au.bfn.today Open in urlscan Pro
2a01:4f8:10a:2e93::2 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://au.bfn.today/
Submission Tags: krdprod
Submission: On August 05 via api (August 5th 2021, 4:29:22 am UTC) from JP

Summary HTTP 134 Redirects Links 41 Behaviour Indicators

Summary

This website contacted 28 IPs in 5 countries across 23 domains to perform 134 HTTP transactions. The main IP is 2a01:4f8:10a:2e93::2, located in Germany and belongs to HETZNER-AS, DE. The main domain is au.bfn.today.
TLS certificate: Issued by R3 on August 4th 2021. Valid for: 3 months.

This is the only time au.bfn.today was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
54	2a01:4f8:10a:... 2a01:4f8:10a:2e93::2	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3037::6815:4e07	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::ac43:2794	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	13.71.123.138 13.71.123.138	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2.18.232.124 2.18.232.124	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:2800:133... 2606:2800:133:206e:1315:22a5:2006:24fd	15133 (EDGECAST) (EDGECAST)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
3	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 2	88.212.201.216 88.212.201.216	39134 (UNITEDNET) (UNITEDNET)
1	2a04:4e42:3::485 2a04:4e42:3::485	54113 (FASTLY) (FASTLY)
3 6	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
1	104.244.42.200 104.244.42.200	13414 (TWITTER) (TWITTER)
1 2	80.239.201.61 80.239.201.61	1299 (TELIANET ...) (TELIANET Telia Carrier)
12	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
22	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
2 3	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
134	28

54 2a01:4f8:10a:2e93::2 (Germany)

ASN24940 (HETZNER-AS, DE)

au.bfn.today	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::6815:4e07 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:2794 (United States)

ASN13335 (CLOUDFLARENET, US)

static.addtoany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.71.123.138 (Chennai, India)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.devdiscourse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.232.124 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-124.deploy.static.akamaitechnologies.com

live-production.wcms.abc-cdn.net.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)

az705044.vo.msecnd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.216 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host216.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:3::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.200 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 80.239.201.61 (Sweden) 1 redirects

ASN1299 (TELIANET Telia Carrier, SE)
PTR: 80-239-201-61.teliacarrier-cust.com

mc.webvisor.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
54	bfn.today au.bfn.today	1 MB
31	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	461 KB
12	doubleclick.net googleads.g.doubleclick.net	73 KB
6	yandex.ru 3 redirects mc.yandex.ru	3 KB
4	google.com 2 redirects adservice.google.com www.google.com	811 B
3	gstatic.com fonts.gstatic.com	55 KB
3	googletagservices.com www.googletagservices.com	102 KB
3	facebook.com www.facebook.com	449 B
3	google-analytics.com www.google-analytics.com	19 KB
3	twitter.com platform.twitter.com syndication.twitter.com	133 KB
2	webvisor.org 1 redirects mc.webvisor.org	712 B
2	yadro.ru 1 redirects counter.yadro.ru	1 KB
2	facebook.net connect.facebook.net	98 KB
2	abc-cdn.net.au live-production.wcms.abc-cdn.net.au	237 KB
2	googletagmanager.com www.googletagmanager.com	74 KB
2	googleapis.com ajax.googleapis.com fonts.googleapis.com	31 KB
1	google.de adservice.google.de	165 B
1	googleadservices.com partner.googleadservices.com	258 B
1	jsdelivr.net cdn.jsdelivr.net	54 KB
1	msecnd.net az705044.vo.msecnd.net	40 KB
1	devdiscourse.com www.devdiscourse.com	146 KB
1	addtoany.com static.addtoany.com	29 KB
1	fontawesome.com use.fontawesome.com	238 KB
134	23

	Domain	Requested by
54	au.bfn.today	au.bfn.today
22	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com au.bfn.today pagead2.googlesyndication.com
12	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
9	pagead2.googlesyndication.com	au.bfn.today pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
6	mc.yandex.ru	3 redirects au.bfn.today
3	fonts.gstatic.com	fonts.googleapis.com
3	www.google.com	2 redirects tpc.googlesyndication.com
3	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
3	www.facebook.com	au.bfn.today connect.facebook.net
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	mc.webvisor.org	1 redirects au.bfn.today
2	counter.yadro.ru	1 redirects au.bfn.today
2	connect.facebook.net	au.bfn.today connect.facebook.net
2	platform.twitter.com	au.bfn.today platform.twitter.com
2	live-production.wcms.abc-cdn.net.au	au.bfn.today
2	www.googletagmanager.com	au.bfn.today
1	fonts.googleapis.com	tpc.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	syndication.twitter.com	platform.twitter.com
1	cdn.jsdelivr.net	au.bfn.today
1	az705044.vo.msecnd.net	au.bfn.today
1	www.devdiscourse.com	au.bfn.today
1	static.addtoany.com	au.bfn.today
1	use.fontawesome.com	au.bfn.today
1	ajax.googleapis.com	au.bfn.today
134	27

This site contains links to these domains. Also see Links.

Domain
ar.bfn.today
at.bfn.today
br.bfn.today
ca.bfn.today
deutschland.bfn.today
ie.bfn.today
it.bfn.today
my.bfn.today
mx.bfn.today
nz.bfn.today
pl.bfn.today
ru.bfn.today
za.bfn.today
ua.bfn.today
bfn.today
www.addtoany.com
www.devdiscourse.com
live-production.wcms.abc-cdn.net.au
az705044.vo.msecnd.net
www.liveinternet.ru

Subject Issuer	Validity	Valid
bfn.today R3	`2021-08-04` - `2021-11-02`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-06-28` - `2021-09-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-07` - `2022-07-06`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
www.devdiscourse.com Go Daddy Secure Certificate Authority - G2	`2020-02-08` - `2022-02-08`	2 years	crt.sh
abc.net.au DigiCert SHA2 Secure Server CA	`2021-07-09` - `2022-07-13`	a year	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2020-11-16` - `2021-11-10`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-05` - `2021-11-09`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-07-20` - `2021-10-18`	3 months	crt.sh
counter.yadro.ru R3	`2021-08-05` - `2021-11-03`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-30` - `2022-06-01`	a year	crt.sh
mc.yandex.ru Yandex CA	`2021-07-28` - `2022-01-07`	5 months	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
mc.webvisor.com Yandex CA	`2021-03-11` - `2021-09-02`	6 months	crt.sh
*.google.de GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh

This page contains 14 frames:

Primary Page: https://au.bfn.today/
Frame ID: 78AC38562AD8B50DB63441B0962D4E58
Requests: 87 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2FBFN-Today-AU-2239263149723466%2F&width=99&layout=button_count&action=like&size=small&show_faces=false&share=false&height=65&appId=2002365043406460
Frame ID: F015E69BACA1C2EBE424C9D9CBA4A200
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Fau.bfn.today
Frame ID: 79737A0EA6A69FDCB0EAE4B7D3D8BE87
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210802/r20190131/zrt_lookup.html
Frame ID: A72E2413AFDB62C4D52A5B847B0F96D3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0470186311324088&output=html&adk=1812271804&adf=3025194257&lmt=1628137740&plat=1%3A16777216%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fau.bfn.today%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628137740743&bpp=3&bdt=996&idt=59&shv=r20210802&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5088455953883&frm=20&pv=2&ga_vid=510175085.1628137740&ga_sid=1628137741&ga_hid=178994937&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066435%2C20211866%2C44748391&oid=3&pvsid=939142938655781&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=77
Frame ID: 85C8958772F82D8E5E796EDA89F34E75
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0470186311324088&output=html&h=280&slotname=2242651231&adk=4104189485&adf=3530750019&pi=t.ma~as.2242651231&w=750&fwrn=4&fwrnh=100&lmt=1628137740&rafmt=1&psa=0&format=750x280&url=https%3A%2F%2Fau.bfn.today%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628137740746&bpp=2&bdt=998&idt=81&shv=r20210802&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5088455953883&frm=20&pv=1&ga_vid=510175085.1628137740&ga_sid=1628137741&ga_hid=178994937&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=160&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066435%2C20211866%2C44748391&oid=3&pvsid=939142938655781&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=nZwtpqmejd&p=https%3A//au.bfn.today&dtd=87
Frame ID: E18C73456E1387B1B3FA8219486CBBD6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0470186311324088&output=html&h=280&slotname=4257322551&adk=3469156498&adf=2849785891&pi=t.ma~as.4257322551&w=338&fwrn=4&fwrnh=100&lmt=1628137740&rafmt=1&psa=0&format=338x280&url=https%3A%2F%2Fau.bfn.today%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628137740748&bpp=1&bdt=1000&idt=93&shv=r20210802&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x280&nras=1&correlator=5088455953883&frm=20&pv=1&ga_vid=510175085.1628137740&ga_sid=1628137741&ga_hid=178994937&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=241&ady=536&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066435%2C20211866%2C44748391&oid=3&pvsid=939142938655781&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=ldJG0bYb8I&p=https%3A//au.bfn.today&dtd=98
Frame ID: 90F7D20B8358FD99C8B1DD38E8343224
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0470186311324088&output=html&h=280&slotname=4257322551&adk=3469156498&adf=1304380904&pi=t.ma~as.4257322551&w=338&fwrn=4&fwrnh=100&lmt=1628137740&rafmt=1&psa=0&format=338x280&url=https%3A%2F%2Fau.bfn.today%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628137740749&bpp=1&bdt=1001&idt=117&shv=r20210802&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x280%2C338x280&nras=1&correlator=5088455953883&frm=20&pv=1&ga_vid=510175085.1628137740&ga_sid=1628137741&ga_hid=178994937&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=631&ady=1154&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066435%2C20211866%2C44748391&oid=3&pvsid=939142938655781&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=c27K0wftzI&p=https%3A//au.bfn.today&dtd=120
Frame ID: A4299980CA9AAB16E5A48BDFE7FE2333
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5035074227109560645/Cemento300x250px/KeramikplatteCementoHTML5300x250.html
Frame ID: 647ABEC15A97B2F0D53B45364A957A97
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: FF8F30080C260CECA9D85ACD4B0E677E
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12426026085618877317/index.html
Frame ID: 1C30D223404B32B7F6FD6B8385EC79A6
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 630F5473E85F21EFAD13E0B17F97FF4E
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 95962CD5D50B35126F6C2ECEF126A4AD
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BED18B9967FB444304FFE35CF156D592
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Page Statistics

134
Requests

100 %
HTTPS

78 %
IPv6

23
Domains

27
Subdomains

28
IPs

5
Countries

3166 kB
Transfer

5657 kB
Size

14
Cookies

41 Outgoing links

These are links going to different origins than the main page.

URL: https://ar.bfn.today/
Title: Argentina

Search URL Search Domain Scan URL

URL: https://at.bfn.today/
Title: Austria

Search URL Search Domain Scan URL

URL: https://br.bfn.today/
Title: Brazil

Search URL Search Domain Scan URL

URL: https://ca.bfn.today/
Title: Canada

Search URL Search Domain Scan URL

URL: https://deutschland.bfn.today/
Title: Germany

Search URL Search Domain Scan URL

URL: https://ie.bfn.today/
Title: Ireland

Search URL Search Domain Scan URL

URL: https://it.bfn.today/
Title: Italy

Search URL Search Domain Scan URL

URL: https://my.bfn.today/
Title: Malaysia

Search URL Search Domain Scan URL

URL: https://mx.bfn.today/
Title: Mexico

Search URL Search Domain Scan URL

URL: https://nz.bfn.today/
Title: New Zealand

Search URL Search Domain Scan URL

URL: https://pl.bfn.today/
Title: Poland

Search URL Search Domain Scan URL

URL: https://ru.bfn.today/
Title: Russian Federation

Search URL Search Domain Scan URL

URL: https://za.bfn.today/
Title: South Africa

Search URL Search Domain Scan URL

URL: https://ua.bfn.today/
Title: Ukraine

Search URL Search Domain Scan URL

URL: https://bfn.today/
Title: United Kingdom

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/share#url=https%3A%2F%2Fau.bfn.today%2Fbrian-henderson-st_33915%2Fnews%2Flegendary-broadcaster-brian-henderson-has-died-aged-89-sn_2416562%2F&title=Legendary%20broadcaster%20Brian%20Henderson%20has%20died%20aged%2089
Title:

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/share#url=https%3A%2F%2Fau.bfn.today%2Fspc-st_307159%2Fnews%2Fspc-to-ban-unvaccinated-workers-from-sites-sn_2416560%2F&title=SPC%20to%20ban%20unvaccinated%20workers%20from%20sites
Title:

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/share#url=https%3A%2F%2Fau.bfn.today%2Flatvia-st_307170%2Fnews%2Fbeach-volleyballers-win-shot-at-gold-wu-through-to-dive-final-sn_2416557%2F&title=Beach%20volleyballers%20win%20shot%20at%20gold%3B%20Wu%20through%20to%20dive%20final
Title:

Search URL Search Domain Scan URL

URL: https://www.devdiscourse.com/images/sports/olympic-4.jpg?width=920&format=jpeg
Title:

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/share#url=https%3A%2F%2Fau.bfn.today%2F10m-platform-olympics-st_307172%2Fimages%2Folympics-diving-chinese-teens-secure-top-two-spots-in-womens-10m-platform-qual-sn_2416556%2F&title=Olympics-Diving-Chinese%20teens%20secure%20top%20two%20spots%20in%20women%27s%2010m%20platform%20qualifier%20%7C%20Sports-Games
Title:

Search URL Search Domain Scan URL

URL: https://live-production.wcms.abc-cdn.net.au/f782b3317e9326a59cb567c6407510da?impolicy=wcms_crop_resize&cropH=576&cropW=1024&xPos=0&yPos=50&width=862&height=485
Title:

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/share#url=https%3A%2F%2Fau.bfn.today%2Fnewcastle-st_28077%2Fimages%2Fnewcastles-muslim-community-flags-group-of-greater-sydney-covid-19-breachers-sn_2416554%2F&title=Newcastle%27s%20Muslim%20community%20flags%20group%20of%20Greater%20Sydney%20COVID-19%20breachers%20-%20ABC%20News
Title:

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/share#url=https%3A%2F%2Fau.bfn.today%2F10m-platform-olympics-st_307172%2Fnews%2Folympics-diving-chinese-teens-secure-top-two-spots-in-womens-10m-platform-quali-sn_2416540%2F&title=Olympics-Diving-Chinese%20teens%20secure%20top%20two%20spots%20in%20women%27s%2010m%20platform%20qualifier
Title:

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/share#url=https%3A%2F%2Fau.bfn.today%2Frafael-nadal-st_9373%2Fnews%2Frafael-nadal-sees-off-sock-in-washington-thriller-sn_2416539%2F&title=Rafael%20Nadal%20Sees%20Off%20Sock%20In%20Washington%20Thriller
Title:

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/share#url=https%3A%2F%2Fau.bfn.today%2Frafael-nadal-st_9373%2Fnews%2Frafael-nadal-shakes-off-rust-outlasts-jack-sock-at-citi-open-in-first-match-in-sn_2416537%2F&title=Rafael%20Nadal%20shakes%20off%20rust%2C%20outlasts%20Jack%20Sock%20at%20Citi%20Open%20in%20first%20match%20in%20nearly%20two%20months
Title:

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/share#url=https%3A%2F%2Fau.bfn.today%2Fallyson-felix-st_307157%2Fnews%2Fallyson-felix-advances-to-400-meter-olympic-final-with-her-fastest-run-as-a-mom-sn_2416535%2F&title=Allyson%20Felix%20Advances%20to%20400-Meter%20Olympic%20Final%20With%20Her%20Fastest%20Run%20As%20a%20Mom
Title:

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/share#url=https%3A%2F%2Fau.bfn.today%2Fnewcastle-st_28077%2Fnews%2Fnewcastles-muslim-community-flags-group-of-greater-sydney-covid-19-breachers-sn_2416533%2F&title=Newcastle%27s%20Muslim%20community%20flags%20group%20of%20Greater%20Sydney%20COVID-19%20breachers
Title:

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/share#url=https%3A%2F%2Fau.bfn.today%2Fspc-st_307159%2Fnews%2Fspc-to-ban-unvaccinated-workers-from-sites-sn_2416529%2F&title=SPC%20to%20ban%20unvaccinated%20workers%20from%20sites
Title:

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/share#url=https%3A%2F%2Fau.bfn.today%2Frihanna-st_47718%2Fnews%2Frihanna-now-officially-a-billionaire-sn_2416522%2F&title=Rihanna%20now%20officially%20a%20billionaire
Title:

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/share#url=https%3A%2F%2Fau.bfn.today%2Flatvia-st_307170%2Fnews%2Ftokyo-olympics-live-updates-mens-park-skateboarding-gets-underway-with-austral-sn_2416515%2F&title=Tokyo%20Olympics%20live%20updates%3A%20Men%27s%20park%20skateboarding%20gets%20underway%20with%20Australian%20men%20in%20the%20mix
Title:

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/share#url=https%3A%2F%2Fau.bfn.today%2Fchelsea-st_25649%2Fnews%2Ftuchel-speaks-about-chelsea-move-for-fantastic-lukaku-sn_2416507%2F&title=Tuchel%20speaks%20about%20Chelsea%20move%20for%20%27fantastic%27%20Lukaku
Title:

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/share#url=https%3A%2F%2Fau.bfn.today%2Fpeter-bol-st_304915%2Fnews%2Fgold-medallist-salutes-the-australian-guy-as-peter-bol-captures-hearts-in-toky-sn_2416483%2F&title=Gold%20medallist%20salutes%20%26lsquo%3Bthe%20Australian%20guy%26rsquo%3B%20as%20Peter%20Bol%20captures%20hearts%20in%20Tokyo
Title:

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/share#url=https%3A%2F%2Fau.bfn.today%2Fchelsea-vs-tottenham-st_119474%2Fnews%2Fchelsea-vs-tottenham-hotspur-friendly-live-blog-highlights-sn_2416481%2F&title=Chelsea%20vs.%20Tottenham%20Hotspur%2C%20Friendly%3A%20Live%20blog%3B%20highlights
Title:

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/share#url=https%3A%2F%2Fau.bfn.today%2Fpayroll-st_11763%2Fnews%2Faustralia-weekly-jobs-data-jobs-down-again-sn_2416469%2F&title=Australia%20weekly%20jobs%20data%20-%20jobs%20down%20again
Title:

Search URL Search Domain Scan URL

URL: https://live-production.wcms.abc-cdn.net.au/389b612378e41f0523094b7e7737ce24?impolicy=wcms_crop_resize&cropH=821&cropW=1460&xPos=0&yPos=15&width=862&height=485
Title:

