au.bfn.today Open in urlscan Pro
2a01:4f8:10a:2e93::2 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://au.bfn.today/login.php
Submission Tags: krdtest
Submission: On August 08 via api (August 8th 2021, 4:17:44 am UTC) from JP

Summary HTTP 121 Redirects Links 38 Behaviour Indicators

Summary

This website contacted 24 IPs in 4 countries across 20 domains to perform 121 HTTP transactions. The main IP is 2a01:4f8:10a:2e93::2, located in Germany and belongs to HETZNER-AS, DE. The main domain is au.bfn.today.
TLS certificate: Issued by R3 on August 4th 2021. Valid for: 3 months.

This is the only time au.bfn.today was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
57	2a01:4f8:10a:... 2a01:4f8:10a:2e93::2	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3037::6815:4e07	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6816:46c5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2016	15169 (GOOGLE) (GOOGLE)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
13	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 2	88.212.201.210 88.212.201.210	39134 (UNITEDNET) (UNITEDNET)
1	2a04:4e42:3::485 2a04:4e42:3::485	54113 (FASTLY) (FASTLY)
3 6	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
1	104.244.42.8 104.244.42.8	13414 (TWITTER) (TWITTER)
12	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
2 3	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1 2	80.239.201.123 80.239.201.123	1299 (TELIANET ...) (TELIANET Telia Carrier)
121	24

57 2a01:4f8:10a:2e93::2 (Germany)

ASN24940 (HETZNER-AS, DE)

au.bfn.today	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::6815:4e07 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:46c5 (United States)

ASN13335 (CLOUDFLARENET, US)

static.addtoany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.210 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host210.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:3::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.8 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 80.239.201.123 (Sweden) 1 redirects

ASN1299 (TELIANET Telia Carrier, SE)
PTR: 80-239-201-123.teliacarrier-cust.com

mc.webvisor.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
57	bfn.today au.bfn.today	3 MB
22	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	350 KB
13	doubleclick.net googleads.g.doubleclick.net	54 KB
6	yandex.ru 3 redirects mc.yandex.ru	3 KB
4	google.com 2 redirects adservice.google.com www.google.com	1 KB
3	facebook.com www.facebook.com	989 B
3	googletagservices.com www.googletagservices.com	103 KB
3	twitter.com platform.twitter.com syndication.twitter.com	133 KB
2	webvisor.org 1 redirects mc.webvisor.org	714 B
2	yadro.ru 1 redirects counter.yadro.ru	1 KB
2	google-analytics.com www.google-analytics.com	20 KB
2	facebook.net connect.facebook.net	98 KB
2	googletagmanager.com www.googletagmanager.com	74 KB
1	jsdelivr.net cdn.jsdelivr.net	54 KB
1	google.de adservice.google.de	853 B
1	googleadservices.com partner.googleadservices.com	656 B
1	ytimg.com i.ytimg.com	16 KB
1	addtoany.com static.addtoany.com	29 KB
1	fontawesome.com use.fontawesome.com	237 KB
1	googleapis.com ajax.googleapis.com	30 KB
121	20

	Domain	Requested by
57	au.bfn.today	au.bfn.today
13	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
12	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
10	pagead2.googlesyndication.com	au.bfn.today pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
6	mc.yandex.ru	3 redirects au.bfn.today
3	www.google.com	2 redirects tpc.googlesyndication.com
3	www.facebook.com	au.bfn.today connect.facebook.net
3	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
2	mc.webvisor.org	1 redirects au.bfn.today
2	counter.yadro.ru	1 redirects au.bfn.today
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	connect.facebook.net	au.bfn.today connect.facebook.net
2	platform.twitter.com	au.bfn.today platform.twitter.com
2	www.googletagmanager.com	au.bfn.today
1	syndication.twitter.com	platform.twitter.com
1	cdn.jsdelivr.net	au.bfn.today
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	i.ytimg.com	au.bfn.today
1	static.addtoany.com	au.bfn.today
1	use.fontawesome.com	au.bfn.today
1	ajax.googleapis.com	au.bfn.today
121	23

This site contains links to these domains. Also see Links.

Domain
ar.bfn.today
at.bfn.today
br.bfn.today
ca.bfn.today
deutschland.bfn.today
ie.bfn.today
it.bfn.today
my.bfn.today
mx.bfn.today
nz.bfn.today
pl.bfn.today
ru.bfn.today
za.bfn.today
ua.bfn.today
bfn.today
www.addtoany.com
www.youtube.com
www.liveinternet.ru

Subject Issuer	Validity	Valid
bfn.today R3	`2021-08-04` - `2021-11-02`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-07` - `2022-07-06`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-05` - `2021-11-09`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-07-20` - `2021-10-18`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
counter.yadro.ru GoGetSSL ECC DV CA	`2020-02-02` - `2022-05-02`	2 years	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-30` - `2022-06-01`	a year	crt.sh
mc.yandex.ru Yandex CA	`2021-07-28` - `2022-01-07`	5 months	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
mc.webvisor.com Yandex CA	`2021-03-11` - `2021-09-02`	6 months	crt.sh

This page contains 14 frames:

Primary Page: https://au.bfn.today/login.php
Frame ID: 4E6D5C9AC5EF192B3577C6E71973001F
Requests: 85 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210803/r20190131/zrt_lookup.html
Frame ID: F768853035CAB6550EEA8EA4333B3FDF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0470186311324088&output=html&adk=1812271804&adf=3025194257&lmt=1628396245&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fau.bfn.today%2Flogin.php&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628396244902&bpp=2&bdt=186&idt=89&shv=r20210803&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4528665380350&frm=20&pv=2&ga_vid=944942953.1628396245&ga_sid=1628396245&ga_hid=103979608&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=134659250060835&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=105
Frame ID: 2ED3CF5EFA4193B43065FE96C1D9666C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0470186311324088&output=html&h=280&slotname=2242651231&adk=4104189485&adf=3530750019&pi=t.ma~as.2242651231&w=750&fwrn=4&fwrnh=100&lmt=1628396245&rafmt=1&psa=0&format=750x280&url=https%3A%2F%2Fau.bfn.today%2Flogin.php&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628396244904&bpp=2&bdt=188&idt=109&shv=r20210803&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4528665380350&frm=20&pv=1&ga_vid=944942953.1628396245&ga_sid=1628396245&ga_hid=103979608&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=160&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=134659250060835&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=jAzvbc8O2q&p=https%3A//au.bfn.today&dtd=113
Frame ID: 74933DE5FB1B3B6C8B12548367C7AF97
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0470186311324088&output=html&h=280&slotname=4257322551&adk=3469156498&adf=2973147585&pi=t.ma~as.4257322551&w=338&fwrn=4&fwrnh=100&lmt=1628396245&rafmt=1&psa=0&format=338x280&url=https%3A%2F%2Fau.bfn.today%2Flogin.php&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628396244906&bpp=1&bdt=190&idt=115&shv=r20210803&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x280&nras=1&correlator=4528665380350&frm=20&pv=1&ga_vid=944942953.1628396245&ga_sid=1628396245&ga_hid=103979608&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=241&ady=1001&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=134659250060835&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Ss3YDnuUNp&p=https%3A//au.bfn.today&dtd=119
Frame ID: 3F48F39F30C99B9E0768995E15EC4917
Requests: 11 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2FBFN-Today-AU-2239263149723466%2F&width=99&layout=button_count&action=like&size=small&show_faces=false&share=false&height=65&appId=2002365043406460
Frame ID: 3D59625EF23D28A97A4001D2E6B9CF53
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0470186311324088&output=html&h=280&slotname=4257322551&adk=3469156498&adf=224658131&pi=t.ma~as.4257322551&w=338&fwrn=4&fwrnh=100&lmt=1628396245&rafmt=1&psa=0&format=338x280&url=https%3A%2F%2Fau.bfn.today%2Flogin.php&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628396244967&bpp=1&bdt=250&idt=111&shv=r20210803&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x280%2C338x280&nras=1&correlator=4528665380350&frm=20&pv=1&ga_vid=944942953.1628396245&ga_sid=1628396245&ga_hid=103979608&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=241&ady=2884&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=134659250060835&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=rq8lDUc4xY&p=https%3A//au.bfn.today&dtd=113
Frame ID: 97B995C4387DC9124BCEDEC7AF73E49E
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Fau.bfn.today
Frame ID: 9E175CC20BD1963DCD8828EFEF7CD31E
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: C9E544C4B37F9B0EA580E76ED4305933
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Y_O2WQQ68U2CiOGiM48gS2ev59GvBpIPMT_iTLKbJ0M.js
Frame ID: 9848CCDBBEF5D4413F825B5136582D53
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 728D4DDA96D426691B1AF5A59EBF9FD8
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Y_O2WQQ68U2CiOGiM48gS2ev59GvBpIPMT_iTLKbJ0M.js
Frame ID: 85BA95BFF2D6E78CFFA58E5DA2ABCA3E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: A6F74C493B46D8956090C9CC7D0EC7A0
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B04985DC976877BCB5AAFD625312A628
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

AddToAny (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /addtoany\.com\/menu\/page\.js/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<script[^>]* src=[^>]+fontawesome(?:\.js)?/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /cdn\.jsdelivr\.net\/npm\/yandex-metrica-watch\/watch\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

121
Requests

100 %
HTTPS

83 %
IPv6

20
Domains

23
Subdomains

24
IPs

4
Countries

4443 kB
Transfer

6566 kB
Size

14
Cookies

38 Outgoing links

These are links going to different origins than the main page.

URL: https://ar.bfn.today/
Title: Argentina

Search URL Search Domain Scan URL

URL: https://at.bfn.today/
Title: Austria

Search URL Search Domain Scan URL

URL: https://br.bfn.today/
Title: Brazil

Search URL Search Domain Scan URL

URL: https://ca.bfn.today/
Title: Canada

Search URL Search Domain Scan URL

URL: https://deutschland.bfn.today/
Title: Germany

Search URL Search Domain Scan URL

URL: https://ie.bfn.today/
Title: Ireland

Search URL Search Domain Scan URL

URL: https://it.bfn.today/
Title: Italy

Search URL Search Domain Scan URL

URL: https://my.bfn.today/
Title: Malaysia

Search URL Search Domain Scan URL

URL: https://mx.bfn.today/
Title: Mexico

Search URL Search Domain Scan URL

URL: https://nz.bfn.today/
Title: New Zealand

Search URL Search Domain Scan URL

URL: https://pl.bfn.today/
Title: Poland

Search URL Search Domain Scan URL

URL: https://ru.bfn.today/
Title: Russian Federation

Search URL Search Domain Scan URL

URL: https://za.bfn.today/
Title: South Africa

Search URL Search Domain Scan URL

URL: https://ua.bfn.today/
Title: Ukraine

Search URL Search Domain Scan URL

URL: https://bfn.today/
Title: United Kingdom

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/share#url=https%3A%2F%2Fau.bfn.today%2Fdavid-white-st_19370%2Fnews%2Flad-sells-his-startup-project-for-400-million-saying-this-is-where-the-finan-sn_117893%2F&title=Lad%20Sells%20His%20Startup%20Project%20For%20%26pound%3B400%20Million%2C%20Saying%20%5C%22This%20is%20Where%20the%20Financial%20Markets%20Future%5C%22
Title:

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/share#url=https%3A%2F%2Fau.bfn.today%2Fdumb-money-earnings-st_269252%2Fnews%2Fthree-friends-turned-30000-to-3000000-by-investing-wisely-in-the-stock-mark-sn_2067367%2F&title=Three%20friends%20turned%20%2430%2C000%20to%20%243%2C000%2C000%20by%20investing%20wisely%20in%20the%20stock%20market.
Title:

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/share#url=https%3A%2F%2Fau.bfn.today%2Fde-conti-woman-quits-9-to-st_18827%2Fnews%2Fwoman-quits-9-to-5-job-and-now-earns-six-figures-sn_114780%2F&title=Woman%20Quits%209-to-5%20Job%20and%20Now%20Earns%20Six%20Figures
Title:

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/share#url=https%3A%2F%2Fau.bfn.today%2Fbangladesh-vs-australia-st_306471%2Fnews%2Fban-vs-aus-1st-t20i-live-watch-bangladesh-vs-australia-live-streaming-sn_2409664%2F&title=BAN%20vs%20AUS%201st%20T20I%20LIVE%3A%20Watch%20Bangladesh%20vs%20Australia%20live%20streaming
Title:

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/share#url=https%3A%2F%2Fau.bfn.today%2Fcbd-st_208949%2Fnews%2Faustralias-worst-hit-covid-ghost-towns-sn_2416763%2F&title=Australia%26rsquo%3Bs%20worst-hit%20Covid%20ghost%20towns
Title:

Search URL Search Domain Scan URL

URL: https://www.youtube.com/embed/3UapS7dVLgk
Title:

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/share#url=https%3A%2F%2Fau.bfn.today%2Fcharlestown-square-st_307670%2Fvideos%2Fs7-ep-4-we-love-science-vax-chat-with-dr-norman-swan-sn_2422019%2F&title=S7%20Ep%204%20-%20We%20love%20science!%20Vax%20chat%20with%20Dr%20Norman%20Swan
Title:

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/share#url=https%3A%2F%2Fau.bfn.today%2Fkeegan-palmer-st_307180%2Fnews%2Faustralian-kieran-woolley-and-keegan-palmer-through-to-skateboarding-tokyo-olymp-sn_2416637%2F&title=Australian%20Kieran%20Woolley%20and%20Keegan%20Palmer%20through%20to%20skateboarding%20Tokyo%20Olympic%20final
Title:

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/share#url=https%3A%2F%2Fau.bfn.today%2Fblacksmiths-beach-st_307186%2Fnews%2Fgathering-at-blacksmith-beach-led-to-hunter-covid-19-outbreak-lockdown-sn_2416678%2F&title=Gathering%20at%20Blacksmith%20Beach%20led%20to%20Hunter%20Covid-19%20outbreak%2C%20lockdown
Title:

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/share#url=https%3A%2F%2Fau.bfn.today%2Fhigh-jump-olympics-st_305723%2Fnews%2Fto-jump-higher-vashti-cunningham-entrusted-an-nfl-quarterback-sn_2416687%2F&title=To%20Jump%20Higher%2C%20Vashti%20Cunningham%20Entrusted%20an%20N.F.L.%20Quarterback
Title:

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/share#url=https%3A%2F%2Fau.bfn.today%2Fabc-news-melbourne-st_171030%2Fnews%2Ftwo-extra-cases-as-battle-to-quash-cluster-continues-sn_2416693%2F&title=Two%20extra%20cases%20as%20battle%20to%20quash%20cluster%20continues
Title:

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/share#url=https%3A%2F%2Fau.bfn.today%2Fqld-lockdown-st_224945%2Fnews%2Fnrl-fights-to-resume-play-in-qld-lockdown-sn_2399226%2F&title=NRL%20fights%20to%20resume%20play%20in%20QLD%20lockdown
Title:

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/share#url=https%3A%2F%2Fau.bfn.today%2Fsonic-colors-st_306014%2Fnews%2Ffeature-zooming-through-sonic-colors-ultimate-and-getting-the-switch-lowdown-sn_2406076%2F&title=Feature%3A%20Zooming%20Through%20Sonic%20Colors%3A%20Ultimate%20And%20Getting%20The%20Switch%20Lowdown
Title:

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/share#url=https%3A%2F%2Fau.bfn.today%2Friley-day-st_305851%2Fnews%2Fshes-not-even-trying-cocky-athlete-slammed-sn_2406092%2F&title=%26lsquo%3BShe%26rsquo%3Bs%20not%20even%20trying%26rsquo%3B%3A%20Cocky%20athlete%20slammed
Title:

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/share#url=https%3A%2F%2Fau.bfn.today%2Fsydney-mclaughlin-st_305990%2Fnews%2Fdalilah-muhammad-sydney-mclaughlin-anna-cockrell-chase-gold-in-400-hurdles-sn_2406119%2F&title=Dalilah%20Muhammad%2C%20Sydney%20McLaughlin%2C%20Anna%20Cockrell%20chase%20gold%20in%20400%20hurdles
Title:

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/share#url=https%3A%2F%2Fau.bfn.today%2Fopals-st_304683%2Fnews%2Fusa-next-after-opals-miracle-games-escape-sn_2406193%2F&title=USA%20next%20after%20Opals%27%20miracle%20Games%20escape
Title:

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/share#url=https%3A%2F%2Fau.bfn.today%2Flaurel-hubbard-st_301133%2Fnews%2Ftrans-weightlifter-laurel-hubbard-makes-olympic-history-live-updates-the-toky-sn_2406232%2F&title=Trans%20Weightlifter%20Laurel%20Hubbard%20Makes%20Olympic%20History%20%3A%20Live%20Updates%3A%20The%20Tokyo%20Olympics
Title:

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/share#url=https%3A%2F%2Fau.bfn.today%2Fmoulin-rouge-st_306035%2Fnews%2Fnatalie-mendoza-is-the-new-satine-in-broadways-moulin-rouge-sn_2406250%2F&title=Natalie%20Mendoza%20is%20the%20new%20Satine%20in%20Broadway%27s%20%27Moulin%20Rouge!%27
Title:

