bison-everon.buzz Open in urlscan Pro
188.114.97.3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://bison-everon.buzz/?ad_campaign_id=%7B%7Bcampaign.id%7D%7D&source=FB&user_id=17&landing_name=Koc&fb_dynamic_pixel=9...
Submission: On January 18 via api (January 18th 2025, 8:04:31 pm UTC) from TR — Scanned from NL

Summary HTTP 60 Redirects Behaviour Indicators

Summary

This website contacted 11 IPs in 5 countries across 10 domains to perform 60 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is bison-everon.buzz.
TLS certificate: Issued by WE1 on December 11th 2024. Valid for: 3 months.

This is the only time bison-everon.buzz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
18	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.17.111.223 104.17.111.223	13335 (CLOUDFLAR...) (CLOUDFLARENET)
28	5.101.109.44 5.101.109.44	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2a04:4e42:400... 2a04:4e42:400::649	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6812:bb1f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.11.207 104.18.11.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400e:800::200a	15169 (GOOGLE) (GOOGLE)
2	157.240.252.13 157.240.252.13	32934 (FACEBOOK) (FACEBOOK)
3	142.250.185.99 142.250.185.99	15169 (GOOGLE) (GOOGLE)
2	157.240.0.35 157.240.0.35	32934 (FACEBOOK) (FACEBOOK)
60	11

18 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

bison-everon.buzz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.111.223 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 5.101.109.44 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: fra1.digitaloceanspaces.com

pwamarket.fra1.digitaloceanspaces.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bb1f (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)

netdna.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400e:800::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.252.13 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.0.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-fra3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	digitaloceanspaces.com pwamarket.fra1.digitaloceanspaces.com	6 MB
18	bison-everon.buzz bison-everon.buzz	67 KB
3	gstatic.com fonts.gstatic.com	105 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 120	211 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	75 KB
2	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 5491	71 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	3 KB
1	bootstrapcdn.com netdna.bootstrapcdn.com — Cisco Umbrella Rank: 3557	5 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 301	2 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 810	31 KB
60	10

	Domain	Requested by
28	pwamarket.fra1.digitaloceanspaces.com	bison-everon.buzz
18	bison-everon.buzz	bison-everon.buzz code.jquery.com
3	fonts.gstatic.com	fonts.googleapis.com
2	www.facebook.com	bison-everon.buzz
2	connect.facebook.net	bison-everon.buzz connect.facebook.net
2	cdn.onesignal.com	bison-everon.buzz cdn.onesignal.com
1	fonts.googleapis.com	bison-everon.buzz
1	netdna.bootstrapcdn.com	bison-everon.buzz
1	cdn.jsdelivr.net	bison-everon.buzz
1	code.jquery.com	bison-everon.buzz
60	10

This site contains no links.

Subject Issuer	Validity	Valid
bison-everon.buzz WE1	`2024-12-11` - `2025-03-11`	3 months	crt.sh
*.onesignal.com WE1	`2024-12-29` - `2025-03-29`	3 months	crt.sh
*.fra1.digitaloceanspaces.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-04-13` - `2025-04-29`	a year	crt.sh
*.jquery.com Sectigo ECC Domain Validation Secure Server CA	`2024-06-25` - `2025-06-25`	a year	crt.sh
*.jsdelivr.net Sectigo RSA Domain Validation Secure Server CA	`2024-05-04` - `2025-05-04`	a year	crt.sh
bootstrapcdn.com WE1	`2025-01-16` - `2025-04-16`	3 months	crt.sh
upload.video.google.com WR2	`2024-12-09` - `2025-03-03`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-10-28` - `2025-01-26`	3 months	crt.sh
*.gstatic.com WR2	`2024-12-09` - `2025-03-03`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://bison-everon.buzz/?ad_campaign_id=%7B%7Bcampaign.id%7D%7D&source=FB&user_id=17&landing_name=Koc&fb_dynamic_pixel=948257907199662
Frame ID: DCFC940FA30AF5AA19B8F043F9CF771B
Requests: 61 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Koç holding yatırım

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

60
Requests

98 %
HTTPS

30 %
IPv6

10
Domains

10
Subdomains

11
IPs

5
Countries

6053 kB
Transfer

6830 kB
Size

9
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

60 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
bison-everon.buzz/ 134 KB
18 KB 94ms
57ms Document
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://bison-everon.buzz/?ad_campaign_id=%7B%7Bcampaign.id%7D%7D&source=FB&user_id=17&landing_name=Koc&fb_dynamic_pixel=948257907199662
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7aa419e1cdbbd9d24b84bf61b80a31ff8b7e133fb5c3c0bc9e34c98a172b3657

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 90413181c83b65f1-AMS
content-encoding: zstd
content-type: text/html; charset=UTF-8
date: Sat, 18 Jan 2025 20:04:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eiUYBkAOxmqcwqgcTHS%2FPSjfQnm%2BFlsi%2BR%2FPPvlwZXI%2FXIPsbfXc9ILXtFUmbpnlxsk7IbU34U6GhyxgYkMNP8B5Sfay71ViG3DA04Uz%2Bah%2FX82uMN8ft%2F1vkLSRefeHSYH9lw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=15064&min_rtt=14827&rtt_var=3479&sent=11&recv=9&lost=0&retrans=0&sent_bytes=4145&recv_bytes=4526&delivery_rate=39318&cwnd=12000&unsent_bytes=0&cid=6195c83865ded376&ts=62&x=1" cfExtPri cfHdrFlush;dur=0
vary: Accept-Encoding

GET
H3 200 pwa.css
bison-everon.buzz/index_files/ 273 B
859 B 35ms
34ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://bison-everon.buzz/index_files/pwa.css?v=1
Requested by: Host: bison-everon.buzz
URL: https://bison-everon.buzz/?ad_campaign_id=%7B%7Bcampaign.id%7D%7D&source=FB&user_id=17&landing_name=Koc&fb_dynamic_pixel=948257907199662
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0669f9592c91d8641bbd403f76e4c9f44caa47ae6b55d77c11b2028a036b15bb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bison-everon.buzz/?ad_campaign_id=%7B%7Bcampaign.id%7D%7D&source=FB&user_id=17&landing_name=Koc&fb_dynamic_pixel=948257907199662

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"61391114-111"
age: 490
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aKGP87ujbTE%2Fj4JoBcY7XiJyk4fCMGi6GRTNa6y5csue3QKXE6HafEOCRqIeAIX5JA6VDQxsE6w9nzaHSFVcfqkQaxVhaJGVpVTSzgl9ZWkm4kv7lZInAGJwi%2FUNfvXUBu09qw%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=21149&min_rtt=14827&rtt_var=4009&sent=31&recv=22&lost=0&retrans=0&sent_bytes=22730&recv_bytes=8738&delivery_rate=152599&cwnd=22800&unsent_bytes=0&cid=6195c83865ded376&ts=111&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 18 Jan 2025 20:04:18 GMT
content-type: text/css
last-modified: Wed, 08 Sep 2021 19:37:56 GMT
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 9041318238d265f1-AMS
server: cloudflare

