https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.93.51.190 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash 3da41cc4bd191ef1f26e501c14e82a3b7624f34c26d3725d2a583eb108dc70db Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://pt.protoawe.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers x-cdn-node defra date Sat, 22 Apr 2023 04:36:40 GMT x-content-type-options nosniff last-modified Sun, 26 Feb 2023 04:46:11 GMT server unknown etag "e59e3a970010b3b8ba77013edbc971e8" x-cache-status R-HIT content-type image/jpeg access-control-allow-origin * x-cache-source Origin cache-control max-age=1209600 x-real-source - accept-ranges bytes content-length 36239 expires Sat, 06 May 2023 04:36:40 GMT
GET H2	200	b51d76c94eebee3365518633e096f40c_glamour_460x345.jpg galleryn0.awemdia.com/ff268cab8d9fbae1ed7506f97496274f1b/ Frame 89E4	18 KB 19 KB	36ms 15ms	Image image/jpeg	93.93.51.190 DOCLER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://galleryn0.awemdia.com/ff268cab8d9fbae1ed7506f97496274f1b/b51d76c94eebee3365518633e096f40c_glamour_460x345.jpg?cno=d549 Requested by Host: pt.protoawe.com URL: https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.93.51.190 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash d17df3705b7ce756f26bfebadafd7c4769110c3ced78faf8a7cd1c0b5766cdb8 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://pt.protoawe.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers x-cdn-node defra date Sat, 22 Apr 2023 04:36:40 GMT x-content-type-options nosniff last-modified Sun, 05 Feb 2023 14:25:28 GMT server unknown etag "b9be49395b5116f85e1e507faa8124ae" x-cache-status R-HIT content-type image/jpeg access-control-allow-origin * x-cache-source Origin cache-control max-age=1209600 x-real-source - accept-ranges bytes content-length 18800 expires Sat, 06 May 2023 04:36:40 GMT
GET H2	200	aps_csm.js Show response c.amazon-adsystem.com/bao-csm/aps-comm/	6 KB 3 KB	24ms 7ms	XHR application/javascript	13.224.192.181 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.192.181 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-192-181.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers x-amz-version-id BeoItWAXLH_Ztd131J1ILFBRpuOxsQkH content-encoding gzip via 1.1 5a5b94c62ea85e0c0d78b169589b08b4.cloudfront.net (CloudFront) date Fri, 21 Apr 2023 20:21:08 GMT x-amz-cf-pop FRA2-C1 age 64556 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Thu, 13 Apr 2023 22:29:11 GMT server AmazonS3 etag W/"a4d296427fc806b21335359e398c025c" access-control-max-age 3000 access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control public, max-age=86400 vary Accept-Encoding,Origin x-amz-cf-id qNYucMwpk--OG09hsFoNDEJNmZiLdR_KLLAB7r9cx-qYDHLKLx_Ggg==
GET H2	200	analytics.js Show response www.google-analytics.com/ Frame 89E4	49 KB 20 KB	122ms 37ms	Script text/javascript	2a00:1450:4001:806::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WXTGF28 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://pt.protoawe.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Sat, 22 Apr 2023 04:35:44 GMT last-modified Tue, 10 Jan 2023 21:29:14 GMT server Golfe2 age 56 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20085 expires Sat, 22 Apr 2023 06:35:44 GMT
GET H2	200	pubads_impl.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304180101/	398 KB 124 KB	114ms 35ms	Script text/javascript	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304180101/pubads_impl.js?cb=31074053 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash df3f86e8cb9abbc7c08d77f3d0b9a74eb950a97edd59710f2020e8b1b2e7a241 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 21:24:40 GMT content-encoding br x-content-type-options nosniff age 25921 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 126571 x-xss-protection 0 server cafe etag 16530882680372410927 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 timing-allow-origin * expires Sat, 20 Apr 2024 21:24:40 GMT
GET H2	200	ppub_config Show response securepubads.g.doubleclick.net/pagead/	28 B 574 B	154ms 72ms	XHR application/json	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ibb.co Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c1c7a23390293d0ffeed4e1affd2ddae7eb2a2548fb76a8fd884d84e547e0464 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 22 Apr 2023 04:36:41 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private, max-age=3600, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 32 x-xss-protection 0 expires Sat, 22 Apr 2023 04:36:41 GMT
