www.bf9.net Open in urlscan Pro
13.250.255.10 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://oempr.com/
Effective URL:
https://www.bf9.net/
Submission: On January 06 via api (January 6th 2022, 1:13:20 am UTC) from US — Scanned from DE

Summary HTTP 24 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 7 IPs in 3 countries across 6 domains to perform 24 HTTP transactions. The main IP is 13.250.255.10, located in Singapore, Singapore and belongs to AMAZON-02, US. The main domain is www.bf9.net.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on November 27th 2021. Valid for: 3 months.

This is the only time www.bf9.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	107.178.181.110 107.178.181.110	26658 (HENGTONG-...) (HENGTONG-IDC-LLC)
1	13.250.255.10 13.250.255.10	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
16	2606:4700::68... 2606:4700::6812:d44	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
2	52.77.22.111 52.77.22.111	16509 (AMAZON-02) (AMAZON-02)
24	7

1 107.178.181.110 (United States)

ASN26658 (HENGTONG-IDC-LLC, US)

oempr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.250.255.10 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-250-255-10.ap-southeast-1.compute.amazonaws.com

www.bf9.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700::6812:d44 (United States)

ASN13335 (CLOUDFLARENET, US)

w.ladicdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.77.22.111 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-77-22-111.ap-southeast-1.compute.amazonaws.com

a.ladipage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	ladicdn.com w.ladicdn.com — Cisco Umbrella Rank: 40100	2 MB
3	gstatic.com fonts.gstatic.com	89 KB
2	ladipage.com a.ladipage.com — Cisco Umbrella Rank: 60361	632 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 43	1 KB
1	bf9.net www.bf9.net	12 KB
1	oempr.com oempr.com	2 KB
24	6

	Domain	Requested by
16	w.ladicdn.com	www.bf9.net
3	fonts.gstatic.com	fonts.googleapis.com
2	a.ladipage.com	w.ladicdn.com
1	fonts.googleapis.com	www.bf9.net
1	www.bf9.net	oempr.com
1	oempr.com
24	6

This site contains links to these domains. Also see Links.

Domain
www.sodo15.com
www.youtube.com
t.me
www.facebook.com
zalo.me

Subject Issuer	Validity	Valid
www.bf9.net ZeroSSL RSA Domain Secure Site CA	`2021-11-27` - `2022-02-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
ladicdn.com Cloudflare Inc ECC CA-3	`2021-06-12` - `2022-06-11`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
a.ladipage.com Amazon	`2021-07-17` - `2022-08-15`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.bf9.net/
Frame ID: 9E86C2D9CF785C9E26CFAE23F905F9B0
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

TRANG NHÀ CÁI UY TÍN 2022

Page URL History Show full URLs

http://oempr.com/ Page URL
https://www.bf9.net/ Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

24
Requests

96 %
HTTPS

50 %
IPv6

6
Domains

6
Subdomains

7
IPs

3
Countries

2219 kB
Transfer

2568 kB
Size

4
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.sodo15.com/?inviteCode=62187004&regAgentJumpFlag=1

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCy9y9d6HTtAgiDL5sJfXLTA/videos

Search URL Search Domain Scan URL

URL: https://t.me/nhacaisodo

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sodoviet2021

Search URL Search Domain Scan URL

URL: https://zalo.me/0528276548

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://oempr.com/ Page URL
https://www.bf9.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 404
Not Found / Show response
oempr.com/ 3 KB
2 KB 721ms
313ms Document
text/html 107.178.181.110
HENGTONG-IDC-LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://oempr.com/
Protocol: HTTP/1.1
Server: 107.178.181.110 , United States, ASN26658 (HENGTONG-IDC-LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: cfcf5f3e1d39aa00fa47db942813f0efcdab76ac1ef586e0b9248c4a5032f338

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: nginx
Date: Wed, 05 Jan 2022 17:12:58 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

GET
H2 200 Primary Request / Show response
www.bf9.net/ 66 KB
12 KB 575ms
182ms Document
text/html 13.250.255.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bf9.net/
Requested by: Host: oempr.com
URL: http://oempr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.250.255.10 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-250-255-10.ap-southeast-1.compute.amazonaws.com
Software: openresty /
Resource Hash: 95d6e978512e78cf6a3dfeae579fb360fe3ca3478f50619fbf6c84c0272fd01d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://oempr.com/

Response headers

server: openresty
date: Thu, 06 Jan 2022 01:13:17 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0
statuscode: 200
content-encoding: gzip