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/share#url=https%3A%2F%2Fau.bfn.today%2Fspc-st_307159%2Fnews%2Fspc-to-ban-unvaccinated-workers-from-sites-sn_2416560%2F&title=SPC%20to%20ban%20unvaccinated%20workers%20from%20sites
Title:

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/share#url=https%3A%2F%2Fau.bfn.today%2Fexposure-sites-melbourne-st_277825%2Fnews%2Fschool-cafes-pharmacy-and-supermarkets-added-as-list-of-melbournes-covid-19-e-sn_2416934%2F&title=School%2C%20cafes%2C%20pharmacy%20and%20supermarkets%20added%20as%20list%20of%20Melbourne%27s%20COVID-19%20exposure%20sites%20grows
Title:

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/share#url=https%3A%2F%2Fau.bfn.today%2Fsteeplechase-st_304445%2Fnews%2Fgregson-crashes-out-of-tokyo-steeplechase-sn_2419018%2F&title=Gregson%20crashes%20out%20of%20Tokyo%20steeplechase
Title:

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/
Title: AddToAny

Search URL Search Domain Scan URL

URL: https://www.liveinternet.ru/click

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 79

https://counter.yadro.ru/hit?t45.1;r;s1600*1200*24;uhttps%3A//au.bfn.today/login.php;hBFN%20AU;0.4262351709770602 HTTP 302
https://counter.yadro.ru/hit?q;t45.1;r;s1600*1200*24;uhttps%3A//au.bfn.today/login.php;hBFN%20AU;0.4262351709770602

Request Chain 82

https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fau.bfn.today%2Flogin.php&page-ref=&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aaldhbm6iwj27vyl3%3Afp%3A98%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A608%3Acn%3A2%3Adp%3A0%3Als%3A843511474907%3Ahid%3A819859848%3Az%3A120%3Ai%3A20210808061725%3Aet%3A1628396245%3Ac%3A1%3Arn%3A278132513%3Au%3A1628396245132290135%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1628396244700%3Ads%3A1%2C3%2C9%2C0%2C0%2C0%2C%2C374%2C1%2C%2C%2C%2C395%3Adsn%3A1%2C3%2C8%2C1%2C0%2C0%2C%2C376%2C0%2C%2C%2C%2C395%3Ati%3A2%3Ast%3A1628396245 HTTP 302
https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fau.bfn.today%2Flogin.php&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aaldhbm6iwj27vyl3%3Afp%3A98%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A608%3Acn%3A2%3Adp%3A0%3Als%3A843511474907%3Ahid%3A819859848%3Az%3A120%3Ai%3A20210808061725%3Aet%3A1628396245%3Ac%3A1%3Arn%3A278132513%3Au%3A1628396245132290135%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1628396244700%3Ads%3A1%2C3%2C9%2C0%2C0%2C0%2C%2C374%2C1%2C%2C%2C%2C395%3Adsn%3A1%2C3%2C8%2C1%2C0%2C0%2C%2C376%2C0%2C%2C%2C%2C395%3Ati%3A2%3Ast%3A1628396245

Request Chain 83

https://mc.yandex.ru/watch/48716129?wmode=7&page-url=https%3A%2F%2Fau.bfn.today%2Flogin.php&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aaldhbm6iwj27vyl3%3Afp%3A98%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A608%3Acn%3A1%3Adp%3A0%3Als%3A1274743523419%3Ahid%3A819859848%3Az%3A120%3Ai%3A20210808061725%3Aet%3A1628396245%3Ac%3A1%3Arn%3A482194493%3Au%3A1628396245132290135%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1628396244700%3Ads%3A1%2C3%2C9%2C0%2C0%2C0%2C%2C374%2C1%2C%2C%2C%2C395%3Adsn%3A1%2C3%2C8%2C1%2C0%2C0%2C%2C376%2C0%2C%2C%2C%2C395%3Arqnl%3A1%3Ati%3A2%3Ast%3A1628396245%3At%3ABFN%20AU HTTP 302
https://mc.yandex.ru/watch/48716129/1?wmode=7&page-url=https%3A%2F%2Fau.bfn.today%2Flogin.php&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aaldhbm6iwj27vyl3%3Afp%3A98%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A608%3Acn%3A1%3Adp%3A0%3Als%3A1274743523419%3Ahid%3A819859848%3Az%3A120%3Ai%3A20210808061725%3Aet%3A1628396245%3Ac%3A1%3Arn%3A482194493%3Au%3A1628396245132290135%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1628396244700%3Ads%3A1%2C3%2C9%2C0%2C0%2C0%2C%2C374%2C1%2C%2C%2C%2C395%3Adsn%3A1%2C3%2C8%2C1%2C0%2C0%2C%2C376%2C0%2C%2C%2C%2C395%3Arqnl%3A1%3Ati%3A2%3Ast%3A1628396245%3At%3ABFN%20AU

Request Chain 96

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 98

https://mc.webvisor.org/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=9358.K4BPEG9RR7OF1K_jXmsDX69zSldgxsi5-VbzJzMBX0Rn6rqDj6bSPohyUwtXqEbZ.yiVBblQ7Px54fyxf4xZELXxCryM%2C HTTP 302
https://mc.webvisor.org/sync_cookie_image_decide?token=9358.Bj0TddL8W1G2Cg36fJo-wI0_12XDKjTSSAut3sMAd7gczpaL-6FF1EeZ3jv_S-VJZzdoXL2o6UwzLUvbBjBZrI25C26OIjT1kjdpZB6BB9s%2C.8MZYQUg-cyH7QvE1A_fwkRuZDG4%2C

Request Chain 109

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

121 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 404 Primary Request login.php Show response
au.bfn.today/ 71 KB
14 KB 13ms
9ms Document
text/html 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://au.bfn.today/login.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 / PHP/5.6.40
Resource Hash: 35c17961d40aa82529f8177574f79eecd169b2a4f36c0c93d61295a0a6e8cc3e

Request headers

:method: GET
:authority: au.bfn.today
:scheme: https
:path: /login.php
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: nginx/1.14.2
date: Sun, 08 Aug 2021 04:17:24 GMT
content-type: text/html;charset=utf-8
x-powered-by: PHP/5.6.40
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
set-cookie: PHPSESSID=b488ef661ab6539dee7e259f4a72b377; path=/ ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%223e624355785db89a76d84ee02ed7caf9%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628396244%22%3B%7D89d8c5a1b771cb57d6a8a1e2651dd517; expires=Tue, 07-Sep-2021 04:17:24 GMT; Max-Age=2592000; path=/
content-encoding: gzip

GET
H2 200 adaptive.css
au.bfn.today/min/f=design/plugins/fancybox-master/dist/jquery.fancybox.min.css,design/css/smartbanner.css,design/primary/css/index.css,design/primary/css/ 48 KB
10 KB 8ms
7ms Stylesheet
text/css 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://au.bfn.today/min/f=design/plugins/fancybox-master/dist/jquery.fancybox.min.css,design/css/smartbanner.css,design/primary/css/index.css,design/primary/css/adaptive.css?v=1.21
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/login.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 / PHP/5.6.40
Resource Hash: 34aaf1f9c3b29aaa608bb9853159d7bb587833207a8b2ef32ec9740720d18370

Request headers

:path: /min/f=design/plugins/fancybox-master/dist/jquery.fancybox.min.css,design/css/smartbanner.css,design/primary/css/index.css,design/primary/css/adaptive.css?v=1.21
pragma: no-cache
cookie: PHPSESSID=b488ef661ab6539dee7e259f4a72b377; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%223e624355785db89a76d84ee02ed7caf9%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628396244%22%3B%7D89d8c5a1b771cb57d6a8a1e2651dd517
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: au.bfn.today
referer: https://au.bfn.today/login.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 04:17:24 GMT
content-encoding: gzip
last-modified: Tue, 03 Aug 2021 13:24:48 GMT
server: nginx/1.14.2
x-powered-by: PHP/5.6.40
etag: "pub1627997088;gz"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=2419200
content-length: 10329
expires: Sun, 05 Sep 2021 04:17:24 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 85 KB
30 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: au.bfn.today
URL: https://au.bfn.today/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 04:12:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 274
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30399
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 08 Aug 2022 04:12:50 GMT

GET
H2 200 all.js Show response
use.fontawesome.com/releases/v5.0.6/js/ 657 KB
237 KB 28ms
27ms Script
application/javascript 2606:4700:3037::6815:4e07
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.0.6/js/all.js
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/login.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b31afdfd23628d9fb1118e31841278653c4ef36a6d0970c002d43e49b5d1856

Request headers

Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 04:17:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2794197
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: XT8BZ5JZ20HTBG98
x-amz-id-2: V9jcuDY4CMm7hkP3yTilaVh2gS3kzIeyD6St0/dh9cou5+oYWlp4Wt1coeyrD8Z+dNmGGdfmrKc=
last-modified: Wed, 30 Jun 2021 15:27:50 GMT
server: cloudflare
etag: W/"44f077b456f3decb0d1b00769927c002"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Eh%2BqmbqiJQWN1tDNGbp5QRJOQd%2B4jrOEuxOp%2FggpILIq6HPs4DjSikHcxDALWkvWtn%2B%2Bqnl7JkgTZhI6b3u%2Bz39uDt%2BtmrsWuiVwWPPt5CLFEmsMJWznDm6iA9AZGARjqh%2Ff683nUPYa5sb229gecO0"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31556926
cf-ray: 67b5ef51a8e82bd2-FRA

GET
H2 200 page.js Show response
static.addtoany.com/menu/ 84 KB
29 KB 39ms
21ms Script
application/javascript 2606:4700:10::6816:46c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/page.js

Requested by

Host: au.bfn.today
URL: https://au.bfn.today/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f909a31bfd7a13b9dd53e98b5652f13f4782fdfd1653dc4befade7386c087371

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 04:17:24 GMT
via: e1s
x-content-type-options: nosniff
cf-cache-status: HIT
age: 164034
p3p: CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Fri, 14 May 2021 06:41:59 GMT
server: cloudflare
etag: W/"14f2c-5c2448a7281f2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=172800
cf-ray: 67b5ef519cbe324c-FRA
cf-bgj: minify

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 100 KB
40 KB 44ms
20ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-135917903-1

Requested by

Host: au.bfn.today
URL: https://au.bfn.today/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

095f2a581bbe2926cd974a2a0fc76f23ddcd16456f4a99b3d2b735c51768a5f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 04:17:24 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40791
x-xss-protection: 0
last-modified: Sun, 08 Aug 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 08 Aug 2021 04:17:24 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 137 KB
49 KB 49ms
22ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: au.bfn.today
URL: https://au.bfn.today/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c3518fe7d26d5247b173af463426cb2b3215abfa3848ca33d871055cc94b5be4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 04:17:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49445
x-xss-protection: 0
server: cafe
etag: 12364812339251644168
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 08 Aug 2021 04:17:24 GMT

GET
H2 200 logo.png
au.bfn.today/design/primary/img/ 12 KB
12 KB 7ms
1ms Image
image/png 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/design/primary/img/logo.png?v=1.01
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/login.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 41d7baf8ed24373755b92ec963767a6b46da0d71671b0a008e7c264c7c0ca265

Request headers

:path: /design/primary/img/logo.png?v=1.01
pragma: no-cache
cookie: PHPSESSID=b488ef661ab6539dee7e259f4a72b377; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%223e624355785db89a76d84ee02ed7caf9%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628396244%22%3B%7D89d8c5a1b771cb57d6a8a1e2651dd517
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/login.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 04:17:24 GMT
last-modified: Mon, 01 Jul 2019 10:48:30 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "5d19e4fe-2ffa"
content-length: 12282
content-type: image/png

GET
H2 200 logo_small.png
au.bfn.today/design/primary/img/ 4 KB
4 KB 8ms
2ms Image
image/png 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/design/primary/img/logo_small.png?v=1.02
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/login.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 152d98216f03e242b7e3a04fff301993bc1641f45047bd60ada846310373d6dd

Request headers

:path: /design/primary/img/logo_small.png?v=1.02
pragma: no-cache
cookie: PHPSESSID=b488ef661ab6539dee7e259f4a72b377; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%223e624355785db89a76d84ee02ed7caf9%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628396244%22%3B%7D89d8c5a1b771cb57d6a8a1e2651dd517
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/login.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 04:17:24 GMT
last-modified: Thu, 14 Mar 2019 19:17:00 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "5c8aa8ac-f3f"
content-length: 3903
content-type: image/png

GET
H2 200 au.png
au.bfn.today/design/img/flags/ 633 B
758 B 8ms
2ms Image
image/png 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/design/img/flags/au.png
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/login.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 986c1cdc1621183a0f1c82ba9f28e1625c4650c63cb1715aa82faad5d0f11957

Request headers

:path: /design/img/flags/au.png
pragma: no-cache
cookie: PHPSESSID=b488ef661ab6539dee7e259f4a72b377; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%223e624355785db89a76d84ee02ed7caf9%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628396244%22%3B%7D89d8c5a1b771cb57d6a8a1e2651dd517
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/login.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 04:17:24 GMT
last-modified: Thu, 14 Mar 2019 19:15:50 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "5c8aa866-279"
content-length: 633
content-type: image/png

GET
H2 200 ar.png
au.bfn.today/design/img/flags/ 420 B
545 B 8ms
2ms Image
image/png 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/design/img/flags/ar.png
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/login.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 23fabbf12a75744e81831d0bfe19afa8c0abde9aa18b881e6ded90dd94b4cd91

Request headers

:path: /design/img/flags/ar.png
pragma: no-cache
cookie: PHPSESSID=b488ef661ab6539dee7e259f4a72b377; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%223e624355785db89a76d84ee02ed7caf9%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628396244%22%3B%7D89d8c5a1b771cb57d6a8a1e2651dd517
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/login.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 04:17:24 GMT
last-modified: Thu, 14 Mar 2019 19:15:49 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "5c8aa865-1a4"
content-length: 420
content-type: image/png

GET
H2 200 at.png
au.bfn.today/design/img/flags/ 343 B
468 B 8ms
3ms Image
image/png 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/design/img/flags/at.png
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/login.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: fa008bc0375ff599d5a494903c009636b9f8d7db73a2688a505306796ffcaed4

Request headers

:path: /design/img/flags/at.png
pragma: no-cache
cookie: PHPSESSID=b488ef661ab6539dee7e259f4a72b377; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%223e624355785db89a76d84ee02ed7caf9%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628396244%22%3B%7D89d8c5a1b771cb57d6a8a1e2651dd517
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/login.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 04:17:24 GMT
last-modified: Thu, 14 Mar 2019 19:15:50 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "5c8aa866-157"
content-length: 343
content-type: image/png

GET
H2 200 br.png
au.bfn.today/design/img/flags/ 539 B
664 B 2ms
1ms Image
image/png 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/design/img/flags/br.png
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/login.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: b239fa444a062244fb154dae154e0ab8f00aa4809fade475335b5fd3abe1457c

Request headers

:path: /design/img/flags/br.png
pragma: no-cache
cookie: PHPSESSID=b488ef661ab6539dee7e259f4a72b377; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%223e624355785db89a76d84ee02ed7caf9%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628396244%22%3B%7D89d8c5a1b771cb57d6a8a1e2651dd517
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/login.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 04:17:24 GMT
last-modified: Thu, 14 Mar 2019 19:15:54 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "5c8aa86a-21b"
content-length: 539
content-type: image/png

GET
H2 200 ca.png
au.bfn.today/design/img/flags/ 524 B
649 B 2ms
1ms Image
image/png 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/design/img/flags/ca.png
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/login.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: d20ce04cb4a88574b9142b5b6676c88f2344e1db5f101ae05e7fec0ed339af80

Request headers

:path: /design/img/flags/ca.png
pragma: no-cache
cookie: PHPSESSID=b488ef661ab6539dee7e259f4a72b377; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%223e624355785db89a76d84ee02ed7caf9%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628396244%22%3B%7D89d8c5a1b771cb57d6a8a1e2651dd517
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/login.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 04:17:24 GMT
last-modified: Thu, 14 Mar 2019 19:15:55 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "5c8aa86b-20c"
content-length: 524
content-type: image/png

GET
H2 200 de.png
au.bfn.today/design/img/flags/ 417 B
542 B 3ms
1ms Image
image/png 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/design/img/flags/de.png
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/login.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 314ba53857ebd5ba7c33e631ca9eb4b88edb98c655ddffae974f8d5fbc8b4eda

Request headers

:path: /design/img/flags/de.png
pragma: no-cache
cookie: PHPSESSID=b488ef661ab6539dee7e259f4a72b377; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%223e624355785db89a76d84ee02ed7caf9%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628396244%22%3B%7D89d8c5a1b771cb57d6a8a1e2651dd517
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/login.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 04:17:24 GMT
last-modified: Thu, 14 Mar 2019 19:16:00 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "5c8aa870-1a1"
content-length: 417
content-type: image/png

