rainbowbuddies.com.au Open in urlscan Pro
172.105.166.53  Public Scan

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response rainbowbuddies.com.au/	159 KB 22 KB	36ms 8ms	Document text/html	172.105.166.53
General Check archive.org Show headers Download Go to Full URL https://rainbowbuddies.com.au/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 172.105.166.53 Sydney, Australia, ASN (), Reverse DNS server.beautifulhosting.com.au Software Apache / Resource Hash 6c846438e25424f60602087fe9d14dac93359f351383a103a5e1a6f34aa9086f Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers Accept-Ranges bytes Cache-Control max-age=0, no-cache, no-store, must-revalidate Connection Keep-Alive Content-Encoding gzip Content-Length 22593 Content-Type text/html; charset=UTF-8 Date Thu, 14 Nov 2024 00:28:49 GMT Expires Mon, 29 Oct 1923 20:30:00 GMT Keep-Alive timeout=5, max=100 Last-Modified Sun, 29 Sep 2024 03:11:43 GMT Pragma no-cache Server Apache Vary User-Agent,Accept-Encoding
GET H/1.1	200 OK	fk199.css rainbowbuddies.com.au/wp-content/cache/wpfc-minified/ffx1jnuo/	40 KB 8 KB	6ms 5ms	Stylesheet text/css	172.105.166.53
General Check archive.org Show headers Download Go to Full URL https://rainbowbuddies.com.au/wp-content/cache/wpfc-minified/ffx1jnuo/fk199.css Requested by Host: rainbowbuddies.com.au URL: https://rainbowbuddies.com.au/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 172.105.166.53 Sydney, Australia, ASN (), Reverse DNS server.beautifulhosting.com.au Software Apache / Resource Hash d396d38ccb005dd6d17a67a2e86db898cfdb82f72bd7bf6ef9f3f38bff338d83 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://rainbowbuddies.com.au/ Response headers Cache-Control max-age=10368000 Content-Encoding gzip Connection keep-alive, Keep-Alive Expires max-age=A10368000, public Accept-Ranges bytes Content-Length 7940 Keep-Alive timeout=5, max=99 Date Thu, 14 Nov 2024 00:28:49 GMT Last-Modified Mon, 05 Aug 2024 05:38:19 GMT Vary Accept-Encoding Server Apache Content-Type text/css
GET H2	200	css fonts.googleapis.com/	13 KB 2 KB	207ms 103ms	Stylesheet text/css	142.250.71.74 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%7CDM+Serif+Display%3A400&display=fallback&ver=3.9.2 Requested by Host: rainbowbuddies.com.au URL: https://rainbowbuddies.com.au/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.71.74 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS syd15s17-in-f10.1e100.net Software ESF / Resource Hash 2a1d21ec9a552cfa145a2fdb74b8fa5fca8044f970264fde0b3687fef2a35d2d Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://rainbowbuddies.com.au/ Response headers content-encoding gzip x-content-type-options nosniff expires Thu, 14 Nov 2024 00:28:49 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 14 Nov 2024 00:28:49 GMT content-type text/css; charset=utf-8 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site last-modified Thu, 14 Nov 2024 00:28:49 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin access-control-allow-origin * x-xss-protection 0 server ESF
GET H/1.1	200 OK	fk199.css rainbowbuddies.com.au/wp-content/cache/wpfc-minified/95dut7rl/	110 KB 15 KB	14ms 10ms	Stylesheet text/css	172.105.166.53
General Check archive.org Show headers Download Go to Full URL https://rainbowbuddies.com.au/wp-content/cache/wpfc-minified/95dut7rl/fk199.css Requested by Host: rainbowbuddies.com.au URL: https://rainbowbuddies.com.au/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 172.105.166.53 Sydney, Australia, ASN (), Reverse DNS server.beautifulhosting.com.au Software Apache / Resource Hash c1ca227f77befbaeefed6fa53a8011959a6ec593c892454c47aa4385353c1768 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://rainbowbuddies.com.au/ Response headers Cache-Control max-age=10368000 Content-Encoding gzip Connection keep-alive, Keep-Alive Expires max-age=A10368000, public Accept-Ranges bytes Content-Length 14806 Keep-Alive timeout=5, max=100 Date Thu, 14 Nov 2024 00:28:49 GMT Last-Modified Mon, 05 Aug 2024 05:38:19 GMT Vary Accept-Encoding Server Apache Content-Type text/css
GET H/1.1	200 OK	rb-logo.jpg rainbowbuddies.com.au/wp-content/uploads/2024/03/	9 KB 9 KB	3ms 2ms	Image image/jpeg	172.105.166.53
General Check archive.org Show headers Download Go to Show image Full URL https://rainbowbuddies.com.au/wp-content/uploads/2024/03/rb-logo.jpg Requested by Host: rainbowbuddies.com.au URL: https://rainbowbuddies.com.au/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 172.105.166.53 Sydney, Australia, ASN (), Reverse DNS server.beautifulhosting.com.au Software Apache / Resource Hash 8abd8c5aa903b057812480c54590ecd94f344c1e9083c4a96a355b3cd6a5ee3b Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://rainbowbuddies.com.au/ Response headers Cache-Control max-age=10368000 Connection keep-alive, Keep-Alive Expires max-age=A10368000, public Accept-Ranges bytes Content-Length 8892 Keep-Alive timeout=5, max=99 Date Thu, 14 Nov 2024 00:28:49 GMT Last-Modified Tue, 19 Mar 2024 06:31:11 GMT Content-Type image/jpeg Server Apache
