buka.site Open in urlscan Pro
2606:4700:3032::ac43:8247 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://buka.site/id/f-me?f=Linda
Submission: On October 27 via manual (October 27th 2020, 10:19:14 am UTC) from MY

Summary HTTP 54 Redirects Behaviour Indicators

Summary

This website contacted 11 IPs in 2 countries across 9 domains to perform 54 HTTP transactions. The main IP is 2606:4700:3032::ac43:8247, located in United States and belongs to CLOUDFLARENET, US. The main domain is buka.site.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 8th 2020. Valid for: a year.

This is the only time buka.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
24	2606:4700:303... 2606:4700:3032::ac43:8247	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:4001:819::2002	15169 (GOOGLE) (GOOGLE)
5	216.58.208.34 216.58.208.34	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:824::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:821::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:816::2001	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:819::2004	15169 (GOOGLE) (GOOGLE)
54	11

24 2606:4700:3032::ac43:8247 (United States)

ASN13335 (CLOUDFLARENET, US)

buka.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:819::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 216.58.208.34 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra15s12-in-f34.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

880db2af95de8315fdf180d951f4310f.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:816::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:819::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	buka.site buka.site	399 KB
11	googlesyndication.com pagead2.googlesyndication.com 880db2af95de8315fdf180d951f4310f.safeframe.googlesyndication.com tpc.googlesyndication.com	238 KB
7	doubleclick.net securepubads.g.doubleclick.net googleads.g.doubleclick.net	125 KB
5	ampproject.org cdn.ampproject.org	98 KB
3	google.com 1 redirects adservice.google.com www.google.com	946 B
2	google-analytics.com www.google-analytics.com	19 KB
1	googletagservices.com www.googletagservices.com	28 KB
1	google.de adservice.google.de	832 B
1	googleadservices.com partner.googleadservices.com	404 B
54	9

	Domain	Requested by
24	buka.site	buka.site
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com buka.site
5	pagead2.googlesyndication.com	buka.site pagead2.googlesyndication.com
4	securepubads.g.doubleclick.net	buka.site securepubads.g.doubleclick.net
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com buka.site
2	www.google.com	1 redirects buka.site
2	www.google-analytics.com	buka.site www.google-analytics.com
1	880db2af95de8315fdf180d951f4310f.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
54	13

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-08` - `2021-08-08`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
misc-sni.google.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://buka.site/id/f-me?f=Linda
Frame ID: 79AF1370732A49B66AC742FA23DDA0C0
Requests: 39 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201021/r20190131/zrt_lookup.html
Frame ID: CAB9A896ABAC553FB8F4A4DE4A5B3015
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7567244753653428&output=html&adk=1812271804&adf=3025194257&lmt=1603793936&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fbuka.site%2Fid%2Ff-me%3Ff%3DLinda%23&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1603793936512&bpp=14&bdt=171&idt=82&shv=r20201021&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7757813986688&frm=20&pv=2&ga_vid=614956013.1603793936&ga_sid=1603793937&ga_hid=295597459&ga_fc=0&iag=0&icsg=9349887&dssz=23&mdo=0&mso=0&u_tz=60&u_his=12&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44730557&oid=3&pvsid=895916767295435&pem=295&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=104
Frame ID: 1C9D1484BFE96A8FD22497B43F8F6742
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/218/runner.html
Frame ID: AB9C6CDE44035BF76A02336C5D20830A
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012010200130000/amp4ads-v0.mjs
Frame ID: 0B8607036B4E2CC602452CBF38165EEE
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

54
Requests

100 %
HTTPS

90 %
IPv6

9
Domains

13
Subdomains

11
IPs

2
Countries

908 kB
Transfer

1802 kB
Size

8
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

54 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request f-me Show response
buka.site/id/ 39 KB
7 KB 71ms
37ms Document
text/html 2606:4700:3032::ac43:8247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://buka.site/id/f-me?f=Linda
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a70140b2449f271b09b7ccaa696ae2778db3d79c35bc95cbfb35905cc648e4cc

Request headers

:method: GET
:authority: buka.site
:scheme: https
:path: /id/f-me?f=Linda
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Tue, 27 Oct 2020 10:18:56 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=df617dbf7fc72e7089f3964d13f4a36501603793936; expires=Thu, 26-Nov-20 10:18:56 GMT; path=/; domain=.buka.site; HttpOnly; SameSite=Lax; Secure XSRF-TOKEN=eyJpdiI6Ikd6WHJSd0ZTZmJNMk5MYUZtZ05JaXc9PSIsInZhbHVlIjoiRWRtWDQxQ251Y1IwMCtnNWJ1T0U2czljemxET0RoNlBNd0Q2TXNyN0x2MUc5Q1JSaGxYSmpPN05PMGxLS1FzXC8iLCJtYWMiOiI3ZWMzOWNhMGNlZjNmZDQyZTgzMWMzODhlOTBkYWMzODNlYmQ5NTMzMmNmOWU0M2I2ODA3OWQ5YWE3ZDE2ZTFmIn0%3D; expires=Tue, 27-Oct-2020 12:18:05 GMT; Max-Age=7200; path=/ laravel_session=eyJpdiI6Im90YUt3XC9veVJUUU92KzZlMFNZNDRBPT0iLCJ2YWx1ZSI6ImJIUFBSMnVZZVlGQVZQYUxQaUlaSk00cFhac2xFMFR1dHV5YjlTZUVYRHo1RXFoN3RNRnR3a3I0blRFSzhZYzIiLCJtYWMiOiJmZDI3YTg5MGU3ODNhNmNmMDRkM2IyNTM1Y2JiMWY1ZTE1ZDVjMjcxOTI0Y2I0MTc0MWYyZTNmMzZkMmRkYzk1In0%3D; expires=Tue, 27-Oct-2020 12:18:05 GMT; Max-Age=7200; path=/; httponly
cache-control: no-cache, private
x-cache-status: HIT
cf-cache-status: DYNAMIC
cf-request-id: 060b2a77ae00002c2e4fa3e000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vN8o1jIzIs6ijbjsv2sAB%2BV89X2Ei84vwCF4xm%2FS4kdJgDor%2ByL9pzNgFxWQIRyHuHDMY4BnWNL4AH8U3xGpXDbr8uJ5pBhh4zWFPO%2Fob91TfMGS%2Ffk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 5e8bad05edc02c2e-FRA
content-encoding: br

GET
H2 200 festival.css
buka.site/festival/css/ 22 KB
5 KB 19ms
18ms Stylesheet
text/css 2606:4700:3032::ac43:8247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://buka.site/festival/css/festival.css?f=36
Requested by: Host: buka.site
URL: https://buka.site/id/f-me?f=Linda
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e19dd92f690db05c0e9a1ee3d69eb35a0d34bcd159ccd1509259b4f7ce72649

Request headers

Referer: https://buka.site/id/f-me?f=Linda
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 27 Oct 2020 10:18:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2373356
status: 200
cf-request-id: 060b2a77da00002c2e538a5000000001
last-modified: Mon, 17 Aug 2020 18:06:10 GMT
server: cloudflare
etag: W/"5f3ac712-59b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=asI%2FqJvnKH7B6B2V7dMSnYACSg21O5e%2BxVLHQ6KZet5wyu%2FIIlKMOlV8FeZBNSr%2FPGR1XcyP0Q%2FhLktaTuQ0StsfxUHmGNW7JnLrPg00W7I2intTDZA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 5e8bad062e912c2e-FRA
expires: Wed, 29 Sep 2021 18:29:23 GMT