GET
H3 200 style.css
bison-everon.buzz/index_files/ 86 KB
17 KB 40ms
40ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://bison-everon.buzz/index_files/style.css?v=16
Requested by: Host: bison-everon.buzz
URL: https://bison-everon.buzz/?ad_campaign_id=%7B%7Bcampaign.id%7D%7D&source=FB&user_id=17&landing_name=Koc&fb_dynamic_pixel=948257907199662
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cba2bcaf6a7c6b03c3cef6fa45956724f407c73c256e23c70a416ae5ee4dd650

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bison-everon.buzz/?ad_campaign_id=%7B%7Bcampaign.id%7D%7D&source=FB&user_id=17&landing_name=Koc&fb_dynamic_pixel=948257907199662

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"674600aa-1598f"
age: 490
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SkKPGolujT8dyiOwIXF2gYPoTgZkPLYN9uwodQnagp7rJdueEaJ7JHf6EXUZu0fT9JRWeVQkhVLGtdB3HqksKkdh%2FeIRqInt7XTVDvJDcLMIeTTJ299I2dznEZJ4hed9OKvm%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=21149&min_rtt=14827&rtt_var=4009&sent=34&recv=22&lost=0&retrans=0&sent_bytes=24697&recv_bytes=8738&delivery_rate=152599&cwnd=22800&unsent_bytes=0&cid=6195c83865ded376&ts=116&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 18 Jan 2025 20:04:18 GMT
content-type: text/css
last-modified: Tue, 26 Nov 2024 17:08:58 GMT
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 9041318238d665f1-AMS
server: cloudflare

GET
H3 200 css.css
bison-everon.buzz/index_files/ 586 B
1 KB 36ms
35ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://bison-everon.buzz/index_files/css.css?v=2
Requested by: Host: bison-everon.buzz
URL: https://bison-everon.buzz/?ad_campaign_id=%7B%7Bcampaign.id%7D%7D&source=FB&user_id=17&landing_name=Koc&fb_dynamic_pixel=948257907199662
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a523dab47d048a09afaeefbf499f9d404bb6fbf4af0c7756a087d734ae888007

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bison-everon.buzz/?ad_campaign_id=%7B%7Bcampaign.id%7D%7D&source=FB&user_id=17&landing_name=Koc&fb_dynamic_pixel=948257907199662

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"61391113-24a"
age: 490
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KB4E7r4GjQqibYC6%2Bfw4%2F0l5FanR1KWxSuY%2Fy2MbQUZoqGpAXMIilYz12%2FW2Cd76QT64kW4NUljvWZbmsAnmDokly55pnilUEzn5sminIJVq6huxEScWQKCZgUCpGQkEzDacLA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=21149&min_rtt=14827&rtt_var=4009&sent=33&recv=22&lost=0&retrans=0&sent_bytes=23636&recv_bytes=8738&delivery_rate=152599&cwnd=22800&unsent_bytes=0&cid=6195c83865ded376&ts=112&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 18 Jan 2025 20:04:18 GMT
content-type: text/css
last-modified: Wed, 08 Sep 2021 19:37:55 GMT
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 9041318238d765f1-AMS
server: cloudflare

GET
H3 200 grt-youtube-popup.css
bison-everon.buzz/js/ 1 KB
1 KB 42ms
41ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://bison-everon.buzz/js/grt-youtube-popup.css
Requested by: Host: bison-everon.buzz
URL: https://bison-everon.buzz/?ad_campaign_id=%7B%7Bcampaign.id%7D%7D&source=FB&user_id=17&landing_name=Koc&fb_dynamic_pixel=948257907199662
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47e6b91dab5fdcba9bf8a75cb96bf083fc6567f682b30e18165fe0e20e9e1f4a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bison-everon.buzz/?ad_campaign_id=%7B%7Bcampaign.id%7D%7D&source=FB&user_id=17&landing_name=Koc&fb_dynamic_pixel=948257907199662

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"656619bb-4ff"
age: 490
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KEzEg8XDF8FPpoqsXo%2FV0FXTwBzKwMcrfA44E7By9VAj5ZCDcMxjEqDRcZBPhZZUGYAYyiBYPKxTqSnc2Nqna%2BsxgHpleGpas10LhphAiHK19kVyrYuos0NiAv67Oks6c4PV7A%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=21149&min_rtt=14827&rtt_var=4009&sent=49&recv=22&lost=0&retrans=0&sent_bytes=42409&recv_bytes=8738&delivery_rate=152599&cwnd=22800&unsent_bytes=0&cid=6195c83865ded376&ts=118&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 18 Jan 2025 20:04:18 GMT
content-type: text/css
last-modified: Tue, 28 Nov 2023 16:47:55 GMT
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 9041318238da65f1-AMS
server: cloudflare

GET
H3 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 56ms
31ms Script
application/javascript 104.17.111.223
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalSDK.js

Requested by

Host: bison-everon.buzz
URL: https://bison-everon.buzz/?ad_campaign_id=%7B%7Bcampaign.id%7D%7D&source=FB&user_id=17&landing_name=Koc&fb_dynamic_pixel=948257907199662

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.111.223 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec8b1b07980996f574075e1b7e895d5d47794b9dcf345a68d60fbb17034f7bef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bison-everon.buzz/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"09282956186c8515ef0d208902803581"
age: 1606
expires: Tue, 21 Jan 2025 20:04:19 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 18 Jan 2025 20:04:19 GMT
content-type: application/javascript
vary: Accept-Encoding
priority: u=3,i=?0
access-control-allow-headers: OneSignal-Subscription-Id
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: public, max-age=259200
via: 1.1 google
cf-ray: 904131834b099726-AMS
server: cloudflare

GET
H2 200 67879b35e8bbd.png
pwamarket.fra1.digitaloceanspaces.com/2025-01-15/ 147 KB
147 KB 138ms
67ms Image
application/octet-stream 5.101.109.44
DIGITALOCEAN-ASN

General

Check archive.org

Download Go to Show image

Full URL

https://pwamarket.fra1.digitaloceanspaces.com/2025-01-15/67879b35e8bbd.png

Requested by

Host: bison-everon.buzz
URL: https://bison-everon.buzz/?ad_campaign_id=%7B%7Bcampaign.id%7D%7D&source=FB&user_id=17&landing_name=Koc&fb_dynamic_pixel=948257907199662

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

5.101.109.44 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

fra1.digitaloceanspaces.com

Software

Resource Hash

805ff2295a2a3310761664192cb9c7c611f36f069aad7107358722a66c9b8123

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bison-everon.buzz/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
x-envoy-upstream-healthchecked-cluster
etag: "6dbec85be46fda76ef6c44928c887b2f"
x-amz-request-id: tx000007e796396ad0ed89f-00678c0942-1289b6b7c-fra1b
accept-ranges: bytes
content-length: 150436
x-rgw-object-type: Normal
date: Sat, 18 Jan 2025 20:04:18 GMT
last-modified: Wed, 15 Jan 2025 11:25:41 GMT
content-type: application/octet-stream
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method