GET H/1.1	200 OK	Wheel.png rainbowbuddies.com.au/wp-content/uploads/2024/01/	3 MB 3 MB	8ms 3ms	Image image/png	172.105.166.53
General Check archive.org Show headers Download Go to Show image Full URL https://rainbowbuddies.com.au/wp-content/uploads/2024/01/Wheel.png Requested by Host: rainbowbuddies.com.au URL: https://rainbowbuddies.com.au/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 172.105.166.53 Sydney, Australia, ASN (), Reverse DNS server.beautifulhosting.com.au Software Apache / Resource Hash e82d1aadb8214c1fc3cd4591aa849fc54b7456d58b6b2fd7382a4700cf4f8c5e Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://rainbowbuddies.com.au/ Response headers Cache-Control max-age=10368000 Connection keep-alive, Keep-Alive Expires max-age=A10368000, public Accept-Ranges bytes Content-Length 2863661 Keep-Alive timeout=5, max=100 Date Thu, 14 Nov 2024 00:28:49 GMT Last-Modified Mon, 15 Jan 2024 06:35:20 GMT Content-Type image/png Server Apache
GET H/1.1	200 OK	District-docklands-logo-tile-1538-x-1833-1-859x1024.png rainbowbuddies.com.au/wp-content/uploads/2023/04/	59 KB 59 KB	9ms 4ms	Image image/png	172.105.166.53
General Check archive.org Show headers Download Go to Show image Full URL https://rainbowbuddies.com.au/wp-content/uploads/2023/04/District-docklands-logo-tile-1538-x-1833-1-859x1024.png Requested by Host: rainbowbuddies.com.au URL: https://rainbowbuddies.com.au/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 172.105.166.53 Sydney, Australia, ASN (), Reverse DNS server.beautifulhosting.com.au Software Apache / Resource Hash 6c950ed04c1a8e7338340c16e7c354e2d1b9958e113d9af3a745db60c495caf2 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://rainbowbuddies.com.au/ Response headers Cache-Control max-age=10368000 Connection keep-alive, Keep-Alive Expires max-age=A10368000, public Accept-Ranges bytes Content-Length 60424 Keep-Alive timeout=5, max=100 Date Thu, 14 Nov 2024 00:28:49 GMT Last-Modified Mon, 17 Apr 2023 06:34:31 GMT Content-Type image/png Server Apache
GET H/1.1	200 OK	frontend.min.js Show response rainbowbuddies.com.au/wp-content/themes/astra/assets/js/minified/	17 KB 4 KB	9ms 3ms	Script application/javascript	172.105.166.53
General Check archive.org Show headers Download Go to Full URL https://rainbowbuddies.com.au/wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=3.9.2 Requested by Host: rainbowbuddies.com.au URL: https://rainbowbuddies.com.au/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 172.105.166.53 Sydney, Australia, ASN (), Reverse DNS server.beautifulhosting.com.au Software Apache / Resource Hash d6a23f9c4dec2f455c8e2340a99ad4db01a1d538bb1f2537bab3991ec64e14c7 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://rainbowbuddies.com.au/ Response headers Cache-Control max-age=10368000 Content-Encoding gzip Connection keep-alive, Keep-Alive Expires max-age=A10368000, public Accept-Ranges bytes Content-Length 4075 Keep-Alive timeout=5, max=100 Date Thu, 14 Nov 2024 00:28:49 GMT Last-Modified Sat, 17 Sep 2022 02:35:47 GMT Vary Accept-Encoding Server Apache Content-Type application/javascript
GET H2	200	gtm.js Show response www.googletagmanager.com/	280 KB 99 KB	220ms 120ms	Script application/javascript	172.217.24.40 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-MQ9RH73 Requested by Host: rainbowbuddies.com.au URL: https://rainbowbuddies.com.au/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.24.40 , United States, ASN15169 (GOOGLE, US), Reverse DNS hkg07s23-in-f8.1e100.net Software Google Tag Manager / Resource Hash dc2ae73ffecb3bd531ffb462700d8855a2ee2e953f259c8e88afc803269e1548 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://rainbowbuddies.com.au/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],} expires Thu, 14 Nov 2024 00:28:49 GMT alt-svc h3=":443"; ma=2592000 date Thu, 14 Nov 2024 00:28:49 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding last-modified Thu, 14 Nov 2024 00:00:00 GMT access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 100262 x-xss-protection 0 server Google Tag Manager
