urlscan.io logo urlscan.io
SecurityTrails logo

i.ibisbudget-chateaudun.vip Open in urlscan Pro
2606:4700:3030::ac43:d680  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://i.ibisbudget-chateaudun.vip/t/g.php?ref=3D%3D
Submission: On March 11 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 8 domains to perform 48 HTTP transactions. The main IP is 2606:4700:3030::ac43:d680, located in United States and belongs to CLOUDFLARENET, US. The main domain is i.ibisbudget-chateaudun.vip.
TLS certificate: Issued by GTS CA 1P5 on February 24th 2023. Valid for: 3 months.
This is the only time i.ibisbudget-chateaudun.vip was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Scam (Online)

Domain & IP information

IP Address AS Autonomous System
34 2606:4700:303... 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
1 103.224.212.220 133618 (TRELLIAN-...)
2 2606:50c0:800... 54113 (FASTLY)
1 199.232.196.124 54113 (FASTLY)
1 2607:f8b0:400... 15169 (GOOGLE)
5 2600:9000:251... 16509 (AMAZON-02)
48 8
34    2606:4700:3030::ac43:d680 (United States)

ASN13335 (CLOUDFLARENET, US)
i.ibisbudget-chateaudun.vip
2    2607:f8b0:4006:822::2003 (Nutley, United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    103.224.212.220 (Australia)

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: lb-212-220.above.com
pinnocent.net
2    2606:50c0:8000::154 (United States)

ASN54113 (FASTLY, US)
user-images.githubusercontent.com
1    199.232.196.124 (United States)

ASN54113 (FASTLY, US)
assets.sbnation.com
1    2607:f8b0:4006:81d::200a (Nutley, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    2600:9000:2512:c400:1b:9327:5500:21 (United States)

ASN16509 (AMAZON-02, US)
dwmsurhf1svv8.cloudfront.net
Apex Domain
Subdomains		 Transfer
34 ibisbudget-chateaudun.vip
i.ibisbudget-chateaudun.vip
547 KB
5 cloudfront.net
dwmsurhf1svv8.cloudfront.net
18 KB
2 githubusercontent.com
user-images.githubusercontent.com — Cisco Umbrella Rank: 11479
82 KB
2 gstatic.com
www.gstatic.com
17 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 34
837 B
1 sbnation.com
assets.sbnation.com — Cisco Umbrella Rank: 417205
33 KB
1 pinnocent.net
pinnocent.net
0 gosipmeme.com Failed
gosipmeme.com Failed
48 8
Domain Requested by
34 i.ibisbudget-chateaudun.vip i.ibisbudget-chateaudun.vip
5 dwmsurhf1svv8.cloudfront.net i.ibisbudget-chateaudun.vip
2 user-images.githubusercontent.com i.ibisbudget-chateaudun.vip
2 www.gstatic.com i.ibisbudget-chateaudun.vip
1 fonts.googleapis.com i.ibisbudget-chateaudun.vip
1 assets.sbnation.com i.ibisbudget-chateaudun.vip
1 pinnocent.net i.ibisbudget-chateaudun.vip
0 gosipmeme.com Failed i.ibisbudget-chateaudun.vip
48 8

This site contains links to these domains. Also see Links.

Domain
pickedlawhandshake.com
Subject Issuer Validity Valid
*.ibisbudget-chateaudun.vip
GTS CA 1P5		 2023-02-24 -
2023-05-25		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-02-20 -
2023-05-15		 3 months crt.sh
worldinfo.info
R3		 2023-02-20 -
2023-05-21		 3 months crt.sh
*.github.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-07 -
2023-04-07		 a year crt.sh
*.americanninjawarriornation.com
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-11-18 -
2023-12-20		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-02-20 -
2023-05-15		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh

This page contains 1 frames:

Primary Page: https://i.ibisbudget-chateaudun.vip/t/g.php?ref=3D%3D
Frame ID: EFF408EB5B57CE4215177AD5743F56D3
Requests: 48 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

send a messageInstagram Followers Generator Instagram Followers GeneratorIgmessage

Detected technologies

Overall confidence: 100%
Detected patterns
  • <script[^>]*src="[^"]*browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js
  • browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • /firebasejs/([\d.]+)/firebase
Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

48
Requests

96 %
HTTPS

71 %
IPv6

8
Domains

8
Subdomains

8
IPs

2
Countries

698 kB
Transfer

1191 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

48 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request g.php
i.ibisbudget-chateaudun.vip/t/ 		69 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://i.ibisbudget-chateaudun.vip/t/g.php?ref=3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:d680 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70147f9f8344e07b4a1658cf5e64e8065d941a2824963419d2c849b5ec7f55aa

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7a5f87cf6bb8429e-EWR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 11 Mar 2023 00:02:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ve%2B3g7DLvRunfJvdSmIJocgN3voSMBi7KmSsOmb487aGCvgM5naAoYTMGc44cOsyEFZUTpb0uB9Rns1O4sKJRj%2BS%2F9a5givrmPKc9WoVfi2vU6ILSyCCWVoqkv6Aa%2F4CUutu%2B1SltUH%2FlzyX4CE30dwr2u2hSCbGVIc%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
firebase-app.js
www.gstatic.com/firebasejs/7.14.6/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/7.14.6/firebase-app.js
Requested by
Host: i.ibisbudget-chateaudun.vip
URL: https://i.ibisbudget-chateaudun.vip/t/g.php?ref=3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b369e8dadd0a497d68ed1561188bdd41e0afb763fde97a5f6d4cc408a2a5c7a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://i.ibisbudget-chateaudun.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 00:14:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
344925
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6581
x-xss-protection
0
last-modified
Fri, 29 May 2020 17:38:37 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 06 Mar 2024 00:14:01 GMT
firebase-messaging.js
www.gstatic.com/firebasejs/7.14.6/ 		38 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/7.14.6/firebase-messaging.js
Requested by
Host: i.ibisbudget-chateaudun.vip
URL: https://i.ibisbudget-chateaudun.vip/t/g.php?ref=3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a0eaafdad2b5601750152ec4733e7fa3129723d599bbf2319395ae5026d5da21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://i.ibisbudget-chateaudun.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 00:14:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
344925
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10594
x-xss-protection
0
last-modified
Fri, 29 May 2020 17:38:39 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 06 Mar 2024 00:14:01 GMT
style.css
i.ibisbudget-chateaudun.vip/t/css/ 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://i.ibisbudget-chateaudun.vip/t/css/style.css
Requested by
Host: i.ibisbudget-chateaudun.vip
URL: https://i.ibisbudget-chateaudun.vip/t/g.php?ref=3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:d680 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a60ba52011583b63c125b5a6b4d275aa379a280191bebbe2e7e3e66344aa7260