GET
H3 200 v_g.png
bison-everon.buzz/img/ 8 KB
8 KB 43ms
43ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://bison-everon.buzz/img/v_g.png
Requested by: Host: bison-everon.buzz
URL: https://bison-everon.buzz/?ad_campaign_id=%7B%7Bcampaign.id%7D%7D&source=FB&user_id=17&landing_name=Koc&fb_dynamic_pixel=948257907199662
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c70d73820ae3c8186599c6f0e2e204fa3dce93af72f67aefd03e6d99094b03f8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bison-everon.buzz/?ad_campaign_id=%7B%7Bcampaign.id%7D%7D&source=FB&user_id=17&landing_name=Koc&fb_dynamic_pixel=948257907199662

Response headers

cf-cache-status: HIT
etag: "67070885-1eff"
age: 490
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rxOag%2BSTo9raRU0ct5GFWNcFL2eb67Dcuk4SFLSD62ZqHAW%2FINpZqXe72xVfglix4xP9hX63RK3WCydDQZhTkTN9%2FwAqSdFlvbkefCSaKnP%2BgJym8TXJTRORtKWom56Ab84ogw%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=21149&min_rtt=14827&rtt_var=4009&sent=50&recv=22&lost=0&retrans=0&sent_bytes=43530&recv_bytes=8738&delivery_rate=152599&cwnd=22800&unsent_bytes=0&cid=6195c83865ded376&ts=119&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 18 Jan 2025 20:04:18 GMT
content-type: image/png
last-modified: Wed, 09 Oct 2024 22:49:41 GMT
vary: Accept-Encoding
priority: u=2,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 9041318238de65f1-AMS
accept-ranges: bytes
content-length: 7935
server: cloudflare

GET
H3 200 choise.png
bison-everon.buzz/index_files/ 218 B
905 B 30ms
30ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://bison-everon.buzz/index_files/choise.png?v=1
Requested by: Host: bison-everon.buzz
URL: https://bison-everon.buzz/?ad_campaign_id=%7B%7Bcampaign.id%7D%7D&source=FB&user_id=17&landing_name=Koc&fb_dynamic_pixel=948257907199662
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d1510bb842ca08d4529ada5711e0bd4724153439efe49c5ff6f2f8d36c23027

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bison-everon.buzz/?ad_campaign_id=%7B%7Bcampaign.id%7D%7D&source=FB&user_id=17&landing_name=Koc&fb_dynamic_pixel=948257907199662

Response headers

cf-cache-status: HIT
etag: "6139ffea-da"
age: 490
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8TLQQx9L68nqDehxPO3Zq9rtmLnIVRu%2BIRcmcIObMGdZyhxiKLbJVrtCsPewdlkspj%2FD%2BcdQ4FaUcRHsPfqiTUmm8B7NpUb%2FmA5t%2BGJI%2F%2F1cuRTXDnhA3C%2B%2BRO%2Fp0fRva7yeqg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=20826&min_rtt=14827&rtt_var=2645&sent=61&recv=38&lost=0&retrans=0&sent_bytes=52417&recv_bytes=10191&delivery_rate=591156&cwnd=42000&unsent_bytes=0&cid=6195c83865ded376&ts=165&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 18 Jan 2025 20:04:18 GMT
content-type: image/png
last-modified: Thu, 09 Sep 2021 12:36:58 GMT
vary: Accept-Encoding
priority: u=2,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 90413182992c65f1-AMS
accept-ranges: bytes
content-length: 218
server: cloudflare

GET
H3 200 star-full.png
bison-everon.buzz/index_files/ 176 B
864 B 35ms
34ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://bison-everon.buzz/index_files/star-full.png?v=2
Requested by: Host: bison-everon.buzz
URL: https://bison-everon.buzz/?ad_campaign_id=%7B%7Bcampaign.id%7D%7D&source=FB&user_id=17&landing_name=Koc&fb_dynamic_pixel=948257907199662
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38ec1d8b7d4b66f131f79489feca40ff46a74bd2e6500c2d1dc2cceb737a4ef5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bison-everon.buzz/?ad_campaign_id=%7B%7Bcampaign.id%7D%7D&source=FB&user_id=17&landing_name=Koc&fb_dynamic_pixel=948257907199662

Response headers

cf-cache-status: HIT
etag: "6139ffea-b0"
age: 491
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tIN5mL9EdKKq53hJV730t54KkaK%2BSTGf4k%2Fga3FaEfm%2FY2XE9kOBLcvnXPnvOZwOJwwWX%2F%2BnwjVDt%2FtWvUrE0cxWWCA39O%2FavLGaMHIfR%2BqPH6c4avhXw8xv%2F6ZbfjuVzCpkOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=20424&min_rtt=14827&rtt_var=2787&sent=63&recv=39&lost=0&retrans=0&sent_bytes=53368&recv_bytes=11008&delivery_rate=27273&cwnd=42000&unsent_bytes=0&cid=6195c83865ded376&ts=200&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 18 Jan 2025 20:04:19 GMT
content-type: image/png
last-modified: Thu, 09 Sep 2021 12:36:58 GMT
vary: Accept-Encoding
priority: u=2,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 90413182c96965f1-AMS
accept-ranges: bytes
content-length: 176
server: cloudflare

GET
H3 200 user.png
bison-everon.buzz/index_files/ 148 B
828 B 33ms
29ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://bison-everon.buzz/index_files/user.png?v=2
Requested by: Host: bison-everon.buzz
URL: https://bison-everon.buzz/?ad_campaign_id=%7B%7Bcampaign.id%7D%7D&source=FB&user_id=17&landing_name=Koc&fb_dynamic_pixel=948257907199662
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9137b07942abada9db72a2a5596506a46532a071339fd07f7434a76017bbacd0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bison-everon.buzz/?ad_campaign_id=%7B%7Bcampaign.id%7D%7D&source=FB&user_id=17&landing_name=Koc&fb_dynamic_pixel=948257907199662

Response headers

cf-cache-status: HIT
etag: "6139ffeb-94"
age: 491
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SkpW4YPlvqBSnOf4RuP6dGt1fIBt2uxICrK19o%2B2LL6VK4S4wQRJE3j%2BReftJMX4nnPa5iYMlZF16Jn4SJPV1dCeJpDskQbot2dYPzp6HV%2BvabU%2FhdVS%2FCtjoAysu8auy0vjNg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=20424&min_rtt=14827&rtt_var=2787&sent=70&recv=47&lost=0&retrans=1&sent_bytes=55275&recv_bytes=17299&delivery_rate=27273&cwnd=42000&unsent_bytes=0&cid=6195c83865ded376&ts=258&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 18 Jan 2025 20:04:19 GMT
content-type: image/png
last-modified: Thu, 09 Sep 2021 12:36:59 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 9041318329bf65f1-AMS
accept-ranges: bytes
content-length: 148
server: cloudflare

GET
H3 200 load.svg
bison-everon.buzz/ 1 KB
1 KB 41ms
38ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://bison-everon.buzz/load.svg?v=1
Requested by: Host: bison-everon.buzz
URL: https://bison-everon.buzz/?ad_campaign_id=%7B%7Bcampaign.id%7D%7D&source=FB&user_id=17&landing_name=Koc&fb_dynamic_pixel=948257907199662
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ada85fc4e56ffd27456471802c084e2718e3ba4dab684db79fb3cd16639e6ed