GET H2	200	VXW7U3vROPg www.youtube.com/embed/ Frame 4BE3	0 0	548ms 150ms	Document text/html	172.217.167.78 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/embed/VXW7U3vROPg?feature=oembed Requested by Host: rainbowbuddies.com.au URL: https://rainbowbuddies.com.au/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.167.78 , United States, ASN15169 (GOOGLE, US), Reverse DNS syd15s06-in-f14.1e100.net Software ESF / Resource Hash Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script' Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://rainbowbuddies.com.au/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding br content-security-policy require-trusted-types-for 'script' content-type text/html; charset=utf-8 cross-origin-opener-policy-report-only same-origin; report-to="youtube_main" cross-origin-resource-policy cross-origin date Thu, 14 Nov 2024 00:28:50 GMT expires Mon, 01 Jan 1990 00:00:00 GMT origin-trial AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en-GB for more info." permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=* pragma no-cache report-to {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]} server ESF strict-transport-security max-age=31536000 vary Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-content-type-options nosniff x-xss-protection 0
GET H/1.1	200 OK	rb-logo.jpg rainbowbuddies.com.au/wp-content/uploads/2024/03/	9 KB 0	0ms 0ms	Image image/jpeg	172.105.166.53
General Check archive.org Show headers Download Go to Show image Full URL https://rainbowbuddies.com.au/wp-content/uploads/2024/03/rb-logo.jpg Requested by Host: rainbowbuddies.com.au URL: https://rainbowbuddies.com.au/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 172.105.166.53 Sydney, Australia, ASN (), Reverse DNS server.beautifulhosting.com.au Software Apache / Resource Hash 8abd8c5aa903b057812480c54590ecd94f344c1e9083c4a96a355b3cd6a5ee3b Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://rainbowbuddies.com.au/ Response headers Cache-Control max-age=10368000 Expires max-age=A10368000, public Accept-Ranges bytes Content-Length 8892 Date Thu, 14 Nov 2024 00:28:49 GMT Last-Modified Tue, 19 Mar 2024 06:31:11 GMT Content-Type image/jpeg Server Apache
GET H3	200	JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 fonts.gstatic.com/s/montserrat/v26/	32 KB 32 KB	112ms 12ms	Font font/woff2	142.251.221.67 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 Requested by Host: rainbowbuddies.com.au URL: https://rainbowbuddies.com.au/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.221.67 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS syd09s31-in-f3.1e100.net Software sffe / Resource Hash bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://rainbowbuddies.com.au Referer https://rainbowbuddies.com.au/ Response headers age 370374 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Sun, 09 Nov 2025 17:35:55 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sat, 09 Nov 2024 17:35:55 GMT last-modified Wed, 13 Sep 2023 22:51:58 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 33092 x-xss-protection 0 server sffe
GET H3	200	-nFnOHM81r4j6k0gjAW3mujVU2B2G_Bx0g.woff2 fonts.gstatic.com/s/dmserifdisplay/v15/	24 KB 24 KB	110ms 10ms	Font font/woff2	142.251.221.67 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/dmserifdisplay/v15/-nFnOHM81r4j6k0gjAW3mujVU2B2G_Bx0g.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%7CDM+Serif+Display%3A400&display=fallback&ver=3.9.2 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.221.67 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS syd09s31-in-f3.1e100.net Software sffe / Resource Hash 8b0ceabdff07806ce949c228d047d0824bca1bec4c3c3f83ac2cd077a24e55e5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://rainbowbuddies.com.au Referer https://fonts.googleapis.com/ Response headers age 369468 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Sun, 09 Nov 2025 17:51:01 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sat, 09 Nov 2024 17:51:01 GMT last-modified Thu, 24 Aug 2023 17:45:35 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 24768 x-xss-protection 0 server sffe
GET H3	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 fonts.gstatic.com/s/opensans/v40/	47 KB 47 KB	105ms 5ms	Font font/woff2	142.251.221.67 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%7CDM+Serif+Display%3A400&display=fallback&ver=3.9.2 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.221.67 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS syd09s31-in-f3.1e100.net Software sffe / Resource Hash 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://rainbowbuddies.com.au Referer https://fonts.googleapis.com/ Response headers age 468209 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Sat, 08 Nov 2025 14:25:20 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 08 Nov 2024 14:25:20 GMT last-modified Thu, 14 Dec 2023 02:08:40 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 48236 x-xss-protection 0 server sffe