Request headers

accept-language
en-US,en;q=0.9
Referer
https://i.ibisbudget-chateaudun.vip/t/g.php?ref=3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 00:02:46 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 14 May 2022 11:52:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3683
etag
W/"3ce3-5def76ea2ba80-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kjmwxQR1Qc%2FJXsoiotTV82FYnfjaCfoBXcjr7pbFeF3sxbBuliojxaJuuVNeLqDrn6ACNuuB3z4rD%2FtqtTlq3mnJWs9B7%2FcXnWv6W%2BA5ShudeQ774iLY5HjEIsN7R6iTqI%2FlcLB3a3ofIJHyd4rnuRGYTfqjvRmMsvw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7a5f87d0dd5d429e-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
facebook.css
i.ibisbudget-chateaudun.vip/t/css/login/ 		3 KB
977 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://i.ibisbudget-chateaudun.vip/t/css/login/facebook.css
Requested by
Host: i.ibisbudget-chateaudun.vip
URL: https://i.ibisbudget-chateaudun.vip/t/g.php?ref=3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:d680 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e99b2c15dfbe48d437a2c7c3fde1b57e1b0e6bbaafc377dfb2ce2cdb7ecd38f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://i.ibisbudget-chateaudun.vip/t/g.php?ref=3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 00:02:46 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 26 Jan 2022 00:20:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3683
etag
W/"c4d-5d67129a6d080-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QL78hk1Di1dcJfleNyWUGz%2B0Q9I%2F2vcN%2F5k%2Bo3d2pXjjHwDdEwxi%2FNjTYg9YxuWJALionHvsbsUZyww9lTb2omV8OdbXuQtBbyGnGojSOzY%2BlOAwj4hHvObDIxds4d9d%2FkcflMpKLOcLY5%2FrjOGvbtTlCkRjYqlNVio%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7a5f87d0dd5e429e-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
twitter.css
i.ibisbudget-chateaudun.vip/t/css/login/ 		2 KB
899 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://i.ibisbudget-chateaudun.vip/t/css/login/twitter.css
Requested by
Host: i.ibisbudget-chateaudun.vip
URL: https://i.ibisbudget-chateaudun.vip/t/g.php?ref=3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:d680 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
096419a5c82a883441ece55e606bf1f9c4c8c7d8679549d70610a46691cd1cb9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://i.ibisbudget-chateaudun.vip/t/g.php?ref=3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 00:02:46 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 26 Jan 2022 00:20:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3682
etag
W/"72b-5d67129a6d080-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LUh8IiRa4ymEuUaTtKPalv49ZOc1Wh0uJq%2BHxhu9kRV6GQA5tH0mNGhZ3YSu7ehQY4KONUC2aUa9C9Ixh0CrKMsVJcSmewZhlrt8utbtKi78gF%2Fy2k4%2FygLldz%2BGLKxgYzxb8IXgKEnF9xBXp5kTpIWsDW645ZE6Ccg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7a5f87d0ed5f429e-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
google.css
i.ibisbudget-chateaudun.vip/t/css/login/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://i.ibisbudget-chateaudun.vip/t/css/login/google.css
Requested by
Host: i.ibisbudget-chateaudun.vip
URL: https://i.ibisbudget-chateaudun.vip/t/g.php?ref=3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:d680 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e72966ab7fde173c7cd05512c9fd63517cf99be1f548520d7e5334fc0630c8a8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://i.ibisbudget-chateaudun.vip/t/g.php?ref=3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 00:02:46 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 26 Jan 2022 00:20:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3683
etag
W/"110f-5d67129a6d080-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xtnzDseVgB4cxK8Et6w8GG7ml6U2gwB1Nu3tLQ7w9NWYu%2BPA9Pss%2BlBXWvQFkMxWnDUB8zSmLfdVhpjtufZNaBI3a9orFIZMSKMi7643ZWQ3riR3F0qwxP0Lnag%2FAFMeMzW8QA15V12ujVMf9bCjxXO7Dg3XdM7CxIQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7a5f87d0ed60429e-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
animate.css
i.ibisbudget-chateaudun.vip/t/css/ 		76 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://i.ibisbudget-chateaudun.vip/t/css/animate.css
Requested by
Host: i.ibisbudget-chateaudun.vip
URL: https://i.ibisbudget-chateaudun.vip/t/g.php?ref=3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:d680 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b6b686ecaa56e02ec5aced95541a03f922f599b31f1b4cd429ceca824a6e669

Request headers

accept-language
en-US,en;q=0.9
Referer
https://i.ibisbudget-chateaudun.vip/t/g.php?ref=3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 00:02:46 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 26 Jan 2022 00:20:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5911
etag
W/"13053-5d67129a6d080-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1RKJCJjCIGSlc3pjyY3pfcStA9L6pAoWG4%2BO1DemRswuD2Odmj9rVqbsjvByt8ioBUyzyqQuBj2JnMJnZ5DYr6rpkxh8AIGkqh2XwiKJlnQOhf0ZDD3rLzKysHGjONJa4RfHyXVkmVpD%2FVsw4AxTh7YsAkm91xSlAQk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7a5f87d0ed61429e-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
material-design-iconic-font.css
i.ibisbudget-chateaudun.vip/t/ajax/libs/material-design-iconic-font/2-2-0/css/ 		83 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://i.ibisbudget-chateaudun.vip/t/ajax/libs/material-design-iconic-font/2-2-0/css/material-design-iconic-font.css
Requested by
Host: i.ibisbudget-chateaudun.vip
URL: https://i.ibisbudget-chateaudun.vip/t/g.php?ref=3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:d680 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
400e3b7d16ea344a35ff2f0d0fd489643e9fe1260995265c17ca5f49186bde9f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://i.ibisbudget-chateaudun.vip/t/g.php?ref=3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 00:02:46 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 26 Jan 2022 00:20:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5911
etag
W/"14d1f-5d67129a6d080-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mztsu4SPm5ZRqDKAfZRdEo5oVvjGCqnXfZUojzlpWfMn5P8nDSG4j599Slt%2FmOGQ451vvJLZpZP0TOXTGIUsT07sPd1C6VQL95Jbrld0yhy2PD4W%2Fm680IpYoyyp3%2F9HTbQKPkyx5Imb9D2s%2FpGktPnBGzqBJbzC8dM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7a5f87d0ed62429e-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
font-awesome.min.css
i.ibisbudget-chateaudun.vip/t/font-awesome/4-7-0/css/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://i.ibisbudget-chateaudun.vip/t/font-awesome/4-7-0/css/font-awesome.min.css
Requested by
Host: i.ibisbudget-chateaudun.vip
URL: https://i.ibisbudget-chateaudun.vip/t/g.php?ref=3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:d680 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://i.ibisbudget-chateaudun.vip/t/g.php?ref=3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 00:02:46 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CFBD8s25X1%2Bg%2BJBQo8LrqId3B8eBnOvJT1RualGBu280K8Ux%2FoPGTWmT326MA2Kh0D8tS5DKU6rCk%2FM%2FZ39IZqpo4oTTVQMSdbZ7zs8%2Fr101hheKEwyztXgbROVIEMfbwDQ8oOLusJX1RnGiYKEfkGYcAbrkoy1ivPY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
7a5f87d0ed65429e-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
bundle.min.js
i.ibisbudget-chateaudun.vip/t/browser.sentry-cdn.com/6.4.1/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://i.ibisbudget-chateaudun.vip/t/browser.sentry-cdn.com/6.4.1/bundle.min.js
Requested by
Host: i.ibisbudget-chateaudun.vip
URL: https://i.ibisbudget-chateaudun.vip/t/g.php?ref=3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:d680 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
Origin
https://i.ibisbudget-chateaudun.vip
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 00:02:46 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QecY9cuqU3%2FxmkKPAHlXmSZGtXphqs1Xhd4a7FY6BuPkaojA8vI2RQDZzO5kvgcY7IqtZGbsKfu3yMAAgUVg55cMt%2BY1o%2BKzRSUw43zmoPnKuxzqUT39FYLM0%2BBPvaPjV5ZePFXqx2iMe6G9ocAgML8CpNAdMnBHA%2Bw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
7a5f87d0ed66429e-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
1610818123b298bd56d5920c580e4b88eacbdd5b2e.png
i.ibisbudget-chateaudun.vip/t/d13pxqgp3ixdbh.cloudfront.net/uploads/ 		121 KB
122 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ibisbudget-chateaudun.vip/t/d13pxqgp3ixdbh.cloudfront.net/uploads/1610818123b298bd56d5920c580e4b88eacbdd5b2e.png
Requested by
Host: i.ibisbudget-chateaudun.vip
URL: https://i.ibisbudget-chateaudun.vip/t/g.php?ref=3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:d680 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91a0779884a0a780c70351f5568e7f29c3fe70eff1264708c9a82c864c26dbde