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/share#url=https%3A%2F%2Fau.bfn.today%2Fvictoria-st_8733%2Fimages%2Fvenues-in-altona-north-spotswood-newport-caroline-springs-added-to-list-of-e-sn_2416466%2F&title=Venues%20in%20Altona%20North%2C%20Spotswood%2C%20Newport%2C%20Caroline%20Springs%20added%20to%20list%20of%20exposure%20sites%20-%20ABC%20News
Title:

Search URL Search Domain Scan URL

URL: https://az705044.vo.msecnd.net/20210805/australia-jobs-05-august-2021.png
Title:

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/share#url=https%3A%2F%2Fau.bfn.today%2Fpayroll-st_11763%2Fimages%2Faustralia-weekly-jobs-data-jobs-down-again-sn_2416463%2F&title=Australia%20weekly%20jobs%20data%20-%20jobs%20down%20again
Title:

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/share#url=https%3A%2F%2Fau.bfn.today%2Fwestern-australia-st_9990%2Fnews%2Fwa-miners-close-contacts-test-negative-sn_2416460%2F&title=WA%20miner%27s%20close%20contacts%20test%20negative
Title:

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/
Title: AddToAny

Search URL Search Domain Scan URL

URL: https://www.liveinternet.ru/click

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 68

https://counter.yadro.ru/hit?t45.1;r;s1600*1200*24;uhttps%3A//au.bfn.today/;hBFN%20AU%20%u27A2%20What%20are%20people%20interested%20right%20now%20in%20Australia%20%u27A2%20Latest%20news%20in%20real%20time;0.5268614084402661 HTTP 302
https://counter.yadro.ru/hit?q;t45.1;r;s1600*1200*24;uhttps%3A//au.bfn.today/;hBFN%20AU%20%u27A2%20What%20are%20people%20interested%20right%20now%20in%20Australia%20%u27A2%20Latest%20news%20in%20real%20time;0.5268614084402661

Request Chain 72

https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fau.bfn.today%2F&page-ref=&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aaldhbm6iwj27vyl3%3Afp%3A105%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A608%3Acn%3A2%3Adp%3A0%3Als%3A450799351257%3Ahid%3A676544406%3Az%3A120%3Ai%3A20210805062900%3Aet%3A1628137740%3Ac%3A1%3Arn%3A145027000%3Au%3A16281377401012043686%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1628137739729%3Ads%3A1%2C3%2C11%2C1%2C0%2C0%2C%2C375%2C1%2C%2C%2C%2C408%3Adsn%3A1%2C3%2C11%2C1%2C0%2C0%2C%2C377%2C1%2C%2C%2C%2C408%3Ati%3A2%3Ast%3A1628137740 HTTP 302
https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fau.bfn.today%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aaldhbm6iwj27vyl3%3Afp%3A105%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A608%3Acn%3A2%3Adp%3A0%3Als%3A450799351257%3Ahid%3A676544406%3Az%3A120%3Ai%3A20210805062900%3Aet%3A1628137740%3Ac%3A1%3Arn%3A145027000%3Au%3A16281377401012043686%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1628137739729%3Ads%3A1%2C3%2C11%2C1%2C0%2C0%2C%2C375%2C1%2C%2C%2C%2C408%3Adsn%3A1%2C3%2C11%2C1%2C0%2C0%2C%2C377%2C1%2C%2C%2C%2C408%3Ati%3A2%3Ast%3A1628137740

Request Chain 73

https://mc.yandex.ru/watch/48716129?wmode=7&page-url=https%3A%2F%2Fau.bfn.today%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aaldhbm6iwj27vyl3%3Afp%3A105%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A608%3Acn%3A1%3Adp%3A0%3Als%3A759044664317%3Ahid%3A676544406%3Az%3A120%3Ai%3A20210805062900%3Aet%3A1628137740%3Ac%3A1%3Arn%3A118936038%3Au%3A16281377401012043686%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1628137739729%3Ads%3A1%2C3%2C11%2C1%2C0%2C0%2C%2C375%2C1%2C%2C%2C%2C408%3Adsn%3A1%2C3%2C11%2C1%2C0%2C0%2C%2C377%2C1%2C%2C%2C%2C408%3Arqnl%3A1%3Ati%3A2%3Ast%3A1628137740%3At%3ABFN%20AU%20%E2%9E%A2%20What%20are%20people%20interested%20right%20now%20in%20Australia%20%E2%9E%A2%20Latest%20news%20in%20real%20time HTTP 302
https://mc.yandex.ru/watch/48716129/1?wmode=7&page-url=https%3A%2F%2Fau.bfn.today%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aaldhbm6iwj27vyl3%3Afp%3A105%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A608%3Acn%3A1%3Adp%3A0%3Als%3A759044664317%3Ahid%3A676544406%3Az%3A120%3Ai%3A20210805062900%3Aet%3A1628137740%3Ac%3A1%3Arn%3A118936038%3Au%3A16281377401012043686%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1628137739729%3Ads%3A1%2C3%2C11%2C1%2C0%2C0%2C%2C375%2C1%2C%2C%2C%2C408%3Adsn%3A1%2C3%2C11%2C1%2C0%2C0%2C%2C377%2C1%2C%2C%2C%2C408%3Arqnl%3A1%3Ati%3A2%3Ast%3A1628137740%3At%3ABFN%20AU%20%E2%9E%A2%20What%20are%20people%20interested%20right%20now%20in%20Australia%20%E2%9E%A2%20Latest%20news%20in%20real%20time

Request Chain 77

https://mc.webvisor.org/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=9355.2hRa5qcWpvTJw3IqzcdmFfArl6jP7XI3PmUU3xnNcvCm1_jbtG2exaR16JOD4d_n.KrPVN9V1WEVbMmTuNMYu4-6S0WU%2C HTTP 302
https://mc.webvisor.org/sync_cookie_image_decide?token=9355._jpLbQ1qkgRvtepgrhrfY4zkOlxNEtasGOuuNPr_TXOA9imZGMbXN-mTH17gWOTzC48HOjwyrOW4LgbVAWPsW4UAOJKJQb5NMXRDI6PcUts%2C.eQdHOxL6Etge4Rjr2tu3VNyKXuw%2C

Request Chain 101

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 121

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

134 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
au.bfn.today/ 72 KB
11 KB 15ms
11ms Document
text/html 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://au.bfn.today/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 / PHP/5.6.40
Resource Hash: 2b1b02751d746a508ccfbc163c4d5a489196ca21bccc226d5a121db39034e4b5

Request headers

:method: GET
:authority: au.bfn.today
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: nginx/1.14.2
date: Thu, 05 Aug 2021 04:28:59 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/5.6.40
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
set-cookie: PHPSESSID=3ac8815262daa871b9cff81407d0b970; path=/ ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%222da6f83d7588118f519b1ec8867cf718%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628137739%22%3B%7Deb7f5f935b914b7ba654ce0763dab140; expires=Sat, 04-Sep-2021 04:28:59 GMT; Max-Age=2592000; path=/
vary: Accept-Encoding
content-encoding: gzip

GET
H2 200 adaptive.css
au.bfn.today/min/f=design/plugins/fancybox-master/dist/jquery.fancybox.min.css,design/css/smartbanner.css,design/primary/css/index.css,design/primary/css/ 48 KB
10 KB 5ms
4ms Stylesheet
text/css 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://au.bfn.today/min/f=design/plugins/fancybox-master/dist/jquery.fancybox.min.css,design/css/smartbanner.css,design/primary/css/index.css,design/primary/css/adaptive.css?v=1.21
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 / PHP/5.6.40
Resource Hash: 34aaf1f9c3b29aaa608bb9853159d7bb587833207a8b2ef32ec9740720d18370

Request headers

:path: /min/f=design/plugins/fancybox-master/dist/jquery.fancybox.min.css,design/css/smartbanner.css,design/primary/css/index.css,design/primary/css/adaptive.css?v=1.21
pragma: no-cache
cookie: PHPSESSID=3ac8815262daa871b9cff81407d0b970; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%222da6f83d7588118f519b1ec8867cf718%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628137739%22%3B%7Deb7f5f935b914b7ba654ce0763dab140
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: au.bfn.today
referer: https://au.bfn.today/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 04:28:59 GMT
content-encoding: gzip
last-modified: Tue, 03 Aug 2021 13:24:48 GMT
server: nginx/1.14.2
x-powered-by: PHP/5.6.40
etag: "pub1627997088;gz"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=2419200
content-length: 10329
expires: Thu, 02 Sep 2021 04:28:59 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 85 KB
30 KB 25ms
6ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: au.bfn.today
URL: https://au.bfn.today/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 04:03:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1517
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30399
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 Aug 2022 04:03:42 GMT

GET
H2 200 all.js Show response
use.fontawesome.com/releases/v5.0.6/js/ 657 KB
238 KB 117ms
36ms Script
application/javascript 2606:4700:3037::6815:4e07
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.0.6/js/all.js
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b31afdfd23628d9fb1118e31841278653c4ef36a6d0970c002d43e49b5d1856

Request headers

Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 04:28:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2535692
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: XT8BZ5JZ20HTBG98
x-amz-id-2: V9jcuDY4CMm7hkP3yTilaVh2gS3kzIeyD6St0/dh9cou5+oYWlp4Wt1coeyrD8Z+dNmGGdfmrKc=
last-modified: Wed, 30 Jun 2021 15:27:50 GMT
server: cloudflare
etag: W/"44f077b456f3decb0d1b00769927c002"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D37CczgDKlyUW1RGwmmT9Uz07gZ%2FSfJHOYe5wGryBvW%2FucpOLrQ9dxSf7dBJtUjbZ96KWgPFpIql1vxwkG7uxxNnZPxHlTfSt%2B4dfmqzfUaXEwK6SK73wIUKm%2F9rX0bKVIgGUG1Rg%2F8ZRQW54WyxjTkV"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31556926
cf-ray: 679d482a3af8c286-FRA

GET
H2 200 page.js Show response
static.addtoany.com/menu/ 84 KB
29 KB 35ms
20ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/page.js

Requested by

Host: au.bfn.today
URL: https://au.bfn.today/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f909a31bfd7a13b9dd53e98b5652f13f4782fdfd1653dc4befade7386c087371

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 04:28:59 GMT
via: e1s
x-content-type-options: nosniff
cf-cache-status: HIT
age: 78331
p3p: CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Fri, 14 May 2021 06:41:59 GMT
server: cloudflare
etag: W/"14f2c-5c2448a7281f2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=172800
cf-ray: 679d48298e9642d5-FRA
cf-bgj: minify

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 100 KB
40 KB 61ms
47ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-135917903-1

Requested by

Host: au.bfn.today
URL: https://au.bfn.today/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

36603d1caae060bf66b1ce39776f6b08f4c7ae06ec8edcdf816e98e6cc19ada7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 04:28:59 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40733
x-xss-protection: 0
last-modified: Thu, 05 Aug 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 05 Aug 2021 04:28:59 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 136 KB
48 KB 915ms
901ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: au.bfn.today
URL: https://au.bfn.today/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50e01844cb356922d2751fe9c1b6c04d49ef19aea159cb843823f077a5376d8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 04:29:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49379
x-xss-protection: 0
server: cafe
etag: 13186439114546987787
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 05 Aug 2021 04:29:00 GMT

GET
H2 200 logo.png
au.bfn.today/design/primary/img/ 12 KB
12 KB 15ms
1ms Image
image/png 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/design/primary/img/logo.png?v=1.01
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 41d7baf8ed24373755b92ec963767a6b46da0d71671b0a008e7c264c7c0ca265

Request headers

:path: /design/primary/img/logo.png?v=1.01
pragma: no-cache
cookie: PHPSESSID=3ac8815262daa871b9cff81407d0b970; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%222da6f83d7588118f519b1ec8867cf718%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628137739%22%3B%7Deb7f5f935b914b7ba654ce0763dab140
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 04:28:59 GMT
last-modified: Mon, 01 Jul 2019 10:48:30 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "5d19e4fe-2ffa"
content-length: 12282
content-type: image/png

GET
H2 200 logo_small.png
au.bfn.today/design/primary/img/ 4 KB
4 KB 15ms
1ms Image
image/png 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/design/primary/img/logo_small.png?v=1.02
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 152d98216f03e242b7e3a04fff301993bc1641f45047bd60ada846310373d6dd

Request headers

:path: /design/primary/img/logo_small.png?v=1.02
pragma: no-cache
cookie: PHPSESSID=3ac8815262daa871b9cff81407d0b970; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%222da6f83d7588118f519b1ec8867cf718%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628137739%22%3B%7Deb7f5f935b914b7ba654ce0763dab140
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 04:28:59 GMT
last-modified: Thu, 14 Mar 2019 19:17:00 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "5c8aa8ac-f3f"
content-length: 3903
content-type: image/png

GET
H2 200 au.png
au.bfn.today/design/img/flags/ 633 B
758 B 15ms
2ms Image
image/png 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/design/img/flags/au.png
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 986c1cdc1621183a0f1c82ba9f28e1625c4650c63cb1715aa82faad5d0f11957

Request headers

:path: /design/img/flags/au.png
pragma: no-cache
cookie: PHPSESSID=3ac8815262daa871b9cff81407d0b970; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%222da6f83d7588118f519b1ec8867cf718%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628137739%22%3B%7Deb7f5f935b914b7ba654ce0763dab140
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 04:28:59 GMT
last-modified: Thu, 14 Mar 2019 19:15:50 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "5c8aa866-279"
content-length: 633
content-type: image/png

GET
H2 200 ar.png
au.bfn.today/design/img/flags/ 420 B
545 B 16ms
2ms Image
image/png 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/design/img/flags/ar.png
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 23fabbf12a75744e81831d0bfe19afa8c0abde9aa18b881e6ded90dd94b4cd91

Request headers

:path: /design/img/flags/ar.png
pragma: no-cache
cookie: PHPSESSID=3ac8815262daa871b9cff81407d0b970; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%222da6f83d7588118f519b1ec8867cf718%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628137739%22%3B%7Deb7f5f935b914b7ba654ce0763dab140
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 04:28:59 GMT
last-modified: Thu, 14 Mar 2019 19:15:49 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "5c8aa865-1a4"
content-length: 420
content-type: image/png

GET
H2 200 at.png
au.bfn.today/design/img/flags/ 343 B
468 B 16ms
2ms Image
image/png 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/design/img/flags/at.png
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: fa008bc0375ff599d5a494903c009636b9f8d7db73a2688a505306796ffcaed4

Request headers

:path: /design/img/flags/at.png
pragma: no-cache
cookie: PHPSESSID=3ac8815262daa871b9cff81407d0b970; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%222da6f83d7588118f519b1ec8867cf718%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628137739%22%3B%7Deb7f5f935b914b7ba654ce0763dab140
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 04:28:59 GMT
last-modified: Thu, 14 Mar 2019 19:15:50 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "5c8aa866-157"
content-length: 343
content-type: image/png

GET
H2 200 br.png
au.bfn.today/design/img/flags/ 539 B
664 B 16ms
3ms Image
image/png 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/design/img/flags/br.png
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: b239fa444a062244fb154dae154e0ab8f00aa4809fade475335b5fd3abe1457c

Request headers

:path: /design/img/flags/br.png
pragma: no-cache
cookie: PHPSESSID=3ac8815262daa871b9cff81407d0b970; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%222da6f83d7588118f519b1ec8867cf718%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628137739%22%3B%7Deb7f5f935b914b7ba654ce0763dab140
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 04:28:59 GMT
last-modified: Thu, 14 Mar 2019 19:15:54 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "5c8aa86a-21b"
content-length: 539
content-type: image/png

GET
H2 200 ca.png
au.bfn.today/design/img/flags/ 524 B
649 B 16ms
3ms Image
image/png 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/design/img/flags/ca.png
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: d20ce04cb4a88574b9142b5b6676c88f2344e1db5f101ae05e7fec0ed339af80

Request headers

:path: /design/img/flags/ca.png
pragma: no-cache
cookie: PHPSESSID=3ac8815262daa871b9cff81407d0b970; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%222da6f83d7588118f519b1ec8867cf718%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628137739%22%3B%7Deb7f5f935b914b7ba654ce0763dab140
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 04:28:59 GMT
last-modified: Thu, 14 Mar 2019 19:15:55 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "5c8aa86b-20c"
content-length: 524
content-type: image/png

GET
H2 200 de.png
au.bfn.today/design/img/flags/ 417 B
542 B 16ms
3ms Image
image/png 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/design/img/flags/de.png
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 314ba53857ebd5ba7c33e631ca9eb4b88edb98c655ddffae974f8d5fbc8b4eda

Request headers

:path: /design/img/flags/de.png
pragma: no-cache
cookie: PHPSESSID=3ac8815262daa871b9cff81407d0b970; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%222da6f83d7588118f519b1ec8867cf718%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628137739%22%3B%7Deb7f5f935b914b7ba654ce0763dab140
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 04:28:59 GMT
last-modified: Thu, 14 Mar 2019 19:16:00 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "5c8aa870-1a1"
content-length: 417
content-type: image/png

GET
H2 200 ie.png
au.bfn.today/design/img/flags/ 386 B
511 B 16ms
3ms Image
image/png 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/design/img/flags/ie.png
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: a1a72cd21503126ff0e4b3106fb66e5b5d33eaa83a7780da687405f12768031f

Request headers

:path: /design/img/flags/ie.png
pragma: no-cache
cookie: PHPSESSID=3ac8815262daa871b9cff81407d0b970; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%222da6f83d7588118f519b1ec8867cf718%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628137739%22%3B%7Deb7f5f935b914b7ba654ce0763dab140
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 04:28:59 GMT
last-modified: Thu, 14 Mar 2019 19:16:11 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "5c8aa87b-182"
content-length: 386
content-type: image/png

GET
H2 200 it.png
au.bfn.today/design/img/flags/ 420 B
545 B 16ms
0ms Image
image/png 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/design/img/flags/it.png
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: c7992f57d67156f994a38c6bb4ec72fa57601a284558db5e065c02dc36ee9d8c

Request headers

:path: /design/img/flags/it.png
pragma: no-cache
cookie: PHPSESSID=3ac8815262daa871b9cff81407d0b970; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%222da6f83d7588118f519b1ec8867cf718%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628137739%22%3B%7Deb7f5f935b914b7ba654ce0763dab140
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 04:28:59 GMT
last-modified: Thu, 14 Mar 2019 19:16:13 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "5c8aa87d-1a4"
content-length: 420
content-type: image/png

GET
H2 200 my.png
au.bfn.today/design/img/flags/ 517 B
642 B 16ms
0ms Image
image/png 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/design/img/flags/my.png
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 6b2c347351c3b51bdc6136d1cf11764413ef2fe2529d2d82a3da55c9ceb1cf76

Request headers

:path: /design/img/flags/my.png
pragma: no-cache
cookie: PHPSESSID=3ac8815262daa871b9cff81407d0b970; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%222da6f83d7588118f519b1ec8867cf718%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628137739%22%3B%7Deb7f5f935b914b7ba654ce0763dab140
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 04:28:59 GMT
last-modified: Thu, 14 Mar 2019 19:16:23 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "5c8aa887-205"
content-length: 517
content-type: image/png