GET H3	200	JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2 fonts.gstatic.com/s/montserrat/v26/	33 KB 34 KB	109ms 8ms	Font font/woff2	142.251.221.67 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v26/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2 Requested by Host: rainbowbuddies.com.au URL: https://rainbowbuddies.com.au/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.221.67 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS syd09s31-in-f3.1e100.net Software sffe / Resource Hash 92443d06835a28423649bca60e6d755e4a1bd09638443196d58e0dd1f06c827f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://rainbowbuddies.com.au Referer https://rainbowbuddies.com.au/ Response headers age 369553 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Sun, 09 Nov 2025 17:49:36 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sat, 09 Nov 2024 17:49:36 GMT last-modified Wed, 13 Sep 2023 22:52:07 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 34288 x-xss-protection 0 server sffe
POST H3	200	collect www.google.com/ccm/	0 0	205ms 103ms	Ping text/plain	142.251.221.68 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Frainbowbuddies.com.au%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=943106848.1731544130&auid=975445753.1731544130&npa=0&gtm=45He4bc0v9101437508za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102077855&tft=1731544130253&tfd=717&apve=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-MQ9RH73 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.221.68 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS syd09s31-in-f4.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://rainbowbuddies.com.au/ Response headers
GET H2	200	js Show response www.googletagmanager.com/gtag/	407 KB 131 KB	122ms 121ms	Script application/javascript	172.217.24.40 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-HSYR624FYE&l=dataLayer&cx=c&gtm=45He4bc0v9101437508za200 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-MQ9RH73 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.24.40 , United States, ASN15169 (GOOGLE, US), Reverse DNS hkg07s23-in-f8.1e100.net Software Google Tag Manager / Resource Hash 1e8e70b5596f351f70f200aee0809ccc2c769f8c8b43a2e9d7e6a22904bed2f1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://rainbowbuddies.com.au/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],} expires Thu, 14 Nov 2024 00:28:50 GMT alt-svc h3=":443"; ma=2592000 date Thu, 14 Nov 2024 00:28:50 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 134113 x-xss-protection 0 server Google Tag Manager
GET H3	200	fbevents.js Show response connect.facebook.net/en_US/	239 KB 61 KB	9ms 3ms	Script application/x-javascript	157.240.8.23 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: rainbowbuddies.com.au URL: https://rainbowbuddies.com.au/ Protocol H3 Security QUIC, , AES_128_GCM Server 157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-01-syd2.fbcdn.net Software / Resource Hash 527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-F4cES7YE' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://rainbowbuddies.com.au/ Response headers content-encoding gzip report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Thu, 14 Nov 2024 00:28:50 GMT content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" priority u=3,i x-frame-options DENY strict-transport-security max-age=31536000; preload; includeSubDomains reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-F4cES7YE' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; cache-control public, max-age=1200 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups x-fb-connection-quality EXCELLENT; q=0.9, rtt=1, rtx=0, c=23, mss=1232, tbw=4439, tp=9, tpl=0, uplat=1, ullat=-1 pragma public x-fb-debug Z4WOObmkakHKmX/ByE8ss2CmgZ9eqccNmSbgAKKur27BVP0XlnNWHRlTy9SOGL1wz9xKVD9C4u7IaAfYRJXGZw== cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" document-policy force-load-at-top cross-origin-opener-policy-report-only restrict-properties;report-to="coop_report" content-length 62107 x-xss-protection 0 origin-agent-cluster ?1