GET H2	204	config Show response c.amazon-adsystem.com/cdn/prod/	0 302 B	7ms 7ms	XHR text/plain	13.224.192.181 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fibb.co&pubid=9cf0c4f1-7630-476b-9141-f4472e005192 Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.192.181 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-192-181.fra2.r.cloudfront.net Software Server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 22 Apr 2023 03:08:45 GMT via 1.1 c3b74c81fdcb7942211a6c721efa13fc.cloudfront.net (CloudFront) server Server x-amz-cf-pop FRA2-C1 age 5274 x-cache Hit from cloudfront access-control-allow-origin https://ibb.co cache-control max-age=21550, s-maxage=21600 access-control-allow-credentials true x-amz-cf-id -BnwXcjVaVvdxwmAXFvu0bYgRDdLbz1q6KiHWKZmm34d8d36yfPQjQ==
GET H2	200	latest.json Show response cdn.jsdelivr.net/gh/prebid/currency-file@1/	2 KB 2 KB	34ms 17ms	XHR application/json	2606:4700::6810:5714 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230422 Requested by Host: assets.vlitag.com URL: https://assets.vlitag.com/prebid/default/prebid-7.34.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9a4c225e3059c9ec1712ed6c4154c0f79985402dffb38a938d6581cad5946889 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://ibb.co/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Content-Type text/plain Response headers date Sat, 22 Apr 2023 04:36:40 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 2141 x-jsd-version 1.0.1683 content-encoding br x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-served-by cache-fra-eddf8230103-FRA, cache-bma1647-BMA x-jsd-version-type version server cloudflare etag W/"63c-0AfnNtxWGDTJjeyoJD9A+sRE8aw" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uP3mcG%2Bfv3ubqWx78%2BI%2F5uKmfOojv04rF0wng%2BR3inbT%2BK%2FQc6siBQdXPQi0c4W%2B2NeMz0%2FIrXuTqu91%2BMsSvzwg9OVmuk3Gtg%2FCURXsxFR9gTyhB8c3bL06qRluZTHQuvfYerZL7rXD1EXio%2B8%3D"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 timing-allow-origin * cf-ray 7bbb2acbda95901e-FRA
GET H2	200	1572962830.jpg assets.vlitag.com/widget/2019/11/05/	192 KB 192 KB	28ms 28ms	Image image/jpeg	2606:4700:10::6816:3ac7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.vlitag.com/widget/2019/11/05/1572962830.jpg Requested by Host: ibb.co URL: https://ibb.co/hVc69zd Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:3ac7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 31370f14534e5bb78d3da68b6cf0e72369feea1bd68aaeac1b61d07094aa1deb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 22 Apr 2023 04:36:40 GMT x-content-type-options nosniff cf-cache-status HIT age 1970686 cf-polished degrade=85, origSize=227959, status=webp_bigger alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 196267 x-xss-protection 1; mode=block cf-bgj imgq:85,h2pri last-modified Tue, 05 Nov 2019 14:07:11 GMT server cloudflare etag "5dc1820f-37a77" vary Accept-Encoding content-type image/jpeg cache-control max-age=16070400 accept-ranges bytes x-robots-tag noindex, nofollow cf-ray 7bbb2acbe8400414-FRA expires Thu, 30 Mar 2023 09:41:47 GMT
GET H3	206	videoplayback r5---sn-5hne6nzd.googlevideo.com/ Redirect Chain https://media.vlitag.com/vid/?id=aOSRX0RXaas&t=y https://redirector.googlevideo.com/videoplayback?expire=1682148371&ei=szdDZP-MCveRsfIPnrGiwAo&ip=184.164.141.146&id=o-AAmnbKPYyFrjMn1t2TrtpgWolxBIJD4IyioV8CdsK_Wn&itag=136&aitags=134%2C136%2C137%2C... https://r5---sn-5hne6nzd.googlevideo.com/videoplayback?expire=1682148371&ei=szdDZP-MCveRsfIPnrGiwAo&ip=184.164.141.146&id=o-AAmnbKPYyFrjMn1t2TrtpgWolxBIJD4IyioV8CdsK_Wn&itag=136&aitags=134%2C136%2C...	301 KB 0	89ms 15ms	Media video/mp4	2a00:1450:400e:13::a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://r5---sn-5hne6nzd.googlevideo.com/videoplayback?expire=1682148371&ei=szdDZP-MCveRsfIPnrGiwAo&ip=184.164.141.146&id=o-AAmnbKPYyFrjMn1t2TrtpgWolxBIJD4IyioV8CdsK_Wn&itag=136&aitags=134%2C136%2C137%2C160%2C243&source=youtube&requiressl=yes&vprv=1&mime=video%2Fmp4&ns=OMj-e95DmZgdwt4I_wLJBIcM&gir=yes&clen=30541471&dur=207.373&lmt=1676131234772774&keepalive=yes&fexp=24007246&c=WEB&txp=1216224&n=fzdXWJZDo4gg4BOy_&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhALEcbMm4zldMOEaz0mmnhhVs29XSZe9a7zeqfSHVzEi4AiEAvwsqaWsnGOcm5hFSuRYaUNx3cn2m6Ou0yw3t4cjC_Ho%3D&cms_redirect=yes&mh=3a&mip=2a03:1b20:6:f011::6e&mm=31&mn=sn-5hne6nzd&ms=au&mt=1682137764&mv=m&mvi=5&pl=48&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIfaCe1D-GR8Fh81bFTO6zyJSJ0T6tJ_R-3oLkX_h-_gAIhALUhR7K0_w3hNPeoBH9GIu0MfqcpCuhoWcJkNeCXi9tr Requested by Host: ibb.co URL: https://ibb.co/hVc69zd Protocol H3 Server 2a00:1450:400e:13::a , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software gvs 1.0 / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers client-protocol quic date Sat, 22 Apr 2023 04:36:41 GMT x-restrict-formats-hint None x-content-type-options nosniff last-modified Sat, 11 Feb 2023 16:00:34 GMT server gvs 1.0 vary Origin content-type video/mp4 Content-Range bytes 0-30541470/30541471 cache-control private, max-age=9870 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" Content-Length 30541471 expires Sat, 22 Apr 2023 04:36:41 GMT Redirect headers pragma no-cache date Sat, 22 Apr 2023 04:36:41 GMT x-content-type-options nosniff server ClientMapServer x-frame-options SAMEORIGIN content-type text/html; charset=UTF-8 location https://r5---sn-5hne6nzd.googlevideo.com/videoplayback?expire=1682148371&ei=szdDZP-MCveRsfIPnrGiwAo&ip=184.164.141.146&id=o-AAmnbKPYyFrjMn1t2TrtpgWolxBIJD4IyioV8CdsK_Wn&itag=136&aitags=134%2C136%2C137%2C160%2C243&source=youtube&requiressl=yes&vprv=1&mime=video%2Fmp4&ns=OMj-e95DmZgdwt4I_wLJBIcM&gir=yes&clen=30541471&dur=207.373&lmt=1676131234772774&keepalive=yes&fexp=24007246&c=WEB&txp=1216224&n=fzdXWJZDo4gg4BOy_&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhALEcbMm4zldMOEaz0mmnhhVs29XSZe9a7zeqfSHVzEi4AiEAvwsqaWsnGOcm5hFSuRYaUNx3cn2m6Ou0yw3t4cjC_Ho%3D&cms_redirect=yes&mh=3a&mip=2a03:1b20:6:f011::6e&mm=31&mn=sn-5hne6nzd&ms=au&mt=1682137764&mv=m&mvi=5&pl=48&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIfaCe1D-GR8Fh81bFTO6zyJSJ0T6tJ_R-3oLkX_h-_gAIhALUhR7K0_w3hNPeoBH9GIu0MfqcpCuhoWcJkNeCXi9tr cache-control no-cache, must-revalidate alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1207 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/ Frame 89E4	216 KB 75 KB	48ms 47ms	Script application/javascript	2a00:1450:4001:830::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-H7LMNP6Q9N&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WXTGF28 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 34fe65f449e93dabdc205f26b3dcf4e25e25f52c788d4c7c6748888b6d295873 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pt.protoawe.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 22 Apr 2023 04:36:41 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 76888 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Sat, 22 Apr 2023 04:36:41 GMT
GET H2	200	Zs8.gif pt.protoawe.com/fzNrc/ Frame 89E4	43 B 296 B	16ms 16ms	Image image/gif	93.93.51.191 DOCLER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://pt.protoawe.com/fzNrc/Zs8.gif?psprogram=revs&pstool=212_1&site=jsm&campaign_id=&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&psid=mesaction&categoryName=girl&vp%5BautoPlay%5D=1&vp%5BshowChat%5D=0&vp%5BchatAutoHide%5D=0&im=1 Requested by Host: ibb.co URL: https://ibb.co/hVc69zd Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 93.93.51.191 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers accept-language de-DE,de;q=0.9 Referer https://pt.protoawe.com/cifra?psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=1&column=4&background=0&fill=0&border=0&model=0&modelColor=0&modelFill=0&wide=0&padding=8px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&psid=mesaction&legacyRedirect=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 22 Apr 2023 04:36:41 GMT last-modified Mon, 28 Sep 1970 06:00:00 GMT server unknown content-type image/gif access-control-allow-origin * cache-control no-cache content-length 43 expires Sat, 22 Apr 2023 04:36:40 GMT
GET H2	200	push-event-counter c.usefulcontentsites.com/	43 B 488 B	148ms 132ms	Image image/gif	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://c.usefulcontentsites.com/push-event-counter?permission=default&domain=ibb.co Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers accept-language de-DE,de;q=0.9 Referer https://ibb.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 22 Apr 2023 04:36:41 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-mg-request-uuid a308e301-13a5-481f-b704-b04f0c32c560 server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2x%2BSDluZhkC4xKmej0DWowjbF0ggQkVgVef%2F0mul46f7KSSNFgenbBWjBpLAPDYf7u5Ski%2F1zsON29TBqoTh70Zp%2BiVi%2B12VVEryWBg7SpDToni0zW%2BdRX3JljSO8SYBIDIYza8%2BC%2FhxFCdivrprgJPMQgv1yvM%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-methods POST, OPTIONS access-control-allow-origin https://ibb.co content-type image/gif cf-ray 7bbb2ad05d959bdc-FRA access-control-allow-headers * alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400