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 42ms
16ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular&display=swap

Requested by

Host: www.bf9.net
URL: https://www.bf9.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

62bd7091eeb23e4141a0eb78186579f42b66d1ed8508e0e65bfe3675fc27fce6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bf9.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 06 Jan 2022 01:07:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 06 Jan 2022 01:13:17 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 06 Jan 2022 01:13:17 GMT

GET
H2 200 ladipage.vi.min.js Show response
w.ladicdn.com/v2/source/ 307 KB
70 KB 104ms
36ms Script
text/javascript 2606:4700::6812:d44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://w.ladicdn.com/v2/source/ladipage.vi.min.js?v=1640164822455
Requested by: Host: www.bf9.net
URL: https://www.bf9.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 935291682f06fa385e56f9817d16035198f3747661d48278afcd3935d6865b79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bf9.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 01:13:17 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1262721
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 22 Dec 2021 09:26:15 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 6c91153aab67374c-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires: Thu, 22 Dec 2022 09:26:15 GMT

GET
H2 200 ladipage.min.css
w.ladicdn.com/v2/source/ 66 KB
7 KB 49ms
48ms Stylesheet
text/css 2606:4700::6812:d44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://w.ladicdn.com/v2/source/ladipage.min.css?v=1640164822455
Requested by: Host: www.bf9.net
URL: https://www.bf9.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 610c3e3209f5521861a818af33bcb1f19b88b1d50a4cd54745ef763897c9ef38

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bf9.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 01:13:17 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1262721
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 22 Dec 2021 09:26:15 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 6c91153b3bc4374c-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires: Thu, 22 Dec 2022 09:26:15 GMT

GET
H2 200 background-fix-20211227081456.png
w.ladicdn.com/s1440x1077/61416d65d1330500bc1e1272/ 1 MB
1 MB 53ms
52ms Image
image/webp 2606:4700::6812:d44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/s1440x1077/61416d65d1330500bc1e1272/background-fix-20211227081456.png
Requested by: Host: www.bf9.net
URL: https://www.bf9.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7e030ac872931462f4c0cb5392bc09a0c5b1ad6130c8486322fcec5cb9035aa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bf9.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 01:13:17 GMT
vary: Accept
cf-cache-status: HIT
age: 829721
cf-polished: origFmt=png, origSize=1665663
content-disposition: inline; filename="background-fix-20211227081456.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 27 Dec 2021 08:23:11 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
expires: Tue, 27 Dec 2022 08:23:11 GMT
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 6c91153b3bcf374c-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
cf-bgj: imgq:100,h2pri

GET
H2 200 khung-20211226083815.png
w.ladicdn.com/s1000x750/61416d65d1330500bc1e1272/ 106 KB
106 KB 29ms
27ms Image
image/webp 2606:4700::6812:d44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/s1000x750/61416d65d1330500bc1e1272/khung-20211226083815.png
Requested by: Host: www.bf9.net
URL: https://www.bf9.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c2eeecb7f0a219ae16e14d5fce4b055730d237952ab8230127e9d6368e89794

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bf9.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 01:13:17 GMT
vary: Accept
cf-cache-status: HIT
age: 829721
cf-polished: origFmt=png, origSize=154456
content-disposition: inline; filename="khung-20211226083815.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 27 Dec 2021 08:56:10 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
expires: Tue, 27 Dec 2022 08:56:10 GMT
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 6c91153b3bd3374c-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
cf-bgj: imgq:100,h2pri

GET
H2 200 dk_tk-20211226083815.png
w.ladicdn.com/s850x400/61416d65d1330500bc1e1272/ 24 KB
24 KB 47ms
45ms Image
image/webp 2606:4700::6812:d44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/s850x400/61416d65d1330500bc1e1272/dk_tk-20211226083815.png
Requested by: Host: www.bf9.net
URL: https://www.bf9.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2acf9c17818ec4e367ce8860e69d3efa7f955f60e9cb2a2332fc9cad5012d0df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bf9.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 01:13:17 GMT
vary: Accept
cf-cache-status: HIT
age: 829721
cf-polished: origFmt=png, origSize=31205
content-disposition: inline; filename="dk_tk-20211226083815.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 27 Dec 2021 08:18:09 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
expires: Tue, 27 Dec 2022 08:18:09 GMT
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 6c91153b3bd8374c-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
cf-bgj: imgq:100,h2pri