GET H2	200	sw_iframe.html www.googletagmanager.com/static/service_worker/4al0/ Frame DCA7	0 0	400ms 3ms	Document text/html	172.217.24.40 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Frainbowbuddies.com.au Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-MQ9RH73 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.24.40 , United States, ASN15169 (GOOGLE, US), Reverse DNS hkg07s23-in-f8.1e100.net Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers accept-ranges bytes age 91636 alt-svc h3=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding br content-length 1476 content-type text/html cross-origin-opener-policy same-origin; report-to="analytics-container-tag-serving" cross-origin-resource-policy cross-origin date Tue, 12 Nov 2024 23:01:34 GMT expires Wed, 12 Nov 2025 23:01:34 GMT last-modified Mon, 21 Oct 2024 16:58:00 GMT report-to {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]} server sffe service-worker-allowed /static/service_worker vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	1173778406655141 Show response connect.facebook.net/signals/config/	76 KB 15 KB	323ms 323ms	Script application/x-javascript	157.240.8.23 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/1173778406655141?v=2.9.176&r=stable&domain=rainbowbuddies.com.au&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-01-syd2.fbcdn.net Software / Resource Hash 5f5cc6e28e5294dac1269db05fff39b6b75c85690018f48623df24129f3dfb3d Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-K4MLS7Lx' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://rainbowbuddies.com.au/ Response headers content-encoding gzip report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Thu, 14 Nov 2024 00:28:50 GMT content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" priority u=3,i x-frame-options DENY strict-transport-security max-age=31536000; preload; includeSubDomains reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src 'self' data: blob: *;script-src 'nonce-K4MLS7Lx' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; cache-control public, max-age=1200 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups x-fb-connection-quality EXCELLENT; q=0.9, rtt=1, rtx=0, c=77, mss=1232, tbw=70980, tp=68, tpl=0, uplat=321, ullat=0 pragma public x-fb-debug Ddtt0av0oLhtpXS//p4qJV3Of+fk5OV4AD6lBWclbes7f7Eqbnb3B9oDWyn/DicscBVA38WfqRN/+LR8GIKWbw== cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" document-policy force-load-at-top x-xss-protection 0 origin-agent-cluster ?1
POST H2	204	collect analytics.google.com/g/	0 0	513ms 100ms	Fetch text/plain	216.239.34.181 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://analytics.google.com/g/collect?v=2&tid=G-HSYR624FYE&gtm=45je4bc0v9101448177z89101437508za200zb9101437508&_p=1731544129791&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102077855&cid=1045775277.1731544131&ul=en-au&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1731544130&sct=1&seg=0&dl=https%3A%2F%2Frainbowbuddies.com.au%2F&dt=Complete%20your%20tasks%2C%20survive%2C%20cheat%20and%20lie.%20Just%20don%E2%80%99t%20be%20discovered%20to%20be%20an%20impostor.&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1113 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-HSYR624FYE&l=dataLayer&cx=c&gtm=45He4bc0v9101437508za200 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.239.34.181 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://rainbowbuddies.com.au/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0 report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],} expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://rainbowbuddies.com.au cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 14 Nov 2024 00:28:51 GMT content-type text/plain server Golfe2
POST H2	204	collect stats.g.doubleclick.net/g/	0 558 B	587ms 95ms	Ping text/plain	74.125.200.154 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-HSYR624FYE&cid=1045775277.1731544131&gtm=45je4bc0v9101448177z89101437508za200zb9101437508&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101925629~102067555~102077855 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-HSYR624FYE&l=dataLayer&cx=c&gtm=45He4bc0v9101437508za200 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.200.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS sa-in-f154.1e100.net Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://rainbowbuddies.com.au/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0 report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],} expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://rainbowbuddies.com.au cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 14 Nov 2024 00:28:51 GMT content-type text/plain server Golfe2