GET
H2 200 mx.png
au.bfn.today/design/img/flags/ 477 B
602 B 16ms
0ms Image
image/png 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/design/img/flags/mx.png
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: c710d436ff0d2b5ce5afb63dd23a3c4cdad16ef808a2e6ea96f922aa47f6d840

Request headers

:path: /design/img/flags/mx.png
pragma: no-cache
cookie: PHPSESSID=3ac8815262daa871b9cff81407d0b970; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%222da6f83d7588118f519b1ec8867cf718%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628137739%22%3B%7Deb7f5f935b914b7ba654ce0763dab140
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 04:28:59 GMT
last-modified: Thu, 14 Mar 2019 19:16:23 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "5c8aa887-1dd"
content-length: 477
content-type: image/png

GET
H2 200 nz.png
au.bfn.today/design/img/flags/ 582 B
707 B 58ms
0ms Image
image/png 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/design/img/flags/nz.png
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 4582bebc2e153edb91f7dc17790b7edb55c7a5a6457e47acb8a940b473197718

Request headers

:path: /design/img/flags/nz.png
pragma: no-cache
cookie: PHPSESSID=3ac8815262daa871b9cff81407d0b970; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%222da6f83d7588118f519b1ec8867cf718%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628137739%22%3B%7Deb7f5f935b914b7ba654ce0763dab140
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 04:28:59 GMT
last-modified: Thu, 14 Mar 2019 19:16:26 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "5c8aa88a-246"
content-length: 582
content-type: image/png

GET
H2 200 pl.png
au.bfn.today/design/img/flags/ 374 B
499 B 58ms
0ms Image
image/png 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/design/img/flags/pl.png
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 34f6a1822d880608e7124d2ea0e3da4cd9b3a3b3b7d18171b61031cedbe6e72f

Request headers

:path: /design/img/flags/pl.png
pragma: no-cache
cookie: PHPSESSID=3ac8815262daa871b9cff81407d0b970; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%222da6f83d7588118f519b1ec8867cf718%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628137739%22%3B%7Deb7f5f935b914b7ba654ce0763dab140
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 04:28:59 GMT
last-modified: Thu, 14 Mar 2019 19:16:28 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "5c8aa88c-176"
content-length: 374
content-type: image/png

GET
H2 200 ru.png
au.bfn.today/design/img/flags/ 352 B
477 B 58ms
0ms Image
image/png 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/design/img/flags/ru.png
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 2064d56b4bb858338851fa77654ad7e9cff3086086891ba607b256e723da96c2

Request headers

:path: /design/img/flags/ru.png
pragma: no-cache
cookie: PHPSESSID=3ac8815262daa871b9cff81407d0b970; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%222da6f83d7588118f519b1ec8867cf718%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628137739%22%3B%7Deb7f5f935b914b7ba654ce0763dab140
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 04:28:59 GMT
last-modified: Thu, 14 Mar 2019 19:16:31 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "5c8aa88f-160"
content-length: 352
content-type: image/png

GET
H2 200 za.png
au.bfn.today/design/img/flags/ 576 B
701 B 60ms
0ms Image
image/png 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/design/img/flags/za.png
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 8f30f9a1e6dc9fa20f73abab7a32bf933d7e8aa11d80fe872d8c1ce042e01347

Request headers

:path: /design/img/flags/za.png
pragma: no-cache
cookie: PHPSESSID=3ac8815262daa871b9cff81407d0b970; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%222da6f83d7588118f519b1ec8867cf718%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628137739%22%3B%7Deb7f5f935b914b7ba654ce0763dab140
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 04:28:59 GMT
last-modified: Thu, 14 Mar 2019 19:16:44 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "5c8aa89c-240"
content-length: 576
content-type: image/png

GET
H2 200 ua.png
au.bfn.today/design/img/flags/ 357 B
482 B 62ms
3ms Image
image/png 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/design/img/flags/ua.png
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 2988b24317a2d539b101e387e65d3732d9e22c0c84804e974fcf972c2a23823e

Request headers

:path: /design/img/flags/ua.png
pragma: no-cache
cookie: PHPSESSID=3ac8815262daa871b9cff81407d0b970; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%222da6f83d7588118f519b1ec8867cf718%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628137739%22%3B%7Deb7f5f935b914b7ba654ce0763dab140
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 04:28:59 GMT
last-modified: Thu, 14 Mar 2019 19:16:40 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "5c8aa898-165"
content-length: 357
content-type: image/png

GET
H2 200 gb.png
au.bfn.today/design/img/flags/ 582 B
707 B 63ms
3ms Image
image/png 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/design/img/flags/gb.png
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 0db4c24b216c9d565a156d1918b904c540e7773867869dcd1c02fa08c627f399

Request headers

:path: /design/img/flags/gb.png
pragma: no-cache
cookie: PHPSESSID=3ac8815262daa871b9cff81407d0b970; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%222da6f83d7588118f519b1ec8867cf718%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628137739%22%3B%7Deb7f5f935b914b7ba654ce0763dab140
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 04:28:59 GMT
last-modified: Thu, 14 Mar 2019 19:16:06 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "5c8aa876-246"
content-length: 582
content-type: image/png

GET
H2 200 2416562-legendary-broadcaster-brian-henderson-has-died-aged-89.jpg
au.bfn.today/uploads/news/24/2416/5/ 79 KB
79 KB 63ms
3ms Image
image/jpeg 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/uploads/news/24/2416/5/2416562-legendary-broadcaster-brian-henderson-has-died-aged-89.jpg
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: c66f00240c3f139904c675cd57304a11a7d020bdb061d77fbd81cc92df47caa7

Request headers

:path: /uploads/news/24/2416/5/2416562-legendary-broadcaster-brian-henderson-has-died-aged-89.jpg
pragma: no-cache
cookie: PHPSESSID=3ac8815262daa871b9cff81407d0b970; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%222da6f83d7588118f519b1ec8867cf718%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628137739%22%3B%7Deb7f5f935b914b7ba654ce0763dab140
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 04:28:59 GMT
last-modified: Thu, 05 Aug 2021 04:25:04 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "610b6820-13c9e"
content-length: 81054
content-type: image/jpeg

GET
H2 200 2416560-spc-to-ban-unvaccinated-workers-from-sites.jpg
au.bfn.today/uploads/news/24/2416/5/ 48 KB
49 KB 65ms
6ms Image
image/jpeg 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/uploads/news/24/2416/5/2416560-spc-to-ban-unvaccinated-workers-from-sites.jpg
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 590f4572f26bece4653d7aa7cd6e6e9f9708926b1b369c455e5c74c57b429f13

Request headers

:path: /uploads/news/24/2416/5/2416560-spc-to-ban-unvaccinated-workers-from-sites.jpg
pragma: no-cache
cookie: PHPSESSID=3ac8815262daa871b9cff81407d0b970; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%222da6f83d7588118f519b1ec8867cf718%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628137739%22%3B%7Deb7f5f935b914b7ba654ce0763dab140
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 04:28:59 GMT
last-modified: Thu, 05 Aug 2021 04:20:06 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "610b66f6-c1a0"
content-length: 49568
content-type: image/jpeg

GET
H2 200 olympic-4.jpg
www.devdiscourse.com/images/sports/ 145 KB
146 KB 587ms
195ms Image
image/jpeg 13.71.123.138
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.devdiscourse.com/images/sports/olympic-4.jpg?width=920&format=jpeg

Requested by

Host: au.bfn.today
URL: https://au.bfn.today/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.71.123.138 Chennai, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

b8f5171159d3eda62a02342ca90b70efdc34294717a64ce4266a0517354c5893

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Tue, 29 Dec 2020 15:59:08 GMT
server: Microsoft-IIS/10.0
imageprocessedby: ImageProcessor/2.9.1.225 - ImageProcessor.Web/4.12.1.216
etag: "f8bf9a8afbddd61:0"
vary: Accept-Encoding,Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=604800
date: Thu, 05 Aug 2021 04:28:59 GMT
accept-ranges: bytes
access-control-allow-headers: Content-Type
content-length: 148718
expires: Thu, 12 Aug 2021 04:29:00 GMT

GET
H2 200 f782b3317e9326a59cb567c6407510da
live-production.wcms.abc-cdn.net.au/ 115 KB
116 KB 182ms
52ms Image
image/webp 2.18.232.124
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live-production.wcms.abc-cdn.net.au/f782b3317e9326a59cb567c6407510da?impolicy=wcms_crop_resize&cropH=576&cropW=1024&xPos=0&yPos=50&width=862&height=485
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-124.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 76b56dc6eb7a344521f48962509b025b277c74a1b031e35e76ed5ec4628670e4

Request headers

Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 04:28:59 GMT
last-modified: Thu, 05 Aug 2021 02:23:37 GMT
server: Akamai Image Manager
etag: "f782b3317e9326a59cb567c6407510da"
content-type: image/webp
cache-control: private, no-transform, max-age=43200
content-length: 117936
expires: Thu, 05 Aug 2021 16:28:59 GMT

GET
H2 200 2416540-olympics-diving-chinese-teens-secure-top-two-spots-in-womens-10m-platform-quali.jpg
au.bfn.today/uploads/news/24/2416/5/ 44 KB
44 KB 65ms
6ms Image
image/jpeg 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/uploads/news/24/2416/5/2416540-olympics-diving-chinese-teens-secure-top-two-spots-in-womens-10m-platform-quali.jpg
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 43b59e48e36163c2370ef7eb16bc52590b74c7929f9f21a5035f8ac573cac7b9

Request headers

:path: /uploads/news/24/2416/5/2416540-olympics-diving-chinese-teens-secure-top-two-spots-in-womens-10m-platform-quali.jpg
pragma: no-cache
cookie: PHPSESSID=3ac8815262daa871b9cff81407d0b970; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%222da6f83d7588118f519b1ec8867cf718%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628137739%22%3B%7Deb7f5f935b914b7ba654ce0763dab140
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 04:28:59 GMT
last-modified: Thu, 05 Aug 2021 04:00:44 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "610b626c-aef7"
content-length: 44791
content-type: image/jpeg

GET
H2 200 2416537-rafael-nadal-shakes-off-rust-outlasts-jack-sock-at-citi-open-in-first-match-in.jpg
au.bfn.today/uploads/news/24/2416/5/ 123 KB
124 KB 65ms
6ms Image
image/jpeg 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/uploads/news/24/2416/5/2416537-rafael-nadal-shakes-off-rust-outlasts-jack-sock-at-citi-open-in-first-match-in.jpg
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 35019627aa01510c0713f95985e85eef6633c3d7ac3a3c18db943fc1c323dd13

Request headers

:path: /uploads/news/24/2416/5/2416537-rafael-nadal-shakes-off-rust-outlasts-jack-sock-at-citi-open-in-first-match-in.jpg
pragma: no-cache
cookie: PHPSESSID=3ac8815262daa871b9cff81407d0b970; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%222da6f83d7588118f519b1ec8867cf718%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628137739%22%3B%7Deb7f5f935b914b7ba654ce0763dab140
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 04:28:59 GMT
last-modified: Thu, 05 Aug 2021 04:00:41 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "610b6269-1ede7"
content-length: 126439
content-type: image/jpeg

GET
H2 200 2416535-allyson-felix-advances-to-400-meter-olympic-final-with-her-fastest-run-as-a-mom.jpg
au.bfn.today/uploads/news/24/2416/5/ 192 KB
193 KB 65ms
6ms Image
image/jpeg 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/uploads/news/24/2416/5/2416535-allyson-felix-advances-to-400-meter-olympic-final-with-her-fastest-run-as-a-mom.jpg
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 9e28afc208c17a10bce095e50ff2ccc1264adb423658dc10678311dc0704a46d

Request headers

:path: /uploads/news/24/2416/5/2416535-allyson-felix-advances-to-400-meter-olympic-final-with-her-fastest-run-as-a-mom.jpg
pragma: no-cache
cookie: PHPSESSID=3ac8815262daa871b9cff81407d0b970; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%222da6f83d7588118f519b1ec8867cf718%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628137739%22%3B%7Deb7f5f935b914b7ba654ce0763dab140
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 04:28:59 GMT
last-modified: Thu, 05 Aug 2021 04:00:39 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "610b6267-300d8"
content-length: 196824
content-type: image/jpeg

GET
H2 200 2416533-newcastles-muslim-community-flags-group-of-greater-sydney-covid-19-breachers.jpg
au.bfn.today/uploads/news/24/2416/5/ 129 KB
130 KB 65ms
7ms Image
image/jpeg 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/uploads/news/24/2416/5/2416533-newcastles-muslim-community-flags-group-of-greater-sydney-covid-19-breachers.jpg
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 4cc402cbfe4f3a7e9a2cfba9b81866a6b46ee9579b6d551fb8e55871891bc891

Request headers

:path: /uploads/news/24/2416/5/2416533-newcastles-muslim-community-flags-group-of-greater-sydney-covid-19-breachers.jpg
pragma: no-cache
cookie: PHPSESSID=3ac8815262daa871b9cff81407d0b970; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%222da6f83d7588118f519b1ec8867cf718%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628137739%22%3B%7Deb7f5f935b914b7ba654ce0763dab140
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 04:28:59 GMT
last-modified: Thu, 05 Aug 2021 04:00:36 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "610b6264-2058f"
content-length: 132495
content-type: image/jpeg

GET
H2 200 2416529-spc-to-ban-unvaccinated-workers-from-sites.jpg
au.bfn.today/uploads/news/24/2416/5/ 70 KB
71 KB 65ms
7ms Image
image/jpeg 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/uploads/news/24/2416/5/2416529-spc-to-ban-unvaccinated-workers-from-sites.jpg
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 99fae47cfb5ee87c16ced4c717a82bdce966693903e39df5054bd3216f69efb1

Request headers

:path: /uploads/news/24/2416/5/2416529-spc-to-ban-unvaccinated-workers-from-sites.jpg
pragma: no-cache
cookie: PHPSESSID=3ac8815262daa871b9cff81407d0b970; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%222da6f83d7588118f519b1ec8867cf718%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628137739%22%3B%7Deb7f5f935b914b7ba654ce0763dab140
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 04:28:59 GMT
last-modified: Thu, 05 Aug 2021 04:00:34 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "610b6262-1197e"
content-length: 72062
content-type: image/jpeg

GET
H2 200 2416515-tokyo-olympics-live-updates-mens-park-skateboarding-gets-underway-with-austral.jpg
au.bfn.today/uploads/news/24/2416/5/ 87 KB
87 KB 65ms
7ms Image
image/jpeg 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/uploads/news/24/2416/5/2416515-tokyo-olympics-live-updates-mens-park-skateboarding-gets-underway-with-austral.jpg
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: c4e898cc0f15486a1729f6fded9d401774c02ffbda819e6b557671b35c254c8f

Request headers

:path: /uploads/news/24/2416/5/2416515-tokyo-olympics-live-updates-mens-park-skateboarding-gets-underway-with-austral.jpg
pragma: no-cache
cookie: PHPSESSID=3ac8815262daa871b9cff81407d0b970; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%222da6f83d7588118f519b1ec8867cf718%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628137739%22%3B%7Deb7f5f935b914b7ba654ce0763dab140
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 04:28:59 GMT
last-modified: Thu, 05 Aug 2021 04:00:28 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "610b625c-15cde"
content-length: 89310
content-type: image/jpeg

GET
H2 200 2416507-tuchel-speaks-about-chelsea-move-for-fantastic-lukaku.jpg
au.bfn.today/uploads/news/24/2416/5/ 53 KB
54 KB 65ms
7ms Image
image/jpeg 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/uploads/news/24/2416/5/2416507-tuchel-speaks-about-chelsea-move-for-fantastic-lukaku.jpg
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: d5ec86d35338d9bd70d59280b897b944b724bd3c52a9ef6700bd3d62707b1b65

Request headers

:path: /uploads/news/24/2416/5/2416507-tuchel-speaks-about-chelsea-move-for-fantastic-lukaku.jpg
pragma: no-cache
cookie: PHPSESSID=3ac8815262daa871b9cff81407d0b970; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%222da6f83d7588118f519b1ec8867cf718%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628137739%22%3B%7Deb7f5f935b914b7ba654ce0763dab140
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 04:28:59 GMT
last-modified: Thu, 05 Aug 2021 04:00:25 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "610b6259-d563"
content-length: 54627
content-type: image/jpeg

GET
H2 200 2416483-gold-medallist-salutes-the-australian-guy-as-peter-bol-captures-hearts-in-toky.jpg
au.bfn.today/uploads/news/24/2416/4/ 79 KB
79 KB 65ms
7ms Image
image/jpeg 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/uploads/news/24/2416/4/2416483-gold-medallist-salutes-the-australian-guy-as-peter-bol-captures-hearts-in-toky.jpg
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: a3b15aefdb6344c9cdebcf37c8d6051cdec6d2447ee40bf2169a3cfe43299a03

Request headers

:path: /uploads/news/24/2416/4/2416483-gold-medallist-salutes-the-australian-guy-as-peter-bol-captures-hearts-in-toky.jpg
pragma: no-cache
cookie: PHPSESSID=3ac8815262daa871b9cff81407d0b970; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%222da6f83d7588118f519b1ec8867cf718%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628137739%22%3B%7Deb7f5f935b914b7ba654ce0763dab140
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 04:28:59 GMT
last-modified: Thu, 05 Aug 2021 04:00:13 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "610b624d-13b34"
content-length: 80692
content-type: image/jpeg

GET
H2 200 2416481-chelsea-vs-tottenham-hotspur-friendly-live-blog-highlights.jpg
au.bfn.today/uploads/news/24/2416/4/ 177 KB
177 KB 65ms
7ms Image
image/jpeg 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/uploads/news/24/2416/4/2416481-chelsea-vs-tottenham-hotspur-friendly-live-blog-highlights.jpg
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 0c763b2bc141e60e71bb6a1b4368181f5c4f2886c9b9bb40856c44a165f3e795

Request headers

:path: /uploads/news/24/2416/4/2416481-chelsea-vs-tottenham-hotspur-friendly-live-blog-highlights.jpg
pragma: no-cache
cookie: PHPSESSID=3ac8815262daa871b9cff81407d0b970; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%222da6f83d7588118f519b1ec8867cf718%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628137739%22%3B%7Deb7f5f935b914b7ba654ce0763dab140
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 04:28:59 GMT
last-modified: Thu, 05 Aug 2021 04:00:11 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "610b624b-2c417"
content-length: 181271
content-type: image/jpeg

GET
H2 200 2416469-australia-weekly-jobs-data-jobs-down-again.jpg
au.bfn.today/uploads/news/24/2416/4/ 39 KB
39 KB 65ms
8ms Image
image/jpeg 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/uploads/news/24/2416/4/2416469-australia-weekly-jobs-data-jobs-down-again.jpg
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: f2ec4e93143210272cb132828a0364b16bb89869ea543036ae79c47095b25137