GET
H2 200 ie.png
au.bfn.today/design/img/flags/ 386 B
511 B 3ms
2ms Image
image/png 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/design/img/flags/ie.png
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/login.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: a1a72cd21503126ff0e4b3106fb66e5b5d33eaa83a7780da687405f12768031f

Request headers

:path: /design/img/flags/ie.png
pragma: no-cache
cookie: PHPSESSID=b488ef661ab6539dee7e259f4a72b377; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%223e624355785db89a76d84ee02ed7caf9%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628396244%22%3B%7D89d8c5a1b771cb57d6a8a1e2651dd517
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/login.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 04:17:24 GMT
last-modified: Thu, 14 Mar 2019 19:16:11 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "5c8aa87b-182"
content-length: 386
content-type: image/png

GET
H2 200 it.png
au.bfn.today/design/img/flags/ 420 B
545 B 3ms
2ms Image
image/png 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/design/img/flags/it.png
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/login.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: c7992f57d67156f994a38c6bb4ec72fa57601a284558db5e065c02dc36ee9d8c

Request headers

:path: /design/img/flags/it.png
pragma: no-cache
cookie: PHPSESSID=b488ef661ab6539dee7e259f4a72b377; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%223e624355785db89a76d84ee02ed7caf9%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628396244%22%3B%7D89d8c5a1b771cb57d6a8a1e2651dd517
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/login.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 04:17:24 GMT
last-modified: Thu, 14 Mar 2019 19:16:13 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "5c8aa87d-1a4"
content-length: 420
content-type: image/png

GET
H2 200 my.png
au.bfn.today/design/img/flags/ 517 B
642 B 3ms
1ms Image
image/png 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/design/img/flags/my.png
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/login.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 6b2c347351c3b51bdc6136d1cf11764413ef2fe2529d2d82a3da55c9ceb1cf76

Request headers

:path: /design/img/flags/my.png
pragma: no-cache
cookie: PHPSESSID=b488ef661ab6539dee7e259f4a72b377; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%223e624355785db89a76d84ee02ed7caf9%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628396244%22%3B%7D89d8c5a1b771cb57d6a8a1e2651dd517
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/login.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 04:17:24 GMT
last-modified: Thu, 14 Mar 2019 19:16:23 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "5c8aa887-205"
content-length: 517
content-type: image/png

GET
H2 200 mx.png
au.bfn.today/design/img/flags/ 477 B
602 B 4ms
1ms Image
image/png 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/design/img/flags/mx.png
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/login.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: c710d436ff0d2b5ce5afb63dd23a3c4cdad16ef808a2e6ea96f922aa47f6d840

Request headers

:path: /design/img/flags/mx.png
pragma: no-cache
cookie: PHPSESSID=b488ef661ab6539dee7e259f4a72b377; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%223e624355785db89a76d84ee02ed7caf9%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628396244%22%3B%7D89d8c5a1b771cb57d6a8a1e2651dd517
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/login.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 04:17:24 GMT
last-modified: Thu, 14 Mar 2019 19:16:23 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "5c8aa887-1dd"
content-length: 477
content-type: image/png

GET
H2 200 nz.png
au.bfn.today/design/img/flags/ 582 B
707 B 4ms
2ms Image
image/png 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/design/img/flags/nz.png
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/login.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 4582bebc2e153edb91f7dc17790b7edb55c7a5a6457e47acb8a940b473197718

Request headers

:path: /design/img/flags/nz.png
pragma: no-cache
cookie: PHPSESSID=b488ef661ab6539dee7e259f4a72b377; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%223e624355785db89a76d84ee02ed7caf9%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628396244%22%3B%7D89d8c5a1b771cb57d6a8a1e2651dd517
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/login.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 04:17:24 GMT
last-modified: Thu, 14 Mar 2019 19:16:26 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "5c8aa88a-246"
content-length: 582
content-type: image/png

GET
H2 200 pl.png
au.bfn.today/design/img/flags/ 374 B
499 B 4ms
2ms Image
image/png 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/design/img/flags/pl.png
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/login.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 34f6a1822d880608e7124d2ea0e3da4cd9b3a3b3b7d18171b61031cedbe6e72f

Request headers

:path: /design/img/flags/pl.png
pragma: no-cache
cookie: PHPSESSID=b488ef661ab6539dee7e259f4a72b377; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%223e624355785db89a76d84ee02ed7caf9%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628396244%22%3B%7D89d8c5a1b771cb57d6a8a1e2651dd517
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/login.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 04:17:24 GMT
last-modified: Thu, 14 Mar 2019 19:16:28 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "5c8aa88c-176"
content-length: 374
content-type: image/png

GET
H2 200 ru.png
au.bfn.today/design/img/flags/ 352 B
477 B 4ms
2ms Image
image/png 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/design/img/flags/ru.png
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/login.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 2064d56b4bb858338851fa77654ad7e9cff3086086891ba607b256e723da96c2

Request headers

:path: /design/img/flags/ru.png
pragma: no-cache
cookie: PHPSESSID=b488ef661ab6539dee7e259f4a72b377; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%223e624355785db89a76d84ee02ed7caf9%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628396244%22%3B%7D89d8c5a1b771cb57d6a8a1e2651dd517
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/login.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 04:17:24 GMT
last-modified: Thu, 14 Mar 2019 19:16:31 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "5c8aa88f-160"
content-length: 352
content-type: image/png

GET
H2 200 za.png
au.bfn.today/design/img/flags/ 576 B
701 B 5ms
1ms Image
image/png 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/design/img/flags/za.png
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/login.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 8f30f9a1e6dc9fa20f73abab7a32bf933d7e8aa11d80fe872d8c1ce042e01347

Request headers

:path: /design/img/flags/za.png
pragma: no-cache
cookie: PHPSESSID=b488ef661ab6539dee7e259f4a72b377; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%223e624355785db89a76d84ee02ed7caf9%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628396244%22%3B%7D89d8c5a1b771cb57d6a8a1e2651dd517
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/login.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 04:17:24 GMT
last-modified: Thu, 14 Mar 2019 19:16:44 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "5c8aa89c-240"
content-length: 576
content-type: image/png

GET
H2 200 ua.png
au.bfn.today/design/img/flags/ 357 B
482 B 5ms
1ms Image
image/png 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/design/img/flags/ua.png
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/login.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 2988b24317a2d539b101e387e65d3732d9e22c0c84804e974fcf972c2a23823e

Request headers

:path: /design/img/flags/ua.png
pragma: no-cache
cookie: PHPSESSID=b488ef661ab6539dee7e259f4a72b377; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%223e624355785db89a76d84ee02ed7caf9%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628396244%22%3B%7D89d8c5a1b771cb57d6a8a1e2651dd517
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/login.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 04:17:24 GMT
last-modified: Thu, 14 Mar 2019 19:16:40 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "5c8aa898-165"
content-length: 357
content-type: image/png

GET
H2 200 gb.png
au.bfn.today/design/img/flags/ 582 B
707 B 6ms
1ms Image
image/png 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/design/img/flags/gb.png
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/login.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 0db4c24b216c9d565a156d1918b904c540e7773867869dcd1c02fa08c627f399

Request headers

:path: /design/img/flags/gb.png
pragma: no-cache
cookie: PHPSESSID=b488ef661ab6539dee7e259f4a72b377; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%223e624355785db89a76d84ee02ed7caf9%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628396244%22%3B%7D89d8c5a1b771cb57d6a8a1e2651dd517
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/login.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 04:17:24 GMT
last-modified: Thu, 14 Mar 2019 19:16:06 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "5c8aa876-246"
content-length: 582
content-type: image/png

GET
H2 200 3bfa813beb3970f099301fd665fcc1ca.jpg
au.bfn.today/uploads/news/1/117/8/ 174 KB
174 KB 6ms
2ms Image
image/jpeg 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/uploads/news/1/117/8/3bfa813beb3970f099301fd665fcc1ca.jpg
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/login.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 63df57246b007e3770872597cbc3b838b8b1ee4aad1f756242bf657d0b660958

Request headers

:path: /uploads/news/1/117/8/3bfa813beb3970f099301fd665fcc1ca.jpg
pragma: no-cache
cookie: PHPSESSID=b488ef661ab6539dee7e259f4a72b377; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%223e624355785db89a76d84ee02ed7caf9%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628396244%22%3B%7D89d8c5a1b771cb57d6a8a1e2651dd517
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/login.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 04:17:24 GMT
last-modified: Thu, 04 Jul 2019 11:09:00 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "5d1dde4c-2b643"
content-length: 177731
content-type: image/jpeg

GET
H2 200 c97626e4ad1407c77eb62b6136d2da6d.png
au.bfn.today/uploads/news/20/2067/3/ 943 KB
944 KB 7ms
1ms Image
image/png 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/uploads/news/20/2067/3/c97626e4ad1407c77eb62b6136d2da6d.png
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/login.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 6e44180b46820f87e76733eef016fe95ca8f7b7774622722403c71c033844538

Request headers

:path: /uploads/news/20/2067/3/c97626e4ad1407c77eb62b6136d2da6d.png
pragma: no-cache
cookie: PHPSESSID=b488ef661ab6539dee7e259f4a72b377; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%223e624355785db89a76d84ee02ed7caf9%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628396244%22%3B%7D89d8c5a1b771cb57d6a8a1e2651dd517
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/login.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 04:17:24 GMT
last-modified: Wed, 05 May 2021 13:49:00 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "6092a24c-ebcfa"
content-length: 965882
content-type: image/png

GET
H2 200 c6e4922e9a4f590126d8bf31bbc2e733.jpg
au.bfn.today/uploads/news/1/114/7/ 36 KB
36 KB 3ms
1ms Image
image/jpeg 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/uploads/news/1/114/7/c6e4922e9a4f590126d8bf31bbc2e733.jpg
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/login.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 6bee9a4fc66b06b3ff3fe68258d0e748c8793efd3e087f5a94a8a3fb2fa94a26

Request headers

:path: /uploads/news/1/114/7/c6e4922e9a4f590126d8bf31bbc2e733.jpg
pragma: no-cache
cookie: PHPSESSID=b488ef661ab6539dee7e259f4a72b377; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%223e624355785db89a76d84ee02ed7caf9%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628396244%22%3B%7D89d8c5a1b771cb57d6a8a1e2651dd517
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/login.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 04:17:24 GMT
last-modified: Wed, 03 Jul 2019 08:45:02 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "5d1c6b0e-8fa1"
content-length: 36769
content-type: image/jpeg

GET
H2 200 2409664-ban-vs-aus-1st-t20i-live-watch-bangladesh-vs-australia-live-streaming.jpg
au.bfn.today/uploads/news/24/2409/6/ 143 KB
144 KB 3ms
2ms Image
image/jpeg 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/uploads/news/24/2409/6/2409664-ban-vs-aus-1st-t20i-live-watch-bangladesh-vs-australia-live-streaming.jpg
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/login.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 5e43541c814eb861f601c6ad0cad0cc7417fd136c8ef271ff08e5e3c1bc96559

Request headers

:path: /uploads/news/24/2409/6/2409664-ban-vs-aus-1st-t20i-live-watch-bangladesh-vs-australia-live-streaming.jpg
pragma: no-cache
cookie: PHPSESSID=b488ef661ab6539dee7e259f4a72b377; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%223e624355785db89a76d84ee02ed7caf9%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628396244%22%3B%7D89d8c5a1b771cb57d6a8a1e2651dd517
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/login.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 04:17:24 GMT
last-modified: Tue, 03 Aug 2021 14:00:40 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "61094c08-23d3e"
content-length: 146750
content-type: image/jpeg

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/3UapS7dVLgk/ 15 KB
16 KB 41ms
20ms Image
image/jpeg 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/3UapS7dVLgk/hqdefault.jpg

Requested by

Host: au.bfn.today
URL: https://au.bfn.today/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d24740ca88c696e9119eaaba5f1d39e008bcef3481d5af17e62c39200646480

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 04:17:24 GMT
x-content-type-options: nosniff
server: sffe
age: 0
etag: "0"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15579
x-xss-protection: 0
expires: Sun, 08 Aug 2021 06:17:24 GMT

GET
H2 200 2416637-australian-kieran-woolley-and-keegan-palmer-through-to-skateboarding-tokyo-olymp.jpg
au.bfn.today/uploads/news/24/2416/6/ 102 KB
102 KB 2ms
1ms Image
image/jpeg 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/uploads/news/24/2416/6/2416637-australian-kieran-woolley-and-keegan-palmer-through-to-skateboarding-tokyo-olymp.jpg
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/login.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 8d4b0e99ae4b2eb119d1ff8c6e910bb69eeba149932a94304576813dbdad26b5

Request headers

:path: /uploads/news/24/2416/6/2416637-australian-kieran-woolley-and-keegan-palmer-through-to-skateboarding-tokyo-olymp.jpg
pragma: no-cache
cookie: PHPSESSID=b488ef661ab6539dee7e259f4a72b377; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%223e624355785db89a76d84ee02ed7caf9%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628396244%22%3B%7D89d8c5a1b771cb57d6a8a1e2651dd517
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/login.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 04:17:24 GMT
last-modified: Thu, 05 Aug 2021 05:00:11 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "610b705b-19805"
content-length: 104453
content-type: image/jpeg

GET
H2 200 2416678-gathering-at-blacksmith-beach-led-to-hunter-covid-19-outbreak-lockdown.jpg
au.bfn.today/uploads/news/24/2416/6/ 64 KB
64 KB 6ms
2ms Image
image/jpeg 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/uploads/news/24/2416/6/2416678-gathering-at-blacksmith-beach-led-to-hunter-covid-19-outbreak-lockdown.jpg
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/login.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 7b5f0e1e0b3e697d50dc7303d63507ecc541154d70ccdd78dd44a1ed497e743a

Request headers

:path: /uploads/news/24/2416/6/2416678-gathering-at-blacksmith-beach-led-to-hunter-covid-19-outbreak-lockdown.jpg
pragma: no-cache
cookie: PHPSESSID=b488ef661ab6539dee7e259f4a72b377; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%223e624355785db89a76d84ee02ed7caf9%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628396244%22%3B%7D89d8c5a1b771cb57d6a8a1e2651dd517
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/login.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 04:17:24 GMT
last-modified: Thu, 05 Aug 2021 05:00:25 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "610b7069-fe17"
content-length: 65047
content-type: image/jpeg

GET
H2 200 2416687-to-jump-higher-vashti-cunningham-entrusted-an-nfl-quarterback.jpg
au.bfn.today/uploads/news/24/2416/6/ 132 KB
133 KB 6ms
2ms Image
image/jpeg 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/uploads/news/24/2416/6/2416687-to-jump-higher-vashti-cunningham-entrusted-an-nfl-quarterback.jpg
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/login.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 31a2bdb33d1b6f64a9edf55363a3d9e5794f82ae522a520b17e30282cda916a5

Request headers

:path: /uploads/news/24/2416/6/2416687-to-jump-higher-vashti-cunningham-entrusted-an-nfl-quarterback.jpg
pragma: no-cache
cookie: PHPSESSID=b488ef661ab6539dee7e259f4a72b377; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%223e624355785db89a76d84ee02ed7caf9%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628396244%22%3B%7D89d8c5a1b771cb57d6a8a1e2651dd517
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/login.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 04:17:24 GMT
last-modified: Thu, 05 Aug 2021 05:00:30 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "610b706e-2113c"
content-length: 135484
content-type: image/jpeg

GET
H2 200 2399226-nrl-fights-to-resume-play-in-qld-lockdown.jpg
au.bfn.today/uploads/news/23/2399/2/ 39 KB
39 KB 6ms
2ms Image
image/jpeg 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/uploads/news/23/2399/2/2399226-nrl-fights-to-resume-play-in-qld-lockdown.jpg
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/login.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: a4146cae311b16750adb8700b648f9e172317bf25c0b1f62c6f743ae5ad034d9

Request headers

:path: /uploads/news/23/2399/2/2399226-nrl-fights-to-resume-play-in-qld-lockdown.jpg
pragma: no-cache
cookie: PHPSESSID=b488ef661ab6539dee7e259f4a72b377; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%223e624355785db89a76d84ee02ed7caf9%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628396244%22%3B%7D89d8c5a1b771cb57d6a8a1e2651dd517
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/login.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 04:17:24 GMT
last-modified: Sat, 31 Jul 2021 22:00:15 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "6105c7ef-9bc7"
content-length: 39879
content-type: image/jpeg

GET
H2 200 2406076-feature-zooming-through-sonic-colors-ultimate-and-getting-the-switch-lowdown.jpg
au.bfn.today/uploads/news/24/2406/0/ 154 KB
154 KB 6ms
2ms Image
image/jpeg 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/uploads/news/24/2406/0/2406076-feature-zooming-through-sonic-colors-ultimate-and-getting-the-switch-lowdown.jpg
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/login.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: ae80f17ba42f0792ad5c2952fd37b6aee9f41f81e08eabe0c9c3e29c09a5d051