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bison-everon.buzz/?ad_campaign_id=%7B%7Bcampaign.id%7D%7D&source=FB&user_id=17&landing_name=Koc&fb_dynamic_pixel=948257907199662

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"6150a055-51d"
age: 491
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u6PGYS4q8CpI9rAOq%2Bz1QK06j26qIGUJeXNLLlVGqTq%2FbsBax5aQ95avcvk6FlYoYsgM%2B%2BZI%2F2j%2FUCFFS3w30CC2C%2F5rvqNJPwplQHn6qI2%2BYSOSdGOqzbvII%2BNznrE%2FrDaRiA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=20424&min_rtt=14827&rtt_var=2787&sent=85&recv=48&lost=0&retrans=1&sent_bytes=68947&recv_bytes=18049&delivery_rate=27273&cwnd=42000&unsent_bytes=0&cid=6195c83865ded376&ts=268&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 18 Jan 2025 20:04:19 GMT
content-type: image/svg+xml
last-modified: Sun, 26 Sep 2021 16:31:17 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 9041318329c165f1-AMS
server: cloudflare

GET
H2 200 67879b3602bc3.jpg
pwamarket.fra1.digitaloceanspaces.com/2025-01-15/ 859 KB
859 KB 169ms
164ms Image
application/octet-stream 5.101.109.44
DIGITALOCEAN-ASN

General

Check archive.org

Download Go to Show image

Full URL

https://pwamarket.fra1.digitaloceanspaces.com/2025-01-15/67879b3602bc3.jpg

Requested by

Host: bison-everon.buzz
URL: https://bison-everon.buzz/?ad_campaign_id=%7B%7Bcampaign.id%7D%7D&source=FB&user_id=17&landing_name=Koc&fb_dynamic_pixel=948257907199662

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

5.101.109.44 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

fra1.digitaloceanspaces.com

Software

Resource Hash

a9e27d8eba1218faddef32d698f93a083f3a26198530394931db9052cd859981

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bison-everon.buzz/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
x-envoy-upstream-healthchecked-cluster
etag: "0bbab557c0c2664abc907a9699e765a5"
x-amz-request-id: tx000002dd8a6e19e065401-00678c0943-1288da040-fra1b
accept-ranges: bytes
content-length: 879406
x-rgw-object-type: Normal
date: Sat, 18 Jan 2025 20:04:19 GMT
last-modified: Wed, 15 Jan 2025 11:25:42 GMT
content-type: application/octet-stream
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method

GET
H2 200 67879b3610950.jpg
pwamarket.fra1.digitaloceanspaces.com/2025-01-15/ 1 MB
1 MB 1032ms
1027ms Image
application/octet-stream 5.101.109.44
DIGITALOCEAN-ASN

General

Check archive.org

Download Go to Show image

Full URL

https://pwamarket.fra1.digitaloceanspaces.com/2025-01-15/67879b3610950.jpg

Requested by

Host: bison-everon.buzz
URL: https://bison-everon.buzz/?ad_campaign_id=%7B%7Bcampaign.id%7D%7D&source=FB&user_id=17&landing_name=Koc&fb_dynamic_pixel=948257907199662

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

5.101.109.44 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

fra1.digitaloceanspaces.com

Software

Resource Hash

befec7379f0d8bbe70c822cf70f7e556f99e080e50728090593bc0f4bbf0c1a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bison-everon.buzz/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
x-envoy-upstream-healthchecked-cluster
etag: "e0ded742a426808e3cc2d285a52b3b9c"
x-amz-request-id: tx000009050e42e9c282083-00678c0943-1288da013-fra1b
accept-ranges: bytes
content-length: 1311173
x-rgw-object-type: Normal
date: Sat, 18 Jan 2025 20:04:19 GMT
last-modified: Wed, 15 Jan 2025 11:25:42 GMT
content-type: application/octet-stream
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method

GET
H2 200 67879b361faff.jpg
pwamarket.fra1.digitaloceanspaces.com/2025-01-15/ 2 MB
2 MB 1348ms
1344ms Image
application/octet-stream 5.101.109.44
DIGITALOCEAN-ASN

General

Check archive.org

Download Go to Show image

Full URL

https://pwamarket.fra1.digitaloceanspaces.com/2025-01-15/67879b361faff.jpg

Requested by

Host: bison-everon.buzz
URL: https://bison-everon.buzz/?ad_campaign_id=%7B%7Bcampaign.id%7D%7D&source=FB&user_id=17&landing_name=Koc&fb_dynamic_pixel=948257907199662

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

5.101.109.44 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

fra1.digitaloceanspaces.com

Software

Resource Hash

87c58108dce6f9bb7ce3862ed1525f48154ee31e3fb89680fdea8f3122097346

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bison-everon.buzz/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
x-envoy-upstream-healthchecked-cluster
etag: "218f48c032f96aa0339f757a579feec3"
x-amz-request-id: tx000005db3116537ab5e8c-00678c0943-128aca2f0-fra1b
accept-ranges: bytes
content-length: 1996489
x-rgw-object-type: Normal
date: Sat, 18 Jan 2025 20:04:19 GMT
last-modified: Wed, 15 Jan 2025 11:25:42 GMT
content-type: application/octet-stream
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method

GET
H2 200 67879b36302c5.jpg
pwamarket.fra1.digitaloceanspaces.com/2025-01-15/ 1 MB
1 MB 412ms
408ms Image
application/octet-stream 5.101.109.44
DIGITALOCEAN-ASN

General

Check archive.org

Download Go to Show image

Full URL

https://pwamarket.fra1.digitaloceanspaces.com/2025-01-15/67879b36302c5.jpg

Requested by

Host: bison-everon.buzz
URL: https://bison-everon.buzz/?ad_campaign_id=%7B%7Bcampaign.id%7D%7D&source=FB&user_id=17&landing_name=Koc&fb_dynamic_pixel=948257907199662

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

5.101.109.44 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

fra1.digitaloceanspaces.com

Software

Resource Hash

8ae9138b283e4c1610ab6dadf018f8876ceb2ef37e9002970978c3d21b9a4df2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bison-everon.buzz/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
x-envoy-upstream-healthchecked-cluster
etag: "6f8575850ddcb1097951db3901bd9ee0"
x-amz-request-id: tx0000061fab5a59d6ddf15-00678c0943-1288da013-fra1b
accept-ranges: bytes
content-length: 1301421
x-rgw-object-type: Normal
date: Sat, 18 Jan 2025 20:04:19 GMT
last-modified: Wed, 15 Jan 2025 11:25:42 GMT
content-type: application/octet-stream
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method

GET
H3 200 star-full-big-green.png
bison-everon.buzz/index_files/ 2 KB
3 KB 43ms
40ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://bison-everon.buzz/index_files/star-full-big-green.png?v=21
Requested by: Host: bison-everon.buzz
URL: https://bison-everon.buzz/?ad_campaign_id=%7B%7Bcampaign.id%7D%7D&source=FB&user_id=17&landing_name=Koc&fb_dynamic_pixel=948257907199662
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c365eaa619f6335a9690b9cfaa51afec93cc182234527503749ff93b4ee5e94