Request headers

:path: /uploads/news/24/2416/4/2416469-australia-weekly-jobs-data-jobs-down-again.jpg
pragma: no-cache
cookie: PHPSESSID=3ac8815262daa871b9cff81407d0b970; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%222da6f83d7588118f519b1ec8867cf718%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628137739%22%3B%7Deb7f5f935b914b7ba654ce0763dab140
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 04:28:59 GMT
last-modified: Thu, 05 Aug 2021 03:40:05 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "610b5d95-9c38"
content-length: 39992
content-type: image/jpeg

GET
H2 200 389b612378e41f0523094b7e7737ce24
live-production.wcms.abc-cdn.net.au/ 121 KB
121 KB 232ms
104ms Image
image/webp 2.18.232.124
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live-production.wcms.abc-cdn.net.au/389b612378e41f0523094b7e7737ce24?impolicy=wcms_crop_resize&cropH=821&cropW=1460&xPos=0&yPos=15&width=862&height=485
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-124.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: f5f90094f055409da43d1cabac5c88e726a63df72127ca35b90cdebf698cc8eb

Request headers

Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 04:28:59 GMT
last-modified: Thu, 05 Aug 2021 01:07:40 GMT
server: Akamai Image Manager
etag: "389b612378e41f0523094b7e7737ce24"
content-type: image/webp
cache-control: private, no-transform, max-age=43200
content-length: 123586
expires: Thu, 05 Aug 2021 16:28:59 GMT

GET
H2 200 australia-jobs-05-august-2021.png
az705044.vo.msecnd.net/20210805/ 39 KB
40 KB 89ms
9ms Image
application/octet-stream 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://az705044.vo.msecnd.net/20210805/australia-jobs-05-august-2021.png
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F3C) /
Resource Hash: f2ec4e93143210272cb132828a0364b16bb89869ea543036ae79c47095b25137

Request headers

Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 05 Aug 2021 04:28:59 GMT
content-md5: tW1vERj0cUYWSJtdr1BE2w==
age: 9158
x-cache: HIT
content-length: 39992
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 05 Aug 2021 01:52:55 GMT
server: ECAcc (frc/8F3C)
etag: "0x8D957B3BE9DAD40"
content-type: application/octet-stream
access-control-allow-origin: *
x-ms-request-id: 425db904-101e-00d3-569d-8999da000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version: 2014-02-14
accept-ranges: bytes

GET
H2 200 2416460-wa-miners-close-contacts-test-negative.jpg
au.bfn.today/uploads/news/24/2416/4/ 93 KB
93 KB 65ms
8ms Image
image/jpeg 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/uploads/news/24/2416/4/2416460-wa-miners-close-contacts-test-negative.jpg
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 485a3191b9aea1d5aa26da71dfe7f706e3de071bd6292c3c11cca1a7e2fa29e1

Request headers

:path: /uploads/news/24/2416/4/2416460-wa-miners-close-contacts-test-negative.jpg
pragma: no-cache
cookie: PHPSESSID=3ac8815262daa871b9cff81407d0b970; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%222da6f83d7588118f519b1ec8867cf718%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628137739%22%3B%7Deb7f5f935b914b7ba654ce0763dab140
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 04:28:59 GMT
last-modified: Thu, 05 Aug 2021 03:35:08 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "610b5c6c-1726f"
content-length: 94831
content-type: image/jpeg

GET
H2 200 9990-western-australia.jpg
au.bfn.today/uploads/trends/0/9/9/ 5 KB
5 KB 65ms
8ms Image
image/jpeg 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/uploads/trends/0/9/9/9990-western-australia.jpg
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 81146c57577354a1f9e098a7387221251c26c6ddd2604712ebaa65d3017d8108

Request headers

:path: /uploads/trends/0/9/9/9990-western-australia.jpg
pragma: no-cache
cookie: PHPSESSID=3ac8815262daa871b9cff81407d0b970; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%222da6f83d7588118f519b1ec8867cf718%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628137739%22%3B%7Deb7f5f935b914b7ba654ce0763dab140
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 04:28:59 GMT
last-modified: Thu, 05 Aug 2021 00:30:08 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "610b3110-129c"
content-length: 4764
content-type: image/jpeg

GET
H2 200 88152-summer-olympic-games.jpg
au.bfn.today/uploads/trends/0/88/1/ 6 KB
6 KB 65ms
8ms Image
image/jpeg 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/uploads/trends/0/88/1/88152-summer-olympic-games.jpg
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 08be1331828368837d829cfb3874c9a3c513f767e929c7a908bd0ad2316f538a

Request headers

:path: /uploads/trends/0/88/1/88152-summer-olympic-games.jpg
pragma: no-cache
cookie: PHPSESSID=3ac8815262daa871b9cff81407d0b970; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%222da6f83d7588118f519b1ec8867cf718%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628137739%22%3B%7Deb7f5f935b914b7ba654ce0763dab140
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 04:28:59 GMT
last-modified: Thu, 05 Aug 2021 03:30:15 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "610b5b47-196b"
content-length: 6507
content-type: image/jpeg

GET
H2 200 129559-lockdown.jpg
au.bfn.today/uploads/trends/1/129/5/ 7 KB
7 KB 65ms
8ms Image
image/jpeg 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/uploads/trends/1/129/5/129559-lockdown.jpg
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: e30956db5443e6fae0f2e4df14b2057c68ebfc29653be95fbf46fc8500dc3c0e

Request headers

:path: /uploads/trends/1/129/5/129559-lockdown.jpg
pragma: no-cache
cookie: PHPSESSID=3ac8815262daa871b9cff81407d0b970; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%222da6f83d7588118f519b1ec8867cf718%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628137739%22%3B%7Deb7f5f935b914b7ba654ce0763dab140
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 04:28:59 GMT
last-modified: Wed, 04 Aug 2021 21:30:17 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "610b06e9-1aed"
content-length: 6893
content-type: image/jpeg

GET
H2 403 /
au.bfn.today/uploads/trends/0/11/7/ 310 B
310 B 71ms
10ms Image
text/html 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/uploads/trends/0/11/7/
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 1ed8775217b8604abd66d1952c0fdfe1142e93fcaf8dbbe60619e1ba2fc91ed2

Request headers

:path: /uploads/trends/0/11/7/
pragma: no-cache
cookie: PHPSESSID=3ac8815262daa871b9cff81407d0b970; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%222da6f83d7588118f519b1ec8867cf718%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628137739%22%3B%7Deb7f5f935b914b7ba654ce0763dab140
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 04:28:59 GMT
content-encoding: gzip
server: nginx/1.14.2
content-type: text/html; charset=iso-8859-1

GET
H2 200 8733-victoria.jpg
au.bfn.today/uploads/trends/0/8/7/ 7 KB
7 KB 68ms
7ms Image
image/jpeg 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/uploads/trends/0/8/7/8733-victoria.jpg
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 2466ba854fa1d4de1783d934ab7be07aa293491b3308788092cf0a9fffad5641

Request headers

:path: /uploads/trends/0/8/7/8733-victoria.jpg
pragma: no-cache
cookie: PHPSESSID=3ac8815262daa871b9cff81407d0b970; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%222da6f83d7588118f519b1ec8867cf718%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628137739%22%3B%7Deb7f5f935b914b7ba654ce0763dab140
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 04:28:59 GMT
last-modified: Thu, 05 Aug 2021 03:30:05 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "610b5b3d-1a26"
content-length: 6694
content-type: image/jpeg

GET
H2 200 8031-facebook.jpg
au.bfn.today/uploads/trends/0/8/0/ 4 KB
4 KB 68ms
8ms Image
image/jpeg 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/uploads/trends/0/8/0/8031-facebook.jpg
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 3c78564245638d7bc2dc98b76ac0f8c25ca52f215794b512e457dd3d1f0cbf3d

Request headers

:path: /uploads/trends/0/8/0/8031-facebook.jpg
pragma: no-cache
cookie: PHPSESSID=3ac8815262daa871b9cff81407d0b970; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%222da6f83d7588118f519b1ec8867cf718%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628137739%22%3B%7Deb7f5f935b914b7ba654ce0763dab140
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 04:28:59 GMT
last-modified: Thu, 05 Aug 2021 01:30:20 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "610b3f2c-e66"
content-length: 3686
content-type: image/jpeg

GET
H2 200 307049-arlo.jpg
au.bfn.today/uploads/trends/3/307/0/ 4 KB
4 KB 68ms
8ms Image
image/jpeg 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/uploads/trends/3/307/0/307049-arlo.jpg
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: a0879a9e7ceb1babb484b1554eaf3e6741d7c2049fa4fd1ce9939a026aa3123e

Request headers

:path: /uploads/trends/3/307/0/307049-arlo.jpg
pragma: no-cache
cookie: PHPSESSID=3ac8815262daa871b9cff81407d0b970; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%222da6f83d7588118f519b1ec8867cf718%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628137739%22%3B%7Deb7f5f935b914b7ba654ce0763dab140
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 04:28:59 GMT
last-modified: Wed, 04 Aug 2021 20:30:17 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "610af8d9-10f1"
content-length: 4337
content-type: image/jpeg

GET
H2 200 173358-red-giant.jpg
au.bfn.today/uploads/trends/1/173/3/ 4 KB
4 KB 68ms
8ms Image
image/jpeg 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/uploads/trends/1/173/3/173358-red-giant.jpg
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: d1dd55dddcc3783f05717fd05a1b095ac6c7c58ef9cc770c414967f0c6cea60c

Request headers

:path: /uploads/trends/1/173/3/173358-red-giant.jpg
pragma: no-cache
cookie: PHPSESSID=3ac8815262daa871b9cff81407d0b970; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%222da6f83d7588118f519b1ec8867cf718%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628137739%22%3B%7Deb7f5f935b914b7ba654ce0763dab140
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 04:28:59 GMT
last-modified: Thu, 05 Aug 2021 02:30:18 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "610b4d3a-eb3"
content-length: 3763
content-type: image/jpeg

GET
H2 403 /
au.bfn.today/uploads/trends/3/307/1/ 311 B
311 B 70ms
10ms Image
text/html 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/uploads/trends/3/307/1/
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 39dce7dce76a22ec89dc8a28bc70916666a7e9fc5f2e54fe72dab955d584adcb

Request headers

:path: /uploads/trends/3/307/1/
pragma: no-cache
cookie: PHPSESSID=3ac8815262daa871b9cff81407d0b970; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%222da6f83d7588118f519b1ec8867cf718%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628137739%22%3B%7Deb7f5f935b914b7ba654ce0763dab140
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 04:28:59 GMT
content-encoding: gzip
server: nginx/1.14.2
content-type: text/html; charset=iso-8859-1

GET
H2 200 297935-lockdown-melbourne.jpg
au.bfn.today/uploads/trends/2/297/9/ 3 KB
3 KB 68ms
8ms Image
image/jpeg 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/uploads/trends/2/297/9/297935-lockdown-melbourne.jpg
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: eb0c630e2d079b12b3396f52f102172f52a0028e54218dd3d20f4c0973dd1824

Request headers

:path: /uploads/trends/2/297/9/297935-lockdown-melbourne.jpg
pragma: no-cache
cookie: PHPSESSID=3ac8815262daa871b9cff81407d0b970; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%222da6f83d7588118f519b1ec8867cf718%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628137739%22%3B%7Deb7f5f935b914b7ba654ce0763dab140
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 04:28:59 GMT
last-modified: Thu, 05 Aug 2021 03:00:12 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "610b543c-beb"
content-length: 3051
content-type: image/jpeg

GET
H2 200 47718-rihanna.jpg
au.bfn.today/uploads/trends/0/47/7/ 5 KB
5 KB 68ms
8ms Image
image/jpeg 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/uploads/trends/0/47/7/47718-rihanna.jpg
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: d4c64663dd7e1c97002e136886708f8e65349ba24575ef2898da47f34b497e74

Request headers

:path: /uploads/trends/0/47/7/47718-rihanna.jpg
pragma: no-cache
cookie: PHPSESSID=3ac8815262daa871b9cff81407d0b970; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%222da6f83d7588118f519b1ec8867cf718%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628137739%22%3B%7Deb7f5f935b914b7ba654ce0763dab140
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 04:28:59 GMT
last-modified: Thu, 05 Aug 2021 01:30:15 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "610b3f27-148f"
content-length: 5263
content-type: image/jpeg

GET
H2 200 28077-newcastle.jpg
au.bfn.today/uploads/trends/0/28/0/ 4 KB
4 KB 68ms
8ms Image
image/jpeg 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/uploads/trends/0/28/0/28077-newcastle.jpg
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 52f84c927f93c7491134d30811a15b25d501951881068c78d886ac41549c996a

Request headers

:path: /uploads/trends/0/28/0/28077-newcastle.jpg
pragma: no-cache
cookie: PHPSESSID=3ac8815262daa871b9cff81407d0b970; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%222da6f83d7588118f519b1ec8867cf718%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628137739%22%3B%7Deb7f5f935b914b7ba654ce0763dab140
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 04:28:59 GMT
last-modified: Wed, 04 Aug 2021 21:30:13 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "610b06e5-e37"
content-length: 3639
content-type: image/jpeg

GET
H2 200 9373-rafael-nadal.jpg
au.bfn.today/uploads/trends/0/9/3/ 4 KB
4 KB 68ms
9ms Image
image/jpeg 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/uploads/trends/0/9/3/9373-rafael-nadal.jpg
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: c7b5c9b16bae7538bf7b7651dd67ea35b8a06d2124689cc401f70030d070c321

Request headers

:path: /uploads/trends/0/9/3/9373-rafael-nadal.jpg
pragma: no-cache
cookie: PHPSESSID=3ac8815262daa871b9cff81407d0b970; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%222da6f83d7588118f519b1ec8867cf718%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628137739%22%3B%7Deb7f5f935b914b7ba654ce0763dab140
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 04:28:59 GMT
last-modified: Thu, 05 Aug 2021 03:00:48 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "610b5460-1166"
content-length: 4454
content-type: image/jpeg

GET
H2 200 152468-endodontics.jpg
au.bfn.today/uploads/trends/1/152/4/ 5 KB
5 KB 67ms
9ms Image
image/jpeg 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/uploads/trends/1/152/4/152468-endodontics.jpg
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 22ec7e312034b7735a13c7a4f11aaf82fab9f9d4dc4e9b06cb4c20b191da4295

Request headers

:path: /uploads/trends/1/152/4/152468-endodontics.jpg
pragma: no-cache
cookie: PHPSESSID=3ac8815262daa871b9cff81407d0b970; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%222da6f83d7588118f519b1ec8867cf718%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628137739%22%3B%7Deb7f5f935b914b7ba654ce0763dab140
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 04:28:59 GMT
last-modified: Thu, 05 Aug 2021 01:30:12 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "610b3f24-150c"
content-length: 5388
content-type: image/jpeg

GET
H2 200 7756-finance.jpg
au.bfn.today/uploads/trends/0/7/7/ 6 KB
6 KB 67ms
9ms Image
image/jpeg 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/uploads/trends/0/7/7/7756-finance.jpg
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: cdc74a36cc34a04506f1d7358535165d6a107cea07bec1c407d4a91949bbef9f

Request headers

:path: /uploads/trends/0/7/7/7756-finance.jpg
pragma: no-cache
cookie: PHPSESSID=3ac8815262daa871b9cff81407d0b970; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%222da6f83d7588118f519b1ec8867cf718%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628137739%22%3B%7Deb7f5f935b914b7ba654ce0763dab140
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 04:28:59 GMT
last-modified: Thu, 05 Aug 2021 00:30:04 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "610b310c-16a3"
content-length: 5795
content-type: image/jpeg

GET
H2 200 90044-ghost-of-tsushima.jpg
au.bfn.today/uploads/trends/0/90/0/ 3 KB
4 KB 67ms
9ms Image
image/jpeg 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/uploads/trends/0/90/0/90044-ghost-of-tsushima.jpg
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 61df934345c133b0a34b6f53bff0e12db10724b53625974f21bb99e5a51aae84

Request headers

:path: /uploads/trends/0/90/0/90044-ghost-of-tsushima.jpg
pragma: no-cache
cookie: PHPSESSID=3ac8815262daa871b9cff81407d0b970; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%222da6f83d7588118f519b1ec8867cf718%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628137739%22%3B%7Deb7f5f935b914b7ba654ce0763dab140
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 04:28:59 GMT
last-modified: Thu, 05 Aug 2021 01:30:17 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "610b3f29-daa"
content-length: 3498
content-type: image/jpeg

GET
H2 200 307170-latvia.jpg
au.bfn.today/uploads/trends/3/307/1/ 4 KB
4 KB 67ms
9ms Image
image/jpeg 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/uploads/trends/3/307/1/307170-latvia.jpg
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 26aa0477481121ebfb540cfdec83142352b5068e45b98bb7563b2b6ae3ee8adf

Request headers

:path: /uploads/trends/3/307/1/307170-latvia.jpg
pragma: no-cache
cookie: PHPSESSID=3ac8815262daa871b9cff81407d0b970; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%222da6f83d7588118f519b1ec8867cf718%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628137739%22%3B%7Deb7f5f935b914b7ba654ce0763dab140
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 04:28:59 GMT
last-modified: Thu, 05 Aug 2021 04:00:25 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "610b6259-f6e"
content-length: 3950
content-type: image/jpeg

GET
H2 200 307159-spc.jpg
au.bfn.today/uploads/trends/3/307/1/ 2 KB
3 KB 67ms
9ms Image
image/jpeg 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/uploads/trends/3/307/1/307159-spc.jpg
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: e9f4e00dc71e02bc39559293b6e91c1f54b63be2745c0b1b3b99c56b1db8f4ad

Request headers

:path: /uploads/trends/3/307/1/307159-spc.jpg
pragma: no-cache
cookie: PHPSESSID=3ac8815262daa871b9cff81407d0b970; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%222da6f83d7588118f519b1ec8867cf718%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628137739%22%3B%7Deb7f5f935b914b7ba654ce0763dab140
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 04:28:59 GMT
last-modified: Thu, 05 Aug 2021 03:00:41 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "610b5459-991"
content-length: 2449
content-type: image/jpeg

GET
H2 200 307157-allyson-felix.jpg
au.bfn.today/uploads/trends/3/307/1/ 2 KB
2 KB 67ms
10ms Image
image/jpeg 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/uploads/trends/3/307/1/307157-allyson-felix.jpg
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: ca8fa10ef95889dc98723dc92b23995c688cc12c49c928fd486e2d1a6f24c8fc