GET
H2 200 khung_text-20211226083815.png
w.ladicdn.com/s850x400/61416d65d1330500bc1e1272/ 5 KB
5 KB 50ms
48ms Image
image/webp 2606:4700::6812:d44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/s850x400/61416d65d1330500bc1e1272/khung_text-20211226083815.png
Requested by: Host: www.bf9.net
URL: https://www.bf9.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8fe227b170d6412c17b874f3f9a2679f56c6a6b037afca58193a52ef43069f9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bf9.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 01:13:17 GMT
vary: Accept
cf-cache-status: HIT
age: 829721
cf-polished: origFmt=png, origSize=7598
content-disposition: inline; filename="khung_text-20211226083815.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 27 Dec 2021 08:18:09 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
expires: Tue, 27 Dec 2022 08:18:09 GMT
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 6c91153b3bdc374c-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
cf-bgj: imgq:100,h2pri

GET
H2 200 ytb-20211226084656.png
w.ladicdn.com/s400x400/61416d65d1330500bc1e1272/ 6 KB
6 KB 51ms
48ms Image
image/webp 2606:4700::6812:d44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/s400x400/61416d65d1330500bc1e1272/ytb-20211226084656.png
Requested by: Host: www.bf9.net
URL: https://www.bf9.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9661783b0c2a585ba734f3cdbf8e40821c3459dcb98d9f895278a8aa132412a2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bf9.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 01:13:17 GMT
vary: Accept
cf-cache-status: HIT
age: 829721
cf-polished: origFmt=png, origSize=8963
content-disposition: inline; filename="ytb-20211226084656.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sun, 26 Dec 2021 08:57:36 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
expires: Mon, 26 Dec 2022 08:57:36 GMT
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 6c91153b3be1374c-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
cf-bgj: imgq:100,h2pri

GET
H2 200 tl-20211226084656.png
w.ladicdn.com/s400x400/61416d65d1330500bc1e1272/ 6 KB
7 KB 51ms
49ms Image
image/webp 2606:4700::6812:d44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/s400x400/61416d65d1330500bc1e1272/tl-20211226084656.png
Requested by: Host: www.bf9.net
URL: https://www.bf9.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f3a33f1406291cbe0b8b52bc776c8d6280224d3389ba6e37e03b6a4c4223f6d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bf9.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 01:13:17 GMT
vary: Accept
cf-cache-status: HIT
age: 829721
cf-polished: origFmt=png, origSize=9742
content-disposition: inline; filename="tl-20211226084656.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sun, 26 Dec 2021 08:57:36 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
expires: Mon, 26 Dec 2022 08:57:36 GMT
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 6c91153b3be3374c-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
cf-bgj: imgq:100,h2pri

GET
H2 200 fb-20211226084656.png
w.ladicdn.com/s400x400/61416d65d1330500bc1e1272/ 5 KB
5 KB 52ms
49ms Image
image/webp 2606:4700::6812:d44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/s400x400/61416d65d1330500bc1e1272/fb-20211226084656.png
Requested by: Host: www.bf9.net
URL: https://www.bf9.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c340096d76ec6c18164316f700e9ac93c35eee836a0652faacc0dd1cbf00a500

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bf9.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 01:13:17 GMT
vary: Accept
cf-cache-status: HIT
age: 829721
cf-polished: origFmt=png, origSize=8046
content-disposition: inline; filename="fb-20211226084656.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sun, 26 Dec 2021 08:57:36 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
expires: Mon, 26 Dec 2022 08:57:36 GMT
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 6c91153b3be4374c-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
cf-bgj: imgq:100,h2pri

GET
H2 200 zl-20211226084656.png
w.ladicdn.com/s400x400/61416d65d1330500bc1e1272/ 7 KB
7 KB 51ms
49ms Image
image/webp 2606:4700::6812:d44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/s400x400/61416d65d1330500bc1e1272/zl-20211226084656.png
Requested by: Host: www.bf9.net
URL: https://www.bf9.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e210f706fc4e69202b04622877c953303a2beb94aa3754b9e85b4d93e230c689

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bf9.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 01:13:17 GMT
vary: Accept
cf-cache-status: HIT
age: 829721
cf-polished: origFmt=png, origSize=9662
content-disposition: inline; filename="zl-20211226084656.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sun, 26 Dec 2021 08:57:36 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
expires: Mon, 26 Dec 2022 08:57:36 GMT
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 6c91153b3be6374c-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
cf-bgj: imgq:100,h2pri