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bison-everon.buzz/?ad_campaign_id=%7B%7Bcampaign.id%7D%7D&source=FB&user_id=17&landing_name=Koc&fb_dynamic_pixel=948257907199662

Response headers

cf-cache-status: HIT
etag: "6273147a-83b"
age: 491
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m0AhwwrhTGqQ33zpl5USXHIiTYxLkbu5R1sJygBOY1OWWvIFiQlACxnGBTfg6o2rDi0TLtUytknlcdrrwUAEZAWT0jngkcxBXDnMpBmEO4bqBzYF26vCtUYXiOBUa9JTL0ztxg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=20424&min_rtt=14827&rtt_var=2787&sent=87&recv=48&lost=0&retrans=1&sent_bytes=70226&recv_bytes=18049&delivery_rate=27273&cwnd=42000&unsent_bytes=0&cid=6195c83865ded376&ts=271&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 18 Jan 2025 20:04:19 GMT
content-type: image/png
last-modified: Thu, 05 May 2022 00:04:10 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 9041318329c365f1-AMS
accept-ranges: bytes
content-length: 2107
server: cloudflare

GET
H3 200 star-full-big.png
bison-everon.buzz/index_files/ 259 B
939 B 33ms
30ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://bison-everon.buzz/index_files/star-full-big.png?v=21
Requested by: Host: bison-everon.buzz
URL: https://bison-everon.buzz/?ad_campaign_id=%7B%7Bcampaign.id%7D%7D&source=FB&user_id=17&landing_name=Koc&fb_dynamic_pixel=948257907199662
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ebb9fe215655ca06215613c88e1e46b9d460f0dc32e3577d4f0593701cae3f5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bison-everon.buzz/?ad_campaign_id=%7B%7Bcampaign.id%7D%7D&source=FB&user_id=17&landing_name=Koc&fb_dynamic_pixel=948257907199662

Response headers

cf-cache-status: HIT
etag: "6139ffea-103"
age: 491
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h7KNGJ%2FUu5BPeXxXq3rgLjjgxFFbAOwTaJD2nrU3U0TcEQnwPybE5yk2KkUlgtvhP7oW3h%2FMNAw8IL%2FzLYrWvggi16nRGVS1zfYDCEnYP%2FbL0fQf4kJ0r1U8cMPlz3yIyd5dbA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=20424&min_rtt=14827&rtt_var=2787&sent=73&recv=47&lost=0&retrans=1&sent_bytes=57924&recv_bytes=17299&delivery_rate=27273&cwnd=42000&unsent_bytes=0&cid=6195c83865ded376&ts=259&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 18 Jan 2025 20:04:19 GMT
content-type: image/png
last-modified: Thu, 09 Sep 2021 12:36:58 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 9041318329c565f1-AMS
accept-ranges: bytes
content-length: 259
server: cloudflare

GET
H3 200 user.png
bison-everon.buzz/index_files/ 148 B
828 B 36ms
33ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://bison-everon.buzz/index_files/user.png?v=1
Requested by: Host: bison-everon.buzz
URL: https://bison-everon.buzz/?ad_campaign_id=%7B%7Bcampaign.id%7D%7D&source=FB&user_id=17&landing_name=Koc&fb_dynamic_pixel=948257907199662
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9137b07942abada9db72a2a5596506a46532a071339fd07f7434a76017bbacd0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bison-everon.buzz/?ad_campaign_id=%7B%7Bcampaign.id%7D%7D&source=FB&user_id=17&landing_name=Koc&fb_dynamic_pixel=948257907199662

Response headers

cf-cache-status: HIT
etag: "6139ffeb-94"
age: 491
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YPyhuZecBhnRphRyLd4WdV9JirqBXFk0TxqK4EBvvdSEHk1Aqo0O6PNd4wdrGGLGk9sfzTNvngDF6%2B9DUFMV2yWfo6L8Flk6pjxj%2BpZfyqjxgjwMxTH5Qsnrsze%2FkpWKu7CANQ%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=20424&min_rtt=14827&rtt_var=2787&sent=81&recv=47&lost=0&retrans=1&sent_bytes=67138&recv_bytes=17299&delivery_rate=27273&cwnd=42000&unsent_bytes=0&cid=6195c83865ded376&ts=260&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 18 Jan 2025 20:04:19 GMT
content-type: image/png
last-modified: Thu, 09 Sep 2021 12:36:59 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 9041318329c665f1-AMS
accept-ranges: bytes
content-length: 148
server: cloudflare

GET
H2 200 678a6d079d6cc.jpg
pwamarket.fra1.digitaloceanspaces.com/2025-01-17/ 11 KB
11 KB 104ms
101ms Image
application/octet-stream 5.101.109.44
DIGITALOCEAN-ASN

General

Check archive.org

Download Go to Show image

Full URL

https://pwamarket.fra1.digitaloceanspaces.com/2025-01-17/678a6d079d6cc.jpg

Requested by

Host: bison-everon.buzz
URL: https://bison-everon.buzz/?ad_campaign_id=%7B%7Bcampaign.id%7D%7D&source=FB&user_id=17&landing_name=Koc&fb_dynamic_pixel=948257907199662

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

5.101.109.44 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

fra1.digitaloceanspaces.com

Software

Resource Hash

33834ee0e379cef6aba9fb76c8f36194d87dc930193fc53de330a2d955065b01

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bison-everon.buzz/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
x-envoy-upstream-healthchecked-cluster
etag: "24f4943412991f45aaf3768e1a0cf1e6"
x-amz-request-id: tx0000008dea0027c3bd2f8-00678c0943-1289b6b7c-fra1b
accept-ranges: bytes
content-length: 11212
x-rgw-object-type: Normal
date: Sat, 18 Jan 2025 20:04:19 GMT
last-modified: Fri, 17 Jan 2025 14:45:27 GMT
content-type: application/octet-stream
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method

GET
H2 200 678a6d0791960.jpg
pwamarket.fra1.digitaloceanspaces.com/2025-01-17/ 8 KB
8 KB 105ms
101ms Image
application/octet-stream 5.101.109.44
DIGITALOCEAN-ASN

General

Check archive.org

Download Go to Show image

Full URL

https://pwamarket.fra1.digitaloceanspaces.com/2025-01-17/678a6d0791960.jpg

Requested by

Host: bison-everon.buzz
URL: https://bison-everon.buzz/?ad_campaign_id=%7B%7Bcampaign.id%7D%7D&source=FB&user_id=17&landing_name=Koc&fb_dynamic_pixel=948257907199662

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

5.101.109.44 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

fra1.digitaloceanspaces.com

Software

Resource Hash

7427c6f35ab3fb782fc17226cf39b11bae9f955e49889e0fdd9318a2789507e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bison-everon.buzz/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
x-envoy-upstream-healthchecked-cluster
etag: "01db544975bf79bc7fbc74909c3a563a"
x-amz-request-id: tx000002329c6530a90745b-00678c0943-1288da040-fra1b
accept-ranges: bytes
content-length: 7757
x-rgw-object-type: Normal
date: Sat, 18 Jan 2025 20:04:19 GMT
last-modified: Fri, 17 Jan 2025 14:45:27 GMT
content-type: application/octet-stream
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method