Request headers

:path: /uploads/trends/3/307/1/307157-allyson-felix.jpg
pragma: no-cache
cookie: PHPSESSID=3ac8815262daa871b9cff81407d0b970; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%222da6f83d7588118f519b1ec8867cf718%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628137739%22%3B%7Deb7f5f935b914b7ba654ce0763dab140
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 04:28:59 GMT
last-modified: Thu, 05 Aug 2021 03:00:21 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "610b5445-967"
content-length: 2407
content-type: image/jpeg

GET
H2 200 307090-club-atltico-river-plate.jpg
au.bfn.today/uploads/trends/3/307/0/ 5 KB
5 KB 67ms
10ms Image
image/jpeg 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.bfn.today/uploads/trends/3/307/0/307090-club-atltico-river-plate.jpg
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 97d09c37799edf71ef7c57b093b407a71358a92f05bc9fab836f56c0d82db8a5

Request headers

:path: /uploads/trends/3/307/0/307090-club-atltico-river-plate.jpg
pragma: no-cache
cookie: PHPSESSID=3ac8815262daa871b9cff81407d0b970; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%222da6f83d7588118f519b1ec8867cf718%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628137739%22%3B%7Deb7f5f935b914b7ba654ce0763dab140
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.bfn.today
referer: https://au.bfn.today/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 04:28:59 GMT
last-modified: Wed, 04 Aug 2021 22:30:10 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "610b14f2-132a"
content-length: 4906
content-type: image/jpeg

GET
H2 200 index.js Show response
au.bfn.today/min/f=design/js/Waterfall.js,design/js/jquery.cookie.js,design/js/jquery.base64.min.js,design/js/jquery.smartbanner.js,design/plugins/jquery.scrollTo.min.js,design/plugins/fancybox-mas... 87 KB
28 KB 4ms
4ms Script
application/x-javascript 2a01:4f8:10a:2e93::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://au.bfn.today/min/f=design/js/Waterfall.js,design/js/jquery.cookie.js,design/js/jquery.base64.min.js,design/js/jquery.smartbanner.js,design/plugins/jquery.scrollTo.min.js,design/plugins/fancybox-master/dist/jquery.fancybox.min.js,design/plugins/cookie-popup/src/stick-to-me.js,design/primary/js/index.js?v=1.09
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:4f8:10a:2e93::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.2 / PHP/5.6.40
Resource Hash: 2a27a5c3b2c3554687cc386063e64ad7b7eaae09018eecebbaedd325c5c9da5e

Request headers

:path: /min/f=design/js/Waterfall.js,design/js/jquery.cookie.js,design/js/jquery.base64.min.js,design/js/jquery.smartbanner.js,design/plugins/jquery.scrollTo.min.js,design/plugins/fancybox-master/dist/jquery.fancybox.min.js,design/plugins/cookie-popup/src/stick-to-me.js,design/primary/js/index.js?v=1.09
pragma: no-cache
cookie: PHPSESSID=3ac8815262daa871b9cff81407d0b970; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%222da6f83d7588118f519b1ec8867cf718%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628137739%22%3B%7Deb7f5f935b914b7ba654ce0763dab140
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: au.bfn.today
referer: https://au.bfn.today/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 04:28:59 GMT
content-encoding: gzip
last-modified: Tue, 03 Aug 2021 13:28:57 GMT
server: nginx/1.14.2
x-powered-by: PHP/5.6.40
etag: "pub1627997337;gz"
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=2419200
content-length: 28649
expires: Thu, 02 Sep 2021 04:28:59 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 79ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: au.bfn.today
URL: https://au.bfn.today/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67BA) /
Resource Hash: 8db61f95a8f3554830efc6c3942b7322efef09b9d7f0cbfe32135e0fac106d18

Request headers

Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 05 Aug 2021 04:28:59 GMT
Content-Encoding: gzip
Last-Modified: Mon, 02 Aug 2021 20:34:57 GMT
Server: ECS (frb/67BA)
Age: 672
Etag: "d405b816322f9770c70cbd10cfa87be4+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 28872

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 85 KB
34 KB 76ms
16ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K8BZGXP

Requested by

Host: au.bfn.today
URL: https://au.bfn.today/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

238ac64ec5166170bb4f737214ec939a6de6583cf713b234dc89189e85235235

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 04:28:59 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34803
x-xss-protection: 0
last-modified: Thu, 05 Aug 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 05 Aug 2021 04:28:59 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 12ms
6ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-135917903-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 18:24:06 GMT
server: Golfe2
age: 4518
date: Thu, 05 Aug 2021 03:13:41 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19672
expires: Thu, 05 Aug 2021 05:13:41 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 22ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: au.bfn.today
URL: https://au.bfn.today/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c4243f7f5aa95631ca62fab376c3804859e808b66d373d07270872d23b8b081b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25944
x-xss-protection: 0
pragma: public
x-fb-debug: qn7BWpGkVi90lsTE4o64OhlsVICfakoL6A+ZWOhWWxZjUSH/ccK+XUwCwygf+xAyHFZi98I361ZgQgyiUGOHJw==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Thu, 05 Aug 2021 04:29:00 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 like.php Show response
www.facebook.com/plugins/ Frame F015 0
346 B 31ms
30ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2FBFN-Today-AU-2239263149723466%2F&width=99&layout=button_count&action=like&size=small&show_faces=false&share=false&height=65&appId=2002365043406460

Requested by

Host: au.bfn.today
URL: https://au.bfn.today/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2FBFN-Today-AU-2239263149723466%2F&width=99&layout=button_count&action=like&size=small&show_faces=false&share=false&height=65&appId=2002365043406460
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://au.bfn.today/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://au.bfn.today/

Response headers

content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: 5jLB/6sVmx/59L6Evcw/c/ZNgfQKOY3kqmw0CuRunVBEQgojWgxygvfY3MrVBFk6TJK8IPi3SUYCZBvEk1J+dg==
content-length: 0
date: Thu, 05 Aug 2021 04:29:00 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 13ms
13ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&a=178994937&t=pageview&_s=1&dl=https%3A%2F%2Fau.bfn.today%2F&ul=en-us&de=UTF-8&dt=BFN%20AU%20%E2%9E%A2%20What%20are%20people%20interested%20right%20now%20in%20Australia%20%E2%9E%A2%20Latest%20news%20in%20real%20time&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1971213614&gjid=516846530&cid=510175085.1628137740&tid=UA-135917903-1&_gid=1752489143.1628137740&_r=1&gtm=2ou840&z=910839176

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 05 Aug 2021 04:29:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://au.bfn.today
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?t45.1;r;s1600*1200*24;uhttps%3A//au.bfn.today/;hBFN%20AU%20%u27A2%20What%20are%20people%20interested%20right%20now%20in%20Australia%20%u27A2%20Latest%20news%20in%20real...
https://counter.yadro.ru/hit?q;t45.1;r;s1600*1200*24;uhttps%3A//au.bfn.today/;hBFN%20AU%20%u27A2%20What%20are%20people%20interested%20right%20now%20in%20Australia%20%u27A2%20Latest%20news%20in%20re...

112 B
598 B

58ms
56ms

Image
image/gif

88.212.201.216
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t45.1;r;s1600*1200*24;uhttps%3A//au.bfn.today/;hBFN%20AU%20%u27A2%20What%20are%20people%20interested%20right%20now%20in%20Australia%20%u27A2%20Latest%20news%20in%20real%20time;0.5268614084402661

Requested by

Host: au.bfn.today
URL: https://au.bfn.today/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

88.212.201.216 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host216.rax.ru

Software

nginx/1.17.9 /

Resource Hash

bb51b9caddb8a0e55d70c819b8a8903fbf2f94b7ad453653ec6aa0e823524276

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Aug 2021 04:29:00 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 112
Expires: Tue, 04 Aug 2020 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 05 Aug 2021 04:29:00 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit?q;t45.1;r;s1600*1200*24;uhttps%3A//au.bfn.today/;hBFN%20AU%20%u27A2%20What%20are%20people%20interested%20right%20now%20in%20Australia%20%u27A2%20Latest%20news%20in%20real%20time;0.5268614084402661
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Tue, 04 Aug 2020 21:00:00 GMT

GET
H2 200 watch.js Show response
cdn.jsdelivr.net/npm/yandex-metrica-watch/ 132 KB
54 KB 25ms
6ms Script
application/javascript 2a04:4e42:3::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js

Requested by

Host: au.bfn.today
URL: https://au.bfn.today/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

de58b6e5c3781bde166418651ec266bb3514796a66c9da5f564e6dcd2b99d246

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 32422
x-jsd-version: 1.196.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 54513
etag: W/"211bf-pSg9BbDtXbq3HUEkgExR8M4zGts"
x-served-by: cache-fra19137-FRA
x-jsd-version-type: version
date: Thu, 05 Aug 2021 04:29:00 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H3-29 200 2018959031732779 Show response
connect.facebook.net/signals/config/ 253 KB
72 KB 14ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2018959031732779?v=2.9.44&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

01e112992c9c8e05b9c0c86c6fb48a63017e8f448dad4a55c66e599c24afb3dc

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 73344
x-xss-protection: 0
pragma: public
x-fb-debug: WBhjolspbV6IthDM2BH/NIJUpPfy11PA2FKZc+uESHaiQv9jdvc4p9v871GLxRE48YTA3dWZjWiIdNJnVKMa5g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 05 Aug 2021 04:29:00 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html Show response
platform.twitter.com/widgets/ Frame 7973 319 KB
103 KB 6ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Fau.bfn.today
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67F3) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://au.bfn.today/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://au.bfn.today/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 110239
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Thu, 05 Aug 2021 04:29:00 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Mon, 02 Aug 2021 20:33:53 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67F3)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105433

GET
H2

200

1 Show response
mc.yandex.ru/watch/3/
Redirect Chain

https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fau.bfn.today%2F&page-ref=&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aaldhbm6iwj27vyl3%3Afp%3A105%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ae...
https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fau.bfn.today%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aaldhbm6iwj27vyl3%3Afp%3A105%3Afu%3A0%3Aen%3Autf-8%3Ala%3A...

167 B
229 B

48ms
47ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fau.bfn.today%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aaldhbm6iwj27vyl3%3Afp%3A105%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A608%3Acn%3A2%3Adp%3A0%3Als%3A450799351257%3Ahid%3A676544406%3Az%3A120%3Ai%3A20210805062900%3Aet%3A1628137740%3Ac%3A1%3Arn%3A145027000%3Au%3A16281377401012043686%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1628137739729%3Ads%3A1%2C3%2C11%2C1%2C0%2C0%2C%2C375%2C1%2C%2C%2C%2C408%3Adsn%3A1%2C3%2C11%2C1%2C0%2C0%2C%2C377%2C1%2C%2C%2C%2C408%3Ati%3A2%3Ast%3A1628137740

Requested by

Host: au.bfn.today
URL: https://au.bfn.today/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

05e04dfe552ab41f6ae757839640db19b7e75ddd698e1f694eb1ef978ad45153

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Aug 2021 04:29:00 GMT
x-content-type-options: nosniff
last-modified: Thu, 05-Aug-2021 04:29:00 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://au.bfn.today
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 167
x-xss-protection: 1; mode=block
expires: Thu, 05-Aug-2021 04:29:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 05 Aug 2021 04:29:00 GMT
last-modified: Thu, 05-Aug-2021 04:29:00 GMT
location: /watch/3/1?wmode=7&page-url=https%3A%2F%2Fau.bfn.today%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aaldhbm6iwj27vyl3%3Afp%3A105%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A608%3Acn%3A2%3Adp%3A0%3Als%3A450799351257%3Ahid%3A676544406%3Az%3A120%3Ai%3A20210805062900%3Aet%3A1628137740%3Ac%3A1%3Arn%3A145027000%3Au%3A16281377401012043686%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1628137739729%3Ads%3A1%2C3%2C11%2C1%2C0%2C0%2C%2C375%2C1%2C%2C%2C%2C408%3Adsn%3A1%2C3%2C11%2C1%2C0%2C0%2C%2C377%2C1%2C%2C%2C%2C408%3Ati%3A2%3Ast%3A1628137740
strict-transport-security: max-age=31536000
access-control-allow-origin: https://au.bfn.today
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Thu, 05-Aug-2021 04:29:00 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/48716129/
Redirect Chain

https://mc.yandex.ru/watch/48716129?wmode=7&page-url=https%3A%2F%2Fau.bfn.today%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aaldhbm6iwj27vyl3%3Afp%3A105%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-U...
https://mc.yandex.ru/watch/48716129/1?wmode=7&page-url=https%3A%2F%2Fau.bfn.today%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aaldhbm6iwj27vyl3%3Afp%3A105%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen...

335 B
417 B

45ms
44ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/48716129/1?wmode=7&page-url=https%3A%2F%2Fau.bfn.today%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aaldhbm6iwj27vyl3%3Afp%3A105%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A608%3Acn%3A1%3Adp%3A0%3Als%3A759044664317%3Ahid%3A676544406%3Az%3A120%3Ai%3A20210805062900%3Aet%3A1628137740%3Ac%3A1%3Arn%3A118936038%3Au%3A16281377401012043686%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1628137739729%3Ads%3A1%2C3%2C11%2C1%2C0%2C0%2C%2C375%2C1%2C%2C%2C%2C408%3Adsn%3A1%2C3%2C11%2C1%2C0%2C0%2C%2C377%2C1%2C%2C%2C%2C408%3Arqnl%3A1%3Ati%3A2%3Ast%3A1628137740%3At%3ABFN%20AU%20%E2%9E%A2%20What%20are%20people%20interested%20right%20now%20in%20Australia%20%E2%9E%A2%20Latest%20news%20in%20real%20time

Requested by

Host: au.bfn.today
URL: https://au.bfn.today/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

14e27b76c786d211d6e93bd62533dfbc500db34291d796436703258ac7c207a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Aug 2021 04:29:00 GMT
x-content-type-options: nosniff
last-modified: Thu, 05-Aug-2021 04:29:00 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://au.bfn.today
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 335
x-xss-protection: 1; mode=block
expires: Thu, 05-Aug-2021 04:29:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 05 Aug 2021 04:29:00 GMT
last-modified: Thu, 05-Aug-2021 04:29:00 GMT
location: /watch/48716129/1?wmode=7&page-url=https%3A%2F%2Fau.bfn.today%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aaldhbm6iwj27vyl3%3Afp%3A105%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A608%3Acn%3A1%3Adp%3A0%3Als%3A759044664317%3Ahid%3A676544406%3Az%3A120%3Ai%3A20210805062900%3Aet%3A1628137740%3Ac%3A1%3Arn%3A118936038%3Au%3A16281377401012043686%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1628137739729%3Ads%3A1%2C3%2C11%2C1%2C0%2C0%2C%2C375%2C1%2C%2C%2C%2C408%3Adsn%3A1%2C3%2C11%2C1%2C0%2C0%2C%2C377%2C1%2C%2C%2C%2C408%3Arqnl%3A1%3Ati%3A2%3Ast%3A1628137740%3At%3ABFN%20AU%20%E2%9E%A2%20What%20are%20people%20interested%20right%20now%20in%20Australia%20%E2%9E%A2%20Latest%20news%20in%20real%20time
strict-transport-security: max-age=31536000
access-control-allow-origin: https://au.bfn.today
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Thu, 05-Aug-2021 04:29:00 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2018959031732779&ev=PageView&dl=https%3A%2F%2Fau.bfn.today%2F&rl=&if=false&ts=1628137740366&sw=1600&sh=1200&v=2.9.44&r=stable&ec=0&o=30&fbp=fb.1.1628137740365.109423522&it=1628137740153&coo=false&rqm=GET

Requested by

Host: au.bfn.today
URL: https://au.bfn.today/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 04:29:00 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Thu, 05 Aug 2021 04:29:00 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
289 B 104ms
44ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: au.bfn.today
URL: https://au.bfn.today/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 04:29:00 GMT
last-modified: Tue, 03 Aug 2021 10:32:13 GMT
etag: "61029ac0-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Thu, 05 Aug 2021 05:29:00 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 7973 232 B
431 B 164ms
125ms Fetch
application/json 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=cc729c09ecf84e0285ab31f2fc7f80a4430e743f

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Fau.bfn.today

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 04:29:00 GMT
content-encoding: gzip
last-modified: Thu, 05 Aug 2021 04:29:00 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 22a1eb774bc8071336896110d293c66cb0fdef685c2da27f2500d4a4f38bdd5f
content-length: 166

GET
H2

200

sync_cookie_image_decide
mc.webvisor.org/
Redirect Chain

https://mc.webvisor.org/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=9355.2hRa5qcWpvTJw3IqzcdmFfArl6jP7XI3PmUU3xnNcvCm1_jbtG2exaR16JOD4d_n.KrPVN9V1WEVbMmTuNMYu4-6S0WU%2C
https://mc.webvisor.org/sync_cookie_image_decide?token=9355._jpLbQ1qkgRvtepgrhrfY4zkOlxNEtasGOuuNPr_TXOA9imZGMbXN-mTH17gWOTzC48HOjwyrOW4LgbVAWPsW4UAOJKJQb5NMXRDI6PcUts%2C.eQdHOxL6Etge4Rjr2tu3VNyKXu...