Request headers

:path: /uploads/news/24/2406/0/2406076-feature-zooming-through-sonic-colors-ultimate-and-getting-the-switch-lowdown.jpg
pragma: no-cache
cookie: PHPSESSID=b488ef661ab6539dee7e259f4a72b377; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%223e624355785db89a76d84ee02ed7caf9%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628396244%22%3B%7D89d8c5a1b771cb57d6a8a1e2651dd517
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/login.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 04:17:24 GMT
last-modified: Mon, 02 Aug 2021 16:30:25 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "61081da1-26683"
content-length: 157315
content-type: image/jpeg

GET
H2 200 2406119-dalilah-muhammad-sydney-mclaughlin-anna-cockrell-chase-gold-in-400-hurdles.jpg
au.bfn.today/uploads/news/24/2406/1/ 230 KB
230 KB 6ms
3ms Image
image/jpeg 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/uploads/news/24/2406/1/2406119-dalilah-muhammad-sydney-mclaughlin-anna-cockrell-chase-gold-in-400-hurdles.jpg
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/login.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 2aa3cedbf968d1632c46f69203131f6f68872220afe5e97d814a59aa07583881

Request headers

:path: /uploads/news/24/2406/1/2406119-dalilah-muhammad-sydney-mclaughlin-anna-cockrell-chase-gold-in-400-hurdles.jpg
pragma: no-cache
cookie: PHPSESSID=b488ef661ab6539dee7e259f4a72b377; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%223e624355785db89a76d84ee02ed7caf9%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628396244%22%3B%7D89d8c5a1b771cb57d6a8a1e2651dd517
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/login.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 04:17:24 GMT
last-modified: Mon, 02 Aug 2021 17:00:17 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "610824a1-396f1"
content-length: 235249
content-type: image/jpeg

GET
H2 200 2406193-usa-next-after-opals-miracle-games-escape.jpg
au.bfn.today/uploads/news/24/2406/1/ 50 KB
50 KB 7ms
3ms Image
image/jpeg 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/uploads/news/24/2406/1/2406193-usa-next-after-opals-miracle-games-escape.jpg
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/login.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 5e45cd6deca1886a1881cc8138be178269cb51d0beb20dae39cdee63f9fc484b

Request headers

:path: /uploads/news/24/2406/1/2406193-usa-next-after-opals-miracle-games-escape.jpg
pragma: no-cache
cookie: PHPSESSID=b488ef661ab6539dee7e259f4a72b377; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%223e624355785db89a76d84ee02ed7caf9%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628396244%22%3B%7D89d8c5a1b771cb57d6a8a1e2651dd517
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/login.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 04:17:24 GMT
last-modified: Mon, 02 Aug 2021 17:00:45 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "610824bd-c624"
content-length: 50724
content-type: image/jpeg

GET
H2 200 2406232-trans-weightlifter-laurel-hubbard-makes-olympic-history-live-updates-the-toky.jpg
au.bfn.today/uploads/news/24/2406/2/ 446 KB
447 KB 7ms
3ms Image
image/jpeg 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/uploads/news/24/2406/2/2406232-trans-weightlifter-laurel-hubbard-makes-olympic-history-live-updates-the-toky.jpg
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/login.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 0c2ff75f5037ea15a95d1c8e1a502c388de7e8e7eb26831279d7ba4a06483976

Request headers

:path: /uploads/news/24/2406/2/2406232-trans-weightlifter-laurel-hubbard-makes-olympic-history-live-updates-the-toky.jpg
pragma: no-cache
cookie: PHPSESSID=b488ef661ab6539dee7e259f4a72b377; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%223e624355785db89a76d84ee02ed7caf9%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628396244%22%3B%7D89d8c5a1b771cb57d6a8a1e2651dd517
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/login.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 04:17:24 GMT
last-modified: Mon, 02 Aug 2021 17:20:07 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "61082947-6f824"
content-length: 456740
content-type: image/jpeg

GET
H2 200 2406250-natalie-mendoza-is-the-new-satine-in-broadways-moulin-rouge.jpg
au.bfn.today/uploads/news/24/2406/2/ 323 KB
324 KB 7ms
3ms Image
image/jpeg 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/uploads/news/24/2406/2/2406250-natalie-mendoza-is-the-new-satine-in-broadways-moulin-rouge.jpg
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/login.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 0b0e380bb37bba1d48139a735437a15307c51eb00486f56ab89b87f245c3dc98

Request headers

:path: /uploads/news/24/2406/2/2406250-natalie-mendoza-is-the-new-satine-in-broadways-moulin-rouge.jpg
pragma: no-cache
cookie: PHPSESSID=b488ef661ab6539dee7e259f4a72b377; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%223e624355785db89a76d84ee02ed7caf9%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628396244%22%3B%7D89d8c5a1b771cb57d6a8a1e2651dd517
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/login.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 04:17:24 GMT
last-modified: Mon, 02 Aug 2021 17:30:15 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "61082ba7-50c7e"
content-length: 330878
content-type: image/jpeg

GET
H2 200 2416560-spc-to-ban-unvaccinated-workers-from-sites.jpg
au.bfn.today/uploads/news/24/2416/5/ 48 KB
49 KB 7ms
3ms Image
image/jpeg 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/uploads/news/24/2416/5/2416560-spc-to-ban-unvaccinated-workers-from-sites.jpg
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/login.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 590f4572f26bece4653d7aa7cd6e6e9f9708926b1b369c455e5c74c57b429f13

Request headers

:path: /uploads/news/24/2416/5/2416560-spc-to-ban-unvaccinated-workers-from-sites.jpg
pragma: no-cache
cookie: PHPSESSID=b488ef661ab6539dee7e259f4a72b377; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%223e624355785db89a76d84ee02ed7caf9%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628396244%22%3B%7D89d8c5a1b771cb57d6a8a1e2651dd517
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/login.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 04:17:24 GMT
last-modified: Thu, 05 Aug 2021 04:20:06 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "610b66f6-c1a0"
content-length: 49568
content-type: image/jpeg

GET
H2 200 2416934-school-cafes-pharmacy-and-supermarkets-added-as-list-of-melbournes-covid-19-e.jpg
au.bfn.today/uploads/news/24/2416/9/ 135 KB
135 KB 7ms
3ms Image
image/jpeg 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/uploads/news/24/2416/9/2416934-school-cafes-pharmacy-and-supermarkets-added-as-list-of-melbournes-covid-19-e.jpg
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/login.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 520449d5cfcab131565980d6d6cedc3331b68af8368de1ca4f8045e8147b1ee4

Request headers

:path: /uploads/news/24/2416/9/2416934-school-cafes-pharmacy-and-supermarkets-added-as-list-of-melbournes-covid-19-e.jpg
pragma: no-cache
cookie: PHPSESSID=b488ef661ab6539dee7e259f4a72b377; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%223e624355785db89a76d84ee02ed7caf9%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628396244%22%3B%7D89d8c5a1b771cb57d6a8a1e2651dd517
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/login.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 04:17:24 GMT
last-modified: Thu, 05 Aug 2021 07:00:09 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "610b8c79-21c9f"
content-length: 138399
content-type: image/jpeg

GET
H2 200 2419018-gregson-crashes-out-of-tokyo-steeplechase.jpg
au.bfn.today/uploads/news/24/2419/0/ 59 KB
59 KB 7ms
3ms Image
image/jpeg 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/uploads/news/24/2419/0/2419018-gregson-crashes-out-of-tokyo-steeplechase.jpg
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/login.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 8c0202740466c34454bb3af272443ffdda271ef47ceb1652df246720c3647ed2

Request headers

:path: /uploads/news/24/2419/0/2419018-gregson-crashes-out-of-tokyo-steeplechase.jpg
pragma: no-cache
cookie: PHPSESSID=b488ef661ab6539dee7e259f4a72b377; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%223e624355785db89a76d84ee02ed7caf9%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628396244%22%3B%7D89d8c5a1b771cb57d6a8a1e2651dd517
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/login.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 04:17:24 GMT
last-modified: Thu, 05 Aug 2021 17:00:40 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "610c1938-ea74"
content-length: 60020
content-type: image/jpeg

GET
H2 403 /
au.bfn.today/uploads/trends/0/7/7/ 309 B
309 B 54ms
50ms Image
text/html 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/uploads/trends/0/7/7/
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/login.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 0d57f0a9657f619d6ede4e1f9380756756d36ba60356cacf80a525cdb3aa572d

Request headers

:path: /uploads/trends/0/7/7/
pragma: no-cache
cookie: PHPSESSID=b488ef661ab6539dee7e259f4a72b377; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%223e624355785db89a76d84ee02ed7caf9%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628396244%22%3B%7D89d8c5a1b771cb57d6a8a1e2651dd517
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/login.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 04:17:24 GMT
content-encoding: gzip
server: nginx/1.14.2
content-type: text/html; charset=iso-8859-1

GET
H2 200 10857-vaccine.jpg
au.bfn.today/uploads/trends/0/10/8/ 5 KB
5 KB 7ms
3ms Image
image/jpeg 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/uploads/trends/0/10/8/10857-vaccine.jpg
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/login.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: a09a5f7de84c68891cd6eb7f1a6b266f93bb1ee98792ce4b69e3faa22f715ee1

Request headers

:path: /uploads/trends/0/10/8/10857-vaccine.jpg
pragma: no-cache
cookie: PHPSESSID=b488ef661ab6539dee7e259f4a72b377; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%223e624355785db89a76d84ee02ed7caf9%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628396244%22%3B%7D89d8c5a1b771cb57d6a8a1e2651dd517
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/login.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 04:17:24 GMT
last-modified: Fri, 06 Aug 2021 08:30:14 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "610cf316-14c6"
content-length: 5318
content-type: image/jpeg

GET
H2 200 308486-trevor-moore.jpg
au.bfn.today/uploads/trends/3/308/4/ 3 KB
3 KB 7ms
4ms Image
image/jpeg 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/uploads/trends/3/308/4/308486-trevor-moore.jpg
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/login.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 8c4baaab9f660812dcffefcbcbb9f43906910515a8ddf6b0cecda74cd84bb567

Request headers

:path: /uploads/trends/3/308/4/308486-trevor-moore.jpg
pragma: no-cache
cookie: PHPSESSID=b488ef661ab6539dee7e259f4a72b377; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%223e624355785db89a76d84ee02ed7caf9%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628396244%22%3B%7D89d8c5a1b771cb57d6a8a1e2651dd517
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/login.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 04:17:24 GMT
last-modified: Sun, 08 Aug 2021 04:00:21 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "610f56d5-d3a"
content-length: 3386
content-type: image/jpeg

GET
H2 200 107737-basf.jpg
au.bfn.today/uploads/trends/1/107/7/ 8 KB
8 KB 7ms
4ms Image
image/jpeg 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/uploads/trends/1/107/7/107737-basf.jpg
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/login.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 3f2c6e91c7b9facb8b89ad01cc71438a61188e32827020f0ab6c6b3bc01b034a

Request headers

:path: /uploads/trends/1/107/7/107737-basf.jpg
pragma: no-cache
cookie: PHPSESSID=b488ef661ab6539dee7e259f4a72b377; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%223e624355785db89a76d84ee02ed7caf9%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628396244%22%3B%7D89d8c5a1b771cb57d6a8a1e2651dd517
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/login.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 04:17:24 GMT
last-modified: Sun, 08 Aug 2021 02:30:02 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "610f41aa-1e6d"
content-length: 7789
content-type: image/jpeg

GET
H2 200 11356-ultimate-fighting-championship.jpg
au.bfn.today/uploads/trends/0/11/3/ 5 KB
5 KB 7ms
4ms Image
image/jpeg 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/uploads/trends/0/11/3/11356-ultimate-fighting-championship.jpg
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/login.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: ef1b057953cb42e7bdc9c9eca22e03b0463ee466b517708f38e420d35467e2f3

Request headers

:path: /uploads/trends/0/11/3/11356-ultimate-fighting-championship.jpg
pragma: no-cache
cookie: PHPSESSID=b488ef661ab6539dee7e259f4a72b377; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%223e624355785db89a76d84ee02ed7caf9%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628396244%22%3B%7D89d8c5a1b771cb57d6a8a1e2651dd517
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/login.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 04:17:24 GMT
last-modified: Sun, 08 Aug 2021 02:30:15 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "610f41b7-1560"
content-length: 5472
content-type: image/jpeg

GET
H2 200 308472-matthijs-bchli.jpg
au.bfn.today/uploads/trends/3/308/4/ 7 KB
7 KB 7ms
4ms Image
image/jpeg 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/uploads/trends/3/308/4/308472-matthijs-bchli.jpg
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/login.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 28ab9ab0e976effb6d28e62f7b8f0048584ed5c71dd71a79e396c15f1130e348

Request headers

:path: /uploads/trends/3/308/4/308472-matthijs-bchli.jpg
pragma: no-cache
cookie: PHPSESSID=b488ef661ab6539dee7e259f4a72b377; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%223e624355785db89a76d84ee02ed7caf9%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628396244%22%3B%7D89d8c5a1b771cb57d6a8a1e2651dd517
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/login.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 04:17:24 GMT
last-modified: Sun, 08 Aug 2021 02:30:16 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "610f41b8-1a23"
content-length: 6691
content-type: image/jpeg

GET
H2 403 /
au.bfn.today/uploads/trends/3/308/4/ 311 B
311 B 53ms
50ms Image
text/html 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/uploads/trends/3/308/4/
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/login.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: a8eae2ef46d62abd031b6c93b2b55940f83f1c15ca9d5b53e89ddfe4599a51d6

Request headers

:path: /uploads/trends/3/308/4/
pragma: no-cache
cookie: PHPSESSID=b488ef661ab6539dee7e259f4a72b377; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%223e624355785db89a76d84ee02ed7caf9%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628396244%22%3B%7D89d8c5a1b771cb57d6a8a1e2651dd517
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/login.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 04:17:24 GMT
content-encoding: gzip
server: nginx/1.14.2
content-type: text/html; charset=iso-8859-1

GET
H2 200 184838-bd.jpg
au.bfn.today/uploads/trends/1/184/8/ 2 KB
2 KB 7ms
4ms Image
image/jpeg 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/uploads/trends/1/184/8/184838-bd.jpg
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/login.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 1b1564f4d458a56a7749e48bd4d6084e3e46ce640268e3e2bd58a14aa2fe6823

Request headers

:path: /uploads/trends/1/184/8/184838-bd.jpg
pragma: no-cache
cookie: PHPSESSID=b488ef661ab6539dee7e259f4a72b377; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%223e624355785db89a76d84ee02ed7caf9%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628396244%22%3B%7D89d8c5a1b771cb57d6a8a1e2651dd517
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/login.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 04:17:24 GMT
last-modified: Sun, 08 Aug 2021 01:30:12 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "610f33a4-977"
content-length: 2423
content-type: image/jpeg

GET
H2 200 95293-nike.jpg
au.bfn.today/uploads/trends/0/95/2/ 1 KB
1 KB 48ms
45ms Image
image/jpeg 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/uploads/trends/0/95/2/95293-nike.jpg
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/login.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 7a2b4fe1c167b64fdcdc34f62cdc139c1d9ba09bf07803e8579f9317114ac94a

Request headers

:path: /uploads/trends/0/95/2/95293-nike.jpg
pragma: no-cache
cookie: PHPSESSID=b488ef661ab6539dee7e259f4a72b377; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%223e624355785db89a76d84ee02ed7caf9%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628396244%22%3B%7D89d8c5a1b771cb57d6a8a1e2651dd517
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/login.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 04:17:24 GMT
last-modified: Sun, 08 Aug 2021 01:30:05 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "610f339d-45b"
content-length: 1115
content-type: image/jpeg

GET
H2 200 308476-cairns-covid-update.jpg
au.bfn.today/uploads/trends/3/308/4/ 3 KB
3 KB 48ms
45ms Image
image/jpeg 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/uploads/trends/3/308/4/308476-cairns-covid-update.jpg
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/login.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 504016cec91554da90714b12d6518461d247b68f8f13263a8112f7106474850f

Request headers

:path: /uploads/trends/3/308/4/308476-cairns-covid-update.jpg
pragma: no-cache
cookie: PHPSESSID=b488ef661ab6539dee7e259f4a72b377; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%223e624355785db89a76d84ee02ed7caf9%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628396244%22%3B%7D89d8c5a1b771cb57d6a8a1e2651dd517
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/login.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 04:17:24 GMT
last-modified: Sun, 08 Aug 2021 03:00:22 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "610f48c6-b31"
content-length: 2865
content-type: image/jpeg

GET
H2 200 308474-keirin-olympics.jpg
au.bfn.today/uploads/trends/3/308/4/ 3 KB
4 KB 48ms
45ms Image
image/jpeg 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/uploads/trends/3/308/4/308474-keirin-olympics.jpg
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/login.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 1ae11c4dfcb3fd081e36fce3b8aab9834129f259e7174909c4a0edcd3b3245a4