GET
H2 200 jquery.min.js Show response
buka.site/festival/js/ 84 KB
29 KB 18ms
17ms Script
application/javascript 2606:4700:3032::ac43:8247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://buka.site/festival/js/jquery.min.js
Requested by: Host: buka.site
URL: https://buka.site/id/f-me?f=Linda
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb

Request headers

Referer: https://buka.site/id/f-me?f=Linda
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 27 Oct 2020 10:18:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6719
status: 200
cf-request-id: 060b2a77db00002c2ebabf6000000001
last-modified: Mon, 15 Jun 2020 15:08:56 GMT
server: cloudflare
etag: W/"5ee78f08-1514f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dMdS6cJY9%2BWmydw6fcp%2B5kPgg2HDVSqL6AuIA%2Bg3cMEyEGF%2BNtdxF29jkSt3JOTW42CIPerWiO1KhziWpbNY1FkR6kKK88UM2yHVsSKOuohKiI%2F1z9Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 5e8bad062e952c2e-FRA

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 131 KB
46 KB 47ms
24ms Script
text/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: buka.site
URL: https://buka.site/id/f-me?f=Linda

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

353359acf186f7fffc2100f5827d87259ab502aa61fe1e83e46f9cbd77589568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://buka.site/id/f-me?f=Linda
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 27 Oct 2020 10:18:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 45811
x-xss-protection: 0
server: cafe
etag: 2677469815179299219
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 27 Oct 2020 10:18:56 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 51 KB
18 KB 117ms
62ms Script
text/javascript 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: buka.site
URL: https://buka.site/id/f-me?f=Linda

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f34.1e100.net

Software

sffe /

Resource Hash

c331a0b93871168da6f5bd522b0059c784a3b6bcba57c7717af05f4e7ec7b2a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://buka.site/id/f-me?f=Linda
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 27 Oct 2020 10:18:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "675 / 28 of 1000 / last-modified: 1603791942"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=10800
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17620
x-xss-protection: 0
expires: Tue, 27 Oct 2020 10:18:56 GMT

GET
H2 200 slide.js Show response
buka.site/festival/js/ 4 KB
1 KB 15ms
14ms Script
application/javascript 2606:4700:3032::ac43:8247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://buka.site/festival/js/slide.js
Requested by: Host: buka.site
URL: https://buka.site/id/f-me?f=Linda
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aea607f39789d4cc03dd33d5518a1e53d419c379c618b7a19d6e3a06f4f14d56

Request headers

Referer: https://buka.site/id/f-me?f=Linda
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 27 Oct 2020 10:18:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6719
status: 200
cf-request-id: 060b2a77db00002c2e9986b000000001
last-modified: Mon, 15 Jun 2020 15:08:56 GMT
server: cloudflare
etag: W/"5ee78f08-e11"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=IlFyzH57iiUdOIfa0XE0PdpGZ3Ceg%2BWFg%2B8T3xJT6r7MXtT2fXMXwOpzpqHIx5bMd7T5u3WsXG0JGwCuu8iYMJRP645GY5PBV11lB%2BJx1aIOuDJ1OMw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 5e8bad062e982c2e-FRA

GET
H2 200 zounds.min.js Show response
buka.site/festival/js/ 3 KB
1 KB 56ms
55ms Script
application/javascript 2606:4700:3032::ac43:8247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://buka.site/festival/js/zounds.min.js
Requested by: Host: buka.site
URL: https://buka.site/id/f-me?f=Linda
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 379b9aceeb0b782bb8b102097d44979277c8e89f99a2ba66ba4c2e50dc92c774

Request headers

Referer: https://buka.site/id/f-me?f=Linda
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 27 Oct 2020 10:18:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6719
status: 200
cf-request-id: 060b2a77dc00002c2e77bec000000001
last-modified: Mon, 15 Jun 2020 15:08:56 GMT
server: cloudflare
etag: W/"5ee78f08-c9d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CP26GubYCFc73BXEGz6BgI4g76Jfi12T%2FaE3AeN6YN6h06iIG5Gi5aW2YJtvglqe6ZTLqYTOFqDrQXyXfasv7q4ZRhVRaTU0GK9JUJiveohTGfLE5gM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 5e8bad062e992c2e-FRA

GET
H2 200 curtain_icon.png
buka.site/festival/images/festival/eid/ 2 KB
2 KB 30ms
28ms Image
image/png 2606:4700:3032::ac43:8247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buka.site/festival/images/festival/eid/curtain_icon.png
Requested by: Host: buka.site
URL: https://buka.site/id/f-me?f=Linda
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f552a6e67de3ae4db8131ad74b1d3cb9cb699da7a16afdada902a5cf7032a04

Request headers

Referer: https://buka.site/id/f-me?f=Linda
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 27 Oct 2020 10:18:56 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2043185
status: 200
content-length: 1996
cf-request-id: 060b2a77ff00002c2ead1bc000000001
last-modified: Fri, 14 Aug 2020 18:41:05 GMT
server: cloudflare
etag: "5f36dac1-7cc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=09VjRqY1wMD%2BZ%2BkdmPc%2FJWDeJmy9UpGPfHDNfRMPd%2BnYXnAcTAtNGO6OjJPMid4sed9Bq3gwHDe%2B7NPrK1iLwb8Yshhc6ez192%2B%2Far%2B67TTaIZKNUOg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 5e8bad066f482c2e-FRA
expires: Wed, 29 Sep 2021 18:31:09 GMT

GET
H2 200 curtain13.jpg
buka.site/festival/images/common/curtains/ 21 KB
21 KB 14ms
13ms Image
image/jpeg 2606:4700:3032::ac43:8247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buka.site/festival/images/common/curtains/curtain13.jpg
Requested by: Host: buka.site
URL: https://buka.site/id/f-me?f=Linda
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc440b30e9002c7c7e98f9a9a62289e2784c8eddcf1e15d06cd69e8f031d2193

Request headers

Referer: https://buka.site/id/f-me?f=Linda
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 27 Oct 2020 10:18:56 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 702897
status: 200
content-length: 21025
cf-request-id: 060b2a77ff00002c2ec6989000000001
last-modified: Fri, 21 Aug 2020 15:51:23 GMT
server: cloudflare
etag: "5f3fed7b-5221"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DnZcdh943lCbZ0cN8QZk%2BHzJlnjQsUz3RE%2BY54ZZB70x9OGM1qPF9tppe4bx5MiHz4s9TmDEwjHVgwZbX5Kxh0CvBmQPXNjzn4HjZZq%2Fp36BptfTpLw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 5e8bad066f4a2c2e-FRA
expires: Wed, 29 Sep 2021 18:29:23 GMT

GET
H2 200 whatsapp_icon.svg
buka.site/festival/images/common/ 2 KB
1 KB 13ms
12ms Image
image/svg+xml 2606:4700:3032::ac43:8247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buka.site/festival/images/common/whatsapp_icon.svg
Requested by: Host: buka.site
URL: https://buka.site/id/f-me?f=Linda
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a67447e6312a72ef219633eaa8f11ef4ffde0b9ad0eadb459fd1f85499d58b8