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 00:02:46 GMT
cf-cache-status
HIT
last-modified
Sat, 19 Nov 2022 13:12:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3682
etag
"1e4c0-5edd293e92b00"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mqLEZm0%2BTn7BhXBA%2FRp6O%2BDYeXhKegALSMReCHpABW8AEBzfXMuhDGq%2BjnSrEZfjWBWTOG6wDW1QDlqZbwkX3T7xM2hp6rkvHRvpLIE3Shiz7ajFZDhsvQHZ0bHhqEFNOxXJiIKzJOc3K7sGGl0JesYo9P8hWgzBVno%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7a5f87d10d98429e-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
124096
16361995774d2af7290e6da427a774dffad963eec0.png
i.ibisbudget-chateaudun.vip/t/d13pxqgp3ixdbh.cloudfront.net/uploads/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ibisbudget-chateaudun.vip/t/d13pxqgp3ixdbh.cloudfront.net/uploads/16361995774d2af7290e6da427a774dffad963eec0.png
Requested by
Host: i.ibisbudget-chateaudun.vip
URL: https://i.ibisbudget-chateaudun.vip/t/g.php?ref=3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:d680 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38ad0eff2bf480bfe14b99303a49244602cc007afa86bdd5f0a75bb6157f48da

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 00:02:46 GMT
cf-cache-status
HIT
last-modified
Fri, 18 Nov 2022 23:53:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3683
etag
"23b1-5edc76a955680"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eNEAuox%2FTkOxnCYMWorwuG8U9Cd5waGOEdZMvgij58U%2FM09FRAjupU1n1biazcKYwPvkuGcjAjD4rmbP04XfEgOOablwNlHdak%2F1uBeTw%2FhG%2BLj%2Fb%2F%2FZbZ3PKKi3JUzkLIkrTHi2r1Hp4g%2BTw8ioIfYJZN1p2KRFw0k%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7a5f87d10d99429e-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9137
1636471537cc9c306f7c389c185189bf3daf7260c1.png
i.ibisbudget-chateaudun.vip/t/d13pxqgp3ixdbh.cloudfront.net/uploads/ 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ibisbudget-chateaudun.vip/t/d13pxqgp3ixdbh.cloudfront.net/uploads/1636471537cc9c306f7c389c185189bf3daf7260c1.png
Requested by
Host: i.ibisbudget-chateaudun.vip
URL: https://i.ibisbudget-chateaudun.vip/t/g.php?ref=3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:d680 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e59b05fd8cb982e4eb8b2b6b633dab1c55780ee4767e2f32f7bf0f694e1e8db3

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 00:02:46 GMT
cf-cache-status
HIT
last-modified
Fri, 18 Nov 2022 23:53:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5924
etag
"11247-5edc76a955680"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sAOEZchCjD5%2FMDS02I0Laq6iFGnLbn0Pz%2FESNxVo7ejKVCFTVa81kVva0yv9E90lmzyzr0HWv6zSfAVSXs94wuzhl0EE2lgHUwHTi%2FpqKkBm6ik94KKmVrMZbO61nnQeuAaB003o9TK5dflWUJ7MGCJneffQGKgDvf8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7a5f87d10d9a429e-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
70215
1636472786ee1905a53e0b903bb72600a288d20d03.png
i.ibisbudget-chateaudun.vip/t/d13pxqgp3ixdbh.cloudfront.net/uploads/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ibisbudget-chateaudun.vip/t/d13pxqgp3ixdbh.cloudfront.net/uploads/1636472786ee1905a53e0b903bb72600a288d20d03.png
Requested by
Host: i.ibisbudget-chateaudun.vip
URL: https://i.ibisbudget-chateaudun.vip/t/g.php?ref=3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:d680 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17c75e2e71a9b6ca2bd024f7cb0d5c13ebb53f1a1c319d3fdbbfaf79ab24c1a3

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 00:02:46 GMT
cf-cache-status
HIT
last-modified
Fri, 18 Nov 2022 23:53:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3682
etag
"bfeb-5edc76a955680"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wx%2FMv4zevXN2Nxvwa4bbTUsKFwBAPaekc6kktLQDIK8PL%2FKtGn4%2B79Igs4IVVmzCFR64UI1ax944P%2FXECFdpF5BNXEwuZ%2FAHnyRBemQNWlJtNTbdD7vpVRqEyDrdCCHVZzJfRc4xR6uJijSQ3wW%2FiCea%2FRAMv%2BWeRdw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7a5f87d10d9c429e-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
49131
1635653021ac61a7aa31f58b94c30339f142fa4242.png
i.ibisbudget-chateaudun.vip/t/d13pxqgp3ixdbh.cloudfront.net/uploads/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ibisbudget-chateaudun.vip/t/d13pxqgp3ixdbh.cloudfront.net/uploads/1635653021ac61a7aa31f58b94c30339f142fa4242.png
Requested by
Host: i.ibisbudget-chateaudun.vip
URL: https://i.ibisbudget-chateaudun.vip/t/g.php?ref=3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:d680 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33339f3bc6836ed71dfd3e10d149b673d1f3fdc4f8bbc46226e04d43b4702ee7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 00:02:46 GMT
cf-cache-status
HIT
last-modified
Fri, 18 Nov 2022 23:53:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3682
etag
"3fcf-5edc76a955680"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sZ8yshcfV8yqFdhJjQS0BB2pKX4Noab0jIgw347YN2920WtjCH66Vrt%2BF5h59hvLiEUS7uBltWaGgDTLIpS%2BcCVLlcRwryWWVNUhCXw6IqxXI6p5InM1DU0%2Bu4HtmuSUiic%2Bo0dJ3iBLmsE40vyta2Js%2B3LikyqaEzY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7a5f87d10d9d429e-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16335
163542468278c021e06cc778d4aef36f80e47413a2.gif
i.ibisbudget-chateaudun.vip/t/d13pxqgp3ixdbh.cloudfront.net/uploads/ 		49 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ibisbudget-chateaudun.vip/t/d13pxqgp3ixdbh.cloudfront.net/uploads/163542468278c021e06cc778d4aef36f80e47413a2.gif
Requested by
Host: i.ibisbudget-chateaudun.vip
URL: https://i.ibisbudget-chateaudun.vip/t/g.php?ref=3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:d680 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c932bbb1439415184a6a2fa36b2a251d4eecaee2eef0bf954f78fe4e5f768780