43 B
358 B

55ms
55ms

Image
image/gif

80.239.201.61
TELIANET Telia Ca...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.webvisor.org/sync_cookie_image_decide?token=9355._jpLbQ1qkgRvtepgrhrfY4zkOlxNEtasGOuuNPr_TXOA9imZGMbXN-mTH17gWOTzC48HOjwyrOW4LgbVAWPsW4UAOJKJQb5NMXRDI6PcUts%2C.eQdHOxL6Etge4Rjr2tu3VNyKXuw%2C

Requested by

Host: au.bfn.today
URL: https://au.bfn.today/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

80.239.201.61 , Sweden, ASN1299 (TELIANET Telia Carrier, SE),

Reverse DNS

80-239-201-61.teliacarrier-cust.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 04:29:00 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.webvisor.org/sync_cookie_image_decide?token=9355._jpLbQ1qkgRvtepgrhrfY4zkOlxNEtasGOuuNPr_TXOA9imZGMbXN-mTH17gWOTzC48HOjwyrOW4LgbVAWPsW4UAOJKJQb5NMXRDI6PcUts%2C.eQdHOxL6Etge4Rjr2tu3VNyKXuw%2C
date: Thu, 05 Aug 2021 04:29:00 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108040201/ 250 KB
93 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108040201/show_ads_impl_with_ama_fy2019.js?client=ca-pub-0470186311324088&plah=au.bfn.today

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

60deabf4fc435c9659222c5269fdb38d702a130c8f1109d7ddce85903566b027

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 04:29:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95394
x-xss-protection: 0
server: cafe
etag: 1835831108026274681
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 05 Aug 2021 04:29:00 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210802/r20190131/ Frame A72E 10 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210802/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d5f3085127d154cbd72e219052312767d460633fafa6e38bb9a9446ddb03a270

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210802/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://au.bfn.today/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://au.bfn.today/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 04 Aug 2021 05:26:00 GMT
expires: Wed, 18 Aug 2021 05:26:00 GMT
content-type: text/html; charset=UTF-8
etag: 8999110079160743657
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4576
x-xss-protection: 0
age: 82980
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 199 B
258 B 27ms
27ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=au.bfn.today&callback=_gfp_s_&client=ca-pub-0470186311324088

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108040201/show_ads_impl_with_ama_fy2019.js?client=ca-pub-0470186311324088&plah=au.bfn.today

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

17bfa93034a5561e22d08205eb0b3e84b907f4d123269e5943b2433364033300

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 04:29:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 189
x-xss-protection: 0

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 28ms
28ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fau.bfn.today%2F&tn=FOOTER&ign=false&pw=1600&ph=1200&x=1575&y=1175

Requested by

Host: au.bfn.today
URL: https://au.bfn.today/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Aug 2021 04:29:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 14ms
14ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=au.bfn.today

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 05 Aug 2021 04:29:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=au.bfn.today

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 05 Aug 2021 04:29:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 85C8 9 KB
4 KB 338ms
338ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0470186311324088&output=html&adk=1812271804&adf=3025194257&lmt=1628137740&plat=1%3A16777216%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fau.bfn.today%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628137740743&bpp=3&bdt=996&idt=59&shv=r20210802&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5088455953883&frm=20&pv=2&ga_vid=510175085.1628137740&ga_sid=1628137741&ga_hid=178994937&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066435%2C20211866%2C44748391&oid=3&pvsid=939142938655781&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=77

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b5b2852f95340e2df22a233940c2dfcfc04a0b1154cf11596ca717af073755e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-0470186311324088&output=html&adk=1812271804&adf=3025194257&lmt=1628137740&plat=1%3A16777216%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fau.bfn.today%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628137740743&bpp=3&bdt=996&idt=59&shv=r20210802&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5088455953883&frm=20&pv=2&ga_vid=510175085.1628137740&ga_sid=1628137741&ga_hid=178994937&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066435%2C20211866%2C44748391&oid=3&pvsid=939142938655781&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=77
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://au.bfn.today/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://au.bfn.today/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 05 Aug 2021 04:29:01 GMT
server: cafe
content-length: 4045
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 05-Aug-2021 04:44:00 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 05 Aug 2021 04:29:01 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2596198e77ccbdab3018bee48950659e33465901f5b2060ea5439ff6c1f6a9b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 04:29:00 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628076391864921"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27992
x-xss-protection: 0
expires: Thu, 05 Aug 2021 04:29:00 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E18C 436 B
236 B 403ms
403ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0470186311324088&output=html&h=280&slotname=2242651231&adk=4104189485&adf=3530750019&pi=t.ma~as.2242651231&w=750&fwrn=4&fwrnh=100&lmt=1628137740&rafmt=1&psa=0&format=750x280&url=https%3A%2F%2Fau.bfn.today%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628137740746&bpp=2&bdt=998&idt=81&shv=r20210802&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5088455953883&frm=20&pv=1&ga_vid=510175085.1628137740&ga_sid=1628137741&ga_hid=178994937&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=160&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066435%2C20211866%2C44748391&oid=3&pvsid=939142938655781&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=nZwtpqmejd&p=https%3A//au.bfn.today&dtd=87

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47edf83fe061769d3be0f89422af8a826556945fe74fd9322ca3e58909fdad61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-0470186311324088&output=html&h=280&slotname=2242651231&adk=4104189485&adf=3530750019&pi=t.ma~as.2242651231&w=750&fwrn=4&fwrnh=100&lmt=1628137740&rafmt=1&psa=0&format=750x280&url=https%3A%2F%2Fau.bfn.today%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628137740746&bpp=2&bdt=998&idt=81&shv=r20210802&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5088455953883&frm=20&pv=1&ga_vid=510175085.1628137740&ga_sid=1628137741&ga_hid=178994937&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=160&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066435%2C20211866%2C44748391&oid=3&pvsid=939142938655781&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=nZwtpqmejd&p=https%3A//au.bfn.today&dtd=87
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://au.bfn.today/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://au.bfn.today/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 05 Aug 2021 04:29:01 GMT
server: cafe
content-length: 213
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 05-Aug-2021 04:44:00 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 05 Aug 2021 04:29:01 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 90F7 91 KB
32 KB 549ms
549ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0470186311324088&output=html&h=280&slotname=4257322551&adk=3469156498&adf=2849785891&pi=t.ma~as.4257322551&w=338&fwrn=4&fwrnh=100&lmt=1628137740&rafmt=1&psa=0&format=338x280&url=https%3A%2F%2Fau.bfn.today%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628137740748&bpp=1&bdt=1000&idt=93&shv=r20210802&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x280&nras=1&correlator=5088455953883&frm=20&pv=1&ga_vid=510175085.1628137740&ga_sid=1628137741&ga_hid=178994937&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=241&ady=536&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066435%2C20211866%2C44748391&oid=3&pvsid=939142938655781&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=ldJG0bYb8I&p=https%3A//au.bfn.today&dtd=98

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

517712796507fbdda677fcd31ff4882ef58c84f0dfb581cc95a1e78764dd7b8c

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5035074227109560645/Cemento300x250px/KeramikplatteCementoHTML5300x250.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5035074227109560645/Cemento300x250px/KeramikplatteCementoHTML5300x250.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CObzwd2FmfICFT_YEQgdH2wFNg&gqi=DGkLYYCENMWCx_APy6-pIA&layout=/sadbundle/%24csp%253Der3%24/5035074227109560645/Cemento300x250px/KeramikplatteCementoHTML5300x250.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-0470186311324088&output=html&h=280&slotname=4257322551&adk=3469156498&adf=2849785891&pi=t.ma~as.4257322551&w=338&fwrn=4&fwrnh=100&lmt=1628137740&rafmt=1&psa=0&format=338x280&url=https%3A%2F%2Fau.bfn.today%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628137740748&bpp=1&bdt=1000&idt=93&shv=r20210802&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x280&nras=1&correlator=5088455953883&frm=20&pv=1&ga_vid=510175085.1628137740&ga_sid=1628137741&ga_hid=178994937&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=241&ady=536&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066435%2C20211866%2C44748391&oid=3&pvsid=939142938655781&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=ldJG0bYb8I&p=https%3A//au.bfn.today&dtd=98
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://au.bfn.today/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://au.bfn.today/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5035074227109560645/Cemento300x250px/KeramikplatteCementoHTML5300x250.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5035074227109560645/Cemento300x250px/KeramikplatteCementoHTML5300x250.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CObzwd2FmfICFT_YEQgdH2wFNg&gqi=DGkLYYCENMWCx_APy6-pIA&layout=/sadbundle/%24csp%253Der3%24/5035074227109560645/Cemento300x250px/KeramikplatteCementoHTML5300x250.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 05 Aug 2021 04:29:01 GMT
server: cafe
content-length: 32733
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 05-Aug-2021 04:44:00 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 05 Aug 2021 04:29:01 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A429 91 KB
32 KB 953ms
953ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0470186311324088&output=html&h=280&slotname=4257322551&adk=3469156498&adf=1304380904&pi=t.ma~as.4257322551&w=338&fwrn=4&fwrnh=100&lmt=1628137740&rafmt=1&psa=0&format=338x280&url=https%3A%2F%2Fau.bfn.today%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628137740749&bpp=1&bdt=1001&idt=117&shv=r20210802&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x280%2C338x280&nras=1&correlator=5088455953883&frm=20&pv=1&ga_vid=510175085.1628137740&ga_sid=1628137741&ga_hid=178994937&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=631&ady=1154&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066435%2C20211866%2C44748391&oid=3&pvsid=939142938655781&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=c27K0wftzI&p=https%3A//au.bfn.today&dtd=120

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a975f5ae2ecf6949678db10b2ae5692cffa012179e92ec1477fdb9b03c122544

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12426026085618877317/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12426026085618877317/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CP2yw92FmfICFRoL4AodbxsFwQ&gqi=DGkLYcS-NcmKgAeTqLU4&layout=/sadbundle/%24csp%253Der3%24/12426026085618877317/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-0470186311324088&output=html&h=280&slotname=4257322551&adk=3469156498&adf=1304380904&pi=t.ma~as.4257322551&w=338&fwrn=4&fwrnh=100&lmt=1628137740&rafmt=1&psa=0&format=338x280&url=https%3A%2F%2Fau.bfn.today%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628137740749&bpp=1&bdt=1001&idt=117&shv=r20210802&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x280%2C338x280&nras=1&correlator=5088455953883&frm=20&pv=1&ga_vid=510175085.1628137740&ga_sid=1628137741&ga_hid=178994937&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=631&ady=1154&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066435%2C20211866%2C44748391&oid=3&pvsid=939142938655781&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=c27K0wftzI&p=https%3A//au.bfn.today&dtd=120
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://au.bfn.today/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://au.bfn.today/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12426026085618877317/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12426026085618877317/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CP2yw92FmfICFRoL4AodbxsFwQ&gqi=DGkLYcS-NcmKgAeTqLU4&layout=/sadbundle/%24csp%253Der3%24/12426026085618877317/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 05 Aug 2021 04:29:01 GMT
server: cafe
content-length: 32903
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 05-Aug-2021 04:44:00 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 05 Aug 2021 04:29:01 GMT
cache-control: private

POST
H3-29 200 /
www.facebook.com/tr/ 0
15 B 7ms
7ms Ping
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundarytarkvHYPNJQTVnTa

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Thu, 05 Aug 2021 04:29:00 GMT
content-type: text/plain
access-control-allow-origin: https://au.bfn.today
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210802/r20110914/ Frame 90F7 18 KB
8 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210802/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0470186311324088&output=html&h=280&slotname=4257322551&adk=3469156498&adf=2849785891&pi=t.ma~as.4257322551&w=338&fwrn=4&fwrnh=100&lmt=1628137740&rafmt=1&psa=0&format=338x280&url=https%3A%2F%2Fau.bfn.today%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628137740748&bpp=1&bdt=1000&idt=93&shv=r20210802&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x280&nras=1&correlator=5088455953883&frm=20&pv=1&ga_vid=510175085.1628137740&ga_sid=1628137741&ga_hid=178994937&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=241&ady=536&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066435%2C20211866%2C44748391&oid=3&pvsid=939142938655781&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=ldJG0bYb8I&p=https%3A//au.bfn.today&dtd=98

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83cd4afc0672833e8ac46854de805cda18237894e6d5193111af3e2e866a7a3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 04:19:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 594
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7614
x-xss-protection: 0
server: cafe
etag: 9899176843389144697
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Aug 2021 04:19:07 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210802/r20110914/client/ Frame 90F7 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210802/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 03:36:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3139
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Aug 2021 03:36:42 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 90F7 124 KB
37 KB 28ms
14ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf84082e259ad41af7fd361fd43e0bee4f52c633d44d4bbaf02930a437d82a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 04:29:01 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628076384053681"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38210
x-xss-protection: 0
expires: Thu, 05 Aug 2021 04:29:01 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210802/r20110914/client/ Frame 90F7 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210802/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 04:25:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 211
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6204
x-xss-protection: 0
server: cafe
etag: 11055049251678278959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Aug 2021 04:25:30 GMT

GET
H3-29 200 KeramikplatteCementoHTML5300x250.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5035074227109560645/Cemento300x250px/ Frame 647A 3 KB
1 KB 8ms
6ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5035074227109560645/Cemento300x250px/KeramikplatteCementoHTML5300x250.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ccce923ed27e5bd359d19f6c056c4420185f69afb5a59a10d0f2c533e9da2168

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/5035074227109560645/Cemento300x250px/KeramikplatteCementoHTML5300x250.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1273
date: Thu, 29 Jul 2021 14:57:56 GMT
expires: Fri, 29 Jul 2022 14:57:56 GMT
last-modified: Thu, 08 Jul 2021 12:10:56 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
age: 567065
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 90F7 0
0 18ms
18ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C-relDGkLYea9NL-wx_APn9iVsAOz-u7VY6nT3J3mDdu5_p3XJxABIKPO3hZglQKgAYvN1-cCyAEJqQKmMHtA5tmzPqgDAcgDSKoEvAFP0ODcLy_T9S1LQ4D9GcF0R81NmkYZUXffivR_y_YIJOiXlgUPPTlKpMSZTeSu1L8AqteW9aq8YLdZJt42C2ES2_4HeAFGtBR8R7fRQI-XOgIZohbcTBmJp1uUJow42GFGSyu6i7AhnIIH5RQZAp2Wn-1SX4RnG3u-wqJ56-qu1pjGnbaj5FG6URRyLkbSVzR3aMLh7QV11g-eiAhaXULAlwBvdfmVuj1akc5h823Oo-vq9HwfBEL05yIGrcAEoaLYo8cDoAYugAfdsqiYAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBDl5wHSCAkIgOGAEBABGB-ACgHICwHYEwPQFQGAFwGyFxoKGAgAEhRwdWItMDQ3MDE4NjMxMTMyNDA4OA&sigh=jTAe3IdpDcA&template_id=419

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0470186311324088&output=html&h=280&slotname=4257322551&adk=3469156498&adf=2849785891&pi=t.ma~as.4257322551&w=338&fwrn=4&fwrnh=100&lmt=1628137740&rafmt=1&psa=0&format=338x280&url=https%3A%2F%2Fau.bfn.today%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628137740748&bpp=1&bdt=1000&idt=93&shv=r20210802&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x280&nras=1&correlator=5088455953883&frm=20&pv=1&ga_vid=510175085.1628137740&ga_sid=1628137741&ga_hid=178994937&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=241&ady=536&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066435%2C20211866%2C44748391&oid=3&pvsid=939142938655781&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=ldJG0bYb8I&p=https%3A//au.bfn.today&dtd=98
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 05 Aug 2021 04:29:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 05 Aug 2021 04:29:01 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FF8F 143 B
163 B 6ms
5ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0470186311324088&output=html&h=280&slotname=4257322551&adk=3469156498&adf=2849785891&pi=t.ma~as.4257322551&w=338&fwrn=4&fwrnh=100&lmt=1628137740&rafmt=1&psa=0&format=338x280&url=https%3A%2F%2Fau.bfn.today%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628137740748&bpp=1&bdt=1000&idt=93&shv=r20210802&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x280&nras=1&correlator=5088455953883&frm=20&pv=1&ga_vid=510175085.1628137740&ga_sid=1628137741&ga_hid=178994937&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=241&ady=536&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066435%2C20211866%2C44748391&oid=3&pvsid=939142938655781&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=ldJG0bYb8I&p=https%3A//au.bfn.today&dtd=98
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0470186311324088&output=html&h=280&slotname=4257322551&adk=3469156498&adf=2849785891&pi=t.ma~as.4257322551&w=338&fwrn=4&fwrnh=100&lmt=1628137740&rafmt=1&psa=0&format=338x280&url=https%3A%2F%2Fau.bfn.today%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628137740748&bpp=1&bdt=1000&idt=93&shv=r20210802&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x280&nras=1&correlator=5088455953883&frm=20&pv=1&ga_vid=510175085.1628137740&ga_sid=1628137741&ga_hid=178994937&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=241&ady=536&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066435%2C20211866%2C44748391&oid=3&pvsid=939142938655781&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=ldJG0bYb8I&p=https%3A//au.bfn.today&dtd=98

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 05 Aug 2021 04:16:24 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 757
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 647A 9 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5035074227109560645/Cemento300x250px/KeramikplatteCementoHTML5300x250.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 19:35:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31991
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 05 Aug 2021 19:35:50 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 647A 26 KB
10 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5035074227109560645/Cemento300x250px/KeramikplatteCementoHTML5300x250.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 12:37:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57088
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 05 Aug 2021 12:37:33 GMT

GET
H3-29 200 createjs.min.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5035074227109560645/Cemento300x250px/ Frame 647A 236 KB
63 KB 10ms
8ms Script
application/x-javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5035074227109560645/Cemento300x250px/createjs.min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5035074227109560645/Cemento300x250px/KeramikplatteCementoHTML5300x250.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 567140
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64184
x-xss-protection: 0
last-modified: Thu, 08 Jul 2021 12:10:56 GMT
server: sffe
date: Thu, 29 Jul 2021 14:56:41 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Jul 2022 14:56:41 GMT

GET
H3-29 200 KeramikplatteCementoHTML5300x250.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5035074227109560645/Cemento300x250px/ Frame 647A 27 KB
7 KB 9ms
7ms Script
application/x-javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5035074227109560645/Cemento300x250px/KeramikplatteCementoHTML5300x250.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5035074227109560645/Cemento300x250px/KeramikplatteCementoHTML5300x250.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f8fc31affbdea3f02cb33cfcffb24f7c771145f933c03aa28e6590010a4e3625

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 567140
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7577
x-xss-protection: 0
last-modified: Thu, 08 Jul 2021 12:10:56 GMT
server: sffe
date: Thu, 29 Jul 2021 14:56:41 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Jul 2022 14:56:41 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FF8F
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

14ms
14ms

Document
text/html

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlI6ZgEIUYNNvkoVdOX5YX8-jhv-mMdBaMRNwdHf5iJs3aWAwb8qJy1vZv2Iwo
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 05 Aug 2021 04:29:01 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Thu, 05-Aug-2021 05:29:01 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 05 Aug 2021 04:29:01 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 05 Aug 2021 04:29:01 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 90F7 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 194e21d64ef85d9c63684a2e9ea48420edeeeec645ab332e316204ddcfa031ba

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 EHLlogo.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5035074227109560645/Cemento300x250px/images/ Frame 647A 14 KB
14 KB 7ms
7ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5035074227109560645/Cemento300x250px/images/EHLlogo.png?1625745677808

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81fa518065c9ef5ea8af8bdd300710c76a2dd0b09a79417a0b5ba035b6a28652

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 567139
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14548
x-xss-protection: 0
last-modified: Thu, 08 Jul 2021 12:10:56 GMT
server: sffe
date: Thu, 29 Jul 2021 14:56:42 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Jul 2022 14:56:42 GMT

GET
H3-29 200 KeramikCementograu.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5035074227109560645/Cemento300x250px/images/ Frame 647A 56 KB
56 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5035074227109560645/Cemento300x250px/images/KeramikCementograu.jpg?1625745677808

Requested by

Host: au.bfn.today
URL: https://au.bfn.today/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20dba49368729dabf4903afdc97bb1b01ac49f998525f433b45e044b8d9c4a23

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 567139
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57195
x-xss-protection: 0
last-modified: Thu, 08 Jul 2021 12:10:56 GMT
server: sffe
date: Thu, 29 Jul 2021 14:56:42 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Jul 2022 14:56:42 GMT

GET
H3-29 200 cTVw2q3qifWF7-hfKGcY5S3uNwMbqeWNUaRSYif7uFo.js Show response
pagead2.googlesyndication.com/bg/ Frame 647A 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/cTVw2q3qifWF7-hfKGcY5S3uNwMbqeWNUaRSYif7uFo.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