GET
H2 200 btn_dang-ky-ngay-20211226083814.png
w.ladicdn.com/s293x68/61416d65d1330500bc1e1272/ 22 KB
23 KB 52ms
50ms Image
image/webp 2606:4700::6812:d44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/s293x68/61416d65d1330500bc1e1272/btn_dang-ky-ngay-20211226083814.png
Requested by: Host: www.bf9.net
URL: https://www.bf9.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 473b66c9e5aaeeb5cdd3774e7dac05d8777fcc50a6505ad54e88e564f008d04c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bf9.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 01:13:17 GMT
vary: Accept
cf-cache-status: HIT
age: 829721
cf-polished: origFmt=png, origSize=40239
content-disposition: inline; filename="btn_dang-ky-ngay-20211226083814.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sun, 26 Dec 2021 08:57:36 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
expires: Mon, 26 Dec 2022 08:57:36 GMT
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 6c91153b3be7374c-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
cf-bgj: imgq:100,h2pri

GET
H2 200 touch-20211020031357.png
w.ladicdn.com/s400x400/61416d65d1330500bc1e1272/ 2 KB
2 KB 51ms
49ms Image
image/webp 2606:4700::6812:d44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/s400x400/61416d65d1330500bc1e1272/touch-20211020031357.png
Requested by: Host: www.bf9.net
URL: https://www.bf9.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6796fccf930f4c9a7eca09400b19eca2163b080d0d7f976c65fbbc5e2fc0ccf9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bf9.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 01:13:17 GMT
vary: Accept
cf-cache-status: HIT
age: 19311
cf-polished: origFmt=png, origSize=2643
content-disposition: inline; filename="touch-20211020031357.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 16 Nov 2021 06:09:47 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
expires: Wed, 16 Nov 2022 06:09:47 GMT
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 6c91153b3be8374c-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
cf-bgj: imgq:100,h2pri

GET
H2 200 mobile_km2-20211226090557.png
w.ladicdn.com/s750x550/61416d65d1330500bc1e1272/ 158 KB
158 KB 52ms
50ms Image
image/webp 2606:4700::6812:d44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/s750x550/61416d65d1330500bc1e1272/mobile_km2-20211226090557.png
Requested by: Host: www.bf9.net
URL: https://www.bf9.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44ea47c1a1fd2c0cf4d068c6cd7c8083cf3027256272e6ce419f93b239003054

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bf9.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 01:13:17 GMT
vary: Accept
cf-cache-status: HIT
age: 829721
cf-polished: origFmt=png, origSize=232913
content-disposition: inline; filename="mobile_km2-20211226090557.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 27 Dec 2021 08:33:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
expires: Tue, 27 Dec 2022 08:33:08 GMT
access-control-allow-credentials: true
cf-ray: 6c91153b3be9374c-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
cf-bgj: imgq:100,h2pri

GET
H2 200 mobile_km3-20211226090557.png
w.ladicdn.com/s750x550/61416d65d1330500bc1e1272/ 131 KB
131 KB 51ms
49ms Image
image/webp 2606:4700::6812:d44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/s750x550/61416d65d1330500bc1e1272/mobile_km3-20211226090557.png
Requested by: Host: www.bf9.net
URL: https://www.bf9.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3ec094bc4509ec943954502f1afde2520516c99346d3def4022bab1a54dd4c9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bf9.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 01:13:17 GMT
vary: Accept
cf-cache-status: HIT
age: 829721
cf-polished: origFmt=png, origSize=199215
content-disposition: inline; filename="mobile_km3-20211226090557.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 27 Dec 2021 08:37:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
expires: Tue, 27 Dec 2022 08:37:23 GMT
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 6c91153b3bea374c-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
cf-bgj: imgq:100,h2pri

GET
H2 200 mobile_km1-20211226090557.png
w.ladicdn.com/s750x550/61416d65d1330500bc1e1272/ 154 KB
154 KB 51ms
50ms Image
image/webp 2606:4700::6812:d44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/s750x550/61416d65d1330500bc1e1272/mobile_km1-20211226090557.png
Requested by: Host: www.bf9.net
URL: https://www.bf9.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5297ce07833c88a6c82a4d95009d94834e638c9ce12e13094b27a39546ab3f35

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bf9.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 01:13:17 GMT
vary: Accept
cf-cache-status: HIT
age: 829721
cf-polished: origFmt=png, origSize=230331
content-disposition: inline; filename="mobile_km1-20211226090557.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 27 Dec 2021 08:37:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
expires: Tue, 27 Dec 2022 08:37:23 GMT
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 6c91153b3beb374c-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
cf-bgj: imgq:100,h2pri