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 00:02:46 GMT
cf-cache-status
HIT
last-modified
Fri, 18 Nov 2022 23:53:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3683
etag
"c59b-5edc76a955680"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q9R60eicFx81WvraWMx%2B8sXnFxN3wEXdA63q748xjzMDtB%2BBdmz2KIEiFS2617Fl5Pzoc4nhvXR%2BCarYILIeulTqpInUwAb53v4%2Bc8JkPXONoaEmkfGGYSu6Ne3LbHMUAJ4EiPJSF%2F%2FH834RJmvsbuICyyq6Zt%2BC1kU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7a5f87d10d9e429e-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
50587
jquery.min.js
i.ibisbudget-chateaudun.vip/t/ajax.googleapis.com/ajax/libs/jquery/2.2.4/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://i.ibisbudget-chateaudun.vip/t/ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Requested by
Host: i.ibisbudget-chateaudun.vip
URL: https://i.ibisbudget-chateaudun.vip/t/g.php?ref=3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:d680 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 00:02:46 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8QO6DNhto2VikvbK8H5hB3BXrKRHqiyoqMV5F6y9g5uRQmzqaToFoDJgmUwDIqadqvXYCnnZJqrrpQWIuQLDhkIRqwSabrso%2FPCmskYVjB%2F5F3DcjkkLs9WGiV6k22UIeb5WxQnEX0lI1c4PfqvhQueNpSjDF%2F576Ss%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
7a5f87d0ed68429e-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
aa1cfab.js
i.ibisbudget-chateaudun.vip/t/d12u7tum9sda5e.cloudfront.net/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i.ibisbudget-chateaudun.vip/t/d12u7tum9sda5e.cloudfront.net/aa1cfab.js
Requested by
Host: i.ibisbudget-chateaudun.vip
URL: https://i.ibisbudget-chateaudun.vip/t/g.php?ref=3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:d680 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
988df212c000f1c5b3043b9813ed991815089f0dac63ad094351eb372166f9ff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 00:02:46 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 18 Nov 2022 23:53:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5922
etag
W/"5d85-5edc76a955680-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nRMmt0cvadziIWx68bwXDjhLFIvSoUzLb%2BMw6DiWNEdYSExfba9geyfy7XVlvbaQw1avAR7Eis6nW7O9uyhWUw55pNtRSGZSkOt85qLHiTg4pITIIpHc%2ByHfkxYjVIiLAdtstqdfZUn%2BV5gw4IvNlk4kTuLctCgtdOk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7a5f87d0ed69429e-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
popup.js
i.ibisbudget-chateaudun.vip/t/js/ 		787 B
703 B 		Script
General
Check archive.org
Download Go to
Full URL
https://i.ibisbudget-chateaudun.vip/t/js/popup.js
Requested by
Host: i.ibisbudget-chateaudun.vip
URL: https://i.ibisbudget-chateaudun.vip/t/g.php?ref=3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:d680 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3bcbf97b3d16dec394f828e9693103777d60d6953d3de048b49c8c6bbb38b72