GET H2	200	rul td.doubleclick.net/td/ga/ Frame E29A	0 0	503ms 104ms	Document text/html	172.217.24.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://td.doubleclick.net/td/ga/rul?tid=G-HSYR624FYE&gacid=1045775277.1731544131&gtm=45je4bc0v9101448177z89101437508za200zb9101437508&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102077855&z=726340198 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-HSYR624FYE&l=dataLayer&cx=c&gtm=45He4bc0v9101437508za200 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.24.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS hkg07s23-in-f34.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://rainbowbuddies.com.au/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=2592000 cache-control no-cache, must-revalidate content-encoding br content-length 16 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 14 Nov 2024 00:28:51 GMT expires Fri, 01 Jan 1990 00:00:00 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" pragma no-cache server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/11082407917/	6 KB 2 KB	213ms 115ms	Script text/javascript	142.250.66.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11082407917/?random=1731544130679&cv=11&fst=1731544130679&bg=ffffff&guid=ON&async=1&gtm=45je4bc0v9101448177z89101437508za200zb9101437508&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2Frainbowbuddies.com.au%2F&hn=www.googleadservices.com&frm=0&tiba=Complete%20your%20tasks%2C%20survive%2C%20cheat%20and%20lie.%20Just%20don%E2%80%99t%20be%20discovered%20to%20be%20an%20impostor.&npa=0&pscdl=noapi&auid=975445753.1731544130&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-HSYR624FYE&l=dataLayer&cx=c&gtm=45He4bc0v9101437508za200 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.66.226 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS syd15s15-in-f2.1e100.net Software cafe / Resource Hash aeca5318adec4f09b5cbe7383318a148b59d8c60d3176f76e472e5510056fdb2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://rainbowbuddies.com.au/ Response headers cache-control no-cache, must-revalidate timing-allow-origin * content-encoding br pragma no-cache cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" content-length 2407 date Thu, 14 Nov 2024 00:28:50 GMT x-xss-protection 0 content-type text/javascript; charset=UTF-8 content-disposition attachment; filename="f.txt" server cafe
GET H2	200	11082407917 td.doubleclick.net/td/rul/ Frame 5954	0 0	495ms 107ms	Document text/html	172.217.24.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://td.doubleclick.net/td/rul/11082407917?random=1731544130679&cv=11&fst=1731544130679&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45je4bc0v9101448177z89101437508za200zb9101437508&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2Frainbowbuddies.com.au%2F&hn=www.googleadservices.com&frm=0&tiba=Complete%20your%20tasks%2C%20survive%2C%20cheat%20and%20lie.%20Just%20don%E2%80%99t%20be%20discovered%20to%20be%20an%20impostor.&npa=0&pscdl=noapi&auid=975445753.1731544130&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-HSYR624FYE&l=dataLayer&cx=c&gtm=45He4bc0v9101437508za200 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.24.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS hkg07s23-in-f34.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://rainbowbuddies.com.au/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=2592000 cache-control no-cache, must-revalidate content-encoding br content-length 16 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 14 Nov 2024 00:28:51 GMT expires Fri, 01 Jan 1990 00:00:00 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" pragma no-cache server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	ga-audiences www.google.com.au/ads/	42 B 63 B	319ms 170ms	Image image/gif	142.251.40.35 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com.au/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-HSYR624FYE&cid=1045775277.1731544131&gtm=45je4bc0v9101448177z89101437508za200zb9101437508&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101925629~102067555~102077855&tag_exp=101925629~102067555~102077855&z=644889837 Requested by Host: rainbowbuddies.com.au URL: https://rainbowbuddies.com.au/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.40.35 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS lax17s55-in-f3.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://rainbowbuddies.com.au/ Response headers cache-control no-cache, no-store, must-revalidate timing-allow-origin * pragma no-cache cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 42 date Thu, 14 Nov 2024 00:28:50 GMT x-xss-protection 0 content-type image/gif server cafe