713570daadea89f585efe85f286718e52dee37031ba9e58d51a4526227fbb85a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 15:06:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48146
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13202
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Aug 2022 15:06:35 GMT

GET
H3-29 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12426026085618877317/ Frame 1C30 33 KB
6 KB 7ms
6ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12426026085618877317/index.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0470186311324088&output=html&h=280&slotname=4257322551&adk=3469156498&adf=1304380904&pi=t.ma~as.4257322551&w=338&fwrn=4&fwrnh=100&lmt=1628137740&rafmt=1&psa=0&format=338x280&url=https%3A%2F%2Fau.bfn.today%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628137740749&bpp=1&bdt=1001&idt=117&shv=r20210802&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x280%2C338x280&nras=1&correlator=5088455953883&frm=20&pv=1&ga_vid=510175085.1628137740&ga_sid=1628137741&ga_hid=178994937&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=631&ady=1154&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066435%2C20211866%2C44748391&oid=3&pvsid=939142938655781&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=c27K0wftzI&p=https%3A//au.bfn.today&dtd=120

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0f6d69482970ced064fa02ad14ace36d3689003a683d5802804dca48aaa7892

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/12426026085618877317/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Tue, 03 Aug 2021 01:41:23 GMT
expires: Wed, 03 Aug 2022 01:41:23 GMT
last-modified: Wed, 30 Jun 2021 08:35:08 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
content-length: 6565
age: 182858
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame A429 0
0 18ms
17ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C2pjFDGkLYf38NZqWgAfvtpSIDOC10vZj3-q7oNIOmJL4h7MCEAEgo87eFmCVAqABvfz8nAPIAQmpAsyfsUZO3LM-qAMByANIqgS9AU_Q2LWyvaXr_lXfSqVWN6IYsKxrasmp1JbiZ6BJfHO9oiLf0d0lFwlUEfJow-sxNT_jOn-nK79fMRay7GVnmCUBpBGSQL1gyWadDfUq8JvUw5oqhxmiSxFIF0Wasj3DVqRhysnNynCy1xgM4Ydz1SgViVszmDOsTCG841XzX9e5xXlGFtcm_suORON3VcZ3FPkg63D-T4Ya2iI717UP1wTfeTupPFeSQWjHu74xegE0Hwp0kmeSc7BGrVj-xMAE3fa328gDkgUECAQYAZIFBAgFGASgBi6AB6uDg2OoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQ760B0ggJCIDhgBAQARgfgAoByAsB2BMN0BUBgBcBshcaChgIABIUcHViLTA0NzAxODYzMTEzMjQwODg&sigh=VFbR1orIyYM&template_id=419

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0470186311324088&output=html&h=280&slotname=4257322551&adk=3469156498&adf=1304380904&pi=t.ma~as.4257322551&w=338&fwrn=4&fwrnh=100&lmt=1628137740&rafmt=1&psa=0&format=338x280&url=https%3A%2F%2Fau.bfn.today%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628137740749&bpp=1&bdt=1001&idt=117&shv=r20210802&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x280%2C338x280&nras=1&correlator=5088455953883&frm=20&pv=1&ga_vid=510175085.1628137740&ga_sid=1628137741&ga_hid=178994937&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=631&ady=1154&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066435%2C20211866%2C44748391&oid=3&pvsid=939142938655781&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=c27K0wftzI&p=https%3A//au.bfn.today&dtd=120

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0470186311324088&output=html&h=280&slotname=4257322551&adk=3469156498&adf=1304380904&pi=t.ma~as.4257322551&w=338&fwrn=4&fwrnh=100&lmt=1628137740&rafmt=1&psa=0&format=338x280&url=https%3A%2F%2Fau.bfn.today%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628137740749&bpp=1&bdt=1001&idt=117&shv=r20210802&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x280%2C338x280&nras=1&correlator=5088455953883&frm=20&pv=1&ga_vid=510175085.1628137740&ga_sid=1628137741&ga_hid=178994937&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=631&ady=1154&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066435%2C20211866%2C44748391&oid=3&pvsid=939142938655781&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=c27K0wftzI&p=https%3A//au.bfn.today&dtd=120
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 05 Aug 2021 04:29:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210802/r20110914/ Frame A429 18 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210802/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0470186311324088&output=html&h=280&slotname=4257322551&adk=3469156498&adf=1304380904&pi=t.ma~as.4257322551&w=338&fwrn=4&fwrnh=100&lmt=1628137740&rafmt=1&psa=0&format=338x280&url=https%3A%2F%2Fau.bfn.today%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628137740749&bpp=1&bdt=1001&idt=117&shv=r20210802&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x280%2C338x280&nras=1&correlator=5088455953883&frm=20&pv=1&ga_vid=510175085.1628137740&ga_sid=1628137741&ga_hid=178994937&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=631&ady=1154&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066435%2C20211866%2C44748391&oid=3&pvsid=939142938655781&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=c27K0wftzI&p=https%3A//au.bfn.today&dtd=120

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83cd4afc0672833e8ac46854de805cda18237894e6d5193111af3e2e866a7a3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 04:19:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 594
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7614
x-xss-protection: 0
server: cafe
etag: 9899176843389144697
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Aug 2021 04:19:07 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210802/r20110914/client/ Frame A429 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210802/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0470186311324088&output=html&h=280&slotname=4257322551&adk=3469156498&adf=1304380904&pi=t.ma~as.4257322551&w=338&fwrn=4&fwrnh=100&lmt=1628137740&rafmt=1&psa=0&format=338x280&url=https%3A%2F%2Fau.bfn.today%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628137740749&bpp=1&bdt=1001&idt=117&shv=r20210802&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x280%2C338x280&nras=1&correlator=5088455953883&frm=20&pv=1&ga_vid=510175085.1628137740&ga_sid=1628137741&ga_hid=178994937&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=631&ady=1154&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066435%2C20211866%2C44748391&oid=3&pvsid=939142938655781&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=c27K0wftzI&p=https%3A//au.bfn.today&dtd=120

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 04:18:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 621
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Aug 2021 04:18:40 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A429 124 KB
37 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0470186311324088&output=html&h=280&slotname=4257322551&adk=3469156498&adf=1304380904&pi=t.ma~as.4257322551&w=338&fwrn=4&fwrnh=100&lmt=1628137740&rafmt=1&psa=0&format=338x280&url=https%3A%2F%2Fau.bfn.today%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628137740749&bpp=1&bdt=1001&idt=117&shv=r20210802&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x280%2C338x280&nras=1&correlator=5088455953883&frm=20&pv=1&ga_vid=510175085.1628137740&ga_sid=1628137741&ga_hid=178994937&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=631&ady=1154&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066435%2C20211866%2C44748391&oid=3&pvsid=939142938655781&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=c27K0wftzI&p=https%3A//au.bfn.today&dtd=120

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf84082e259ad41af7fd361fd43e0bee4f52c633d44d4bbaf02930a437d82a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 04:29:01 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628076384053681"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38210
x-xss-protection: 0
expires: Thu, 05 Aug 2021 04:29:01 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210802/r20110914/client/ Frame A429 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210802/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0470186311324088&output=html&h=280&slotname=4257322551&adk=3469156498&adf=1304380904&pi=t.ma~as.4257322551&w=338&fwrn=4&fwrnh=100&lmt=1628137740&rafmt=1&psa=0&format=338x280&url=https%3A%2F%2Fau.bfn.today%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628137740749&bpp=1&bdt=1001&idt=117&shv=r20210802&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x280%2C338x280&nras=1&correlator=5088455953883&frm=20&pv=1&ga_vid=510175085.1628137740&ga_sid=1628137741&ga_hid=178994937&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=631&ady=1154&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066435%2C20211866%2C44748391&oid=3&pvsid=939142938655781&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=c27K0wftzI&p=https%3A//au.bfn.today&dtd=120

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 03:57:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1894
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6204
x-xss-protection: 0
server: cafe
etag: 11055049251678278959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Aug 2021 03:57:27 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 630F 143 B
163 B 8ms
5ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0470186311324088&output=html&h=280&slotname=4257322551&adk=3469156498&adf=1304380904&pi=t.ma~as.4257322551&w=338&fwrn=4&fwrnh=100&lmt=1628137740&rafmt=1&psa=0&format=338x280&url=https%3A%2F%2Fau.bfn.today%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628137740749&bpp=1&bdt=1001&idt=117&shv=r20210802&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x280%2C338x280&nras=1&correlator=5088455953883&frm=20&pv=1&ga_vid=510175085.1628137740&ga_sid=1628137741&ga_hid=178994937&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=631&ady=1154&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066435%2C20211866%2C44748391&oid=3&pvsid=939142938655781&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=c27K0wftzI&p=https%3A//au.bfn.today&dtd=120

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0470186311324088&output=html&h=280&slotname=4257322551&adk=3469156498&adf=1304380904&pi=t.ma~as.4257322551&w=338&fwrn=4&fwrnh=100&lmt=1628137740&rafmt=1&psa=0&format=338x280&url=https%3A%2F%2Fau.bfn.today%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628137740749&bpp=1&bdt=1001&idt=117&shv=r20210802&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x280%2C338x280&nras=1&correlator=5088455953883&frm=20&pv=1&ga_vid=510175085.1628137740&ga_sid=1628137741&ga_hid=178994937&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=631&ady=1154&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066435%2C20211866%2C44748391&oid=3&pvsid=939142938655781&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=c27K0wftzI&p=https%3A//au.bfn.today&dtd=120
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlI6ZgEIUYNNvkoVdOX5YX8-jhv-mMdBaMRNwdHf5iJs3aWAwb8qJy1vZv2Iwo; DSID=NO_DATA; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0470186311324088&output=html&h=280&slotname=4257322551&adk=3469156498&adf=1304380904&pi=t.ma~as.4257322551&w=338&fwrn=4&fwrnh=100&lmt=1628137740&rafmt=1&psa=0&format=338x280&url=https%3A%2F%2Fau.bfn.today%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628137740749&bpp=1&bdt=1001&idt=117&shv=r20210802&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x280%2C338x280&nras=1&correlator=5088455953883&frm=20&pv=1&ga_vid=510175085.1628137740&ga_sid=1628137741&ga_hid=178994937&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=631&ady=1154&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066435%2C20211866%2C44748391&oid=3&pvsid=939142938655781&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=c27K0wftzI&p=https%3A//au.bfn.today&dtd=120

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 05 Aug 2021 04:16:24 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 757
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 1C30 9 KB
3 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12426026085618877317/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 19:35:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31991
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 05 Aug 2021 19:35:50 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 1C30 26 KB
10 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12426026085618877317/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 12:37:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57088
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 05 Aug 2021 12:37:33 GMT

GET
H3-29 200 f26fdea10cef6ab9d68e407cf7c21487.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12426026085618877317/ Frame 1C30 74 KB
19 KB 9ms
7ms Script
application/x-javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12426026085618877317/f26fdea10cef6ab9d68e407cf7c21487.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12426026085618877317/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4427a7a29dd9086c912a5c9ae99901585889e2e24f4120a13c69e8c13a49ce88

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 184375
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19283
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 08:35:08 GMT
server: sffe
date: Tue, 03 Aug 2021 01:16:06 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 01:16:06 GMT

GET
DATA 200
OK truncated
/ Frame A429 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 043ddf75268d5b5c275d35c940ca61de6ca033031c68375b1e450df438854170

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 css
fonts.googleapis.com/ Frame 1C30 5 KB
786 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400|Montserrat:800|Roboto:700

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12426026085618877317/f26fdea10cef6ab9d68e407cf7c21487.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f829b25f7039fb30d7f5fb65771545d2e938d1c26f3791566e10eea174dabbcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 05 Aug 2021 04:12:50 GMT
server: ESF
date: Thu, 05 Aug 2021 04:29:01 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 05 Aug 2021 04:29:01 GMT

GET
H3-29 200 01088ea71a25692ba2b13472125ca61a.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12426026085618877317/media/ Frame 1C30 35 KB
35 KB 7ms
7ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12426026085618877317/media/01088ea71a25692ba2b13472125ca61a.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12426026085618877317/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97c4a6f1fdcf989c76fed5bf120c2fc18fc902f0db51bcd7a526bf2cef7dd610

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 190869
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35506
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 08:35:08 GMT
server: sffe
date: Mon, 02 Aug 2021 23:27:52 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 23:27:52 GMT

GET
H3-29 200 3b749e2a3b687be203005f8ecef7f6fd.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12426026085618877317/media/ Frame 1C30 679 B
468 B 8ms
7ms Image
image/svg+xml 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12426026085618877317/media/3b749e2a3b687be203005f8ecef7f6fd.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12426026085618877317/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52cba504db8540c0ce693d325ae20b20730dbe808cd3f57706d38371c7c19932

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 154706
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 434
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 08:35:08 GMT
server: sffe
date: Tue, 03 Aug 2021 09:30:35 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 09:30:35 GMT

GET
H3-29 200 db5f570a11c2c19132aaf376e837f669.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12426026085618877317/media/ Frame 1C30 3 KB
2 KB 8ms
7ms Image
image/svg+xml 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12426026085618877317/media/db5f570a11c2c19132aaf376e837f669.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12426026085618877317/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f0fb5e7aee1812174996e6d522c9920704a3c9397d1599000fa9a79070e446d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 162963
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1527
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 08:35:08 GMT
server: sffe
date: Tue, 03 Aug 2021 07:12:58 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 07:12:58 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 630F
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

14ms
13ms

Document
text/html

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0470186311324088&output=html&h=280&slotname=4257322551&adk=3469156498&adf=1304380904&pi=t.ma~as.4257322551&w=338&fwrn=4&fwrnh=100&lmt=1628137740&rafmt=1&psa=0&format=338x280&url=https%3A%2F%2Fau.bfn.today%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628137740749&bpp=1&bdt=1001&idt=117&shv=r20210802&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x280%2C338x280&nras=1&correlator=5088455953883&frm=20&pv=1&ga_vid=510175085.1628137740&ga_sid=1628137741&ga_hid=178994937&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=631&ady=1154&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066435%2C20211866%2C44748391&oid=3&pvsid=939142938655781&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=c27K0wftzI&p=https%3A//au.bfn.today&dtd=120

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlI6ZgEIUYNNvkoVdOX5YX8-jhv-mMdBaMRNwdHf5iJs3aWAwb8qJy1vZv2Iwo; DSID=NO_DATA; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 05 Aug 2021 04:29:01 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Thu, 05-Aug-2021 05:29:01 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 05 Aug 2021 04:29:01 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 05 Aug 2021 04:29:01 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 1C30 356 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a6f8bfaef875088ab0791e9118f7884ddfb82296331ba2b32b5598298c941293

Request headers

Origin: null
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 1C30 15 KB
16 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400|Montserrat:800|Roboto:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 12:00:01 GMT
x-content-type-options: nosniff
age: 145740
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 12:00:01 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_c5H3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v16/ Frame 1C30 20 KB
20 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v16/JTURjIg1_i6t8kCHKm45_c5H3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400|Montserrat:800|Roboto:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3202c5584350517cab7f1de0d43d54db0979c449df18fe70241e8c35de80919

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 18:40:08 GMT
x-content-type-options: nosniff
age: 121733
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20016
x-xss-protection: 0
last-modified: Tue, 03 Aug 2021 18:19:56 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 18:40:08 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v16/ Frame 1C30 19 KB
20 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v16/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400|Montserrat:800|Roboto:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 18:40:07 GMT
x-content-type-options: nosniff
age: 121734
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19844
x-xss-protection: 0
last-modified: Tue, 03 Aug 2021 18:15:01 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 18:40:07 GMT

GET
DATA 200
OK truncated
/ Frame 1C30 13 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d867f01ddeb0046fff1579890a34e0f0aca6b83f0380181c8d81ca38429bd43c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 1C30 4 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 38817a74140cf776573a0449151634e3b0d493f406326904cd33fdfe93fddb24

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
9 KB 18ms
18ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210802&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad78c009b4595f865ea36b8e3da9c4905d0317d841ff1bf6cbb739716ea4d0b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 05 Aug 2021 04:29:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8707
x-xss-protection: 0

GET
H3-29 200 cTVw2q3qifWF7-hfKGcY5S3uNwMbqeWNUaRSYif7uFo.js Show response
pagead2.googlesyndication.com/bg/ Frame 1C30 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/cTVw2q3qifWF7-hfKGcY5S3uNwMbqeWNUaRSYif7uFo.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

713570daadea89f585efe85f286718e52dee37031ba9e58d51a4526227fbb85a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 15:06:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48146
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13202
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Aug 2022 15:06:35 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 04:29:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Thu, 05 Aug 2021 04:29:02 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 9596 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://au.bfn.today/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://au.bfn.today/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Wed, 04 Aug 2021 20:17:15 GMT
expires: Thu, 04 Aug 2022 20:17:15 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 29507
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame BED1 783 B
532 B 17ms
17ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2a316d4813cd59652f30a338cb029adcf08ec60dd0cc3f073f7b4109916ff1ac

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-9ABiMygVic12y6GZ9s7Xeg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://au.bfn.today/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://au.bfn.today/

Response headers

expires: Thu, 05 Aug 2021 04:29:02 GMT
date: Thu, 05 Aug 2021 04:29:02 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-9ABiMygVic12y6GZ9s7Xeg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 cTVw2q3qifWF7-hfKGcY5S3uNwMbqeWNUaRSYif7uFo.js Show response
pagead2.googlesyndication.com/bg/ Frame 9596 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/cTVw2q3qifWF7-hfKGcY5S3uNwMbqeWNUaRSYif7uFo.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