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 00:02:46 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 26 Jan 2022 00:20:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3683
etag
W/"313-5d67129a6d080-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bgr41j04YLx5dWsVQooeLzfbY%2F7JyY0%2BsB3ron0wch54iwCVJAajinwKegcYm4nxEF3VWMYko2l7WADW3kvtpfpGKHZS1F1S30q5bxTKZhPDutCmeT5EitWweR5OchQffaTRpNuLburJjIa82UxAuzNBCmwv6h3hwEg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7a5f87d10d88429e-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
fblogo.png
pinnocent.net/image/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pinnocent.net/image/fblogo.png
Requested by
Host: i.ibisbudget-chateaudun.vip
URL: https://i.ibisbudget-chateaudun.vip/t/g.php?ref=3D%3D
Protocol
HTTP/1.0
Security
TLS 1.3, , AES_256_GCM
Server
103.224.212.220 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS
lb-212-220.above.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers
102179431-fa774a80-3e5b-11eb-9aa3-169f4b9a2f03.png
user-images.githubusercontent.com/49580304/ 		78 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user-images.githubusercontent.com/49580304/102179431-fa774a80-3e5b-11eb-9aa3-169f4b9a2f03.png
Requested by
Host: i.ibisbudget-chateaudun.vip
URL: https://i.ibisbudget-chateaudun.vip/t/g.php?ref=3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8000::154 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub Cloud /
Resource Hash
4c5e70219e34e87735a3b1b930dd0ae8e344bef36b1732780d8a2ac0571c0be7
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; sandbox;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-fastly-request-id
193647b1193b10a49df3a5e49f73f34f9313f69d
date
Sat, 11 Mar 2023 00:02:46 GMT
via
1.1 varnish
x-content-type-options
nosniff
content-security-policy
default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; sandbox;
strict-transport-security
max-age=31536000; includeSubDomains
age
912326
x-cache
HIT
content-length
79439
x-served-by
cache-ewr18133-EWR
last-modified
Tue, 15 Dec 2020 06:30:35 GMT
server
GitHub Cloud
x-timer
S1678492967.607850,VS0,VE1
etag
"84669eb4301059aa602096c83a13e15f"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
https://github.com
x-cache-hits
1
styles.css
i.ibisbudget-chateaudun.vip/t/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://i.ibisbudget-chateaudun.vip/t/styles.css
Requested by
Host: i.ibisbudget-chateaudun.vip
URL: https://i.ibisbudget-chateaudun.vip/t/g.php?ref=3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:d680 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 00:02:46 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Alx%2FTnVWVjzPRf22%2FANe3vGojEaTbt2RrkbSBIUY3krGgZUGnPG74K5e0uE6gXi%2BbuLxXVYmGcj7YOQAcK1%2Fh5Ffm5YU0PgKlOy%2Bjr8vwpPqHNg2GI%2BzkREtz8AEWuO8JBUk%2BnJj3XapRgqC9c3EtXEC%2BYwHAIiwqqw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
7a5f87d10d8a429e-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
normalize.css
i.ibisbudget-chateaudun.vip/shared/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://i.ibisbudget-chateaudun.vip/shared/normalize.css
Requested by
Host: i.ibisbudget-chateaudun.vip
URL: https://i.ibisbudget-chateaudun.vip/t/g.php?ref=3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:d680 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 00:02:46 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DW133VGj3UlC6gvBpUAsOO2%2F36zaJqNGN6uSZ6QPvuea1XkGXJoMlw0C%2BMQkwFmBj66Wbhokj8N6Y6hoxLwfd34i0n4HzbTJkeA4kS89kMDvrjEvjDNOSVP5aP9hTufE%2FBpRugaWbJ0NtyZnvhUENT3GGQT9I3lZGlY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
7a5f87d10d8b429e-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
additional.css
i.ibisbudget-chateaudun.vip/shared/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://i.ibisbudget-chateaudun.vip/shared/additional.css
Requested by
Host: i.ibisbudget-chateaudun.vip
URL: https://i.ibisbudget-chateaudun.vip/t/g.php?ref=3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:d680 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 00:02:46 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4aRUjHms0dZEbU2mf5DVHrEmUDbmejW4M2SdvqgS9F809EYejoEPF59oMDw0gUqCeYCZRVr18gDYhHgAdXGPnTjb%2FOK26i02eGqEQ43UULgUve1bI35rEWrk3d3nAQA0WXbJppUGcq%2BOhTGhtPW%2BJ%2B7j%2BRxOHdlXtMI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
7a5f87d10d8c429e-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ku-xlarge.gif
assets.sbnation.com/assets/2584787/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.sbnation.com/assets/2584787/ku-xlarge.gif
Requested by
Host: i.ibisbudget-chateaudun.vip
URL: https://i.ibisbudget-chateaudun.vip/t/g.php?ref=3D%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
199.232.196.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ce8ec166c053a082ef6805bea17fd0ff096fac0b2ade44e77931d87c252a767b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 00:02:46 GMT
via
1.1 varnish
strict-transport-security
max-age=31536000
x-amz-request-id
FX5JGDSPXMMHN005
age
3079
x-cache
HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
32937
x-amz-id-2
a3xCs8rhlINunGzEr3+TL4p1Dm1YEEs0v8w5DBY9rNJTAoyi1I3NEv3wrKls5zZsO5VPH9dbS8w=
x-served-by
cache-yyz4531-YYZ
last-modified
Mon, 06 May 2013 08:27:02 GMT
server
AmazonS3
x-timer
S1678492967.584675,VS0,VE1
etag
"c3c8e31e80e3fa686d5ecad7b51478db"
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
x-cache-hits
1
102179592-44f8c700-3e5c-11eb-9756-e98e6f4c582c.png
user-images.githubusercontent.com/49580304/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user-images.githubusercontent.com/49580304/102179592-44f8c700-3e5c-11eb-9756-e98e6f4c582c.png
Requested by
Host: i.ibisbudget-chateaudun.vip
URL: https://i.ibisbudget-chateaudun.vip/t/g.php?ref=3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8000::154 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub Cloud /
Resource Hash
1be5d05ce6faad469f7f9c5a5879f2d9f8d267b60eb394e92c19217268bcea8f
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; sandbox;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-fastly-request-id
6543e59693a9647e8b8f1d37a09a174ff07b6e33
date
Sat, 11 Mar 2023 00:02:46 GMT
via
1.1 varnish
x-content-type-options
nosniff
content-security-policy
default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; sandbox;
strict-transport-security
max-age=31536000; includeSubDomains
age
223700
x-cache
HIT
content-length
4298
x-served-by
cache-ewr18133-EWR
last-modified
Tue, 15 Dec 2020 06:32:40 GMT
server
GitHub Cloud
x-timer
S1678492967.608932,VS0,VE1
etag
"fef946b8bba756359e2a1e87ccd915ea"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
https://github.com
x-cache-hits
1
jquery-1.10.2.min.js
i.ibisbudget-chateaudun.vip/t/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://i.ibisbudget-chateaudun.vip/t/jquery-1.10.2.min.js
Requested by
Host: i.ibisbudget-chateaudun.vip
URL: https://i.ibisbudget-chateaudun.vip/t/g.php?ref=3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:d680 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 00:02:46 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RCooxPr2jTVehhrb9VmgP2IZr%2BSoOqyOQtRrc8dxrp3BYLqK9oa9Z9xl8os6vhtiHPr%2FTBg084%2B1YU66xBYCQvO4zqOiRTU4Vq8oN1P7NX9MwzTAfBHRXZ2Me6xDdXfAe%2FtYcKR1g0cEijWMACQmuUYwhHJ%2B4D8xZ40%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
7a5f87d10d8d429e-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery.min.js
i.ibisbudget-chateaudun.vip/t/ajax/libs/jquery/2-1-1/ 		82 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i.ibisbudget-chateaudun.vip/t/ajax/libs/jquery/2-1-1/jquery.min.js
Requested by
Host: i.ibisbudget-chateaudun.vip
URL: https://i.ibisbudget-chateaudun.vip/t/g.php?ref=3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:d680 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 00:02:46 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 26 Jan 2022 00:20:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3682
etag
W/"14915-5d67129a6d080-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o0fpI0o2CwevHoz07L24Y7ktMuvCr%2Byvt7SmIey2wCLTVFVTm2qBCuEDg%2BsDdkflIn0ztxhRKh2ST6a8KwscGO3sCiBPWgIDM6uSw86ivrNQ%2FDpn42ZBmfr1Q9xE621gccTtje9t26xR9nScC7XSnnmEV2QQXU1Pev0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7a5f87d10d8e429e-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery.min.js
i.ibisbudget-chateaudun.vip/t/ajax/libs/jquery/2-1-3/ 		82 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i.ibisbudget-chateaudun.vip/t/ajax/libs/jquery/2-1-3/jquery.min.js
Requested by
Host: i.ibisbudget-chateaudun.vip
URL: https://i.ibisbudget-chateaudun.vip/t/g.php?ref=3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:d680 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 00:02:46 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 26 Jan 2022 00:20:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3682
etag
W/"14960-5d67129a6d080-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z2RVqtQwHONMhWAZ6VqUBc%2Fyy4PlOOUfuw891%2BDDk9w1AZ0xNM1O%2FVZEuQys41nMnAgth7oNc3iMHGu3rMniA2U%2BF%2FxeOoZ%2B6ZLObyMx3XFRPJl5sKgw9V6eFUY4yMSU3RWRTu8eLpATBxZ8rAlTkkzCkgLwBoGXSOA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7a5f87d10d90429e-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
tab.js
i.ibisbudget-chateaudun.vip/t/js/ 		651 B
618 B 		Script
General
Check archive.org
Download Go to
Full URL
https://i.ibisbudget-chateaudun.vip/t/js/tab.js
Requested by
Host: i.ibisbudget-chateaudun.vip
URL: https://i.ibisbudget-chateaudun.vip/t/g.php?ref=3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:d680 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
540026665ffdea5632b232fa0186d4af1c02c0efa9ccff9cde261e1f5c390a65