GET H3	200	/ www.facebook.com/tr/	0 19 B	15ms 3ms	Image text/plain	157.240.8.35 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1173778406655141&ev=PageView&dl=https%3A%2F%2Frainbowbuddies.com.au%2F&rl=&if=false&ts=1731544130715&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.2.1731544130713.807405331632532622&cs_est=true&ler=empty&cdl=API_unavailable&it=1731544130290&coo=false&rqm=GET Requested by Host: rainbowbuddies.com.au URL: https://rainbowbuddies.com.au/ Protocol H3 Security QUIC, , AES_128_GCM Server 157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-01-syd2.facebook.com Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://rainbowbuddies.com.au/ Response headers strict-transport-security max-age=31536000; includeSubDomains x-fb-connection-quality EXCELLENT; q=0.9, rtt=1, rtx=0, c=23, mss=1232, tbw=4529, tp=11, tpl=0, uplat=0, ullat=0 cross-origin-resource-policy cross-origin access-control-allow-credentials true access-control-allow-origin alt-svc h3=":443"; ma=86400 content-length 0 date Thu, 14 Nov 2024 00:28:50 GMT content-type text/plain server proxygen-bolt priority u=3,i
GET H3	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 197 B	314ms 305ms	Image image/png	157.240.8.35 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1173778406655141&ev=PageView&dl=https%3A%2F%2Frainbowbuddies.com.au%2F&rl=&if=false&ts=1731544130715&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.2.1731544130713.807405331632532622&cs_est=true&ler=empty&cdl=API_unavailable&it=1731544130290&coo=false&rqm=FGET Requested by Host: rainbowbuddies.com.au URL: https://rainbowbuddies.com.au/ Protocol H3 Security QUIC, , AES_128_GCM Server 157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-01-syd2.facebook.com Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://rainbowbuddies.com.au/ Response headers content-encoding zstd report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7436925410158444283"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Thu, 14 Nov 2024 00:28:50 GMT content-type image/png vary Accept-Encoding x-fb-debug tw08rQP7dCTMM+Yajqj2k5/k/OJuaIe7dFlGwwpjRs1QX2bF9s0obgy/WkaYgqdznazFZ6MAIEReEVeVOwf1Tw== priority u=3,i x-frame-options DENY strict-transport-security max-age=15552000; preload reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7436925410158444283", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; cache-control private, no-store, no-cache, must-revalidate x-fb-connection-quality EXCELLENT; q=0.9, rtt=1, rtx=0, c=23, mss=1232, tbw=4929, tp=14, tpl=0, uplat=301, ullat=0 cross-origin-opener-policy same-origin-allow-popups pragma no-cache cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" document-policy force-load-at-top cross-origin-opener-policy-report-only restrict-properties;report-to="coop_report" x-xss-protection 0 origin-agent-cluster ?0
GET H3	200	/ www.google.com/pagead/1p-user-list/11082407917/	42 B 64 B	104ms 104ms	Image image/gif	142.251.221.68 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/11082407917/?random=1731544130679&cv=11&fst=1731542400000&bg=ffffff&guid=ON&async=1&gtm=45je4bc0v9101448177z89101437508za200zb9101437508&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2Frainbowbuddies.com.au%2F&hn=www.googleadservices.com&frm=0&tiba=Complete%20your%20tasks%2C%20survive%2C%20cheat%20and%20lie.%20Just%20don%E2%80%99t%20be%20discovered%20to%20be%20an%20impostor.&npa=0&pscdl=noapi&auid=975445753.1731544130&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dHG91Gn5iSk56I0hlEk2nXUeeDX97iQ&random=2664387214&rmt_tld=0&ipr=y Requested by Host: rainbowbuddies.com.au URL: https://rainbowbuddies.com.au/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.221.68 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS syd09s31-in-f4.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://rainbowbuddies.com.au/ Response headers content-security-policy script-src 'none'; object-src 'none' cache-control no-cache, no-store, must-revalidate timing-allow-origin * pragma no-cache cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 42 date Thu, 14 Nov 2024 00:28:50 GMT x-xss-protection 0 content-type image/gif server cafe
GET H3	200	/ www.google.com.au/pagead/1p-user-list/11082407917/	42 B 64 B	151ms 151ms	Image image/gif	142.251.40.35 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com.au/pagead/1p-user-list/11082407917/?random=1731544130679&cv=11&fst=1731542400000&bg=ffffff&guid=ON&async=1&gtm=45je4bc0v9101448177z89101437508za200zb9101437508&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2Frainbowbuddies.com.au%2F&hn=www.googleadservices.com&frm=0&tiba=Complete%20your%20tasks%2C%20survive%2C%20cheat%20and%20lie.%20Just%20don%E2%80%99t%20be%20discovered%20to%20be%20an%20impostor.&npa=0&pscdl=noapi&auid=975445753.1731544130&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dHG91Gn5iSk56I0hlEk2nXUeeDX97iQ&random=2664387214&rmt_tld=1&ipr=y Requested by Host: rainbowbuddies.com.au URL: https://rainbowbuddies.com.au/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.40.35 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS lax17s55-in-f3.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://rainbowbuddies.com.au/ Response headers content-security-policy script-src 'none'; object-src 'none' cache-control no-cache, no-store, must-revalidate timing-allow-origin * pragma no-cache cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 42 date Thu, 14 Nov 2024 00:28:50 GMT x-xss-protection 0 content-type image/gif server cafe