Request headers

Referer: https://buka.site/id/f-me?f=Linda
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 27 Oct 2020 10:18:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 58351
status: 200
cf-request-id: 060b2a77ff00002c2e9b2ab000000001
last-modified: Mon, 15 Jun 2020 15:08:55 GMT
server: cloudflare
etag: W/"5ee78f07-680"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CV20WqC9L9GD0cRmq2aqGn1GduqBBYkR3Dx8kj%2Fw54kxH5qYtvMTN8TNJbJ1%2FBj7l50EEHYnm%2FVr7QDBLB0RtdJeOh%2FkcIOU21AKXCTwuaW8WZxe63Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 5e8bad066f4c2c2e-FRA
expires: Wed, 29 Sep 2021 18:29:23 GMT

GET
H2 200 gaevent.js Show response
buka.site/festival/js/ 4 KB
2 KB 13ms
13ms Script
application/javascript 2606:4700:3032::ac43:8247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://buka.site/festival/js/gaevent.js?v=2
Requested by: Host: buka.site
URL: https://buka.site/id/f-me?f=Linda
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b69bd559ebe9b1c328060b5afe4b0b52dc79db45bb348368860f8f8bfb9befe7

Request headers

Referer: https://buka.site/id/f-me?f=Linda
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 27 Oct 2020 10:18:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6719
status: 200
cf-request-id: 060b2a77f300002c2e88aca000000001
last-modified: Mon, 15 Jun 2020 15:08:56 GMT
server: cloudflare
etag: W/"5ee78f08-e1e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5U3eDKQwkFBTHjk6CSQE8zG%2FtFdEYi5hyFW6J4xmMyO3Ek29qLAj00PaBsEez%2BG5x6bD1N0KgQbZJCmMp%2F%2BZts%2Ffbc8n%2BaacuAO5Ld4u4U0EUjgtfFs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 5e8bad065f0c2c2e-FRA

GET
H2 200 festival.js Show response
buka.site/festival/js/ 15 KB
4 KB 17ms
15ms Script
application/javascript 2606:4700:3032::ac43:8247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://buka.site/festival/js/festival.js?f=40
Requested by: Host: buka.site
URL: https://buka.site/id/f-me?f=Linda
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41fe40bff494be72a97843675420e560b91c3f97ee5f92387e937d9de20b102c

Request headers

Referer: https://buka.site/id/f-me?f=Linda
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 27 Oct 2020 10:18:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6719
status: 200
cf-request-id: 060b2a77ff00002c2eb9b2e000000001
last-modified: Wed, 19 Aug 2020 04:39:50 GMT
server: cloudflare
etag: W/"5f3cad16-3a83"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Mp4b3JNU%2FQajVORlb8rB7Yyuv3iv0Qil7kT9DMooyvjVnkJ2V7o5HDOzCg26%2BzDf0sir%2FIIDT6CFl9drO4geMothQChjD64u661inJI%2BEL6jjd3whJE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 5e8bad066f452c2e-FRA

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: buka.site
URL: https://buka.site/id/f-me?f=Linda

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://buka.site/id/f-me?f=Linda
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Sep 2020 01:50:37 GMT
server: Golfe2
age: 3788
date: Tue, 27 Oct 2020 09:15:48 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18650
expires: Tue, 27 Oct 2020 11:15:48 GMT

GET
H2 200 bg1.gif
buka.site/festival/images/common/ 8 KB
8 KB 12ms
11ms Image
image/gif 2606:4700:3032::ac43:8247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buka.site/festival/images/common/bg1.gif
Requested by: Host: buka.site
URL: https://buka.site/id/f-me?f=Linda
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4850866680c2c1b3272dbc52a29f059c112ba3af2652cf48755f691eb83f7a81

Request headers

Referer: https://buka.site/id/f-me?f=Linda
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 27 Oct 2020 10:18:56 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2043184
status: 200
content-length: 7760
cf-request-id: 060b2a77ff00002c2e99871000000001
last-modified: Mon, 15 Jun 2020 15:08:55 GMT
server: cloudflare
etag: "5ee78f07-1e50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=S7rM9cxahKdLTO3siafeVk21E%2BdrgIS9yUk58jKSAm4wmSTfH2GIbNpx5LbTO43L%2BiJW7lFfdrrdAyEA7BKAeEVEOzy8U%2Bn%2FgWnj%2Bnc9TX%2BVa831yv4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 5e8bad066f4e2c2e-FRA
expires: Wed, 29 Sep 2021 20:12:24 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
404 B 46ms
17ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j86&a=295597459&t=pageview&_s=1&dl=https%3A%2F%2Fbuka.site%2Fid%2Ff-me%3Ff%3DLinda&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=711011482&gjid=584919602&cid=614956013.1603793936&tid=UA-123891896-1&_gid=2091191647.1603793936&_r=1&_slc=1&z=1715802768

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://buka.site/id/f-me?f=Linda
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 27 Oct 2020 10:18:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://buka.site
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 id_moulid_1.mp3 Show response
buka.site/festival/sounds/moulid/ 148 KB
149 KB 26ms
25ms XHR
audio/mpeg 2606:4700:3032::ac43:8247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://buka.site/festival/sounds/moulid/id_moulid_1.mp3
Requested by: Host: buka.site
URL: https://buka.site/festival/js/zounds.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16fa5fb6b504d631b37836db11795ad5a384ed1c209c250c5564eef8577ea28c

Request headers

Referer: https://buka.site/id/f-me?f=Linda
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 27 Oct 2020 10:18:56 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 21 Oct 2020 06:14:21 GMT
server: cloudflare
etag: "5f8fd1bd-251fe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=l42V7ioWcngdIM904O9vdJPSjf3eK4dC9T9hx0j2YH4ZNj%2Buy9G0fl3Uj4SiOw%2BbA1m2v%2F9x0PAHrb593oSWC5VzQeG7RIc1op2AAm%2B%2BgPS05nePTUc%3D"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg
status: 200
accept-ranges: bytes
cf-ray: 5e8bad069fcc2c2e-FRA
content-length: 152062
cf-request-id: 060b2a781d00002c2e8ea2f000000001

GET
H2 200 e1.png
buka.site/festival/images/marquee/islam/ 669 B
989 B 20ms
17ms Image
image/png 2606:4700:3032::ac43:8247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buka.site/festival/images/marquee/islam/e1.png
Requested by: Host: buka.site
URL: https://buka.site/id/f-me?f=Linda
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78fd6be2b59bdc47fb94bb77d6b717f761e7a9e67f838a218a8587891bea1f16

Request headers

Referer: https://buka.site/id/f-me?f=Linda
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 27 Oct 2020 10:18:56 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 752493
status: 200
content-length: 669
cf-request-id: 060b2a783500002c2ea9aaa000000001
last-modified: Mon, 15 Jun 2020 15:08:56 GMT
server: cloudflare
etag: "5ee78f08-29d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=k3n7ACYCXvOFuOu61WP3iRGd8%2Ft%2FqNuU8BPFwkQbAiO%2FW6kll8qjmzYqFaO%2F7LbCE1cvNjTzoV7ot5%2FJzbvfWvqdpAGsibhBNKziGks5fBbgokpq698%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 5e8bad06b8632c2e-FRA
expires: Wed, 29 Sep 2021 18:29:26 GMT

GET
H2 200 e2.png
buka.site/festival/images/marquee/islam/ 1 KB
1 KB 89ms
87ms Image
image/png 2606:4700:3032::ac43:8247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buka.site/festival/images/marquee/islam/e2.png
Requested by: Host: buka.site
URL: https://buka.site/id/f-me?f=Linda
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bbbbd556cb04d2353e2349c9f1380a63a8cd8887b21f1fd3019ddc0087957124