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 00:02:46 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 26 Jan 2022 00:20:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5919
etag
W/"28b-5d67129a6d080-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a%2F1eKhIFULRDdw0OD5L39LI0GZhlX0s7r61lKTBPUvYaASiNnd%2BxewBKmHqEsHHA89UFTIp73fZhpDLlP2yizdxfdAS3CajA0y87LSwdh7NtNDP7WgBSc39IEMkPE5ZOpPtqB%2F6AJbTzQJMd7L5fSIIe1GPWDHf%2BZWc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7a5f87d10d91429e-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery.min.js
i.ibisbudget-chateaudun.vip/t/assets/js/core/ 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i.ibisbudget-chateaudun.vip/t/assets/js/core/jquery.min.js
Requested by
Host: i.ibisbudget-chateaudun.vip
URL: https://i.ibisbudget-chateaudun.vip/t/g.php?ref=3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:d680 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 00:02:46 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 21 Jan 2022 14:03:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5917
etag
W/"1538f-5d618170f6f80-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MBsRJbj7hRIvwCR%2F1dya6yYbd%2BsRYCd2g589FTdoJhhAMhaeoyl1rs7j9Td03y%2FP40wB%2BElerd3ZxZrrkuqKx6TqaUcDos9t8iBor0j%2BVGWzm67evNCnPyQTh6Ao2tuPpBnAM8MMeBtp%2BIMnjF70MjmQBGiqpuEluOc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7a5f87d10d92429e-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
bootstrap.min.js
i.ibisbudget-chateaudun.vip/t/assets/js/core/ 		57 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i.ibisbudget-chateaudun.vip/t/assets/js/core/bootstrap.min.js
Requested by
Host: i.ibisbudget-chateaudun.vip
URL: https://i.ibisbudget-chateaudun.vip/t/g.php?ref=3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:d680 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e184f406380108ed797bf9d0eebd49b314d360f89882aee36ae771924a412e7d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 00:02:46 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 21 Jan 2022 14:03:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3683
etag
W/"e2d9-5d618170f6f80-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5lfYpucBmyEYKqSOFvtPStkS2NLAN2jo3oaQxAvRa4dvVudtMX1Uw1dcEBixj4A4KVuHC3A785%2B4ssC9uD%2Bo55a%2B1W%2B6i5RYBOzy5%2BNcWrp3wv9y9DN%2FTOhdht7M00oYyDknA5AYHJPBcRzfCXdB5S9W56cX2S4R0iE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7a5f87d10d93429e-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
now-ui-kit.js
i.ibisbudget-chateaudun.vip/t/assets/js/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i.ibisbudget-chateaudun.vip/t/assets/js/now-ui-kit.js?v=1.3.0
Requested by
Host: i.ibisbudget-chateaudun.vip
URL: https://i.ibisbudget-chateaudun.vip/t/g.php?ref=3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:d680 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26a9ae6160115944b0703e309a7360767e28cca0c16670ca7a2ff6e5c970149f

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 00:02:46 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 21 Jan 2022 14:03:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5915
etag
W/"1ea9-5d618170f6f80-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q9zDzcfX1vBCqObgSQGXKhqj2OEXxIE2Joc5gOtyQ%2FS2YwZ5CWu9ykAb8w3L8RzyP%2Bvvj5HZ3EAN30PuN%2BM3JrrwVqgrTI7z94qxRACmb833PArxYJbhmccdYH6X3e5GxdUOFDWyosrcJu46iL4LKNv2TOHJIgygQP0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7a5f87d10d94429e-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
back.js
i.ibisbudget-chateaudun.vip/t/ 		289 B
707 B 		Script
General
Check archive.org
Download Go to
Full URL
https://i.ibisbudget-chateaudun.vip/t/back.js?1663861262
Requested by
Host: i.ibisbudget-chateaudun.vip
URL: https://i.ibisbudget-chateaudun.vip/t/g.php?ref=3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:d680 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
019028a4bac0bba6b0f3a60a4ac2d28eeeb9c81fa29eb3bbaeadb1f423431510

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 00:02:46 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 22 Sep 2022 15:41:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3683
etag
W/"121-5e945e37a1f80-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zQyq9hxIpf2%2BoizCWrFwMH6v86Lr6F0c25KXm2Jjhl2FaNkmxTyg9IKgbW8Nn06%2ByKCrLwUgZocWbF46qAahhYgY9x35fk%2BKhjgOoOGGyKqghQ2yTbKKFiVvmnrFF83Is0VfkojRm2cTvbG84k47EsN93qO%2FK3LKqq4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7a5f87d10d95429e-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
now-ui-kit.js
i.ibisbudget-chateaudun.vip/t/assets/js/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i.ibisbudget-chateaudun.vip/t/assets/js/now-ui-kit.js
Requested by
Host: i.ibisbudget-chateaudun.vip
URL: https://i.ibisbudget-chateaudun.vip/t/g.php?ref=3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:d680 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26a9ae6160115944b0703e309a7360767e28cca0c16670ca7a2ff6e5c970149f

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 00:02:46 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 21 Jan 2022 14:03:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3682
etag
W/"1ea9-5d618170f6f80-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sj7O8vJgJnP0vme63b7oogc26T7b4q0dysuBzvfNdYrJG2f8glBxclXAPo6AqDUqbdFSWbnjPHAJjZD%2BWvRujWIgRso%2Fdmxyr4w0FqqUbWfe82Z4O8TX5%2BUxDm14v7bM8%2By600nOZ1mSo0pHXxyTp4EV6t6PLYZg6%2FM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7a5f87d10d96429e-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
anonymous.js
i.ibisbudget-chateaudun.vip/t/assets/js/ 		17 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i.ibisbudget-chateaudun.vip/t/assets/js/anonymous.js?1663872927
Requested by
Host: i.ibisbudget-chateaudun.vip
URL: https://i.ibisbudget-chateaudun.vip/t/g.php?ref=3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:d680 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34e553c511a76374a76f8c93efe74fb6093b58aabb2d0e0a8569963b076c915e