GET
DATA 200
OK truncated
/ 196 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e2aa365d928199d95cd5339381efefb336e7c7d62188ab434f1ed2035578e686

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 text-20211226083815.png
w.ladicdn.com/s850x500/61416d65d1330500bc1e1272/ 66 KB
66 KB 51ms
50ms Image
image/webp 2606:4700::6812:d44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/s850x500/61416d65d1330500bc1e1272/text-20211226083815.png
Requested by: Host: www.bf9.net
URL: https://www.bf9.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59cb3bcf83b4f1f0b69ca84159cc22f3e38ba3202f1e263691c12fec25f3105d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bf9.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 01:13:17 GMT
vary: Accept
cf-cache-status: HIT
age: 829721
cf-polished: origFmt=png, origSize=83018
content-disposition: inline; filename="text-20211226083815.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 27 Dec 2021 08:22:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
expires: Tue, 27 Dec 2022 08:22:31 GMT
access-control-allow-credentials: true
cf-ray: 6c91153b3bec374c-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
cf-bgj: imgq:100,h2pri

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 44 KB
44 KB 33ms
9ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.bf9.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 13:52:02 GMT
x-content-type-options: nosniff
age: 472875
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 31 Dec 2022 13:52:02 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
fonts.gstatic.com/s/opensans/v27/ 31 KB
31 KB 39ms
19ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3bbdc376b0d9f6584950084b59e7fffc02ca3da87ea543bafe19d4a5e1b9f0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.bf9.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 04:45:57 GMT
x-content-type-options: nosniff
age: 505640
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31272
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:45 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 31 Dec 2022 04:45:57 GMT

OPTIONS
H2 200 event
a.ladipage.com/ 0
0 570ms
177ms Preflight
application/json 52.77.22.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://a.ladipage.com/event

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.77.22.111 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-77-22-111.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,ladi_camp_form_submit,ladi_camp_id,ladi_camp_name,ladi_camp_origin_url,ladi_camp_page_view,ladi_camp_target_url,ladi_camp_type,ladi_client_id,ladi_form_submit,ladi_page_view
Origin: https://www.bf9.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 06 Jan 2022 01:13:17 GMT
content-type: application/json; charset=utf-8
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-download-options: noopen
access-control-allow-origin: *
access-control-allow-methods: POST, OPTIONS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Accept-Encoding, ladi_camp_form_submit, ladi_camp_form_submit_daily, ladi_camp_id, ladi_camp_name, ladi_camp_origin_url, ladi_camp_page_view, ladi_camp_page_view_daily, ladi_camp_target_url, ladi_camp_type, ladi_client_id, ladi_form_submit, ladi_form_submit_daily, ladi_page_view, ladi_page_view_daily
access-control-max-age: 2592000
vary: Accept-Encoding
content-encoding: gzip

POST
H2 200 event Show response
a.ladipage.com/ 106 B
632 B 182ms
181ms XHR
text/plain 52.77.22.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://a.ladipage.com/event

Requested by

Host: w.ladicdn.com
URL: https://w.ladicdn.com/v2/source/ladipage.vi.min.js?v=1640164822455

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.77.22.111 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-77-22-111.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

4fa02c92c32cd79f96f6032cd26baa89f69748297451280bde4851c486b4c843

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

LADI_CLIENT_ID: eb5bb36f-c098-4fd4-4295-e368b29b9f46
LADI_CAMP_ORIGIN_URL
LADI_CAMP_ID
Accept-Language: de-DE,de;q=0.9
LADI_CAMP_FORM_SUBMIT: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
LADI_FORM_SUBMIT: 0
LADI_CAMP_NAME
Content-Type: application/json
Referer: https://www.bf9.net/
LADI_CAMP_TARGET_URL
LADI_CAMP_PAGE_VIEW: 0
LADI_PAGE_VIEW: 1
LADI_CAMP_TYPE

Response headers

date: Thu, 06 Jan 2022 01:13:18 GMT
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-max-age: 2592000
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Accept-Encoding, ladi_camp_form_submit, ladi_camp_form_submit_daily, ladi_camp_id, ladi_camp_name, ladi_camp_origin_url, ladi_camp_page_view, ladi_camp_page_view_daily, ladi_camp_target_url, ladi_camp_type, ladi_client_id, ladi_form_submit, ladi_form_submit_daily, ladi_page_view, ladi_page_view_daily
x-xss-protection: 0