713570daadea89f585efe85f286718e52dee37031ba9e58d51a4526227fbb85a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 15:06:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48147
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13202
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Aug 2022 15:06:35 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 30ms
30ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210802&jk=939142938655781&bg=!MjGlMXXNAAals0SOpbM7ACkAdvg8WtXNX9fgM0s5RZqMTXAmio1z0bsLREXt6oMTA0pem1j3zZh-JAIAAABrUgAAAAtoAQcKAIBTSUpQxGPSTnFHALc_vgN8T10hzmP0wT92MXnkZG4P0G2SG_1crTm7MNfjUULEW1bvv37zbNBjtTU6WGtquZGfDnLtKpv23drkpZ05NZ55sHr519i_dUAbAvDNoiacd0JLi3HQE1PFaT_0sPRQCerKZPbArj5m5ViRvbyUMuVK1ZkCcjotzR6RTnfjwYvxoEUMoaqt4p_B4gTt9T8dWIQjI1fM5GjijeFt3SxqjHjdHXCDV1Os7nRCnOQ06tM8rmVcOfyTq9HwrBMKirR86DuLVsnPZFyecEh3vhXs2rhCNVU3sQruLCauzafKCM3pHmW0nthX-6ZWjN6QNzqs6BdMU1e3VL9tryCphW_8LSVAeQmZhOXj8CKFR4n_NpEHxODwvsGNaWs_33S0sLrVnbMbjugBB5xU5jKIJfUsF5who3mocSiHLbHTpuhDFKM40oZdra98dArJhHOc87u_1m9Yrw2iBAkwbhgiVy9D-sN5UBjCe1OQisPWTo7xEI9N-TP9zkMYRQD3rrnN9i94ZPWI43r4dzmid2bQQMrTHenyWc6Vmb_rFDq8upG0kQmyqwYwR9-wIHXGSpL4-7DVHHqNeOR4aKBxtKvY2FdzsQ0uYUjz13X00mETkQWnVc4eJTm607tP7VBPMQNIdX4AMBrPcCzstx9opLKycDBrIBsBL_qUGObg_sCX0ltmZiVtW2jrlHpcFRZPmWeXtBVyEiwGobRVDt5hRCDmb51oII3WWkSbgNKZumVd1hj9s46r19yMChEZXtjRMbcFNf2XnRPumv-Vq0T8_Ccj8xOMj6eqmm9lVFmS1bPsOzNt2yeEEh3gkJmLm-Diz6uFDXgCVxar-aPfNC0FLxnET4LrcxJSPSm3A9j5EYF3-0NRjkazQbqQWpvFiYQ4JG8cNsY-HQ7sLZDWbngOMFJlXbW3KHUWXguKVGB5mmPFzCxFStZy4NnsiPix14OdtwBweyP4NjFW9Oe2IkE9-wzqsrObYBuo9WY9nmQ4

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Aug 2021 04:29:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 90F7 0
0 19ms
19ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CcwptDGkLYea9NL-wx_APn9iVsAOz-u7VY6nT3J3mDdu5_p3XJxABIKPO3hZglQKgAYvN1-cCyAEJqQKmMHtA5tmzPqgDAaoEvAFP0ODcLy_T9S1LQ4D9GcF0R81NmkYZUXffivR_y_YIJOiXlgUPPTlKpMSZTeSu1L8AqteW9aq8YLdZJt42C2ES2_4HeAFGtBR8R7fRQI-XOgIZohbcTBmJp1uUJow42GFGSyu6i7AhnIIH5RQZAp2Wn-1SX4RnG3u-wqJ56-qu1pjGnbaj5FG6URRyLkbSVzR3aMLh7QV11g-eiAhaXULAlwBvdfmVuj1akc5h823Oo-vq9HwfBEL05yIGrcAEoaLYo8cDoAYugAfdsqiYAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBDl5wHSCAkIgOGAEBABGB-ACgHICwHYEwPQFQGAFwGyFxoKGAgAEhRwdWItMDQ3MDE4NjMxMTMyNDA4OA&sigh=tcoinXwqzL8&vt=1&template_id=419&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0470186311324088&output=html&h=280&slotname=4257322551&adk=3469156498&adf=2849785891&pi=t.ma~as.4257322551&w=338&fwrn=4&fwrnh=100&lmt=1628137740&rafmt=1&psa=0&format=338x280&url=https%3A%2F%2Fau.bfn.today%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628137740748&bpp=1&bdt=1000&idt=93&shv=r20210802&mjsv=m202108040201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x280&nras=1&correlator=5088455953883&frm=20&pv=1&ga_vid=510175085.1628137740&ga_sid=1628137741&ga_hid=178994937&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=241&ady=536&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066435%2C20211866%2C44748391&oid=3&pvsid=939142938655781&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=ldJG0bYb8I&p=https%3A//au.bfn.today&dtd=98
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 05 Aug 2021 04:29:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 90F7 42 B
64 B 28ms
28ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu1l2gOd9iyX0Xo0t2u3GGHOYw1USFxyHNQfbRAuJ9P77DzwP34waPGFkfHieM5TgZSKT2YhVe9HRC19yVr9n-uAnOPGEodTX0wSR2Z8NAGz9gbWdxUQHjST7Ne_Q&sai=AMfl-YQ4w566zBERl943XcwT-twHMZZPJCLbU7x3iLUA9ydqldTlLMrnOsXi6kHTTMlEhGBBH2YayEwlGgPt&sig=Cg0ArKJSzMHwT6OocvzgEAE&id=lidar2&mcvt=1000&p=536,241,816,578&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210804&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=3469156498&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1628137740848&dlt=551&rpt=60&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Aug 2021 04:29:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
204 B 13ms
13ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&a=178994937&t=event&_s=2&dl=https%3A%2F%2Fau.bfn.today%2F&ul=en-us&de=UTF-8&dt=BFN%20AU%20%E2%9E%A2%20What%20are%20people%20interested%20right%20now%20in%20Australia%20%E2%9E%A2%20Latest%20news%20in%20real%20time&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=NoBounce&ea=Over%2015%20seconds&_u=aEBAAUABAAAAAC~&jid=32132884&gjid=1306940519&cid=510175085.1628137740&tid=UA-135917903-1&_gid=1752489143.1628137740&_r=1&gtm=2ou840&z=1870188181

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://au.bfn.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 05 Aug 2021 04:29:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://au.bfn.today
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

113 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 20:15:38	Name: test_cookie Value: CheckForPermission
.bfn.today/	1970-01-20 05:37:13	Name: __gads Value: ID=1d05fab34ffba8e3-223c015694c900f2:T=1628137740:RT=1628137740:S=ALNI_MZGM5esPs0pqRsc_jBiHdSu32bLow
.bfn.today/	1970-01-19 22:25:13	Name: _fbp Value: fb.1.1628137740365.109423522
.bfn.today/	1970-01-19 20:16:49	Name: _ym_isad Value: 2
.bfn.today/	1970-01-20 05:01:13	Name: _ym_d Value: 1628137740
.bfn.today/	1970-01-20 05:01:13	Name: _ym_uid Value: 16281377401012043686
au.bfn.today/	1969-12-31 23:59:59	Name: PHPSESSID Value: 3ac8815262daa871b9cff81407d0b970
.bfn.today/	1970-01-19 20:15:37	Name: _gat_gtag_UA_135917903_1 Value: 1
.bfn.today/	1970-01-19 20:15:39	Name: _ym_visorc Value: w
au.bfn.today/	1970-01-19 20:58:49	Name: ci_session Value: a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%222da6f83d7588118f519b1ec8867cf718%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A7%3A%220.0.0.0%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221628137739%22%3B%7Deb7f5f935b914b7ba654ce0763dab140
.bfn.today/	1970-01-19 20:17:04	Name: _gid Value: GA1.2.1752489143.1628137740
.doubleclick.net/	1970-01-19 20:15:41	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 05:37:13	Name: IDE Value: AHWqTUlI6ZgEIUYNNvkoVdOX5YX8-jhv-mMdBaMRNwdHf5iJs3aWAwb8qJy1vZv2Iwo
.bfn.today/	1970-01-20 13:46:49	Name: _ga Value: GA1.2.510175085.1628137740

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.googleapis.com
au.bfn.today
az705044.vo.msecnd.net
cdn.jsdelivr.net
connect.facebook.net
counter.yadro.ru
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
live-production.wcms.abc-cdn.net.au
mc.webvisor.org
mc.yandex.ru
pagead2.googlesyndication.com
partner.googleadservices.com
platform.twitter.com
static.addtoany.com
syndication.twitter.com
tpc.googlesyndication.com
use.fontawesome.com
www.devdiscourse.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
104.244.42.200
13.71.123.138
2.18.232.124
216.58.212.162
2606:2800:133:206e:1315:22a5:2006:24fd
2606:2800:234:59:254c:406:2366:268c
2606:4700:10::ac43:2794
2606:4700:3037::6815:4e07
2a00:1450:4001:800::2003
2a00:1450:4001:802::2002
2a00:1450:4001:80e::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:813::2002
2a00:1450:4001:828::2004
2a00:1450:4001:828::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2002
2a00:1450:4001:831::200a
2a01:4f8:10a:2e93::2
2a02:6b8::1:119
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:3::485
80.239.201.61
88.212.201.216
01e112992c9c8e05b9c0c86c6fb48a63017e8f448dad4a55c66e599c24afb3dc
043ddf75268d5b5c275d35c940ca61de6ca033031c68375b1e450df438854170
05e04dfe552ab41f6ae757839640db19b7e75ddd698e1f694eb1ef978ad45153
08be1331828368837d829cfb3874c9a3c513f767e929c7a908bd0ad2316f538a
0c763b2bc141e60e71bb6a1b4368181f5c4f2886c9b9bb40856c44a165f3e795
0db4c24b216c9d565a156d1918b904c540e7773867869dcd1c02fa08c627f399
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
14e27b76c786d211d6e93bd62533dfbc500db34291d796436703258ac7c207a9
152d98216f03e242b7e3a04fff301993bc1641f45047bd60ada846310373d6dd
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
17bfa93034a5561e22d08205eb0b3e84b907f4d123269e5943b2433364033300
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
194e21d64ef85d9c63684a2e9ea48420edeeeec645ab332e316204ddcfa031ba
1b31afdfd23628d9fb1118e31841278653c4ef36a6d0970c002d43e49b5d1856
1b5b2852f95340e2df22a233940c2dfcfc04a0b1154cf11596ca717af073755e
1ed8775217b8604abd66d1952c0fdfe1142e93fcaf8dbbe60619e1ba2fc91ed2
2064d56b4bb858338851fa77654ad7e9cff3086086891ba607b256e723da96c2
20dba49368729dabf4903afdc97bb1b01ac49f998525f433b45e044b8d9c4a23
22ec7e312034b7735a13c7a4f11aaf82fab9f9d4dc4e9b06cb4c20b191da4295
238ac64ec5166170bb4f737214ec939a6de6583cf713b234dc89189e85235235
23fabbf12a75744e81831d0bfe19afa8c0abde9aa18b881e6ded90dd94b4cd91
2466ba854fa1d4de1783d934ab7be07aa293491b3308788092cf0a9fffad5641
2596198e77ccbdab3018bee48950659e33465901f5b2060ea5439ff6c1f6a9b1
26aa0477481121ebfb540cfdec83142352b5068e45b98bb7563b2b6ae3ee8adf
2988b24317a2d539b101e387e65d3732d9e22c0c84804e974fcf972c2a23823e
2a27a5c3b2c3554687cc386063e64ad7b7eaae09018eecebbaedd325c5c9da5e
2a316d4813cd59652f30a338cb029adcf08ec60dd0cc3f073f7b4109916ff1ac
2b1b02751d746a508ccfbc163c4d5a489196ca21bccc226d5a121db39034e4b5
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
314ba53857ebd5ba7c33e631ca9eb4b88edb98c655ddffae974f8d5fbc8b4eda
34aaf1f9c3b29aaa608bb9853159d7bb587833207a8b2ef32ec9740720d18370
34f6a1822d880608e7124d2ea0e3da4cd9b3a3b3b7d18171b61031cedbe6e72f
35019627aa01510c0713f95985e85eef6633c3d7ac3a3c18db943fc1c323dd13
36603d1caae060bf66b1ce39776f6b08f4c7ae06ec8edcdf816e98e6cc19ada7
38817a74140cf776573a0449151634e3b0d493f406326904cd33fdfe93fddb24
39dce7dce76a22ec89dc8a28bc70916666a7e9fc5f2e54fe72dab955d584adcb
3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7
3c78564245638d7bc2dc98b76ac0f8c25ca52f215794b512e457dd3d1f0cbf3d
41d7baf8ed24373755b92ec963767a6b46da0d71671b0a008e7c264c7c0ca265
43b59e48e36163c2370ef7eb16bc52590b74c7929f9f21a5035f8ac573cac7b9
4427a7a29dd9086c912a5c9ae99901585889e2e24f4120a13c69e8c13a49ce88
4582bebc2e153edb91f7dc17790b7edb55c7a5a6457e47acb8a940b473197718
47edf83fe061769d3be0f89422af8a826556945fe74fd9322ca3e58909fdad61
485a3191b9aea1d5aa26da71dfe7f706e3de071bd6292c3c11cca1a7e2fa29e1
4cc402cbfe4f3a7e9a2cfba9b81866a6b46ee9579b6d551fb8e55871891bc891
4f0fb5e7aee1812174996e6d522c9920704a3c9397d1599000fa9a79070e446d
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
50e01844cb356922d2751fe9c1b6c04d49ef19aea159cb843823f077a5376d8a
517712796507fbdda677fcd31ff4882ef58c84f0dfb581cc95a1e78764dd7b8c
52cba504db8540c0ce693d325ae20b20730dbe808cd3f57706d38371c7c19932
52f84c927f93c7491134d30811a15b25d501951881068c78d886ac41549c996a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
590f4572f26bece4653d7aa7cd6e6e9f9708926b1b369c455e5c74c57b429f13
60deabf4fc435c9659222c5269fdb38d702a130c8f1109d7ddce85903566b027
61df934345c133b0a34b6f53bff0e12db10724b53625974f21bb99e5a51aae84
6b2c347351c3b51bdc6136d1cf11764413ef2fe2529d2d82a3da55c9ceb1cf76
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
713570daadea89f585efe85f286718e52dee37031ba9e58d51a4526227fbb85a
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
76b56dc6eb7a344521f48962509b025b277c74a1b031e35e76ed5ec4628670e4
81146c57577354a1f9e098a7387221251c26c6ddd2604712ebaa65d3017d8108
81fa518065c9ef5ea8af8bdd300710c76a2dd0b09a79417a0b5ba035b6a28652
83cd4afc0672833e8ac46854de805cda18237894e6d5193111af3e2e866a7a3a
8db61f95a8f3554830efc6c3942b7322efef09b9d7f0cbfe32135e0fac106d18
8f30f9a1e6dc9fa20f73abab7a32bf933d7e8aa11d80fe872d8c1ce042e01347
97c4a6f1fdcf989c76fed5bf120c2fc18fc902f0db51bcd7a526bf2cef7dd610
97d09c37799edf71ef7c57b093b407a71358a92f05bc9fab836f56c0d82db8a5
986c1cdc1621183a0f1c82ba9f28e1625c4650c63cb1715aa82faad5d0f11957
99fae47cfb5ee87c16ced4c717a82bdce966693903e39df5054bd3216f69efb1
9e28afc208c17a10bce095e50ff2ccc1264adb423658dc10678311dc0704a46d
a0879a9e7ceb1babb484b1554eaf3e6741d7c2049fa4fd1ce9939a026aa3123e
a1a72cd21503126ff0e4b3106fb66e5b5d33eaa83a7780da687405f12768031f
a3202c5584350517cab7f1de0d43d54db0979c449df18fe70241e8c35de80919
a3b15aefdb6344c9cdebcf37c8d6051cdec6d2447ee40bf2169a3cfe43299a03
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a6f8bfaef875088ab0791e9118f7884ddfb82296331ba2b32b5598298c941293
a975f5ae2ecf6949678db10b2ae5692cffa012179e92ec1477fdb9b03c122544
ad78c009b4595f865ea36b8e3da9c4905d0317d841ff1bf6cbb739716ea4d0b5
b239fa444a062244fb154dae154e0ab8f00aa4809fade475335b5fd3abe1457c
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
b8f5171159d3eda62a02342ca90b70efdc34294717a64ce4266a0517354c5893
bb51b9caddb8a0e55d70c819b8a8903fbf2f94b7ad453653ec6aa0e823524276
c4243f7f5aa95631ca62fab376c3804859e808b66d373d07270872d23b8b081b
c4e898cc0f15486a1729f6fded9d401774c02ffbda819e6b557671b35c254c8f
c66f00240c3f139904c675cd57304a11a7d020bdb061d77fbd81cc92df47caa7
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c710d436ff0d2b5ce5afb63dd23a3c4cdad16ef808a2e6ea96f922aa47f6d840
c7992f57d67156f994a38c6bb4ec72fa57601a284558db5e065c02dc36ee9d8c
c7b5c9b16bae7538bf7b7651dd67ea35b8a06d2124689cc401f70030d070c321
ca8fa10ef95889dc98723dc92b23995c688cc12c49c928fd486e2d1a6f24c8fc
ccce923ed27e5bd359d19f6c056c4420185f69afb5a59a10d0f2c533e9da2168
cdc74a36cc34a04506f1d7358535165d6a107cea07bec1c407d4a91949bbef9f
cf84082e259ad41af7fd361fd43e0bee4f52c633d44d4bbaf02930a437d82a00
d1dd55dddcc3783f05717fd05a1b095ac6c7c58ef9cc770c414967f0c6cea60c
d20ce04cb4a88574b9142b5b6676c88f2344e1db5f101ae05e7fec0ed339af80
d4c64663dd7e1c97002e136886708f8e65349ba24575ef2898da47f34b497e74
d5ec86d35338d9bd70d59280b897b944b724bd3c52a9ef6700bd3d62707b1b65
d5f3085127d154cbd72e219052312767d460633fafa6e38bb9a9446ddb03a270
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d867f01ddeb0046fff1579890a34e0f0aca6b83f0380181c8d81ca38429bd43c
de58b6e5c3781bde166418651ec266bb3514796a66c9da5f564e6dcd2b99d246
e30956db5443e6fae0f2e4df14b2057c68ebfc29653be95fbf46fc8500dc3c0e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
e9f4e00dc71e02bc39559293b6e91c1f54b63be2745c0b1b3b99c56b1db8f4ad
eb0c630e2d079b12b3396f52f102172f52a0028e54218dd3d20f4c0973dd1824
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0f6d69482970ced064fa02ad14ace36d3689003a683d5802804dca48aaa7892
f2ec4e93143210272cb132828a0364b16bb89869ea543036ae79c47095b25137
f5f90094f055409da43d1cabac5c88e726a63df72127ca35b90cdebf698cc8eb
f829b25f7039fb30d7f5fb65771545d2e938d1c26f3791566e10eea174dabbcf
f8fc31affbdea3f02cb33cfcffb24f7c771145f933c03aa28e6590010a4e3625
f909a31bfd7a13b9dd53e98b5652f13f4782fdfd1653dc4befade7386c087371
fa008bc0375ff599d5a494903c009636b9f8d7db73a2688a505306796ffcaed4

au.bfn.today Open in urlscan Pro 2a01:4f8:10a:2e93::2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

134 Requests

100 %HTTPS

78 %IPv6

23 Domains

27 Subdomains

28 IPs

5 Countries

3166 kBTransfer

5657 kBSize

14 Cookies

41 Outgoing links

Redirected requests

134 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

au.bfn.today Open in urlscan Pro
2a01:4f8:10a:2e93::2 Public Scan

Screenshot
Live screenshot

Full Image

134
Requests

100 %
HTTPS

78 %
IPv6

23
Domains

27
Subdomains

28
IPs

5
Countries

3166 kB
Transfer

5657 kB
Size

14
Cookies

134 HTTP transactions
5 data transactions