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 00:02:46 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 22 Sep 2022 18:55:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3683
etag
W/"45fb-5e9489ac3e5c0-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jZVSG%2B6YMbc2KIp40cxFJ%2FiZNO98oSXSEBrVZal%2FYmyzS5%2FnEZ4k1gHqyw6B8SzhCaAUCP4ob9eq%2B3TSVzwOjRcwLQaBR8dgcHQ3n0Sw8sso36apGLIi4uwaav%2Fx3Dm%2FkXBvw%2FpnUznq3viawI8SKEGXfQWkpfS2PTg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7a5f87d10d97429e-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
css2
fonts.googleapis.com/ 		1 KB
837 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Teko&display=swap
Requested by
Host: i.ibisbudget-chateaudun.vip
URL: https://i.ibisbudget-chateaudun.vip/t/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0350bdc3ce4d387d99d9c66c6aa8550ba6e62427584fa6fd2bdb74532daf77c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://i.ibisbudget-chateaudun.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 11 Mar 2023 00:02:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 11 Mar 2023 00:02:46 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 11 Mar 2023 00:02:46 GMT
analytics.js
i.ibisbudget-chateaudun.vip/t/www.google-analytics.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://i.ibisbudget-chateaudun.vip/t/www.google-analytics.com/analytics.js
Requested by
Host: i.ibisbudget-chateaudun.vip
URL: https://i.ibisbudget-chateaudun.vip/t/g.php?ref=3D%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:d680 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 00:02:46 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
20
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KfwuiXbS6wk%2BZFrdOFMoykYbHnnJ7KLncTiFpG%2B6L9OPNzFFYrQi6KjMgxIDj5S0v8h2BTcI8ubyrx30sSgVUhffVbkzZD5bGiBHVA7Sx1iIw52JBJCg9pXU7NIIYtCNcmQV%2Bk1BhUZW3%2BKzvAR41NrVfil6JIjWPgg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
7a5f87d23a3a4375-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
1638888285b91b6c227628b8cceac6f34770039923.jpg
i.ibisbudget-chateaudun.vip/t/d13pxqgp3ixdbh.cloudfront.net/uploads/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ibisbudget-chateaudun.vip/t/d13pxqgp3ixdbh.cloudfront.net/uploads/1638888285b91b6c227628b8cceac6f34770039923.jpg
Requested by
Host: i.ibisbudget-chateaudun.vip
URL: https://i.ibisbudget-chateaudun.vip/t/g.php?ref=3D%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:d680 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0210445f70ba59921e95ac78b70f3780d1dd74a956678e32c2213ef8d84b12c1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://i.ibisbudget-chateaudun.vip/t/g.php?ref=3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 00:02:46 GMT
cf-cache-status
HIT
last-modified
Sat, 19 Nov 2022 12:25:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
20
etag
"11ca-5edd1eb3acb80"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qc13YyaKYU0X0fjcq3%2FL1FwhkD0kn17LnyB9anRnB1t238Yb49Wvf2IpFH9tIGRJwTk3wnU41GCePhGZOfDtXBsUUyL%2BKJI35hB9n1jVOkU7YJfdaPVFyU5oTCbv85Zi3TpJZikONg4fSAcKwZ4AekwujB3%2BNAdGXq8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7a5f87d24a474375-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4554
g.php
i.ibisbudget-chateaudun.vip/t/ 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ibisbudget-chateaudun.vip/t/g.php?ref=3D%3D
Requested by
Host: i.ibisbudget-chateaudun.vip
URL: https://i.ibisbudget-chateaudun.vip/t/g.php?ref=3D%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:d680 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 00:02:46 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Fdl7jX94slUqLZcDEWMQk3WVrLNIkVQ5SDDjypiAr%2F6ej7t10T6WfFta4ur8Hu%2F1rSIa4bXK9P6OQ5VSJKziPQjmQ15lfvdK3nTsBMIVSvZqb%2F6bAUzVyoMwwBZnOMJ60%2BLCmzOUEqcKuGiH9STLdgVtNp%2BNrspiS0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
7a5f87d25a554375-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
html.2177214.1ede7.0.js
dwmsurhf1svv8.cloudfront.net/public/external/v2/ 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dwmsurhf1svv8.cloudfront.net/public/external/v2/html.2177214.1ede7.0.js
Requested by
Host: i.ibisbudget-chateaudun.vip
URL: https://i.ibisbudget-chateaudun.vip/t/d12u7tum9sda5e.cloudfront.net/aa1cfab.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2512:c400:1b:9327:5500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11
Resource Hash
2b1580e2181561ae7e255fa8a42e42dcdfcccc2e64634268e573b85204d5ddf2

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 00:02:47 GMT
via
1.1 e4139980c923137f619eb979df36e416.cloudfront.net (CloudFront)
server
Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-amz-cf-pop
JFK50-P7
x-powered-by
PHP/7.4.11
x-cache
Miss from cloudfront
content-type
application/javascript
x-amz-cf-id
kMo2OMxOsrZtKvnK0OBtHBZd_9flaEg1_t4xfpHLYJ7nIQUsWSGEmA==
css_front.css
dwmsurhf1svv8.cloudfront.net/public/external/ 		6 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dwmsurhf1svv8.cloudfront.net/public/external/css_front.css
Requested by
Host: i.ibisbudget-chateaudun.vip
URL: https://i.ibisbudget-chateaudun.vip/t/d12u7tum9sda5e.cloudfront.net/aa1cfab.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2512:c400:1b:9327:5500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 /
Resource Hash
a7bd79b6fba60944ee3a9c153108ff0819d2db57850116ac7065a86db08af4ec

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 00:02:47 GMT
via
1.1 e4139980c923137f619eb979df36e416.cloudfront.net (CloudFront)
last-modified
Tue, 23 Jun 2020 20:06:47 GMT
server
Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-amz-cf-pop
JFK50-P7
etag
"19c4-5a8c5e62e9d0a"
x-cache
Miss from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
6596
x-amz-cf-id
35ob8XElipe86qpkkvEANEnTiCNKN2TLZuc4ediQbHvHWirL96cO0A==
click.mp3
gosipmeme.com/sound/ 		0
0
connected.mp3
gosipmeme.com/sound/ 		0
0
css.css
dwmsurhf1svv8.cloudfront.net/public/clockers/CustomButton/ 		1010 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dwmsurhf1svv8.cloudfront.net/public/clockers/CustomButton/css.css
Requested by
Host: i.ibisbudget-chateaudun.vip
URL: https://i.ibisbudget-chateaudun.vip/t/d12u7tum9sda5e.cloudfront.net/aa1cfab.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2512:c400:1b:9327:5500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 /
Resource Hash
a7081a117335212b9e7f2e348f7369a64423d51db1666310b3451e7375f0b7de

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 00:02:47 GMT
via
1.1 e4139980c923137f619eb979df36e416.cloudfront.net (CloudFront)
last-modified
Fri, 10 Apr 2020 22:29:00 GMT
server
Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-amz-cf-pop
JFK50-P7
etag
"3f2-5a2f7428ae907"
x-cache
Miss from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
1010
x-amz-cf-id
4a4GC1yvIKyfzps1Vnq7NcScZS3bWqYNOvc-qFURqvIsS1MX6uogzQ==
guid
dwmsurhf1svv8.cloudfront.net/public/ 		0
278 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dwmsurhf1svv8.cloudfront.net/public/guid?cpguid=2msepaxxq&e=ll&t=1678492967765
Requested by
Host: i.ibisbudget-chateaudun.vip
URL: https://i.ibisbudget-chateaudun.vip/t/d12u7tum9sda5e.cloudfront.net/aa1cfab.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2512:c400:1b:9327:5500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 00:02:47 GMT
via
1.1 e4139980c923137f619eb979df36e416.cloudfront.net (CloudFront)
server
Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-amz-cf-pop
JFK50-P7
x-powered-by
PHP/7.4.11
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
content-length
0
x-amz-cf-id
pf5lG3aQUCfMCB1vnRD8zogfHRUrUvt9VKvULz4VFgPAFtCPqy7HEQ==
check.php
dwmsurhf1svv8.cloudfront.net/public/external/ 		78 B
371 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dwmsurhf1svv8.cloudfront.net/public/external/check.php?it=2177214&time=1678492969279
Requested by
Host: i.ibisbudget-chateaudun.vip
URL: https://i.ibisbudget-chateaudun.vip/t/d12u7tum9sda5e.cloudfront.net/aa1cfab.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2512:c400:1b:9327:5500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11
Resource Hash
9ef4a63fc5e0a14a7301d693d65d6acfc44cdf14853c4a20890198f2d5e52e3b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 00:02:49 GMT
via
1.1 e4139980c923137f619eb979df36e416.cloudfront.net (CloudFront)
server
Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-amz-cf-pop
JFK50-P7
x-powered-by
PHP/7.4.11
x-cache
Miss from cloudfront
content-type
application/javascript
content-length
78
x-amz-cf-id
xV2H0uKjnUmyVnXXoVCcYXkBAyI05ma4lJahgxM6DWoe6ssY_U2a3A==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
gosipmeme.com
URL
https://gosipmeme.com/sound/click.mp3
Domain
gosipmeme.com
URL
https://gosipmeme.com/sound/connected.mp3