GET
H2 200 678a6d0784ea4.jpg
pwamarket.fra1.digitaloceanspaces.com/2025-01-17/ 6 KB
6 KB 106ms
102ms Image
application/octet-stream 5.101.109.44
DIGITALOCEAN-ASN

General

Check archive.org

Download Go to Show image

Full URL

https://pwamarket.fra1.digitaloceanspaces.com/2025-01-17/678a6d0784ea4.jpg

Requested by

Host: bison-everon.buzz
URL: https://bison-everon.buzz/?ad_campaign_id=%7B%7Bcampaign.id%7D%7D&source=FB&user_id=17&landing_name=Koc&fb_dynamic_pixel=948257907199662

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

5.101.109.44 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

fra1.digitaloceanspaces.com

Software

Resource Hash

cf458f596c607bf313e0573230585fe07d4407f4b43f25d725f2f3aa55e177ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bison-everon.buzz/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
x-envoy-upstream-healthchecked-cluster
etag: "792b87c70b0b3afa25c1d8c9454e1cdc"
x-amz-request-id: tx000007df5598175baed60-00678c0943-128aca35e-fra1b
accept-ranges: bytes
content-length: 6124
x-rgw-object-type: Normal
date: Sat, 18 Jan 2025 20:04:19 GMT
last-modified: Fri, 17 Jan 2025 14:45:27 GMT
content-type: application/octet-stream
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method

GET
H2 200 678a3e94f0fa6.jpg
pwamarket.fra1.digitaloceanspaces.com/2025-01-17/ 5 KB
5 KB 167ms
163ms Image
application/octet-stream 5.101.109.44
DIGITALOCEAN-ASN

General

Check archive.org

Download Go to Show image

Full URL

https://pwamarket.fra1.digitaloceanspaces.com/2025-01-17/678a3e94f0fa6.jpg

Requested by

Host: bison-everon.buzz
URL: https://bison-everon.buzz/?ad_campaign_id=%7B%7Bcampaign.id%7D%7D&source=FB&user_id=17&landing_name=Koc&fb_dynamic_pixel=948257907199662

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

5.101.109.44 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

fra1.digitaloceanspaces.com

Software

Resource Hash

886990b83e2e1109929a372cff38601c8e2aa450157066a904ed1e002c0a2424

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bison-everon.buzz/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
x-envoy-upstream-healthchecked-cluster
etag: "22490ff539dbdfbd649b5b7609bc6364"
x-amz-request-id: tx00000087eb956cd7920dd-00678c0943-12863ec70-fra1b
accept-ranges: bytes
content-length: 5411
x-rgw-object-type: Normal
date: Sat, 18 Jan 2025 20:04:19 GMT
last-modified: Fri, 17 Jan 2025 11:27:17 GMT
content-type: application/octet-stream
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method

GET
H2 200 678a3e94e72e3.jpg
pwamarket.fra1.digitaloceanspaces.com/2025-01-17/ 11 KB
11 KB 103ms
100ms Image
application/octet-stream 5.101.109.44
DIGITALOCEAN-ASN

General

Check archive.org

Download Go to Show image

Full URL

https://pwamarket.fra1.digitaloceanspaces.com/2025-01-17/678a3e94e72e3.jpg

Requested by

Host: bison-everon.buzz
URL: https://bison-everon.buzz/?ad_campaign_id=%7B%7Bcampaign.id%7D%7D&source=FB&user_id=17&landing_name=Koc&fb_dynamic_pixel=948257907199662

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

5.101.109.44 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

fra1.digitaloceanspaces.com

Software

Resource Hash

bd8f97e57e0a39a0371f14681dfd1e2412b742902a388e2401746478585738e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bison-everon.buzz/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
x-envoy-upstream-healthchecked-cluster
etag: "e5f25819f7b6dcb6a556f5eb73befeca"
x-amz-request-id: tx000005868996614bceac3-00678c0943-128aca2f0-fra1b
accept-ranges: bytes
content-length: 11062
x-rgw-object-type: Normal
date: Sat, 18 Jan 2025 20:04:19 GMT
last-modified: Fri, 17 Jan 2025 11:27:16 GMT
content-type: application/octet-stream
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method

GET
H2 200 678a3e94e0ee6.jpg
pwamarket.fra1.digitaloceanspaces.com/2025-01-17/ 8 KB
8 KB 165ms
162ms Image
application/octet-stream 5.101.109.44
DIGITALOCEAN-ASN

General

Check archive.org

Download Go to Show image

Full URL

https://pwamarket.fra1.digitaloceanspaces.com/2025-01-17/678a3e94e0ee6.jpg

Requested by

Host: bison-everon.buzz
URL: https://bison-everon.buzz/?ad_campaign_id=%7B%7Bcampaign.id%7D%7D&source=FB&user_id=17&landing_name=Koc&fb_dynamic_pixel=948257907199662

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

5.101.109.44 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

fra1.digitaloceanspaces.com

Software

Resource Hash

fa5f8af9fc748230649d7721e7f8e3df4f6fdeed0643b571fed7a5400ff034da

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bison-everon.buzz/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
x-envoy-upstream-healthchecked-cluster
etag: "5e633e4353013bc44eb93de6a6839353"
x-amz-request-id: tx00000674518eb35bb2719-00678c0943-12863ec70-fra1b
accept-ranges: bytes
content-length: 7793
x-rgw-object-type: Normal
date: Sat, 18 Jan 2025 20:04:19 GMT
last-modified: Fri, 17 Jan 2025 11:27:16 GMT
content-type: application/octet-stream
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method

GET
H2 200 678a3e94cd3c8.jpg
pwamarket.fra1.digitaloceanspaces.com/2025-01-17/ 7 KB
7 KB 1945ms
1942ms Image
application/octet-stream 5.101.109.44
DIGITALOCEAN-ASN

General

Check archive.org

Download Go to Show image

Full URL

https://pwamarket.fra1.digitaloceanspaces.com/2025-01-17/678a3e94cd3c8.jpg

Requested by

Host: bison-everon.buzz
URL: https://bison-everon.buzz/?ad_campaign_id=%7B%7Bcampaign.id%7D%7D&source=FB&user_id=17&landing_name=Koc&fb_dynamic_pixel=948257907199662

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

5.101.109.44 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

fra1.digitaloceanspaces.com

Software

Resource Hash

b19b8bcfd89ede801a909691cd493a6d774851be59ef55fa153d92af9984819c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bison-everon.buzz/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
x-envoy-upstream-healthchecked-cluster
etag: "f08e124a8f2d56364018d192b2ae69bc"
x-amz-request-id: tx00000fe426d0e7d05c8a1-00678c0943-1288da040-fra1b
accept-ranges: bytes
content-length: 7378
x-rgw-object-type: Normal
date: Sat, 18 Jan 2025 20:04:19 GMT
last-modified: Fri, 17 Jan 2025 11:27:16 GMT
content-type: application/octet-stream
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method