Request headers

Referer: https://buka.site/id/f-me?f=Linda
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 27 Oct 2020 10:18:56 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 752493
status: 200
content-length: 1076
cf-request-id: 060b2a783400002c2e59a24000000001
last-modified: Mon, 15 Jun 2020 15:08:56 GMT
server: cloudflare
etag: "5ee78f08-434"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FJViUHa%2Fgm33AVMfQVgjYhqXHs%2FhzNSGjgO4XSVtUuiTUFK2rbwHSKjcz1733RG6bawodnm8TdHsmO%2BCvtBHiTbO1rjxtHPjDTrnLgFLznvb0Vto0JM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 5e8bad06b8692c2e-FRA
expires: Wed, 29 Sep 2021 18:29:26 GMT

GET
H2 200 e3.png
buka.site/festival/images/marquee/islam/ 1 KB
1 KB 25ms
23ms Image
image/png 2606:4700:3032::ac43:8247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buka.site/festival/images/marquee/islam/e3.png
Requested by: Host: buka.site
URL: https://buka.site/id/f-me?f=Linda
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aab73632c97bed37d8ebc3403d82c724b9b59839b59d60989d4b963d2da495c9

Request headers

Referer: https://buka.site/id/f-me?f=Linda
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 27 Oct 2020 10:18:56 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 426238
status: 200
content-length: 1144
cf-request-id: 060b2a783600002c2e712e5000000001
last-modified: Mon, 15 Jun 2020 15:08:56 GMT
server: cloudflare
etag: "5ee78f08-478"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=spA%2BQjiUBFbXygOv0%2BRib%2FcVbbT9WAoYVItuwrjkkDeNBUpO77IJVJblHctbRlaURnoCyVYwwHhB7dC%2Bfu%2BCAOwIDp%2FOLZdGE2Bnh2jK4x%2FEztLwhBM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 5e8bad06b86c2c2e-FRA
expires: Wed, 29 Sep 2021 18:29:26 GMT

GET
H2 200 e4.png
buka.site/festival/images/marquee/islam/ 999 B
1 KB 22ms
20ms Image
image/png 2606:4700:3032::ac43:8247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buka.site/festival/images/marquee/islam/e4.png
Requested by: Host: buka.site
URL: https://buka.site/id/f-me?f=Linda
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a1bbf4932f0b7f030155224acc9de4a45e7e9c5ed211f76af3039b50e2d4dd77

Request headers

Referer: https://buka.site/id/f-me?f=Linda
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 27 Oct 2020 10:18:56 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2351348
status: 200
content-length: 999
cf-request-id: 060b2a783300002c2e9b2b2000000001
last-modified: Mon, 15 Jun 2020 15:08:56 GMT
server: cloudflare
etag: "5ee78f08-3e7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lt8kLdS2M%2BFRqHBVCT4O9%2FqpVOf9HWZQ1eJPzYIa5qjD1QBfXovVQ549i5uf1I4GSmALgZcRUVrtu0JD%2F%2FEIJiJ%2BDKsrjJx7y6axuX2IQxLLRsBPpGQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 5e8bad06b8722c2e-FRA
expires: Wed, 29 Sep 2021 18:29:26 GMT

GET
H2 200 e5.png
buka.site/festival/images/marquee/islam/ 559 B
1005 B 18ms
16ms Image
image/png 2606:4700:3032::ac43:8247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buka.site/festival/images/marquee/islam/e5.png
Requested by: Host: buka.site
URL: https://buka.site/id/f-me?f=Linda
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6fde647a504ce0b0946bae25546675f4fbc13a2281d6bb3e9823f294efe600cc

Request headers

Referer: https://buka.site/id/f-me?f=Linda
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 27 Oct 2020 10:18:56 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2351348
status: 200
content-length: 559
cf-request-id: 060b2a783300002c2ebe37f000000001
last-modified: Mon, 15 Jun 2020 15:08:56 GMT
server: cloudflare
etag: "5ee78f08-22f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2BBROF8jnC3nwdzAerI7pAHMlR43UKvIPabnzRuggLdckZm%2BGB9JGsovdq0MZuEifEfXzVYapBx%2FVJZGiWmv%2FGly83QcgbVeR7OlzLjyrze9%2Bs8dtWVg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 5e8bad06b8742c2e-FRA
expires: Wed, 29 Sep 2021 18:29:26 GMT

GET
H2 200 7.jpg
buka.site/festival/images/festival/moulid/ 25 KB
26 KB 19ms
16ms Image
image/jpeg 2606:4700:3032::ac43:8247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buka.site/festival/images/festival/moulid/7.jpg
Requested by: Host: buka.site
URL: https://buka.site/id/f-me?f=Linda
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8bbe0949fd9f70f2d3d34641f1ca87482d7314dd040c93b1599b3160733c5022

Request headers

Referer: https://buka.site/id/f-me?f=Linda
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 27 Oct 2020 10:18:56 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 604251
status: 200
content-length: 26104
cf-request-id: 060b2a783400002c2e613e7000000001
last-modified: Tue, 20 Oct 2020 09:53:46 GMT
server: cloudflare
etag: "5f8eb3aa-65f8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tlceLYAqutF1rIxWseIA3d4FjeqswBCi1r2oCEJfTdVAWktvYPLmlMFiUXLmiAALsFsggY3M9%2FwtMP93G47KlpC9WzSr4DJmatDYuCpXKpi9W4qRlhM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 5e8bad06b8772c2e-FRA
expires: Wed, 20 Oct 2021 09:54:18 GMT

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20201021/r20190131/ 230 KB
87 KB 52ms
38ms Script
text/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20201021/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b93041c86419712e621598adda1d9749ce2855af2fd4d952873ef00905922730

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://buka.site/id/f-me?f=Linda
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 27 Oct 2020 10:18:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 88452
x-xss-protection: 0
server: cafe
etag: 16783570891068550005
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Oct 2020 10:18:56 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201021/r20190131/ Frame CAB9 0
0 6ms
5ms Document
text/html 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20201021/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20201021/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://buka.site/id/f-me?f=Linda
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://buka.site/id/f-me?f=Linda

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Mon, 26 Oct 2020 11:43:14 GMT
expires: Mon, 09 Nov 2020 11:43:14 GMT
content-type: text/html; charset=UTF-8
etag: 5228831996244654541
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4745
x-xss-protection: 0
age: 81342
cache-control: public, max-age=1209600
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 pubads_impl_2020102201.js Show response
securepubads.g.doubleclick.net/gpt/ 274 KB
96 KB 156ms
126ms Script
text/javascript 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102201.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f34.1e100.net

Software

sffe /

Resource Hash

9ccb61031667dbac3cdba7043e98c6db961e044679dc28b81eb11031dd4ce45f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://buka.site/id/f-me?f=Linda
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 27 Oct 2020 10:18:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 22 Oct 2020 08:43:18 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98380
x-xss-protection: 0
expires: Tue, 27 Oct 2020 10:18:56 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 199 B
404 B 32ms
30ms Script
text/javascript 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=buka.site&callback=_gfp_s_&client=ca-pub-7567244753653428

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201021/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f34.1e100.net

Software

cafe /

Resource Hash

7aa0df1c3e82c3a46124264eb62c059b97b4b2abad5d802e21b0a306b79751ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://buka.site/id/f-me?f=Linda
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 27 Oct 2020 10:18:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 190
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
832 B 36ms
15ms Script
application/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=buka.site

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201021/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://buka.site/id/f-me?f=Linda
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 27 Oct 2020 10:18:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
832 B 38ms
17ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=buka.site