Request headers

:path: /uploads/trends/3/308/4/308474-keirin-olympics.jpg
pragma: no-cache
cookie: PHPSESSID=b488ef661ab6539dee7e259f4a72b377; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%223e624355785db89a76d84ee02ed7caf9%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628396244%22%3B%7D89d8c5a1b771cb57d6a8a1e2651dd517
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/login.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 04:17:24 GMT
last-modified: Sun, 08 Aug 2021 03:00:20 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "610f48c4-d94"
content-length: 3476
content-type: image/jpeg

GET
H2 200 308466-closing-ceremony.jpg
au.bfn.today/uploads/trends/3/308/4/ 3 KB
3 KB 49ms
45ms Image
image/jpeg 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/uploads/trends/3/308/4/308466-closing-ceremony.jpg
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/login.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 5c69499aa3566188b5a56b582f49b3ef8f6ff3118f86b733dddd3a313f3be982

Request headers

:path: /uploads/trends/3/308/4/308466-closing-ceremony.jpg
pragma: no-cache
cookie: PHPSESSID=b488ef661ab6539dee7e259f4a72b377; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%223e624355785db89a76d84ee02ed7caf9%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628396244%22%3B%7D89d8c5a1b771cb57d6a8a1e2651dd517
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/login.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 04:17:24 GMT
last-modified: Sun, 08 Aug 2021 02:00:37 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "610f3ac5-c68"
content-length: 3176
content-type: image/jpeg

GET
H2 200 298183-qld-covid-restrictions-today.jpg
au.bfn.today/uploads/trends/2/298/1/ 3 KB
3 KB 49ms
45ms Image
image/jpeg 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/uploads/trends/2/298/1/298183-qld-covid-restrictions-today.jpg
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/login.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: d9f4a34c7f1e4bdb5b40409b61b6f1b725be779e52f008b9cfc13ce353aaa913

Request headers

:path: /uploads/trends/2/298/1/298183-qld-covid-restrictions-today.jpg
pragma: no-cache
cookie: PHPSESSID=b488ef661ab6539dee7e259f4a72b377; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%223e624355785db89a76d84ee02ed7caf9%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628396244%22%3B%7D89d8c5a1b771cb57d6a8a1e2651dd517
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/login.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 04:17:24 GMT
last-modified: Sun, 08 Aug 2021 04:00:06 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "610f56c6-af3"
content-length: 2803
content-type: image/jpeg

GET
H2 200 16305-marketing.jpg
au.bfn.today/uploads/trends/0/16/3/ 7 KB
7 KB 49ms
46ms Image
image/jpeg 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/uploads/trends/0/16/3/16305-marketing.jpg
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/login.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 76f9a583f4c72d18423d3787d373e838225e0ffe935640f6ca38c6b789445c6e

Request headers

:path: /uploads/trends/0/16/3/16305-marketing.jpg
pragma: no-cache
cookie: PHPSESSID=b488ef661ab6539dee7e259f4a72b377; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%223e624355785db89a76d84ee02ed7caf9%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628396244%22%3B%7D89d8c5a1b771cb57d6a8a1e2651dd517
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/login.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 04:17:24 GMT
last-modified: Sat, 07 Aug 2021 20:30:03 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "610eed4b-1c52"
content-length: 7250
content-type: image/jpeg

GET
H2 200 8657-big-brother.jpg
au.bfn.today/uploads/trends/0/8/6/ 6 KB
6 KB 49ms
46ms Image
image/jpeg 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/uploads/trends/0/8/6/8657-big-brother.jpg
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/login.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 1846e004a44f8bd2db11fe13b5ddc2ed24e74443f7f23b10be38fc248c2cf448

Request headers

:path: /uploads/trends/0/8/6/8657-big-brother.jpg
pragma: no-cache
cookie: PHPSESSID=b488ef661ab6539dee7e259f4a72b377; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%223e624355785db89a76d84ee02ed7caf9%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628396244%22%3B%7D89d8c5a1b771cb57d6a8a1e2651dd517
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/login.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 04:17:24 GMT
last-modified: Sun, 08 Aug 2021 00:30:30 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "610f25a6-1814"
content-length: 6164
content-type: image/jpeg

GET
H2 200 282009-lisa-banes.jpg
au.bfn.today/uploads/trends/2/282/0/ 4 KB
4 KB 49ms
46ms Image
image/jpeg 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/uploads/trends/2/282/0/282009-lisa-banes.jpg
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/login.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 1e30f68d31283c591363bb56cf808b5bb98677757488f040ded2d93f7098e0eb

Request headers

:path: /uploads/trends/2/282/0/282009-lisa-banes.jpg
pragma: no-cache
cookie: PHPSESSID=b488ef661ab6539dee7e259f4a72b377; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%223e624355785db89a76d84ee02ed7caf9%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628396244%22%3B%7D89d8c5a1b771cb57d6a8a1e2651dd517
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/login.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 04:17:24 GMT
last-modified: Sun, 08 Aug 2021 00:30:14 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "610f2596-f8d"
content-length: 3981
content-type: image/jpeg

GET
H2 200 155099-virtual-private-server.jpg
au.bfn.today/uploads/trends/1/155/0/ 5 KB
5 KB 50ms
46ms Image
image/jpeg 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/uploads/trends/1/155/0/155099-virtual-private-server.jpg
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/login.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: e94e9f5cd5e4049747dbb0cd72169a3a2a9e18daf8d865861720f59596e90e0d

Request headers

:path: /uploads/trends/1/155/0/155099-virtual-private-server.jpg
pragma: no-cache
cookie: PHPSESSID=b488ef661ab6539dee7e259f4a72b377; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%223e624355785db89a76d84ee02ed7caf9%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628396244%22%3B%7D89d8c5a1b771cb57d6a8a1e2651dd517
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/login.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 04:17:24 GMT
last-modified: Tue, 11 May 2021 22:30:13 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "609b0575-12af"
content-length: 4783
content-type: image/jpeg

GET
H2 200 19673-britney-spears.jpg
au.bfn.today/uploads/trends/0/19/6/ 4 KB
4 KB 50ms
47ms Image
image/jpeg 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/uploads/trends/0/19/6/19673-britney-spears.jpg
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/login.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 9c96f7dc0fec763693f577748aa3ae37e3b9dc5971d498874d1f57b7142fb6e5

Request headers

:path: /uploads/trends/0/19/6/19673-britney-spears.jpg
pragma: no-cache
cookie: PHPSESSID=b488ef661ab6539dee7e259f4a72b377; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%223e624355785db89a76d84ee02ed7caf9%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628396244%22%3B%7D89d8c5a1b771cb57d6a8a1e2651dd517
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/login.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 04:17:24 GMT
last-modified: Sun, 08 Aug 2021 00:30:12 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "610f2594-1080"
content-length: 4224
content-type: image/jpeg

GET
H2 200 296595-ufc-265.jpg
au.bfn.today/uploads/trends/2/296/5/ 3 KB
3 KB 50ms
47ms Image
image/jpeg 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/uploads/trends/2/296/5/296595-ufc-265.jpg
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/login.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 442e9e8a82938ff2b339e283cc8dce7f5a74476687e8a5fe944d15bf8e1de277

Request headers

:path: /uploads/trends/2/296/5/296595-ufc-265.jpg
pragma: no-cache
cookie: PHPSESSID=b488ef661ab6539dee7e259f4a72b377; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%223e624355785db89a76d84ee02ed7caf9%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628396244%22%3B%7D89d8c5a1b771cb57d6a8a1e2651dd517
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/login.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 04:17:24 GMT
last-modified: Sun, 08 Aug 2021 01:00:07 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "610f2c97-c50"
content-length: 3152
content-type: image/jpeg

GET
H2 200 14717-chemical-industry.jpg
au.bfn.today/uploads/trends/0/14/7/ 5 KB
5 KB 50ms
47ms Image
image/jpeg 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/uploads/trends/0/14/7/14717-chemical-industry.jpg
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/login.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 2a162ed1013f416a73c6f8c4b845db9036e34b9d42b6b6c3e20970513231628f

Request headers

:path: /uploads/trends/0/14/7/14717-chemical-industry.jpg
pragma: no-cache
cookie: PHPSESSID=b488ef661ab6539dee7e259f4a72b377; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%223e624355785db89a76d84ee02ed7caf9%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628396244%22%3B%7D89d8c5a1b771cb57d6a8a1e2651dd517
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/login.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 04:17:24 GMT
last-modified: Thu, 05 Aug 2021 11:30:07 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "610bcbbf-14c8"
content-length: 5320
content-type: image/jpeg

GET
H2 200 index.js Show response
au.bfn.today/min/f=design/js/Waterfall.js,design/js/jquery.cookie.js,design/js/jquery.base64.min.js,design/js/jquery.smartbanner.js,design/plugins/jquery.scrollTo.min.js,design/plugins/fancybox-mas... 87 KB
28 KB 4ms
4ms Script
application/x-javascript 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://au.bfn.today/min/f=design/js/Waterfall.js,design/js/jquery.cookie.js,design/js/jquery.base64.min.js,design/js/jquery.smartbanner.js,design/plugins/jquery.scrollTo.min.js,design/plugins/fancybox-master/dist/jquery.fancybox.min.js,design/plugins/cookie-popup/src/stick-to-me.js,design/primary/js/index.js?v=1.09
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/login.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 / PHP/5.6.40
Resource Hash: 2a27a5c3b2c3554687cc386063e64ad7b7eaae09018eecebbaedd325c5c9da5e

Request headers

:path: /min/f=design/js/Waterfall.js,design/js/jquery.cookie.js,design/js/jquery.base64.min.js,design/js/jquery.smartbanner.js,design/plugins/jquery.scrollTo.min.js,design/plugins/fancybox-master/dist/jquery.fancybox.min.js,design/plugins/cookie-popup/src/stick-to-me.js,design/primary/js/index.js?v=1.09
pragma: no-cache
cookie: PHPSESSID=b488ef661ab6539dee7e259f4a72b377; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%223e624355785db89a76d84ee02ed7caf9%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628396244%22%3B%7D89d8c5a1b771cb57d6a8a1e2651dd517
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: au.bfn.today
referer: https://au.bfn.today/login.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 04:17:24 GMT
content-encoding: gzip
last-modified: Tue, 03 Aug 2021 13:28:57 GMT
server: nginx/1.14.2
x-powered-by: PHP/5.6.40
etag: "pub1627997337;gz"
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=2419200
content-length: 28649
expires: Sun, 05 Sep 2021 04:17:24 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 28ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/login.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/668B) /
Resource Hash: 8db61f95a8f3554830efc6c3942b7322efef09b9d7f0cbfe32135e0fac106d18

Request headers

Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 08 Aug 2021 04:17:24 GMT
Content-Encoding: gzip
Last-Modified: Mon, 02 Aug 2021 20:34:57 GMT
Server: ECS (frb/668B)
Age: 377
Etag: "d405b816322f9770c70cbd10cfa87be4+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 28872

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 85 KB
34 KB 21ms
18ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K8BZGXP

Requested by

Host: au.bfn.today
URL: https://au.bfn.today/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3af55338987d4ba359c2c435f1222e9f32e95525fdd7d908600aeefa910cc0b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 04:17:24 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34803
x-xss-protection: 0
last-modified: Sun, 08 Aug 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 08 Aug 2021 04:17:24 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108060101/ 250 KB
93 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-0470186311324088&plah=au.bfn.today

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c5303654cc8d7ed7a303810a0b1b509e38592eec7411fcfef8e847e8140dca7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 04:17:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95446
x-xss-protection: 0
server: cafe
etag: 390643862346785813
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 08 Aug 2021 04:17:24 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210803/r20190131/ Frame F768 10 KB
5 KB 26ms
6ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210803/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d5f3085127d154cbd72e219052312767d460633fafa6e38bb9a9446ddb03a270

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210803/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://au.bfn.today/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://au.bfn.today/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 07 Aug 2021 19:31:05 GMT
expires: Sat, 21 Aug 2021 19:31:05 GMT
content-type: text/html; charset=UTF-8
etag: 8999110079160743657
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4576
x-xss-protection: 0
age: 31579
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 21ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: au.bfn.today
URL: https://au.bfn.today/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c4243f7f5aa95631ca62fab376c3804859e808b66d373d07270872d23b8b081b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25944
x-xss-protection: 0
pragma: public
x-fb-debug: 4GrK9S0WN69lcEjoXI0XeGbUH6U+cs1lhzhAlk1B8fbOl60DzXfI5R+UjBKlCN6DMfW8YY+5V78nGpgGceFkyw==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
date: Sun, 08 Aug 2021 04:17:24 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-135917903-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 18:24:06 GMT
server: Golfe2
age: 2450
date: Sun, 08 Aug 2021 03:36:34 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19672
expires: Sun, 08 Aug 2021 05:36:34 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 199 B
656 B 39ms
16ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=au.bfn.today&callback=_gfp_s_&client=ca-pub-0470186311324088

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-0470186311324088&plah=au.bfn.today

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

2bb66f0be73fd555913257dd28f51a83b7fb54db664e7c5413c20e932d782386

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 04:17:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 191
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 34ms
14ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=au.bfn.today

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 08 Aug 2021 04:17:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 34ms
14ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=au.bfn.today

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 08 Aug 2021 04:17:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2ED3 9 KB
4 KB 411ms
397ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0470186311324088&output=html&adk=1812271804&adf=3025194257&lmt=1628396245&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fau.bfn.today%2Flogin.php&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628396244902&bpp=2&bdt=186&idt=89&shv=r20210803&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4528665380350&frm=20&pv=2&ga_vid=944942953.1628396245&ga_sid=1628396245&ga_hid=103979608&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=134659250060835&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=105

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4631394557c95f0965f6e50ccd594c8c5403e54d9c96f9e83f6933df4ee94bce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-0470186311324088&output=html&adk=1812271804&adf=3025194257&lmt=1628396245&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fau.bfn.today%2Flogin.php&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628396244902&bpp=2&bdt=186&idt=89&shv=r20210803&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4528665380350&frm=20&pv=2&ga_vid=944942953.1628396245&ga_sid=1628396245&ga_hid=103979608&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=134659250060835&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=105
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://au.bfn.today/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://au.bfn.today/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 08 Aug 2021 04:17:25 GMT
server: cafe
content-length: 4017
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 08-Aug-2021 04:32:25 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 08 Aug 2021 04:17:25 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 34ms
14ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b68bad79742705a9e7a436733a8fd2278f9923f48fc304ce9aecd97205ad642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 04:17:25 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628249289658065"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28112
x-xss-protection: 0
expires: Sun, 08 Aug 2021 04:17:25 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7493 57 KB
22 KB 548ms
543ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0470186311324088&output=html&h=280&slotname=2242651231&adk=4104189485&adf=3530750019&pi=t.ma~as.2242651231&w=750&fwrn=4&fwrnh=100&lmt=1628396245&rafmt=1&psa=0&format=750x280&url=https%3A%2F%2Fau.bfn.today%2Flogin.php&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628396244904&bpp=2&bdt=188&idt=109&shv=r20210803&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4528665380350&frm=20&pv=1&ga_vid=944942953.1628396245&ga_sid=1628396245&ga_hid=103979608&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=160&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=134659250060835&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=jAzvbc8O2q&p=https%3A//au.bfn.today&dtd=113

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d2e866bf454551d78d0fe9d4aa9a0afb7feec1a33581a186da0497c2d52fed43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-0470186311324088&output=html&h=280&slotname=2242651231&adk=4104189485&adf=3530750019&pi=t.ma~as.2242651231&w=750&fwrn=4&fwrnh=100&lmt=1628396245&rafmt=1&psa=0&format=750x280&url=https%3A%2F%2Fau.bfn.today%2Flogin.php&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628396244904&bpp=2&bdt=188&idt=109&shv=r20210803&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4528665380350&frm=20&pv=1&ga_vid=944942953.1628396245&ga_sid=1628396245&ga_hid=103979608&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=160&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=134659250060835&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=jAzvbc8O2q&p=https%3A//au.bfn.today&dtd=113
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://au.bfn.today/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://au.bfn.today/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 08 Aug 2021 04:17:25 GMT
server: cafe
content-length: 22707
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 08-Aug-2021 04:32:25 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 08 Aug 2021 04:17:25 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3F48 57 KB
22 KB 242ms
241ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0470186311324088&output=html&h=280&slotname=4257322551&adk=3469156498&adf=2973147585&pi=t.ma~as.4257322551&w=338&fwrn=4&fwrnh=100&lmt=1628396245&rafmt=1&psa=0&format=338x280&url=https%3A%2F%2Fau.bfn.today%2Flogin.php&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628396244906&bpp=1&bdt=190&idt=115&shv=r20210803&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x280&nras=1&correlator=4528665380350&frm=20&pv=1&ga_vid=944942953.1628396245&ga_sid=1628396245&ga_hid=103979608&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=241&ady=1001&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=134659250060835&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Ss3YDnuUNp&p=https%3A//au.bfn.today&dtd=119