GET
H2 200 678a3e94b9988.jpg
pwamarket.fra1.digitaloceanspaces.com/2025-01-17/ 11 KB
11 KB 1890ms
1887ms Image
application/octet-stream 5.101.109.44
DIGITALOCEAN-ASN

General

Check archive.org

Download Go to Show image

Full URL

https://pwamarket.fra1.digitaloceanspaces.com/2025-01-17/678a3e94b9988.jpg

Requested by

Host: bison-everon.buzz
URL: https://bison-everon.buzz/?ad_campaign_id=%7B%7Bcampaign.id%7D%7D&source=FB&user_id=17&landing_name=Koc&fb_dynamic_pixel=948257907199662

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

5.101.109.44 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

fra1.digitaloceanspaces.com

Software

Resource Hash

145eb340c9eced8239386a9c07c3bcb916940be94282efc6e14b5cfee7f0158e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bison-everon.buzz/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
x-envoy-upstream-healthchecked-cluster
etag: "5be5fcdcd0c1bd360137d3073e8b6c90"
x-amz-request-id: tx000004def25846754fc56-00678c0943-1288da013-fra1b
accept-ranges: bytes
content-length: 10875
x-rgw-object-type: Normal
date: Sat, 18 Jan 2025 20:04:19 GMT
last-modified: Fri, 17 Jan 2025 11:27:16 GMT
content-type: application/octet-stream
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method

GET
H2 200 678a3e94b278c.jpg
pwamarket.fra1.digitaloceanspaces.com/2025-01-17/ 4 KB
5 KB 2004ms
2001ms Image
application/octet-stream 5.101.109.44
DIGITALOCEAN-ASN

General

Check archive.org

Download Go to Show image

Full URL

https://pwamarket.fra1.digitaloceanspaces.com/2025-01-17/678a3e94b278c.jpg

Requested by

Host: bison-everon.buzz
URL: https://bison-everon.buzz/?ad_campaign_id=%7B%7Bcampaign.id%7D%7D&source=FB&user_id=17&landing_name=Koc&fb_dynamic_pixel=948257907199662

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

5.101.109.44 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

fra1.digitaloceanspaces.com

Software

Resource Hash

0ce6741bddb996656e41640ca3b4fdc8d64a6175be3910e59359773cd86d469f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bison-everon.buzz/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
x-envoy-upstream-healthchecked-cluster
etag: "96444123ac9977d154de1a9aaeea2df0"
x-amz-request-id: tx0000092921a7521c7e6b4-00678c0943-1288da013-fra1b
accept-ranges: bytes
content-length: 4552
x-rgw-object-type: Normal
date: Sat, 18 Jan 2025 20:04:19 GMT
last-modified: Fri, 17 Jan 2025 11:27:16 GMT
content-type: application/octet-stream
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method

GET
H2 200 678a3e94aa56b.jpg
pwamarket.fra1.digitaloceanspaces.com/2025-01-17/ 4 KB
4 KB 2031ms
2028ms Image
application/octet-stream 5.101.109.44
DIGITALOCEAN-ASN

General

Check archive.org

Download Go to Show image

Full URL

https://pwamarket.fra1.digitaloceanspaces.com/2025-01-17/678a3e94aa56b.jpg

Requested by

Host: bison-everon.buzz
URL: https://bison-everon.buzz/?ad_campaign_id=%7B%7Bcampaign.id%7D%7D&source=FB&user_id=17&landing_name=Koc&fb_dynamic_pixel=948257907199662

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

5.101.109.44 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

fra1.digitaloceanspaces.com

Software

Resource Hash

30adea68c36542ca7d4aed5eb374d95ed0fdb39d0f5578cf862ec87c666c15f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bison-everon.buzz/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
x-envoy-upstream-healthchecked-cluster
etag: "ca27ea2c2384313ef130d47f00676570"
x-amz-request-id: tx00000fe92a913a2edf30b-00678c0943-128aca35e-fra1b
accept-ranges: bytes
content-length: 3960
x-rgw-object-type: Normal
date: Sat, 18 Jan 2025 20:04:19 GMT
last-modified: Fri, 17 Jan 2025 11:27:16 GMT
content-type: application/octet-stream
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method

GET
H2 200 678a3e94a0728.jpg
pwamarket.fra1.digitaloceanspaces.com/2025-01-17/ 7 KB
8 KB 1838ms
1836ms Image
application/octet-stream 5.101.109.44
DIGITALOCEAN-ASN

General

Check archive.org

Download Go to Show image

Full URL

https://pwamarket.fra1.digitaloceanspaces.com/2025-01-17/678a3e94a0728.jpg

Requested by

Host: bison-everon.buzz
URL: https://bison-everon.buzz/?ad_campaign_id=%7B%7Bcampaign.id%7D%7D&source=FB&user_id=17&landing_name=Koc&fb_dynamic_pixel=948257907199662

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

5.101.109.44 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

fra1.digitaloceanspaces.com

Software

Resource Hash

0185f27f583261f6f1dcef9b36b8648d8e1f31d8676beb95bff107dc256ed895

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bison-everon.buzz/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
x-envoy-upstream-healthchecked-cluster
etag: "817ad0265448abbd3d8aff6ae0179cb7"
x-amz-request-id: tx0000082ffdd61cc413498-00678c0943-1289b6b7c-fra1b
accept-ranges: bytes
content-length: 7627
x-rgw-object-type: Normal
date: Sat, 18 Jan 2025 20:04:19 GMT
last-modified: Fri, 17 Jan 2025 11:27:16 GMT
content-type: application/octet-stream
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method

GET
H2 200 678a3e949960c.jpg
pwamarket.fra1.digitaloceanspaces.com/2025-01-17/ 7 KB
7 KB 1946ms
1943ms Image
application/octet-stream 5.101.109.44
DIGITALOCEAN-ASN

General

Check archive.org

Download Go to Show image

Full URL

https://pwamarket.fra1.digitaloceanspaces.com/2025-01-17/678a3e949960c.jpg

Requested by

Host: bison-everon.buzz
URL: https://bison-everon.buzz/?ad_campaign_id=%7B%7Bcampaign.id%7D%7D&source=FB&user_id=17&landing_name=Koc&fb_dynamic_pixel=948257907199662

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

5.101.109.44 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

fra1.digitaloceanspaces.com

Software

Resource Hash

b7e7afcbab2b930de9d4a6dbc2dc98ca96c048a9c1f5b91c359ee061a7ac0df9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bison-everon.buzz/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
x-envoy-upstream-healthchecked-cluster
etag: "da9964d309c07fff3a6eae04d0d17312"
x-amz-request-id: tx00000aadcd1c76330769e-00678c0943-128aca35e-fra1b
accept-ranges: bytes
content-length: 6745
x-rgw-object-type: Normal
date: Sat, 18 Jan 2025 20:04:19 GMT
last-modified: Fri, 17 Jan 2025 11:27:16 GMT
content-type: application/octet-stream
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method

GET
H2 200 678a3e948ac9d.jpg
pwamarket.fra1.digitaloceanspaces.com/2025-01-17/ 6 KB
7 KB 1809ms
1807ms Image
application/octet-stream 5.101.109.44
DIGITALOCEAN-ASN