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201021/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://buka.site/id/f-me?f=Linda
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 27 Oct 2020 10:18:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 403 ads
googleads.g.doubleclick.net/pagead/ Frame 1C9D 0
0 24ms
24ms Document
text/html 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7567244753653428&output=html&adk=1812271804&adf=3025194257&lmt=1603793936&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fbuka.site%2Fid%2Ff-me%3Ff%3DLinda%23&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1603793936512&bpp=14&bdt=171&idt=82&shv=r20201021&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7757813986688&frm=20&pv=2&ga_vid=614956013.1603793936&ga_sid=1603793937&ga_hid=295597459&ga_fc=0&iag=0&icsg=9349887&dssz=23&mdo=0&mso=0&u_tz=60&u_his=12&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44730557&oid=3&pvsid=895916767295435&pem=295&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=104

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201021/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7567244753653428&output=html&adk=1812271804&adf=3025194257&lmt=1603793936&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fbuka.site%2Fid%2Ff-me%3Ff%3DLinda%23&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1603793936512&bpp=14&bdt=171&idt=82&shv=r20201021&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7757813986688&frm=20&pv=2&ga_vid=614956013.1603793936&ga_sid=1603793937&ga_hid=295597459&ga_fc=0&iag=0&icsg=9349887&dssz=23&mdo=0&mso=0&u_tz=60&u_his=12&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44730557&oid=3&pvsid=895916767295435&pem=295&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=104
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://buka.site/id/f-me?f=Linda
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://buka.site/id/f-me?f=Linda

Response headers

status: 403
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 27 Oct 2020 10:18:56 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 27-Oct-2020 10:33:56 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
28 KB 65ms
39ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201021/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93e55098f3846c590ea30d65c602bfd53f858a9bec79dd73a15816a70ec06c09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://buka.site/id/f-me?f=Linda
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 27 Oct 2020 10:18:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603712362387365"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27565
x-xss-protection: 0
expires: Tue, 27 Oct 2020 10:18:56 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 41 KB
11 KB 363ms
362ms XHR
text/plain 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=895916767295435&correlator=174806988009646&output=ldjh&impl=fifs&adsid=NT&eid=21067995%2C21065113%2C21067447%2C21067718%2C21067753%2C44730557&vrg=2020102201&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201027&iu_parts=21748487420%2Cbuka.site_300x250%2Cbuka.site_320x50&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=336x280%7C300x250%2C320x50&cookie=ID%3D61ad2af34c4c1316-22941b4e58a600fe%3AT%3D1603793936%3ART%3D1603793936%3AS%3DALNI_MbXdR2n11JT2oYR-QYSqPRxAPf6Ew&bc=31&abxe=1&lmt=1603793936&dt=1603793936838&dlt=1603793936341&idt=480&frm=20&biw=1600&bih=1200&oid=3&adxs=531%2C-9&adys=322%2C-9&adks=2578484546%2C1097950859&ucis=1%7C2&ifi=1&u_tz=60&u_his=12&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fbuka.site%2Fid%2Ff-me%3Ff%3DLinda%23&dssz=24&icsg=143567615&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=538x280%7C0x-1&msz=538x280%7C0x-1&ga_vid=614956013.1603793936&ga_sid=1603793937&ga_hid=295597459&fws=4%2C2&ohw=1600%2C0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f34.1e100.net

Software

cafe /

Resource Hash

55fa1ffefab633711980f901dfdbdcfd759730ae990dcd8c0b13fb0a755bda6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://buka.site/id/f-me?f=Linda
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 27 Oct 2020 10:18:57 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10475
x-xss-protection: 0
google-lineitem-id: -1,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://buka.site
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
880db2af95de8315fdf180d951f4310f.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 77ms
39ms Other
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://880db2af95de8315fdf180d951f4310f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102201.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://buka.site/id/f-me?f=Linda
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 39ms
25ms XHR
application/json 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201021&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201021/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

55767659b6a3cfbd11fe99c8dda090acd99f7819cbb3788645d16c0bef841592

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://buka.site/id/f-me?f=Linda
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 27 Oct 2020 10:18:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6457
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 35ms
14ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201021/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a32b89473df6ced5953684278e431ae4a01141364fab23812960a0d69c5ab3ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://buka.site/id/f-me?f=Linda
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 27 Oct 2020 10:18:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1601937181905197"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6302
x-xss-protection: 0
expires: Tue, 27 Oct 2020 10:18:56 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/218/ Frame AB9C 0
0 43ms
28ms Document
text/html 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/218/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/218/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://buka.site/id/f-me?f=Linda
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://buka.site/id/f-me?f=Linda

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4867
date: Tue, 27 Oct 2020 09:50:15 GMT
expires: Wed, 27 Oct 2021 09:50:15 GMT
last-modified: Fri, 25 Sep 2020 19:26:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1721
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
110 B 17ms
16ms Image
image/gif 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=218&t=2&li=gda_r20201021&jk=895916767295435&bg=!bm2lbU3NAAVp0lmVaVidCyf6ItJqFAIAAABoUgAAAA4KAgCr2j8dl5b1MxoMKNn03oTQwin3ZdVhw1w0bWwPCDqPIVC6ePH5JtYJGU8kF3WAIBA9mZjk2XHIA3n9TYO0DmIerjE_XMXsawt5jRjmM71eYGu0e3SjenWbQmu9_T2RG9x2TjBjtpXMnk_UDV6zgOgSOVCV59oJMOh8aC3B52nc48L91KFnls628E53oYkvb6LCPOhHjY-__TMb9Y2FwkHCmaDsNOpCrjJOr7PMhBnA61dx_H4wsDwpb5ExoY5cRevLrnJueG2zCu03haqqIrEIraEr5raHWusGwWQo0SJNM05r35Oygkr0ZpWk_REYRI74h4VmMyFjcvP-A8pP9OkjS-ctZtz18J7UOjtnywff4qeg8DpwLcdJzOlTbW9IWl0N8xguqypipzYHNFXyVrckEwHCuR7lNXcxf_5VSLGEZhxmKeNOs9MTbyAUsKHPq_6aWpyEFsKGaEMxQyGJq1aWUPm8gEmmV_ml5fARFNFd9KWw-WynTZScO3VB6cCbIamsVX5Qngc46Xrbdhm92P2D0dIsAmdH6Ed3l0KNxXyQDS0N29w9lhOFR8OJBLaDmMz1uQ5q7Ql_ykpuUsmfrNHLXTuuCKT-TY682L2ACKnXpVEiSeRjK9ksxpQ7UOyHXTAYJuArXuN1UoaMp1bvzcz3PkYmRxRrc1qswgFamHnU_ZkBomNbERWbxkEqpHTZoD_qLn3-POvOexLEhTAgTCFIksneSEUMUehO2CtReEIaI6_czYVoTnD5omHgO7CZJOk-Fesa2ousUDXbPvzTrNFmYle3xIxtuQ0QdKuVk2l58-i4g-S38dSz5LMnepmcZ12yWBWEOjcat5d7tNf7uZHPHOSujd384cI8LFwymiGDHYVYf_vUOGLSvz95ut5ZC7KiUFQrVet7hVfTsFijwcHVUw9sKfIJN0yHve0XkYUM8gZpkZ8A15pmO466ec3vnSMCsXS5z1K1seL9LSlKK4meLTyrtjU5RpXXjwfh54MK8JqrKOoSoHjpjWAsnD4qVQLhO0R_z6-80662xllQVtnlGN6RNPTfZy5mZxMeVOSyjRSUr7KZIRaUQdmhHKRioJzmPWZiAIfUdiUCEpYLQ5bLAYM8pkYL052G7dMtG-KInJDtgEkjUtscrA35qlwkJLYVemVQJRB6JhMoVNEdA4daFzn2YLDpn2cWV54juAxr5Q698ZthRrqYhAsk5c7FC9yhvLNeSI6O3FAwHsrMkefJF5QITTw