GET H/1.1	200 OK	cropped-cropped-Saboteurs-White-Logo-32x32.jpg rainbowbuddies.com.au/wp-content/uploads/2022/09/	1 KB 2 KB	4ms 4ms	Other image/jpeg	172.105.166.53
General Check archive.org Show headers Download Go to Full URL https://rainbowbuddies.com.au/wp-content/uploads/2022/09/cropped-cropped-Saboteurs-White-Logo-32x32.jpg Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 172.105.166.53 Sydney, Australia, ASN (), Reverse DNS server.beautifulhosting.com.au Software Apache / Resource Hash 75617e703fab61439f38b6ff4ff89b5b3fb441127e955b4cf9bfa00f040a947f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://rainbowbuddies.com.au/ Response headers Cache-Control max-age=10368000 Connection keep-alive, Keep-Alive Expires max-age=A10368000, public Accept-Ranges bytes Content-Length 1283 Keep-Alive timeout=5, max=99 Date Thu, 14 Nov 2024 00:28:50 GMT Last-Modified Wed, 14 Sep 2022 00:06:17 GMT Content-Type image/jpeg Server Apache

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| dataLayer object| astra function| astraGetParents function| getParents function| astraToggleClass function| toggleClass function| astraTriggerEvent function| popupTriggerClick function| AstraToggleSubMenu function| AstraToggleSetup function| astraNavMenuToggle object| google_tag_manager object| google_tag_data function| fbq function| _fbq function| onYouTubeIframeAPIReady object| gaGlobal object| GooglebQhCsO

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.rainbowbuddies.com.au/	1970-01-21 03:08:40	Name: _gcl_au Value: 1.1.975445753.1731544130
			.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: PX2pm2uCXBY
			.youtube.com/	1970-01-21 05:18:16	Name: VISITOR_INFO1_LIVE Value: ZckEIp56qlo
			.youtube.com/	1970-01-21 05:18:16	Name: VISITOR_PRIVACY_METADATA Value: CgJBVRIEGgAgSA%3D%3D
			.rainbowbuddies.com.au/	1970-01-21 10:35:04	Name: _ga_HSYR624FYE Value: GS1.1.1731544130.1.0.1731544130.60.0.0
			.rainbowbuddies.com.au/	1970-01-21 10:35:04	Name: _ga Value: GA1.1.1045775277.1731544131
			.rainbowbuddies.com.au/	1970-01-21 03:08:40	Name: _fbp Value: fb.2.1731544130713.807405331632532622
			.doubleclick.net/	1970-01-21 00:59:05	Name: test_cookie Value: CheckForPermission

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://rainbowbuddies.com.au/(Line 1065) Message: Unrecognized feature: 'web-share'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
rainbowbuddies.com.au
stats.g.doubleclick.net
td.doubleclick.net
www.facebook.com
www.google.com
www.google.com.au
www.googletagmanager.com
www.youtube.com
142.250.66.226
142.250.71.74
142.251.221.67
142.251.221.68
142.251.40.35
157.240.8.23
157.240.8.35
172.105.166.53
172.217.167.78
172.217.24.34
172.217.24.40
216.239.34.181
74.125.200.154
1e8e70b5596f351f70f200aee0809ccc2c769f8c8b43a2e9d7e6a22904bed2f1
2a1d21ec9a552cfa145a2fdb74b8fa5fca8044f970264fde0b3687fef2a35d2d
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
5f5cc6e28e5294dac1269db05fff39b6b75c85690018f48623df24129f3dfb3d
6c846438e25424f60602087fe9d14dac93359f351383a103a5e1a6f34aa9086f
6c950ed04c1a8e7338340c16e7c354e2d1b9958e113d9af3a745db60c495caf2
75617e703fab61439f38b6ff4ff89b5b3fb441127e955b4cf9bfa00f040a947f
8abd8c5aa903b057812480c54590ecd94f344c1e9083c4a96a355b3cd6a5ee3b
8b0ceabdff07806ce949c228d047d0824bca1bec4c3c3f83ac2cd077a24e55e5
92443d06835a28423649bca60e6d755e4a1bd09638443196d58e0dd1f06c827f
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aeca5318adec4f09b5cbe7383318a148b59d8c60d3176f76e472e5510056fdb2
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
c1ca227f77befbaeefed6fa53a8011959a6ec593c892454c47aa4385353c1768
d396d38ccb005dd6d17a67a2e86db898cfdb82f72bd7bf6ef9f3f38bff338d83
d6a23f9c4dec2f455c8e2340a99ad4db01a1d538bb1f2537bab3991ec64e14c7
dc2ae73ffecb3bd531ffb462700d8855a2ee2e953f259c8e88afc803269e1548
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e82d1aadb8214c1fc3cd4591aa849fc54b7456d58b6b2fd7382a4700cf4f8c5e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629