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2
fonts.gstatic.com/s/opensans/v27/ 14 KB
14 KB 57ms
26ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f15a96cccf7336dc4e930d84c395a235bc4536b6d47b69305680f426a51552df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.bf9.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 04:44:24 GMT
x-content-type-options: nosniff
age: 505733
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14020
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:46 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 31 Dec 2022 04:44:24 GMT

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.bf9.net/	1970-01-23 15:33:11	Name: LADI_DNS_CHECK Value: "2022-01-06 01:13:17.046314866 +0000 UTC m=+60091.900673030"
www.bf9.net/	1970-01-23 15:33:11	Name: LADI_CLIENT_ID Value: eb5bb36f-c098-4fd4-4295-e368b29b9f46
www.bf9.net/	1970-01-23 15:33:11	Name: LADI_FORM_SUBMIT Value: 0
www.bf9.net/	1970-01-23 15:33:11	Name: LADI_PAGE_VIEW Value: 1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://oempr.com/ Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ladipage.com
fonts.googleapis.com
fonts.gstatic.com
oempr.com
w.ladicdn.com
www.bf9.net
107.178.181.110
13.250.255.10
2606:4700::6812:d44
2a00:1450:4001:827::200a
2a00:1450:4001:82a::2003
52.77.22.111
2acf9c17818ec4e367ce8860e69d3efa7f955f60e9cb2a2332fc9cad5012d0df
44ea47c1a1fd2c0cf4d068c6cd7c8083cf3027256272e6ce419f93b239003054
473b66c9e5aaeeb5cdd3774e7dac05d8777fcc50a6505ad54e88e564f008d04c
4c2eeecb7f0a219ae16e14d5fce4b055730d237952ab8230127e9d6368e89794
4fa02c92c32cd79f96f6032cd26baa89f69748297451280bde4851c486b4c843
5297ce07833c88a6c82a4d95009d94834e638c9ce12e13094b27a39546ab3f35
59cb3bcf83b4f1f0b69ca84159cc22f3e38ba3202f1e263691c12fec25f3105d
610c3e3209f5521861a818af33bcb1f19b88b1d50a4cd54745ef763897c9ef38
62bd7091eeb23e4141a0eb78186579f42b66d1ed8508e0e65bfe3675fc27fce6
6796fccf930f4c9a7eca09400b19eca2163b080d0d7f976c65fbbc5e2fc0ccf9
7f3a33f1406291cbe0b8b52bc776c8d6280224d3389ba6e37e03b6a4c4223f6d
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
935291682f06fa385e56f9817d16035198f3747661d48278afcd3935d6865b79
95d6e978512e78cf6a3dfeae579fb360fe3ca3478f50619fbf6c84c0272fd01d
9661783b0c2a585ba734f3cdbf8e40821c3459dcb98d9f895278a8aa132412a2
b8fe227b170d6412c17b874f3f9a2679f56c6a6b037afca58193a52ef43069f9
c340096d76ec6c18164316f700e9ac93c35eee836a0652faacc0dd1cbf00a500
cfcf5f3e1d39aa00fa47db942813f0efcdab76ac1ef586e0b9248c4a5032f338
d7e030ac872931462f4c0cb5392bc09a0c5b1ad6130c8486322fcec5cb9035aa
e210f706fc4e69202b04622877c953303a2beb94aa3754b9e85b4d93e230c689
e2aa365d928199d95cd5339381efefb336e7c7d62188ab434f1ed2035578e686
e3bbdc376b0d9f6584950084b59e7fffc02ca3da87ea543bafe19d4a5e1b9f0e
e3ec094bc4509ec943954502f1afde2520516c99346d3def4022bab1a54dd4c9
f15a96cccf7336dc4e930d84c395a235bc4536b6d47b69305680f426a51552df

www.bf9.net Open in urlscan Pro 13.250.255.10 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

24 Requests

96 %HTTPS

50 %IPv6

6 Domains

6 Subdomains

7 IPs

3 Countries

2219 kBTransfer

2568 kBSize

4 Cookies

5 Outgoing links

Page URL History

Redirected requests

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

4 Cookies

1 Console Messages

Indicators

www.bf9.net Open in urlscan Pro
13.250.255.10 Public Scan

Screenshot
Live screenshot

Full Image

24
Requests

96 %
HTTPS

50 %
IPv6

6
Domains

6
Subdomains

7
IPs

3
Countries

2219 kB
Transfer

2568 kB
Size

4
Cookies

24 HTTP transactions
1 data transactions