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://buka.site/id/f-me?f=Linda
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Oct 2020 10:18:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012010200130000/ Frame 0B86 179 KB
51 KB 29ms
5ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010200130000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ccba81299d059fd4c0faf58e0dc0419747998af6e73075727d0a5ef650343c96

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://buka.site/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 47773
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51541
x-xss-protection: 0
server: sffe
date: Mon, 26 Oct 2020 21:02:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9ef5c31a52e12ce1"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Oct 2021 21:02:44 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012010200130000/v0/ Frame 0B86 13 KB
5 KB 42ms
18ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010200130000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82ec75bbc727b599cb5bda87848d36d65e34ff0a9c559e99cef232ddbecc73c0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://buka.site/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 47773
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4872
x-xss-protection: 0
server: sffe
date: Mon, 26 Oct 2020 21:02:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "b2a918a1d7e70e6e"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Oct 2021 21:02:44 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012010200130000/v0/ Frame 0B86 90 KB
27 KB 40ms
17ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010200130000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6fb4ed23d9bc57830027f5d14d4f395dbe300a193920228f63ee9abab56463b7

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://buka.site/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 47772
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27647
x-xss-protection: 0
server: sffe
date: Mon, 26 Oct 2020 21:02:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a91615f5d8c754b5"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Oct 2021 21:02:45 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012010200130000/v0/ Frame 0B86 3 KB
1 KB 39ms
16ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010200130000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0aad048e4af4e600b20a1241437085489eb5a6431a27b4a182bcc67b08d17993

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://buka.site/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 47772
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1368
x-xss-protection: 0
server: sffe
date: Mon, 26 Oct 2020 21:02:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "cc8039ad7481d01b"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Oct 2021 21:02:45 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012010200130000/v0/ Frame 0B86 41 KB
13 KB 37ms
15ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010200130000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fc831f59f6e6e61910f432c13bff2bab81fbda1390a648455abfff5eef5478f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://buka.site/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 47772
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13112
x-xss-protection: 0
server: sffe
date: Mon, 26 Oct 2020 21:02:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "c5fd2b093b96bd13"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Oct 2021 21:02:45 GMT

GET
DATA 200
OK truncated
/ Frame 0B86 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f11833a98f82b634b3783eb7305b56386ab40e1ca5324fe62d631028935f91ea

Request headers

Referer: https://buka.site/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 16994644689776649261
tpc.googlesyndication.com/simgad/ Frame 0B86 88 KB
88 KB 9ms
8ms Image
image/gif 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16994644689776649261

Requested by

Host: buka.site
URL: https://buka.site/id/f-me?f=Linda

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81a16ee1806f2e0f9feb5e556b53f9bdea1baa7a9b391e9aff3008fea53d28dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://buka.site/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 07:07:34 GMT
x-content-type-options: nosniff
age: 357083
x-dns-prefetch-control: off
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 90009
x-xss-protection: 0
last-modified: Wed, 30 Jan 2019 16:44:41 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Oct 2021 07:07:34 GMT

GET
H3-Q050 200 id.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 0B86 3 KB
3 KB 7ms
6ms Image
image/png 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/id.png

Requested by

Host: buka.site
URL: https://buka.site/id/f-me?f=Linda

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e21f4e7e88783b14a82c666b81649a49dace8b1fd9a1ec27a8e17b2ae26bbc94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://buka.site/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 27 Oct 2020 00:43:22 GMT
x-content-type-options: nosniff
server: cafe
age: 34535
etag: 12948112503563494795
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3020
x-xss-protection: 0
expires: Wed, 28 Oct 2020 00:43:22 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 0B86 344 B
438 B 8ms
6ms Image
image/png 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: buka.site
URL: https://buka.site/id/f-me?f=Linda

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://buka.site/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Oct 2020 11:33:29 GMT
x-content-type-options: nosniff
server: cafe
age: 81928
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Tue, 27 Oct 2020 11:33:29 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 0B86 0
0 15ms
14ms Image
text/html 2a00:1450:4001:819::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRJ9yQ0GNoS0tPKFfMP65mzQ9pPzPn0_IroeHHtkUq5d-xlptPIQHkeeiXPt4E07fJiJZ_fgG7Mc4n4P-2cR3ujzDMVIA
Requested by: Host: buka.site
URL: https://buka.site/id/f-me?f=Linda
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:819::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://buka.site/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 0B86 0
0 37ms
35ms Image
text/html 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C9ZLlEPSXX9byNuuV7_UPl96NqAjYmZSDXq2G-46dCZKTo8ypExABILqEwDNgkYSThfwXoAH8ne7bA8gBA6kCgX3U6zHXsz7gAgCoAwHIAwiqBPoBT9D9mg-WvXJoC_3tyyTMRyO0jq2QG_8_iSSexRPDRPO698Fu8kKWmVnM06baM4PnZqS-AIyp_UzXG9g0t_9LqT4JSLXM545_EyqUiUdZENUrv3xeHCDrBp-t2UMWRDlX6_RbvGm5KrywJv84AGgBUQd9SBrVzn_GvSptQ8IcC9MoMvbl75wbUv7ctyfyuKw-a6nX9DA6FbONZr5hiRLMbGa4lh3oJZinz-Qq7doaHbDc5bv828jvpoOH7JhjVmc3pK2_Zi_dgboHSl9clR1I0Dml79SsVfeZxjBKgCIAJKyESm0ppnJChwWf7LiBYF2LaEo8CnxwQYvC1sAE2qvL14AC4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgOAB-zhkSSoB47OG6gH1ckbqAeT2BuoB7oGqAfw2RuoB_LZG6gH7paxAqgHpr4bqAfs1RvYBwHyBwQQ-dcO0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi0xMDI3ODQ4OTI5ODA2ODA2gAoDyAsBsgwUcHViLTg5MzMzMjk5OTkzOTExMDTCDAIIAdgTDQ&sigh=RO2f0FgTRn0&tpd=AGWhJmtUPM5-eM2BxS-Dqd1WnrPfiiq3tevufbmCSKQmbkXbKA
Requested by: Host: buka.site
URL: https://buka.site/id/f-me?f=Linda
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s12-in-f34.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://buka.site/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 0B86
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

39ms
38ms

Image
text/html

2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: buka.site
URL: https://buka.site/id/f-me?f=Linda
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Tue, 27 Oct 2020 10:18:57 GMT
x-content-type-options: nosniff
server: safe
status: 302
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 0B86 42 B
93 B 21ms
21ms Image
image/gif 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsty4EuopKCxUQVI9mxm8ECBOo5_GFj9N-MovVQgT-u515me7twQHIm_FSKiXAt6C1tsI3TmSgMs790rwyUqelptqeGZeddFkj5gUhlZjtjVCAfqBFzlSIKXcV5nhA&sai=AMfl-YSzGkFdsZB1Kz-ligiW2ldNV-f0R3TPYceStOk1DC01vb-T-Q_lcyAPyq6yFjq5azE5K99u3wP739cFrpNTe4whEzJJkVFj8rDS4Z6QyioDnkfRHabQrzgk3ag&sig=Cg0ArKJSzHD58v_WKSWrEAE&cid=CAASF-RoWLC2JgFdFQUeJtdg0E0tleKDGMFO&id=ampim&o=632,322&d=336,280&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=131&tls=1131&g=100&h=100&tt=1131&r=v&avms=ampa&adk=2578484546