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Scam (Online)

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| firebase object| firebaseConfig function| IntitalizeFireBaseMessaging object| video object| btn function| myFunction string| GoogleAnalyticsObject function| ga object| CPABUILDSETTINGS string| forward object| CPABUILDContentLocker number| __cfRLUnblockHandlers function| CPBContentLocker function| CPABuildLock function| CPABuildGetFeedURL function| CPABuildGetIframeURL function| CPABuildGetIframeHTML function| CPABuildUnlock function| CPABuildOfferComplete function| CPABuildOffersComplete function| CPABuildCheckForLead function| og_load function| CPABuildComplete function| call_locker object| audioclick object| audiolaststep object| audiopoinrunning object| audioselected object| audiosDiamondscess number| gemsvalue function| gemsAmountSelected function| proStep1 function| proStep2 function| myFunHideSearching function| myFunHideUserFound function| myFunNext function| buka function| open_reward_confirmation function| open_account_login function| open_facebook_login function| open_twitter_login function| close_reward_confirmation function| close_account_login function| close_facebook_login function| close_twitter_login function| $ function| jQuery function| openRewards object| bootstrap boolean| transparent object| big_image boolean| transparentDemo boolean| fixedTop undefined| navbar_initialized boolean| backgroundOrange boolean| toggle_initialized object| nowuiKit object| $navbar number| scroll_distance undefined| oVal function| debounce object| nowuiKitDemo function| anonymousURL function| fetchLoginDetails function| fetchData function| myCopy

1 Cookies

Domain/Path Name / Value
i.ibisbudget-chateaudun.vip/ Name: _cpguid
Value: 2msepaxxq

11 Console Messages

Source Level URL
Text
network error URL: https://i.ibisbudget-chateaudun.vip/t/font-awesome/4-7-0/css/font-awesome.min.css
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://i.ibisbudget-chateaudun.vip/t/browser.sentry-cdn.com/6.4.1/bundle.min.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://i.ibisbudget-chateaudun.vip/t/ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://i.ibisbudget-chateaudun.vip/shared/normalize.css
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://i.ibisbudget-chateaudun.vip/t/styles.css
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://i.ibisbudget-chateaudun.vip/shared/additional.css
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://i.ibisbudget-chateaudun.vip/t/jquery-1.10.2.min.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://i.ibisbudget-chateaudun.vip/t/www.google-analytics.com/analytics.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://gosipmeme.com/sound/click.mp3
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://gosipmeme.com/sound/connected.mp3
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://pinnocent.net/image/fblogo.png
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.sbnation.com
dwmsurhf1svv8.cloudfront.net
fonts.googleapis.com
gosipmeme.com
i.ibisbudget-chateaudun.vip
pinnocent.net
user-images.githubusercontent.com
www.gstatic.com
gosipmeme.com
103.224.212.220
199.232.196.124
2600:9000:2512:c400:1b:9327:5500:21
2606:4700:3030::ac43:d680
2606:50c0:8000::154
2607:f8b0:4006:81d::200a
2607:f8b0:4006:822::2003
019028a4bac0bba6b0f3a60a4ac2d28eeeb9c81fa29eb3bbaeadb1f423431510
0210445f70ba59921e95ac78b70f3780d1dd74a956678e32c2213ef8d84b12c1
0350bdc3ce4d387d99d9c66c6aa8550ba6e62427584fa6fd2bdb74532daf77c2
096419a5c82a883441ece55e606bf1f9c4c8c7d8679549d70610a46691cd1cb9
0e99b2c15dfbe48d437a2c7c3fde1b57e1b0e6bbaafc377dfb2ce2cdb7ecd38f
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
17c75e2e71a9b6ca2bd024f7cb0d5c13ebb53f1a1c319d3fdbbfaf79ab24c1a3
1be5d05ce6faad469f7f9c5a5879f2d9f8d267b60eb394e92c19217268bcea8f
26a9ae6160115944b0703e309a7360767e28cca0c16670ca7a2ff6e5c970149f
2b1580e2181561ae7e255fa8a42e42dcdfcccc2e64634268e573b85204d5ddf2
33339f3bc6836ed71dfd3e10d149b673d1f3fdc4f8bbc46226e04d43b4702ee7
34e553c511a76374a76f8c93efe74fb6093b58aabb2d0e0a8569963b076c915e
38ad0eff2bf480bfe14b99303a49244602cc007afa86bdd5f0a75bb6157f48da
400e3b7d16ea344a35ff2f0d0fd489643e9fe1260995265c17ca5f49186bde9f
4c5e70219e34e87735a3b1b930dd0ae8e344bef36b1732780d8a2ac0571c0be7
540026665ffdea5632b232fa0186d4af1c02c0efa9ccff9cde261e1f5c390a65
6b6b686ecaa56e02ec5aced95541a03f922f599b31f1b4cd429ceca824a6e669
70147f9f8344e07b4a1658cf5e64e8065d941a2824963419d2c849b5ec7f55aa
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
91a0779884a0a780c70351f5568e7f29c3fe70eff1264708c9a82c864c26dbde
988df212c000f1c5b3043b9813ed991815089f0dac63ad094351eb372166f9ff
9ef4a63fc5e0a14a7301d693d65d6acfc44cdf14853c4a20890198f2d5e52e3b
a0eaafdad2b5601750152ec4733e7fa3129723d599bbf2319395ae5026d5da21
a60ba52011583b63c125b5a6b4d275aa379a280191bebbe2e7e3e66344aa7260
a7081a117335212b9e7f2e348f7369a64423d51db1666310b3451e7375f0b7de
a7bd79b6fba60944ee3a9c153108ff0819d2db57850116ac7065a86db08af4ec
b369e8dadd0a497d68ed1561188bdd41e0afb763fde97a5f6d4cc408a2a5c7a3
c932bbb1439415184a6a2fa36b2a251d4eecaee2eef0bf954f78fe4e5f768780
ce8ec166c053a082ef6805bea17fd0ff096fac0b2ade44e77931d87c252a767b
e184f406380108ed797bf9d0eebd49b314d360f89882aee36ae771924a412e7d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e59b05fd8cb982e4eb8b2b6b633dab1c55780ee4767e2f32f7bf0f694e1e8db3
e72966ab7fde173c7cd05512c9fd63517cf99be1f548520d7e5334fc0630c8a8
f3bcbf97b3d16dec394f828e9693103777d60d6953d3de048b49c8c6bbb38b72