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

416b931e23da7d61127010e7beb91e5b0d692fcc2a778157304006675b857f22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-0470186311324088&output=html&h=280&slotname=4257322551&adk=3469156498&adf=2973147585&pi=t.ma~as.4257322551&w=338&fwrn=4&fwrnh=100&lmt=1628396245&rafmt=1&psa=0&format=338x280&url=https%3A%2F%2Fau.bfn.today%2Flogin.php&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628396244906&bpp=1&bdt=190&idt=115&shv=r20210803&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x280&nras=1&correlator=4528665380350&frm=20&pv=1&ga_vid=944942953.1628396245&ga_sid=1628396245&ga_hid=103979608&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=241&ady=1001&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=134659250060835&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Ss3YDnuUNp&p=https%3A//au.bfn.today&dtd=119
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://au.bfn.today/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://au.bfn.today/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 08 Aug 2021 04:17:25 GMT
server: cafe
content-length: 22710
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 08-Aug-2021 04:32:25 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 08 Aug 2021 04:17:25 GMT
cache-control: private

GET
H2 200 like.php Show response
www.facebook.com/plugins/ Frame 3D59 0
883 B 39ms
25ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2FBFN-Today-AU-2239263149723466%2F&width=99&layout=button_count&action=like&size=small&show_faces=false&share=false&height=65&appId=2002365043406460

Requested by

Host: au.bfn.today
URL: https://au.bfn.today/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2FBFN-Today-AU-2239263149723466%2F&width=99&layout=button_count&action=like&size=small&show_faces=false&share=false&height=65&appId=2002365043406460
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://au.bfn.today/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://au.bfn.today/

Response headers

content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: 2ftnAxeZm7/urg3VpxFvoFp+oyM3bX4JyKtEd2uyPN9GFH/aTuXL43WJXMUElVF3Q7etvPuGEquElzsKRh3KdA==
content-length: 0
date: Sun, 08 Aug 2021 04:17:25 GMT
priority: u=3,i
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H3-29 200 2018959031732779 Show response
connect.facebook.net/signals/config/ 253 KB
72 KB 148ms
142ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2018959031732779?v=2.9.44&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

01e112992c9c8e05b9c0c86c6fb48a63017e8f448dad4a55c66e599c24afb3dc

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: pRNhBCbX71Ho+0tk8MAL2aDGAaOr2LYfHVH3J3PMvvDPAeeH7IKt5Q7K0DRd4BpCWtATAka+LFJ+QDbDKPeUKA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 08 Aug 2021 04:17:25 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 27ms
13ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&a=103979608&t=pageview&_s=1&dl=https%3A%2F%2Fau.bfn.today%2Flogin.php&ul=en-us&de=UTF-8&dt=BFN%20AU&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=1686675311&gjid=275406067&cid=944942953.1628396245&tid=UA-135917903-1&_gid=119458773.1628396245&_r=1&gtm=2ou840&z=655842035

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 08 Aug 2021 04:17:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://au.bfn.today
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 97B9 436 B
234 B 467ms
467ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0470186311324088&output=html&h=280&slotname=4257322551&adk=3469156498&adf=224658131&pi=t.ma~as.4257322551&w=338&fwrn=4&fwrnh=100&lmt=1628396245&rafmt=1&psa=0&format=338x280&url=https%3A%2F%2Fau.bfn.today%2Flogin.php&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628396244967&bpp=1&bdt=250&idt=111&shv=r20210803&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x280%2C338x280&nras=1&correlator=4528665380350&frm=20&pv=1&ga_vid=944942953.1628396245&ga_sid=1628396245&ga_hid=103979608&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=241&ady=2884&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=134659250060835&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=rq8lDUc4xY&p=https%3A//au.bfn.today&dtd=113

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a21ae0cdae18fb0bc8777dc3d7f2d00a64af7fc3d40545856b139ee63092edb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-0470186311324088&output=html&h=280&slotname=4257322551&adk=3469156498&adf=224658131&pi=t.ma~as.4257322551&w=338&fwrn=4&fwrnh=100&lmt=1628396245&rafmt=1&psa=0&format=338x280&url=https%3A%2F%2Fau.bfn.today%2Flogin.php&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628396244967&bpp=1&bdt=250&idt=111&shv=r20210803&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x280%2C338x280&nras=1&correlator=4528665380350&frm=20&pv=1&ga_vid=944942953.1628396245&ga_sid=1628396245&ga_hid=103979608&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=241&ady=2884&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=134659250060835&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=rq8lDUc4xY&p=https%3A//au.bfn.today&dtd=113
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://au.bfn.today/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://au.bfn.today/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 08 Aug 2021 04:17:25 GMT
server: cafe
content-length: 211
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 08-Aug-2021 04:32:25 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 08 Aug 2021 04:17:25 GMT
cache-control: private

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?t45.1;r;s1600*1200*24;uhttps%3A//au.bfn.today/login.php;hBFN%20AU;0.4262351709770602
https://counter.yadro.ru/hit?q;t45.1;r;s1600*1200*24;uhttps%3A//au.bfn.today/login.php;hBFN%20AU;0.4262351709770602

112 B
598 B

55ms
55ms

Image
image/gif

88.212.201.210
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t45.1;r;s1600*1200*24;uhttps%3A//au.bfn.today/login.php;hBFN%20AU;0.4262351709770602

Requested by

Host: au.bfn.today
URL: https://au.bfn.today/login.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

88.212.201.210 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host210.rax.ru

Software

nginx/1.17.9 /

Resource Hash

bb51b9caddb8a0e55d70c819b8a8903fbf2f94b7ad453653ec6aa0e823524276

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 08 Aug 2021 04:17:25 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 112
Expires: Fri, 07 Aug 2020 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 08 Aug 2021 04:17:25 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit?q;t45.1;r;s1600*1200*24;uhttps%3A//au.bfn.today/login.php;hBFN%20AU;0.4262351709770602
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Fri, 07 Aug 2020 21:00:00 GMT

GET
H2 200 watch.js Show response
cdn.jsdelivr.net/npm/yandex-metrica-watch/ 132 KB
54 KB 21ms
6ms Script
application/javascript 2a04:4e42:3::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js

Requested by

Host: au.bfn.today
URL: https://au.bfn.today/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

de58b6e5c3781bde166418651ec266bb3514796a66c9da5f564e6dcd2b99d246

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 31723
x-jsd-version: 1.196.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 54513
etag: W/"211bf-pSg9BbDtXbq3HUEkgExR8M4zGts"
x-served-by: cache-fra19162-FRA
x-jsd-version-type: version
date: Sun, 08 Aug 2021 04:17:25 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html Show response
platform.twitter.com/widgets/ Frame 9E17 319 KB
103 KB 7ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Fau.bfn.today
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67D5) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://au.bfn.today/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://au.bfn.today/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 204487
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sun, 08 Aug 2021 04:17:25 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Mon, 02 Aug 2021 20:33:53 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67D5)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105433

GET
H2

200

1 Show response
mc.yandex.ru/watch/3/
Redirect Chain

https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fau.bfn.today%2Flogin.php&page-ref=&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aaldhbm6iwj27vyl3%3Afp%3A98%3Afu%3A0%3Aen%3Autf-8%...
https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fau.bfn.today%2Flogin.php&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aaldhbm6iwj27vyl3%3Afp%3A98%3Afu%3A0%3Aen%3Autf-8...

167 B
202 B

49ms
49ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fau.bfn.today%2Flogin.php&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aaldhbm6iwj27vyl3%3Afp%3A98%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A608%3Acn%3A2%3Adp%3A0%3Als%3A843511474907%3Ahid%3A819859848%3Az%3A120%3Ai%3A20210808061725%3Aet%3A1628396245%3Ac%3A1%3Arn%3A278132513%3Au%3A1628396245132290135%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1628396244700%3Ads%3A1%2C3%2C9%2C0%2C0%2C0%2C%2C374%2C1%2C%2C%2C%2C395%3Adsn%3A1%2C3%2C8%2C1%2C0%2C0%2C%2C376%2C0%2C%2C%2C%2C395%3Ati%3A2%3Ast%3A1628396245

Requested by

Host: au.bfn.today
URL: https://au.bfn.today/login.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

b2e5f0c8e9c0e1407e8d1c3bf4aa27fa0108de519515bb891c682ae3a129d5eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Aug 2021 04:17:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 08-Aug-2021 04:17:25 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://au.bfn.today
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 167
x-xss-protection: 1; mode=block
expires: Sun, 08-Aug-2021 04:17:25 GMT

Redirect headers

pragma: no-cache
date: Sun, 08 Aug 2021 04:17:25 GMT
last-modified: Sun, 08-Aug-2021 04:17:25 GMT
location: /watch/3/1?wmode=7&page-url=https%3A%2F%2Fau.bfn.today%2Flogin.php&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aaldhbm6iwj27vyl3%3Afp%3A98%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A608%3Acn%3A2%3Adp%3A0%3Als%3A843511474907%3Ahid%3A819859848%3Az%3A120%3Ai%3A20210808061725%3Aet%3A1628396245%3Ac%3A1%3Arn%3A278132513%3Au%3A1628396245132290135%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1628396244700%3Ads%3A1%2C3%2C9%2C0%2C0%2C0%2C%2C374%2C1%2C%2C%2C%2C395%3Adsn%3A1%2C3%2C8%2C1%2C0%2C0%2C%2C376%2C0%2C%2C%2C%2C395%3Ati%3A2%3Ast%3A1628396245
strict-transport-security: max-age=31536000
access-control-allow-origin: https://au.bfn.today
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Sun, 08-Aug-2021 04:17:25 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/48716129/
Redirect Chain

https://mc.yandex.ru/watch/48716129?wmode=7&page-url=https%3A%2F%2Fau.bfn.today%2Flogin.php&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aaldhbm6iwj27vyl3%3Afp%3A98%3Afu%3A0%3Aen%3Autf-8%3Al...
https://mc.yandex.ru/watch/48716129/1?wmode=7&page-url=https%3A%2F%2Fau.bfn.today%2Flogin.php&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aaldhbm6iwj27vyl3%3Afp%3A98%3Afu%3A0%3Aen%3Autf-8%3...

335 B
417 B

43ms
43ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/48716129/1?wmode=7&page-url=https%3A%2F%2Fau.bfn.today%2Flogin.php&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aaldhbm6iwj27vyl3%3Afp%3A98%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A608%3Acn%3A1%3Adp%3A0%3Als%3A1274743523419%3Ahid%3A819859848%3Az%3A120%3Ai%3A20210808061725%3Aet%3A1628396245%3Ac%3A1%3Arn%3A482194493%3Au%3A1628396245132290135%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1628396244700%3Ads%3A1%2C3%2C9%2C0%2C0%2C0%2C%2C374%2C1%2C%2C%2C%2C395%3Adsn%3A1%2C3%2C8%2C1%2C0%2C0%2C%2C376%2C0%2C%2C%2C%2C395%3Arqnl%3A1%3Ati%3A2%3Ast%3A1628396245%3At%3ABFN%20AU

Requested by

Host: au.bfn.today
URL: https://au.bfn.today/login.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

d751ee25dccbc4708024b04e7512f09d7085f06cdefde246f1d12aa5aa6b1228

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Aug 2021 04:17:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 08-Aug-2021 04:17:25 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://au.bfn.today
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 335
x-xss-protection: 1; mode=block
expires: Sun, 08-Aug-2021 04:17:25 GMT

Redirect headers

pragma: no-cache
date: Sun, 08 Aug 2021 04:17:25 GMT
last-modified: Sun, 08-Aug-2021 04:17:25 GMT
location: /watch/48716129/1?wmode=7&page-url=https%3A%2F%2Fau.bfn.today%2Flogin.php&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aaldhbm6iwj27vyl3%3Afp%3A98%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A608%3Acn%3A1%3Adp%3A0%3Als%3A1274743523419%3Ahid%3A819859848%3Az%3A120%3Ai%3A20210808061725%3Aet%3A1628396245%3Ac%3A1%3Arn%3A482194493%3Au%3A1628396245132290135%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1628396244700%3Ads%3A1%2C3%2C9%2C0%2C0%2C0%2C%2C374%2C1%2C%2C%2C%2C395%3Adsn%3A1%2C3%2C8%2C1%2C0%2C0%2C%2C376%2C0%2C%2C%2C%2C395%3Arqnl%3A1%3Ati%3A2%3Ast%3A1628396245%3At%3ABFN%20AU
strict-transport-security: max-age=31536000
access-control-allow-origin: https://au.bfn.today
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Sun, 08-Aug-2021 04:17:25 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
289 B 127ms
43ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: au.bfn.today
URL: https://au.bfn.today/login.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 04:17:25 GMT
last-modified: Tue, 03 Aug 2021 10:32:13 GMT
etag: "61029ac0-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Sun, 08 Aug 2021 05:17:25 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 9E17 232 B
432 B 153ms
120ms Fetch
application/json 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=49827a33b1fd30c86b9272dc0b2e5681e3115dfa

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Fau.bfn.today

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 04:17:25 GMT
content-encoding: gzip
last-modified: Sun, 08 Aug 2021 04:17:25 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 7975d73e50164f87e7251d96a9b0f3d196f91725b11fd8dff8101bac7fdcf195
content-length: 166

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
91 B 13ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2018959031732779&ev=PageView&dl=https%3A%2F%2Fau.bfn.today%2Flogin.php&rl=&if=false&ts=1628396245245&sw=1600&sh=1200&v=2.9.44&r=stable&ec=0&o=30&fbp=fb.1.1628396245244.1608113761&it=1628396245033&coo=false&rqm=GET

Requested by

Host: au.bfn.today
URL: https://au.bfn.today/login.php

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 04:17:25 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Sun, 08 Aug 2021 04:17:25 GMT

GET
H2 200 17066729988608371716
tpc.googlesyndication.com/simgad/ Frame 3F48 43 KB
43 KB 33ms
12ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17066729988608371716?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnNxxEKYaClCKZD6sYa9cgu0BiqqQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0470186311324088&output=html&h=280&slotname=4257322551&adk=3469156498&adf=2973147585&pi=t.ma~as.4257322551&w=338&fwrn=4&fwrnh=100&lmt=1628396245&rafmt=1&psa=0&format=338x280&url=https%3A%2F%2Fau.bfn.today%2Flogin.php&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628396244906&bpp=1&bdt=190&idt=115&shv=r20210803&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x280&nras=1&correlator=4528665380350&frm=20&pv=1&ga_vid=944942953.1628396245&ga_sid=1628396245&ga_hid=103979608&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=241&ady=1001&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=134659250060835&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Ss3YDnuUNp&p=https%3A//au.bfn.today&dtd=119

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff67d24c69239160ef9303f299aff1ba7ecc4a9d6b7a4cb8f705b1796403b785

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 13:00:41 GMT
x-content-type-options: nosniff
last-modified: Thu, 15 Jul 2021 10:52:11 GMT
server: sffe
age: 227804
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44152
x-xss-protection: 0
expires: Fri, 05 Aug 2022 13:00:41 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/ Frame 3F48 18 KB
8 KB 26ms
5ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83cd4afc0672833e8ac46854de805cda18237894e6d5193111af3e2e866a7a3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 02:57:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4798
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7614
x-xss-protection: 0
server: cafe
etag: 9899176843389144697
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 Aug 2021 02:57:27 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/ Frame 3F48 2 KB
1 KB 29ms
11ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:52:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1476
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 Aug 2021 03:52:49 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3F48 125 KB
38 KB 28ms
14ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31bd4156e14d269de39d5e4bda8b81140fe74ccf3f91c49103c4ea22c8b4cd90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 04:17:25 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628249295356546"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38372
x-xss-protection: 0
expires: Sun, 08 Aug 2021 04:17:25 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/ Frame 3F48 14 KB
6 KB 24ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 04:08:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 537
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6204
x-xss-protection: 0
server: cafe
etag: 11055049251678278959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 Aug 2021 04:08:28 GMT

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/ Frame 3F48 26 KB
11 KB 29ms
12ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f71190efb3401bbbe347d7fbde655e7c4f40a43b52682f1fe816a5cfa836d3c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 23:16:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18069
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10762
x-xss-protection: 0
server: cafe
etag: 3065724439939497134
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 21 Aug 2021 23:16:16 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3F48 0
0 17ms
17ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CNEdX1VoPYcGuApi73wONrKvgCZfAiYVk09DkybwOv-EeEAEgo87eFmCVAqABy7LrrQLIAQKpAhQDzsy2u7M-qAMByAPJBKoEwwFP0Cg91cmCWfaxR0RKf7zqPl9APrVr-AErsEYwRwnOKhI4eOtair2ycw84aP5kssTSJ96WzrVYXPxM0WEUrl85CPAo8VWcAXcQpySW5GWF3bimilNkryZ52ieaO3pNwbkUIpn7RdNRjQbsv0AISR4SfE9XTY4EPQSWvwfBD3qI3Qqrc2zVCY3fw4rdTQGudTHeE8o3TM7XRJcQz11Vw2-2kSniQmbGa2zJkAHcbSS7F_JwfQF0YbGx0mkVMmIwFb59L67ABITFv7bRA6AGAoAHnc2U0gGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQ8akB0ggJCIDhgBAQARgfgAoByAsB2BMD0BUBgBcBshcaChgIABIUcHViLTA0NzAxODYzMTEzMjQwODg&sigh=KbpRckutegg