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://buka.site/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Oct 2020 10:18:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 id.jpg
buka.site/festival/images/festival/moulid/ 14 KB
14 KB 18ms
16ms Image
image/jpeg 2606:4700:3032::ac43:8247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buka.site/festival/images/festival/moulid/id.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cef49a5075229149fa9fd1ba606bf62a3f5520980aeaf2189b69bfa755aa870b

Request headers

Referer: https://buka.site/id/f-me?f=Linda
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 27 Oct 2020 10:18:58 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2043184
status: 200
content-length: 14297
cf-request-id: 060b2a800000002c2e571ed000000001
last-modified: Fri, 14 Aug 2020 18:41:05 GMT
server: cloudflare
etag: "5f36dac1-37d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QU6xNpSXntiyFpFgIIoAXUJ%2F%2FAU0FHKpkREcp5ebqV56xIF4IHCdE0Dn0f7QCwv8oIT%2FyLGaS9DXz95kYTdG8lnI0rRIvIVobjShdwOZ7bI71sw1Mgk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 5e8bad133f292c2e-FRA
expires: Sun, 03 Oct 2021 18:38:08 GMT

GET
H2 200 2.jpg
buka.site/festival/images/festival/moulid/ 20 KB
20 KB 15ms
13ms Image
image/jpeg 2606:4700:3032::ac43:8247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buka.site/festival/images/festival/moulid/2.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad5bf0cfdec26e0003b73607f63e7a121bc8a0eed189e955dfaf8c6b1902a125

Request headers

Referer: https://buka.site/id/f-me?f=Linda
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 27 Oct 2020 10:18:58 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2043184
status: 200
content-length: 20423
cf-request-id: 060b2a800200002c2ec6a83000000001
last-modified: Fri, 14 Aug 2020 18:41:05 GMT
server: cloudflare
etag: "5f36dac1-4fc7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rV0K%2BPt3VzABvydmDza7QYAAlrkQbBIuaZr%2FxT5KD0hBjYjVcu4w4yGrOqzbztGjarWnQD2bTXAGlCqvZLhncHYbjAfShkkFscmJOgvw1fpQrkJYAbI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 5e8bad133f2b2c2e-FRA
expires: Sun, 03 Oct 2021 18:38:08 GMT

GET
H2 200 4.jpg
buka.site/festival/images/festival/moulid/ 22 KB
23 KB 18ms
17ms Image
image/jpeg 2606:4700:3032::ac43:8247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buka.site/festival/images/festival/moulid/4.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7eacc068cc152dd85a944ef40fbaaa6e778c7e70bbe18bcbf9981d79d94d0f33

Request headers

Referer: https://buka.site/id/f-me?f=Linda
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 27 Oct 2020 10:18:58 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2043184
status: 200
content-length: 22983
cf-request-id: 060b2a800100002c2e6505c000000001
last-modified: Fri, 14 Aug 2020 18:41:05 GMT
server: cloudflare
etag: "5f36dac1-59c7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=a%2B46VUFmjUXscd%2F55Qm%2FAftaacS%2BZfY5NG0%2FHgOlya34rYUU5B%2FCEXOiRnounkrH7yM2ajtCSDuV0R5wmMaHrfEVh%2BLv8HDBFe3SMrTBifdlB9A4sg0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 5e8bad133f2e2c2e-FRA
expires: Wed, 29 Sep 2021 20:12:26 GMT

GET
H2 200 8.jpg
buka.site/festival/images/festival/moulid/ 32 KB
32 KB 15ms
14ms Image
image/jpeg 2606:4700:3032::ac43:8247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buka.site/festival/images/festival/moulid/8.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d558ff7c915dfa21d2c8808bdb4d20c7960e1a77d7a708b639a53aded164840

Request headers

Referer: https://buka.site/id/f-me?f=Linda
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 27 Oct 2020 10:18:58 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 604229
status: 200
content-length: 32544
cf-request-id: 060b2a800100002c2e9091a000000001
last-modified: Tue, 20 Oct 2020 09:53:46 GMT
server: cloudflare
etag: "5f8eb3aa-7f20"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FMNx4S6gihtr%2F377kcPEqd86dnXgCgR6kaZNmWPJncVI2vYiF1u0uKHCTJa8QKA6rEQ3PH5%2BSozT%2BupqLFc7hwJUbW3uF2rURtcxczhh9P%2B1m7HiAfY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 5e8bad133f302c2e-FRA
expires: Wed, 20 Oct 2021 09:54:20 GMT

GET
H2 200 5.jpg
buka.site/festival/images/festival/moulid/ 23 KB
23 KB 16ms
15ms Image
image/jpeg 2606:4700:3032::ac43:8247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buka.site/festival/images/festival/moulid/5.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a0527bdd597dd0253d7f9a81b11b2f3adb8a8f9c48fa57f168a37c77ae1681f

Request headers

Referer: https://buka.site/id/f-me?f=Linda
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 27 Oct 2020 10:18:58 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2043184
status: 200
content-length: 23191
cf-request-id: 060b2a800100002c2e83070000000001
last-modified: Fri, 14 Aug 2020 18:41:05 GMT
server: cloudflare
etag: "5f36dac1-5a97"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bT5fdfySLuXYfH7GAdgzIh9WtmQBcev8O2Dme%2B6tmlffF65b0BY%2FLEthjkv%2FjKHq8s1Sup5IxhOf02UCnsDCXa%2FCNg%2FygkLaLtEl%2BY9YkAbuFEYiMIQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 5e8bad133f312c2e-FRA
expires: Wed, 29 Sep 2021 20:12:27 GMT

GET
H2 200 6.png
buka.site/festival/images/festival/moulid/ 23 KB
23 KB 23ms
22ms Image
image/png 2606:4700:3032::ac43:8247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buka.site/festival/images/festival/moulid/6.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b67304fc19a26fc28bbad183540094c788f220fd1f7be2489a05a841c7c3fe8

Request headers

Referer: https://buka.site/id/f-me?f=Linda
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 27 Oct 2020 10:18:58 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 460420
status: 200
content-length: 23664
cf-request-id: 060b2a800200002c2e74919000000001
last-modified: Fri, 14 Aug 2020 18:41:05 GMT
server: cloudflare
etag: "5f36dac1-5c70"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KnflS8Wc9fYEJniipjBo5wnauDKipn2dMGk7V9FwUV62Gvu6P35m%2FYR6pg9WcYU894Os3M92yo%2FqR2Gf1k20x9pSc4qWJHLZHe4SIQWk7Xs3xxLLUcE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 5e8bad133f322c2e-FRA
expires: Fri, 22 Oct 2021 02:25:18 GMT