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0470186311324088&output=html&h=280&slotname=4257322551&adk=3469156498&adf=2973147585&pi=t.ma~as.4257322551&w=338&fwrn=4&fwrnh=100&lmt=1628396245&rafmt=1&psa=0&format=338x280&url=https%3A%2F%2Fau.bfn.today%2Flogin.php&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628396244906&bpp=1&bdt=190&idt=115&shv=r20210803&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x280&nras=1&correlator=4528665380350&frm=20&pv=1&ga_vid=944942953.1628396245&ga_sid=1628396245&ga_hid=103979608&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=241&ady=1001&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=134659250060835&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Ss3YDnuUNp&p=https%3A//au.bfn.today&dtd=119
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 08 Aug 2021 04:17:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 08 Aug 2021 04:17:25 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C9E5 143 B
163 B 8ms
6ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0470186311324088&output=html&h=280&slotname=4257322551&adk=3469156498&adf=2973147585&pi=t.ma~as.4257322551&w=338&fwrn=4&fwrnh=100&lmt=1628396245&rafmt=1&psa=0&format=338x280&url=https%3A%2F%2Fau.bfn.today%2Flogin.php&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628396244906&bpp=1&bdt=190&idt=115&shv=r20210803&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x280&nras=1&correlator=4528665380350&frm=20&pv=1&ga_vid=944942953.1628396245&ga_sid=1628396245&ga_hid=103979608&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=241&ady=1001&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=134659250060835&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Ss3YDnuUNp&p=https%3A//au.bfn.today&dtd=119
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmwWPRunJkgBuquzGNN2L5-zZQurVUDzRuyit34swac19xilofEaXmAmnCkdRI
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0470186311324088&output=html&h=280&slotname=4257322551&adk=3469156498&adf=2973147585&pi=t.ma~as.4257322551&w=338&fwrn=4&fwrnh=100&lmt=1628396245&rafmt=1&psa=0&format=338x280&url=https%3A%2F%2Fau.bfn.today%2Flogin.php&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628396244906&bpp=1&bdt=190&idt=115&shv=r20210803&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x280&nras=1&correlator=4528665380350&frm=20&pv=1&ga_vid=944942953.1628396245&ga_sid=1628396245&ga_hid=103979608&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=241&ady=1001&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=134659250060835&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Ss3YDnuUNp&p=https%3A//au.bfn.today&dtd=119

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 08 Aug 2021 03:42:57 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2068
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 3F48 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2129f78d99e8a6a15cd0305673222e4b2d5d5d7b22eb8e30d443203c177fca91

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C9E5
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

15ms
15ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmwWPRunJkgBuquzGNN2L5-zZQurVUDzRuyit34swac19xilofEaXmAmnCkdRI; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 08 Aug 2021 04:17:25 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Sun, 08-Aug-2021 05:17:25 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 08 Aug 2021 04:17:25 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 08 Aug 2021 04:17:25 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 Y_O2WQQ68U2CiOGiM48gS2ev59GvBpIPMT_iTLKbJ0M.js Show response
pagead2.googlesyndication.com/bg/ Frame 9848 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Y_O2WQQ68U2CiOGiM48gS2ev59GvBpIPMT_iTLKbJ0M.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63f3b659043af14d8288e1a2338f204b67afe7d1af06920f313fe24cb29b2743

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 06:53:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77062
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13367
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 07 Aug 2022 06:53:03 GMT

GET
H2

200

sync_cookie_image_decide
mc.webvisor.org/
Redirect Chain

https://mc.webvisor.org/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=9358.K4BPEG9RR7OF1K_jXmsDX69zSldgxsi5-VbzJzMBX0Rn6rqDj6bSPohyUwtXqEbZ.yiVBblQ7Px54fyxf4xZELXxCryM%2C
https://mc.webvisor.org/sync_cookie_image_decide?token=9358.Bj0TddL8W1G2Cg36fJo-wI0_12XDKjTSSAut3sMAd7gczpaL-6FF1EeZ3jv_S-VJZzdoXL2o6UwzLUvbBjBZrI25C26OIjT1kjdpZB6BB9s%2C.8MZYQUg-cyH7QvE1A_fwkRuZDG...

43 B
358 B

62ms
61ms

Image
image/gif

80.239.201.123
TELIANET Telia Ca...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.webvisor.org/sync_cookie_image_decide?token=9358.Bj0TddL8W1G2Cg36fJo-wI0_12XDKjTSSAut3sMAd7gczpaL-6FF1EeZ3jv_S-VJZzdoXL2o6UwzLUvbBjBZrI25C26OIjT1kjdpZB6BB9s%2C.8MZYQUg-cyH7QvE1A_fwkRuZDG4%2C

Requested by

Host: au.bfn.today
URL: https://au.bfn.today/login.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

80.239.201.123 , Sweden, ASN1299 (TELIANET Telia Carrier, SE),

Reverse DNS

80-239-201-123.teliacarrier-cust.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 04:17:25 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.webvisor.org/sync_cookie_image_decide?token=9358.Bj0TddL8W1G2Cg36fJo-wI0_12XDKjTSSAut3sMAd7gczpaL-6FF1EeZ3jv_S-VJZzdoXL2o6UwzLUvbBjBZrI25C26OIjT1kjdpZB6BB9s%2C.8MZYQUg-cyH7QvE1A_fwkRuZDG4%2C
date: Sun, 08 Aug 2021 04:17:25 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H3-29 200 3749871304586624825
tpc.googlesyndication.com/simgad/ Frame 7493 54 KB
54 KB 23ms
8ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3749871304586624825?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkucgy7MKq5YFdxpt-6pcZGQruxUA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0470186311324088&output=html&h=280&slotname=2242651231&adk=4104189485&adf=3530750019&pi=t.ma~as.2242651231&w=750&fwrn=4&fwrnh=100&lmt=1628396245&rafmt=1&psa=0&format=750x280&url=https%3A%2F%2Fau.bfn.today%2Flogin.php&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628396244904&bpp=2&bdt=188&idt=109&shv=r20210803&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4528665380350&frm=20&pv=1&ga_vid=944942953.1628396245&ga_sid=1628396245&ga_hid=103979608&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=160&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=134659250060835&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=jAzvbc8O2q&p=https%3A//au.bfn.today&dtd=113

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ccd2c3980eacfc4e2f05c62368b8cb0207324bd97e11a4fe1cec9c5b49b0d00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 13:17:31 GMT
x-content-type-options: nosniff
last-modified: Thu, 15 Jul 2021 10:47:06 GMT
server: sffe
age: 226794
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55300
x-xss-protection: 0
expires: Fri, 05 Aug 2022 13:17:31 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/ Frame 7493 18 KB
7 KB 21ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83cd4afc0672833e8ac46854de805cda18237894e6d5193111af3e2e866a7a3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 02:57:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4798
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7614
x-xss-protection: 0
server: cafe
etag: 9899176843389144697
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 Aug 2021 02:57:27 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/ Frame 7493 2 KB
1 KB 27ms
15ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 03:52:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1476
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 Aug 2021 03:52:49 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7493 125 KB
38 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31bd4156e14d269de39d5e4bda8b81140fe74ccf3f91c49103c4ea22c8b4cd90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 04:17:25 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628249295356546"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38372
x-xss-protection: 0
expires: Sun, 08 Aug 2021 04:17:25 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/ Frame 7493 14 KB
6 KB 19ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 04:08:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 537
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6204
x-xss-protection: 0
server: cafe
etag: 11055049251678278959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 Aug 2021 04:08:28 GMT

GET
H3-29 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/ Frame 7493 26 KB
11 KB 17ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f71190efb3401bbbe347d7fbde655e7c4f40a43b52682f1fe816a5cfa836d3c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 23:16:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18069
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10762
x-xss-protection: 0
server: cafe
etag: 3065724439939497134
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 21 Aug 2021 23:16:16 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7493 0
0 17ms
17ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CMh1y1VoPYYaVAsKMjuwPkvG_iAmXwImFZKW96q-iDr_hHhABIKPO3hZglQKgAcuy660CyAECqQIUA87MtruzPqgDAcgDyQSqBMMBT9AsBgQ3gHq-__GrOBTTR45Sy_OH76MdBOq5WGkhStvOL-HSAntnzh3T8KQoTPLK0Cz-HU_mCkkCh1QwC97VAqFNsk6EOSI-567bg0UcMmGG3RqzigR-iMJQeP8VaaSN-3hQgb7kFQw_k5PntT-4S5aDvKmcIU-Tw11JxmYZij8G6R7J2JAd4ttI7e3Ifs2Qn6UzHceAtWV5Rz3YzUV2K50KM9XehtzQ23R8Pt8dzsxmO4-mnmKItp47PIXpFSlOPNHNwASExb-20QOgBgKAB53NlNIBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEN26AdIICQiA4YAQEAEYH4AKAcgLAdgTA9AVAYAXAbIXGgoYCAASFHB1Yi0wNDcwMTg2MzExMzI0MDg4&sigh=WlWHEkg_hwM

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0470186311324088&output=html&h=280&slotname=2242651231&adk=4104189485&adf=3530750019&pi=t.ma~as.2242651231&w=750&fwrn=4&fwrnh=100&lmt=1628396245&rafmt=1&psa=0&format=750x280&url=https%3A%2F%2Fau.bfn.today%2Flogin.php&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628396244904&bpp=2&bdt=188&idt=109&shv=r20210803&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4528665380350&frm=20&pv=1&ga_vid=944942953.1628396245&ga_sid=1628396245&ga_hid=103979608&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=160&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=134659250060835&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=jAzvbc8O2q&p=https%3A//au.bfn.today&dtd=113
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 08 Aug 2021 04:17:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 728D 143 B
163 B 6ms
5ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0470186311324088&output=html&h=280&slotname=2242651231&adk=4104189485&adf=3530750019&pi=t.ma~as.2242651231&w=750&fwrn=4&fwrnh=100&lmt=1628396245&rafmt=1&psa=0&format=750x280&url=https%3A%2F%2Fau.bfn.today%2Flogin.php&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628396244904&bpp=2&bdt=188&idt=109&shv=r20210803&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4528665380350&frm=20&pv=1&ga_vid=944942953.1628396245&ga_sid=1628396245&ga_hid=103979608&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=160&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=134659250060835&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=jAzvbc8O2q&p=https%3A//au.bfn.today&dtd=113
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmwWPRunJkgBuquzGNN2L5-zZQurVUDzRuyit34swac19xilofEaXmAmnCkdRI; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0470186311324088&output=html&h=280&slotname=2242651231&adk=4104189485&adf=3530750019&pi=t.ma~as.2242651231&w=750&fwrn=4&fwrnh=100&lmt=1628396245&rafmt=1&psa=0&format=750x280&url=https%3A%2F%2Fau.bfn.today%2Flogin.php&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628396244904&bpp=2&bdt=188&idt=109&shv=r20210803&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4528665380350&frm=20&pv=1&ga_vid=944942953.1628396245&ga_sid=1628396245&ga_hid=103979608&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=160&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=134659250060835&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=jAzvbc8O2q&p=https%3A//au.bfn.today&dtd=113

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 08 Aug 2021 03:42:57 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2068
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7493 0
0 40ms
27ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=eos&id=eos-base&v=20210806&bin=7&avms=ns&bs=0,0&if=1&app=0&itpl=4&adk=4104189485&rs=2&cr=0&vs=0&eosm=1&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Aug 2021 04:17:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 7493 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ee4970cae7f6a0856d989e8aa4a09a840ad1356014e51c928e2fea79574ea727

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 728D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

14ms
13ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmwWPRunJkgBuquzGNN2L5-zZQurVUDzRuyit34swac19xilofEaXmAmnCkdRI; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 08 Aug 2021 04:17:25 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Sun, 08-Aug-2021 05:17:25 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 08 Aug 2021 04:17:25 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 08 Aug 2021 04:17:25 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 Y_O2WQQ68U2CiOGiM48gS2ev59GvBpIPMT_iTLKbJ0M.js Show response
pagead2.googlesyndication.com/bg/ Frame 85BA 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Y_O2WQQ68U2CiOGiM48gS2ev59GvBpIPMT_iTLKbJ0M.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63f3b659043af14d8288e1a2338f204b67afe7d1af06920f313fe24cb29b2743

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 06:53:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77062
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13367
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 07 Aug 2022 06:53:03 GMT

POST
H3-29 200 /
www.facebook.com/tr/ 0
15 B 6ms
6ms Ping
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundarykdQjMTkOKszsrvas

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Sun, 08 Aug 2021 04:17:25 GMT
content-type: text/plain
access-control-allow-origin: https://au.bfn.today
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
9 KB 18ms
18ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210803&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb2208d9415718d12bee295eb16dd6ff4329af7b2aa31bbde223c1c2103e08a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 08 Aug 2021 04:17:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8710
x-xss-protection: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 04:17:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Sun, 08 Aug 2021 04:17:25 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame A6F7 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://au.bfn.today/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://au.bfn.today/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Sat, 07 Aug 2021 20:38:40 GMT
expires: Sun, 07 Aug 2022 20:38:40 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 27525
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B049 783 B
534 B 15ms
15ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fd104cfd09242c5bacb9336f804d34e854a507d19b03e4d9e916253d643973bf

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-pcPf8D90RXOH9dVOKR666Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://au.bfn.today/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://au.bfn.today/

Response headers

expires: Sun, 08 Aug 2021 04:17:25 GMT
date: Sun, 08 Aug 2021 04:17:25 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-pcPf8D90RXOH9dVOKR666Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 515
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 Y_O2WQQ68U2CiOGiM48gS2ev59GvBpIPMT_iTLKbJ0M.js Show response
pagead2.googlesyndication.com/bg/ Frame A6F7 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Y_O2WQQ68U2CiOGiM48gS2ev59GvBpIPMT_iTLKbJ0M.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63f3b659043af14d8288e1a2338f204b67afe7d1af06920f313fe24cb29b2743

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 06:53:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77062
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13367
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 07 Aug 2022 06:53:03 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 28ms
28ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210803&jk=134659250060835&bg=!39yl3JjNAAals0SOpbM7ACkAdvg8WmFvGa_Wa8Aezv6oQ5EwU2Yzg3ZriWmdc1QzIo67LwV_AxKgsAIAAABJUgAAAAtoAQeZAmxhqyPPgcHWWsYtvRG7lQOM1APbf67a2FG06ieLj-cueoDs9MV4mrb_rh8U933kscI5uj_a3DUz_9Pb8WfGoS8ryzwvPlm2s471BAhkRWngRuIygJffrQeKi3WsP-nOnDDS5piikXLDbGXRTKk3u4aN3SM2AnMw3GeXZfzPc0KZc19r8rVmMblW4IeNnf6vjhzhLYKyKPgb6NqSvPLI3a2ysLx17gShdUqDA6_4S4kjy13kiplpYwDYXz1Fju51TB50qfqV9NnJC_s6t5wO-e8k8vo1dogFPm8hveDdJtKLGUhOcftrGNcwTv2jii-sps1XSGYsfoYtunjN0DE9GodvgsggJ1W095QEPf2Jsg1Qebh13V-6xRhe3rdHUXNxDWg4a4MjHZOW7L2-fACBWpq0QJchxyEnb3J6RDzOFfXpLtoWEzyXX72dFqJAGh-XitMutEGlZH8tGQ5ZJZd6894_k_c1494hGSmewby1uW7MdFGKfgTzlWAUFeqge2haV_UzEDbum2s1ZLDgGu9e1NxlQoSv6VGSVAZxhcpM1zbIhRpuwG_6wFksa6m5E538S9sOSTJOGP1qZ5P4Imi4lyiltKbUXOpLJhDcP8EQkkjNqtEIEJZZ0ETzmPWo3V84MJI1rKR0ObttJcfMsyZzxgM-J2454aKbYlKC1x0eFOcDhPT-ECvPU1aeUXv2g3nkQsYzsATz5bLRb1XoDTL3ksTIydv8triWm_JtrqsDesXYEx9Xt0Rrf1YWLUBzEwoKLIiyFdIY9drure_qtKGb8A6islidUhR9UEvdSPQ1UAY4SsOjbYDbH_sigtU9aQ