Verdicts & Comments Add Verdict or Comment

103 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 13:29:54	Name: test_cookie Value: CheckForPermission
.buka.site/	1970-01-19 22:51:29	Name: __gads Value: ID=61ad2af34c4c1316-22941b4e58a600fe:T=1603793936:RT=1603793936:S=ALNI_MbXdR2n11JT2oYR-QYSqPRxAPf6Ew
.buka.site/	1970-01-19 13:29:53	Name: _gat Value: 1
buka.site/	1970-01-19 13:30:01	Name: laravel_session Value: eyJpdiI6Im90YUt3XC9veVJUUU92KzZlMFNZNDRBPT0iLCJ2YWx1ZSI6ImJIUFBSMnVZZVlGQVZQYUxQaUlaSk00cFhac2xFMFR1dHV5YjlTZUVYRHo1RXFoN3RNRnR3a3I0blRFSzhZYzIiLCJtYWMiOiJmZDI3YTg5MGU3ODNhNmNmMDRkM2IyNTM1Y2JiMWY1ZTE1ZDVjMjcxOTI0Y2I0MTc0MWYyZTNmMzZkMmRkYzk1In0%3D
.buka.site/	1970-01-19 13:31:20	Name: _gid Value: GA1.2.2091191647.1603793936
.buka.site/	1970-01-20 07:01:05	Name: _ga Value: GA1.2.614956013.1603793936
buka.site/	1970-01-19 13:30:01	Name: XSRF-TOKEN Value: eyJpdiI6Ikd6WHJSd0ZTZmJNMk5MYUZtZ05JaXc9PSIsInZhbHVlIjoiRWRtWDQxQ251Y1IwMCtnNWJ1T0U2czljemxET0RoNlBNd0Q2TXNyN0x2MUc5Q1JSaGxYSmpPN05PMGxLS1FzXC8iLCJtYWMiOiI3ZWMzOWNhMGNlZjNmZDQyZTgzMWMzODhlOTBkYWMzODNlYmQ5NTMzMmNmOWU0M2I2ODA3OWQ5YWE3ZDE2ZTFmIn0%3D
.buka.site/	1970-01-19 14:13:05	Name: __cfduid Value: df617dbf7fc72e7089f3964d13f4a36501603793936

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: https://cdn.ampproject.org/rtv/012010200130000/amp4ads-v0.mjs(Line 9) Message: Powered by AMP ⚡ HTML – Version 2010200130000 https://buka.site/id/f-me?f=Linda

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

880db2af95de8315fdf180d951f4310f.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
buka.site
cdn.ampproject.org
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagservices.com
216.58.208.34
2606:4700:3032::ac43:8247
2a00:1450:4001:806::2001
2a00:1450:4001:806::2002
2a00:1450:4001:809::200e
2a00:1450:4001:816::2001
2a00:1450:4001:819::2002
2a00:1450:4001:819::2004
2a00:1450:4001:821::2002
2a00:1450:4001:824::200e
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0aad048e4af4e600b20a1241437085489eb5a6431a27b4a182bcc67b08d17993
16fa5fb6b504d631b37836db11795ad5a384ed1c209c250c5564eef8577ea28c
2f552a6e67de3ae4db8131ad74b1d3cb9cb699da7a16afdada902a5cf7032a04
353359acf186f7fffc2100f5827d87259ab502aa61fe1e83e46f9cbd77589568
379b9aceeb0b782bb8b102097d44979277c8e89f99a2ba66ba4c2e50dc92c774
3a67447e6312a72ef219633eaa8f11ef4ffde0b9ad0eadb459fd1f85499d58b8
41fe40bff494be72a97843675420e560b91c3f97ee5f92387e937d9de20b102c
4850866680c2c1b3272dbc52a29f059c112ba3af2652cf48755f691eb83f7a81
4a0527bdd597dd0253d7f9a81b11b2f3adb8a8f9c48fa57f168a37c77ae1681f
4d558ff7c915dfa21d2c8808bdb4d20c7960e1a77d7a708b639a53aded164840
4fc831f59f6e6e61910f432c13bff2bab81fbda1390a648455abfff5eef5478f
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
55767659b6a3cfbd11fe99c8dda090acd99f7819cbb3788645d16c0bef841592
55fa1ffefab633711980f901dfdbdcfd759730ae990dcd8c0b13fb0a755bda6c
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
6b67304fc19a26fc28bbad183540094c788f220fd1f7be2489a05a841c7c3fe8
6fb4ed23d9bc57830027f5d14d4f395dbe300a193920228f63ee9abab56463b7
6fde647a504ce0b0946bae25546675f4fbc13a2281d6bb3e9823f294efe600cc
702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb
78fd6be2b59bdc47fb94bb77d6b717f761e7a9e67f838a218a8587891bea1f16
7aa0df1c3e82c3a46124264eb62c059b97b4b2abad5d802e21b0a306b79751ec
7e19dd92f690db05c0e9a1ee3d69eb35a0d34bcd159ccd1509259b4f7ce72649
7eacc068cc152dd85a944ef40fbaaa6e778c7e70bbe18bcbf9981d79d94d0f33
81a16ee1806f2e0f9feb5e556b53f9bdea1baa7a9b391e9aff3008fea53d28dc
82ec75bbc727b599cb5bda87848d36d65e34ff0a9c559e99cef232ddbecc73c0
8bbe0949fd9f70f2d3d34641f1ca87482d7314dd040c93b1599b3160733c5022
93e55098f3846c590ea30d65c602bfd53f858a9bec79dd73a15816a70ec06c09
9ccb61031667dbac3cdba7043e98c6db961e044679dc28b81eb11031dd4ce45f
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1bbf4932f0b7f030155224acc9de4a45e7e9c5ed211f76af3039b50e2d4dd77
a32b89473df6ced5953684278e431ae4a01141364fab23812960a0d69c5ab3ee
a70140b2449f271b09b7ccaa696ae2778db3d79c35bc95cbfb35905cc648e4cc
aab73632c97bed37d8ebc3403d82c724b9b59839b59d60989d4b963d2da495c9
ad5bf0cfdec26e0003b73607f63e7a121bc8a0eed189e955dfaf8c6b1902a125
aea607f39789d4cc03dd33d5518a1e53d419c379c618b7a19d6e3a06f4f14d56
b69bd559ebe9b1c328060b5afe4b0b52dc79db45bb348368860f8f8bfb9befe7
b93041c86419712e621598adda1d9749ce2855af2fd4d952873ef00905922730
bbbbd556cb04d2353e2349c9f1380a63a8cd8887b21f1fd3019ddc0087957124
c331a0b93871168da6f5bd522b0059c784a3b6bcba57c7717af05f4e7ec7b2a8
ccba81299d059fd4c0faf58e0dc0419747998af6e73075727d0a5ef650343c96
cef49a5075229149fa9fd1ba606bf62a3f5520980aeaf2189b69bfa755aa870b
dc440b30e9002c7c7e98f9a9a62289e2784c8eddcf1e15d06cd69e8f031d2193
e21f4e7e88783b14a82c666b81649a49dace8b1fd9a1ec27a8e17b2ae26bbc94
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f11833a98f82b634b3783eb7305b56386ab40e1ca5324fe62d631028935f91ea

buka.site Open in urlscan Pro 2606:4700:3032::ac43:8247 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

54 Requests

100 %HTTPS

90 %IPv6

9 Domains

13 Subdomains

11 IPs

2 Countries

908 kBTransfer

1802 kBSize

8 Cookies

0 Outgoing links

Redirected requests

54 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

buka.site Open in urlscan Pro
2606:4700:3032::ac43:8247 Public Scan

Screenshot
Live screenshot

Full Image

54
Requests

100 %
HTTPS

90 %
IPv6

9
Domains

13
Subdomains

11
IPs

2
Countries

908 kB
Transfer

1802 kB
Size

8
Cookies

54 HTTP transactions
1 data transactions