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Aug 2021 04:17:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3F48 0
0 17ms
16ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CFzZF1VoPYcGuApi73wONrKvgCZfAiYVk09DkybwOv-EeEAEgo87eFmCVAqABy7LrrQLIAQKpAhQDzsy2u7M-qAMBqgTDAU_QKD3VyYJZ9rFHREp_vOo-X0A-tWv4ASuwRjBHCc4qEjh461qKvbJzDzho_mSyxNIn3pbOtVhc_EzRYRSuXzkI8CjxVZwBdxCnJJbkZYXduKaKU2SvJnnaJ5o7ek3BuRQimftF01GNBuy_QAhJHhJ8T1dNjgQ9BJa_B8EPeojdCqtzbNUJjd_Dit1NAa51Md4TyjdMztdElxDPXVXDb7aRKeJCZsZrbMmQAdxtJLsX8nB9AXRhsbHSaRUyYjAVvn0vrsAEhMW_ttEDoAYCgAedzZTSAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBDxqQHSCAkIgOGAEBABGB-ACgHICwHYEwPQFQGAFwGyFxoKGAgAEhRwdWItMDQ3MDE4NjMxMTMyNDA4OA&sigh=bpCFUsm3UAw&vt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0470186311324088&output=html&h=280&slotname=4257322551&adk=3469156498&adf=2973147585&pi=t.ma~as.4257322551&w=338&fwrn=4&fwrnh=100&lmt=1628396245&rafmt=1&psa=0&format=338x280&url=https%3A%2F%2Fau.bfn.today%2Flogin.php&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628396244906&bpp=1&bdt=190&idt=115&shv=r20210803&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x280&nras=1&correlator=4528665380350&frm=20&pv=1&ga_vid=944942953.1628396245&ga_sid=1628396245&ga_hid=103979608&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=241&ady=1001&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=134659250060835&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Ss3YDnuUNp&p=https%3A//au.bfn.today&dtd=119
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 08 Aug 2021 04:17:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3F48 42 B
64 B 29ms
28ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstC36YNrkbW8AlJ_J-1qURMx093eG4uft9M4akp6ZfxScXAEFBD0k7XNs62S2B2LGsFiK3zCJENV09QGa4KVA4PTe5hV9v7xlhJ2Ns7WRtEvg-usgzmfupiTD8QBg&sai=AMfl-YTRKCSnr5XCLc0gs5dTvD4M3QbFqjXGH30lG_vtgcFv7Gd8bAOdm59W6l8s0F7n63o9fxZHo1MnTMyH&sig=Cg0ArKJSzL0Xh-5bc4YMEAE&id=lidar2&mcvt=1000&p=908,242,1188,578&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210806&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=3469156498&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1628396245026&dlt=245&rpt=149&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Aug 2021 04:17:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7493 0
0 19ms
18ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cci0s1VoPYYaVAsKMjuwPkvG_iAmXwImFZKW96q-iDr_hHhABIKPO3hZglQKgAcuy660CyAECqQIUA87MtruzPqgDAaoEwwFP0CwGBDeAer7_8as4FNNHjlLL84fvox0E6rlYaSFK284v4dICe2fOHdPwpChM8srQLP4dT-YKSQKHVDAL3tUCoU2yToQ5Ij7nrtuDRRwyYYbdGrOKBH6IwlB4_xVppI37eFCBvuQVDD-Tk-e1P7hLloO8qZwhT5PDXUnGZhmKPwbpHsnYkB3i20jt7ch-zZCfpTMdx4C1ZXlHPdjNRXYrnQoz1d6G3NDbdHw-3x3OzGY7j6aeYoi2njs8hekVKU480c3ABITFv7bRA6AGAoAHnc2U0gGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQ3boB0ggJCIDhgBAQARgfgAoByAsB2BMD0BUBgBcBshcaChgIABIUcHViLTA0NzAxODYzMTEzMjQwODg&sigh=7tdsRMPHnCo&vt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0470186311324088&output=html&h=280&slotname=2242651231&adk=4104189485&adf=3530750019&pi=t.ma~as.2242651231&w=750&fwrn=4&fwrnh=100&lmt=1628396245&rafmt=1&psa=0&format=750x280&url=https%3A%2F%2Fau.bfn.today%2Flogin.php&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628396244904&bpp=2&bdt=188&idt=109&shv=r20210803&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4528665380350&frm=20&pv=1&ga_vid=944942953.1628396245&ga_sid=1628396245&ga_hid=103979608&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=160&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=134659250060835&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=jAzvbc8O2q&p=https%3A//au.bfn.today&dtd=113
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 08 Aug 2021 04:17:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7493 42 B
64 B 28ms
28ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssFtW47eVfuoTlHeiSOxeclVo1C0OURNNUQV-uyZ88rv-rJIr1QlNvVoKVAAGv-oQzSPiGy41m_xSRJ80oSzly81U8CuABvP5KXkkxJIwEsVnsPYae0IDBSfFaJ4w&sai=AMfl-YTVV2NlV-KGNf2a77xC-oW7cI6PdtFHj5sMpOEuxW8xJNyHXeCntqhBmFGyIPFpjSsi-arWo-9kTjKD&sig=Cg0ArKJSzDMHB3_L6qajEAE&id=lidar2&mcvt=1000&p=160,402,440,808&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210806&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=4104189485&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=1&rst=1628396245019&dlt=550&rpt=153&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Aug 2021 04:17:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

113 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 20:19:57	Name: test_cookie Value: CheckForPermission
.bfn.today/	1970-01-19 20:21:08	Name: _ym_isad Value: 2
.bfn.today/	1970-01-20 05:05:32	Name: _ym_d Value: 1628396245
.bfn.today/	1970-01-20 05:05:32	Name: _ym_uid Value: 1628396245132290135
.bfn.today/	1970-01-19 22:29:32	Name: _fbp Value: fb.1.1628396245244.1608113761
.bfn.today/	1970-01-20 05:41:32	Name: __gads Value: ID=97e27396f5f641c7-22081b069ac90010:T=1628396245:RT=1628396245:S=ALNI_MZM7nNqKFfbYehm5TsFteUyYPj6ww
au.bfn.today/	1969-12-31 23:59:59	Name: PHPSESSID Value: b488ef661ab6539dee7e259f4a72b377
.bfn.today/	1970-01-19 20:19:56	Name: _gat_gtag_UA_135917903_1 Value: 1
.bfn.today/	1970-01-19 20:19:58	Name: _ym_visorc Value: w
au.bfn.today/	1970-01-19 21:03:08	Name: ci_session Value: a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%223e624355785db89a76d84ee02ed7caf9%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628396244%22%3B%7D89d8c5a1b771cb57d6a8a1e2651dd517
.bfn.today/	1970-01-19 20:21:22	Name: _gid Value: GA1.2.119458773.1628396245
.doubleclick.net/	1970-01-19 20:19:59	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 05:41:32	Name: IDE Value: AHWqTUmwWPRunJkgBuquzGNN2L5-zZQurVUDzRuyit34swac19xilofEaXmAmnCkdRI
.bfn.today/	1970-01-20 13:51:08	Name: _ga Value: GA1.2.944942953.1628396245

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.googleapis.com
au.bfn.today
cdn.jsdelivr.net
connect.facebook.net
counter.yadro.ru
googleads.g.doubleclick.net
i.ytimg.com
mc.webvisor.org
mc.yandex.ru
pagead2.googlesyndication.com
partner.googleadservices.com
platform.twitter.com
static.addtoany.com
syndication.twitter.com
tpc.googlesyndication.com
use.fontawesome.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
104.244.42.8
142.250.184.226
2606:2800:234:59:254c:406:2366:268c
2606:4700:10::6816:46c5
2606:4700:3037::6815:4e07
2a00:1450:4001:800::200a
2a00:1450:4001:80f::200e
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:827::2002
2a00:1450:4001:828::2004
2a00:1450:4001:829::2008
2a00:1450:4001:82a::2002
2a00:1450:4001:830::2016
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
2a01:4f8:10a:2e93::2
2a02:6b8::1:119
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:3::485
80.239.201.123
88.212.201.210
01e112992c9c8e05b9c0c86c6fb48a63017e8f448dad4a55c66e599c24afb3dc
095f2a581bbe2926cd974a2a0fc76f23ddcd16456f4a99b3d2b735c51768a5f1
0b0e380bb37bba1d48139a735437a15307c51eb00486f56ab89b87f245c3dc98
0c2ff75f5037ea15a95d1c8e1a502c388de7e8e7eb26831279d7ba4a06483976
0ccd2c3980eacfc4e2f05c62368b8cb0207324bd97e11a4fe1cec9c5b49b0d00
0d57f0a9657f619d6ede4e1f9380756756d36ba60356cacf80a525cdb3aa572d
0db4c24b216c9d565a156d1918b904c540e7773867869dcd1c02fa08c627f399
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
152d98216f03e242b7e3a04fff301993bc1641f45047bd60ada846310373d6dd
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1846e004a44f8bd2db11fe13b5ddc2ed24e74443f7f23b10be38fc248c2cf448
1ae11c4dfcb3fd081e36fce3b8aab9834129f259e7174909c4a0edcd3b3245a4
1b1564f4d458a56a7749e48bd4d6084e3e46ce640268e3e2bd58a14aa2fe6823
1b31afdfd23628d9fb1118e31841278653c4ef36a6d0970c002d43e49b5d1856
1e30f68d31283c591363bb56cf808b5bb98677757488f040ded2d93f7098e0eb
2064d56b4bb858338851fa77654ad7e9cff3086086891ba607b256e723da96c2
2129f78d99e8a6a15cd0305673222e4b2d5d5d7b22eb8e30d443203c177fca91
23fabbf12a75744e81831d0bfe19afa8c0abde9aa18b881e6ded90dd94b4cd91
28ab9ab0e976effb6d28e62f7b8f0048584ed5c71dd71a79e396c15f1130e348
2988b24317a2d539b101e387e65d3732d9e22c0c84804e974fcf972c2a23823e
2a162ed1013f416a73c6f8c4b845db9036e34b9d42b6b6c3e20970513231628f
2a27a5c3b2c3554687cc386063e64ad7b7eaae09018eecebbaedd325c5c9da5e
2aa3cedbf968d1632c46f69203131f6f68872220afe5e97d814a59aa07583881
2bb66f0be73fd555913257dd28f51a83b7fb54db664e7c5413c20e932d782386
314ba53857ebd5ba7c33e631ca9eb4b88edb98c655ddffae974f8d5fbc8b4eda
31a2bdb33d1b6f64a9edf55363a3d9e5794f82ae522a520b17e30282cda916a5
31bd4156e14d269de39d5e4bda8b81140fe74ccf3f91c49103c4ea22c8b4cd90
34aaf1f9c3b29aaa608bb9853159d7bb587833207a8b2ef32ec9740720d18370
34f6a1822d880608e7124d2ea0e3da4cd9b3a3b3b7d18171b61031cedbe6e72f
35c17961d40aa82529f8177574f79eecd169b2a4f36c0c93d61295a0a6e8cc3e
3af55338987d4ba359c2c435f1222e9f32e95525fdd7d908600aeefa910cc0b4
3b68bad79742705a9e7a436733a8fd2278f9923f48fc304ce9aecd97205ad642
3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7
3c5303654cc8d7ed7a303810a0b1b509e38592eec7411fcfef8e847e8140dca7
3f2c6e91c7b9facb8b89ad01cc71438a61188e32827020f0ab6c6b3bc01b034a
416b931e23da7d61127010e7beb91e5b0d692fcc2a778157304006675b857f22
41d7baf8ed24373755b92ec963767a6b46da0d71671b0a008e7c264c7c0ca265
442e9e8a82938ff2b339e283cc8dce7f5a74476687e8a5fe944d15bf8e1de277
4582bebc2e153edb91f7dc17790b7edb55c7a5a6457e47acb8a940b473197718
4631394557c95f0965f6e50ccd594c8c5403e54d9c96f9e83f6933df4ee94bce
4d24740ca88c696e9119eaaba5f1d39e008bcef3481d5af17e62c39200646480
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
504016cec91554da90714b12d6518461d247b68f8f13263a8112f7106474850f
520449d5cfcab131565980d6d6cedc3331b68af8368de1ca4f8045e8147b1ee4
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
590f4572f26bece4653d7aa7cd6e6e9f9708926b1b369c455e5c74c57b429f13
5c69499aa3566188b5a56b582f49b3ef8f6ff3118f86b733dddd3a313f3be982
5e43541c814eb861f601c6ad0cad0cc7417fd136c8ef271ff08e5e3c1bc96559
5e45cd6deca1886a1881cc8138be178269cb51d0beb20dae39cdee63f9fc484b
63df57246b007e3770872597cbc3b838b8b1ee4aad1f756242bf657d0b660958
63f3b659043af14d8288e1a2338f204b67afe7d1af06920f313fe24cb29b2743
6b2c347351c3b51bdc6136d1cf11764413ef2fe2529d2d82a3da55c9ceb1cf76
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bee9a4fc66b06b3ff3fe68258d0e748c8793efd3e087f5a94a8a3fb2fa94a26
6e44180b46820f87e76733eef016fe95ca8f7b7774622722403c71c033844538
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
76f9a583f4c72d18423d3787d373e838225e0ffe935640f6ca38c6b789445c6e
7a21ae0cdae18fb0bc8777dc3d7f2d00a64af7fc3d40545856b139ee63092edb
7a2b4fe1c167b64fdcdc34f62cdc139c1d9ba09bf07803e8579f9317114ac94a
7b5f0e1e0b3e697d50dc7303d63507ecc541154d70ccdd78dd44a1ed497e743a
83cd4afc0672833e8ac46854de805cda18237894e6d5193111af3e2e866a7a3a
8c0202740466c34454bb3af272443ffdda271ef47ceb1652df246720c3647ed2
8c4baaab9f660812dcffefcbcbb9f43906910515a8ddf6b0cecda74cd84bb567
8d4b0e99ae4b2eb119d1ff8c6e910bb69eeba149932a94304576813dbdad26b5
8db61f95a8f3554830efc6c3942b7322efef09b9d7f0cbfe32135e0fac106d18
8f30f9a1e6dc9fa20f73abab7a32bf933d7e8aa11d80fe872d8c1ce042e01347
986c1cdc1621183a0f1c82ba9f28e1625c4650c63cb1715aa82faad5d0f11957
9c96f7dc0fec763693f577748aa3ae37e3b9dc5971d498874d1f57b7142fb6e5
a09a5f7de84c68891cd6eb7f1a6b266f93bb1ee98792ce4b69e3faa22f715ee1
a1a72cd21503126ff0e4b3106fb66e5b5d33eaa83a7780da687405f12768031f
a4146cae311b16750adb8700b648f9e172317bf25c0b1f62c6f743ae5ad034d9
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a8eae2ef46d62abd031b6c93b2b55940f83f1c15ca9d5b53e89ddfe4599a51d6
ae80f17ba42f0792ad5c2952fd37b6aee9f41f81e08eabe0c9c3e29c09a5d051
b239fa444a062244fb154dae154e0ab8f00aa4809fade475335b5fd3abe1457c
b2e5f0c8e9c0e1407e8d1c3bf4aa27fa0108de519515bb891c682ae3a129d5eb
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
bb51b9caddb8a0e55d70c819b8a8903fbf2f94b7ad453653ec6aa0e823524276
c3518fe7d26d5247b173af463426cb2b3215abfa3848ca33d871055cc94b5be4
c4243f7f5aa95631ca62fab376c3804859e808b66d373d07270872d23b8b081b
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c710d436ff0d2b5ce5afb63dd23a3c4cdad16ef808a2e6ea96f922aa47f6d840
c7992f57d67156f994a38c6bb4ec72fa57601a284558db5e065c02dc36ee9d8c
cb2208d9415718d12bee295eb16dd6ff4329af7b2aa31bbde223c1c2103e08a3
d20ce04cb4a88574b9142b5b6676c88f2344e1db5f101ae05e7fec0ed339af80
d2e866bf454551d78d0fe9d4aa9a0afb7feec1a33581a186da0497c2d52fed43
d5f3085127d154cbd72e219052312767d460633fafa6e38bb9a9446ddb03a270
d751ee25dccbc4708024b04e7512f09d7085f06cdefde246f1d12aa5aa6b1228
d9f4a34c7f1e4bdb5b40409b61b6f1b725be779e52f008b9cfc13ce353aaa913
de58b6e5c3781bde166418651ec266bb3514796a66c9da5f564e6dcd2b99d246
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
e94e9f5cd5e4049747dbb0cd72169a3a2a9e18daf8d865861720f59596e90e0d
ee4970cae7f6a0856d989e8aa4a09a840ad1356014e51c928e2fea79574ea727
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef1b057953cb42e7bdc9c9eca22e03b0463ee466b517708f38e420d35467e2f3
f71190efb3401bbbe347d7fbde655e7c4f40a43b52682f1fe816a5cfa836d3c3
f909a31bfd7a13b9dd53e98b5652f13f4782fdfd1653dc4befade7386c087371
fa008bc0375ff599d5a494903c009636b9f8d7db73a2688a505306796ffcaed4
fd104cfd09242c5bacb9336f804d34e854a507d19b03e4d9e916253d643973bf
ff67d24c69239160ef9303f299aff1ba7ecc4a9d6b7a4cb8f705b1796403b785

au.bfn.today Open in urlscan Pro 2a01:4f8:10a:2e93::2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

121 Requests

100 %HTTPS

83 %IPv6

20 Domains

23 Subdomains

24 IPs

4 Countries

4443 kBTransfer

6566 kBSize

14 Cookies

38 Outgoing links

Redirected requests

121 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

au.bfn.today Open in urlscan Pro
2a01:4f8:10a:2e93::2 Public Scan

Screenshot
Live screenshot

Full Image

121
Requests

100 %
HTTPS

83 %
IPv6

20
Domains

23
Subdomains

24
IPs

4
Countries

4443 kB
Transfer

6566 kB
Size

14
Cookies

121 HTTP transactions
2 data transactions