General

Check archive.org

Download Go to Show image

Full URL

https://pwamarket.fra1.digitaloceanspaces.com/2025-01-17/678a3e948ac9d.jpg

Requested by

Host: bison-everon.buzz
URL: https://bison-everon.buzz/?ad_campaign_id=%7B%7Bcampaign.id%7D%7D&source=FB&user_id=17&landing_name=Koc&fb_dynamic_pixel=948257907199662

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

5.101.109.44 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

fra1.digitaloceanspaces.com

Software

Resource Hash

f28ac63d178208e05f592076f2a1f698d34a22c17d8c4ed25b3e052fcb1f1774

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bison-everon.buzz/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
x-envoy-upstream-healthchecked-cluster
etag: "f3cb0ad47865929832a7ccc6d29c1ad0"
x-amz-request-id: tx000001ec184b36ad89795-00678c0943-128aca2f0-fra1b
accept-ranges: bytes
content-length: 6652
x-rgw-object-type: Normal
date: Sat, 18 Jan 2025 20:04:19 GMT
last-modified: Fri, 17 Jan 2025 11:27:16 GMT
content-type: application/octet-stream
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method

GET
H2 200 678a3e9483387.jpg
pwamarket.fra1.digitaloceanspaces.com/2025-01-17/ 8 KB
8 KB 2002ms
2000ms Image
application/octet-stream 5.101.109.44
DIGITALOCEAN-ASN

General

Check archive.org

Download Go to Show image

Full URL

https://pwamarket.fra1.digitaloceanspaces.com/2025-01-17/678a3e9483387.jpg

Requested by

Host: bison-everon.buzz
URL: https://bison-everon.buzz/?ad_campaign_id=%7B%7Bcampaign.id%7D%7D&source=FB&user_id=17&landing_name=Koc&fb_dynamic_pixel=948257907199662

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

5.101.109.44 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

fra1.digitaloceanspaces.com

Software

Resource Hash

f68de87ac3309dfb485b3b4cb2e7a01f0ad64c58e145140ac8c9a71f5dffbc5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bison-everon.buzz/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
x-envoy-upstream-healthchecked-cluster
etag: "7f89b2434c19c957704cae72c0de1453"
x-amz-request-id: tx00000325d3847c2bfd3c5-00678c0943-1288da040-fra1b
accept-ranges: bytes
content-length: 8131
x-rgw-object-type: Normal
date: Sat, 18 Jan 2025 20:04:19 GMT
last-modified: Fri, 17 Jan 2025 11:27:16 GMT
content-type: application/octet-stream
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method

GET
H2 200 678a3e947bff7.jpg
pwamarket.fra1.digitaloceanspaces.com/2025-01-17/ 11 KB
11 KB 2057ms
2054ms Image
application/octet-stream 5.101.109.44
DIGITALOCEAN-ASN

General

Check archive.org

Download Go to Show image

Full URL

https://pwamarket.fra1.digitaloceanspaces.com/2025-01-17/678a3e947bff7.jpg

Requested by

Host: bison-everon.buzz
URL: https://bison-everon.buzz/?ad_campaign_id=%7B%7Bcampaign.id%7D%7D&source=FB&user_id=17&landing_name=Koc&fb_dynamic_pixel=948257907199662

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

5.101.109.44 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

fra1.digitaloceanspaces.com

Software

Resource Hash

574e6736e88a5caa266019532517eb78ae6d4382f7165ebb0bdf675768e2e675

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bison-everon.buzz/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
x-envoy-upstream-healthchecked-cluster
etag: "5abe9fb345d564238540e9ed171a9d0a"
x-amz-request-id: tx0000060e139574173c3c3-00678c0943-1289b6b7c-fra1b
accept-ranges: bytes
content-length: 10818
x-rgw-object-type: Normal
date: Sat, 18 Jan 2025 20:04:19 GMT
last-modified: Fri, 17 Jan 2025 11:27:16 GMT
content-type: application/octet-stream
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method

GET
H2 200 678a3e9474190.jpg
pwamarket.fra1.digitaloceanspaces.com/2025-01-17/ 10 KB
10 KB 1918ms
1916ms Image
application/octet-stream 5.101.109.44
DIGITALOCEAN-ASN

General

Check archive.org

Download Go to Show image

Full URL

https://pwamarket.fra1.digitaloceanspaces.com/2025-01-17/678a3e9474190.jpg

Requested by

Host: bison-everon.buzz
URL: https://bison-everon.buzz/?ad_campaign_id=%7B%7Bcampaign.id%7D%7D&source=FB&user_id=17&landing_name=Koc&fb_dynamic_pixel=948257907199662

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

5.101.109.44 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

fra1.digitaloceanspaces.com

Software

Resource Hash

02e8e39c2f1a58488efe8e4a4d6f7a53f83084dbf4af32d423826a021e63067c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bison-everon.buzz/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
x-envoy-upstream-healthchecked-cluster
etag: "37fbdd3914061e71749261e18299fe4d"
x-amz-request-id: tx00000e2c4ee52d2e4d616-00678c0943-128aca2f0-fra1b
accept-ranges: bytes
content-length: 10120
x-rgw-object-type: Normal
date: Sat, 18 Jan 2025 20:04:19 GMT
last-modified: Fri, 17 Jan 2025 11:27:16 GMT
content-type: application/octet-stream
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method

GET
H2 200 678a3e946d38c.jpg
pwamarket.fra1.digitaloceanspaces.com/2025-01-17/ 12 KB
12 KB 2085ms
2083ms Image
application/octet-stream 5.101.109.44
DIGITALOCEAN-ASN

General

Check archive.org

Download Go to Show image

Full URL

https://pwamarket.fra1.digitaloceanspaces.com/2025-01-17/678a3e946d38c.jpg

Requested by

Host: bison-everon.buzz
URL: https://bison-everon.buzz/?ad_campaign_id=%7B%7Bcampaign.id%7D%7D&source=FB&user_id=17&landing_name=Koc&fb_dynamic_pixel=948257907199662

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

5.101.109.44 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

fra1.digitaloceanspaces.com

Software

Resource Hash

eb68e5e182c2ea63f5ac7de3ee2ee8c709f8994384c4e62c00f6c802e0ec4319

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bison-everon.buzz/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
x-envoy-upstream-healthchecked-cluster
etag: "259b87129a38b4f3ac3ec7e3ccc18829"
x-amz-request-id: tx00000e7a509dde9c533ea-00678c0943-12863ec70-fra1b
accept-ranges: bytes
content-length: 12186
x-rgw-object-type: Normal
date: Sat, 18 Jan 2025 20:04:19 GMT
last-modified: Fri, 17 Jan 2025 11:27:16 GMT
content-type: application/octet-stream
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method

GET
H2 200 678a3e9465104.jpg
pwamarket.fra1.digitaloceanspaces.com/2025-01-17/ 6 KB
6 KB 1808ms
1806ms Image
application/octet-stream 5.101.109.44
DIGITALOCEAN-ASN

General

Check archive.org

Download Go to Show image

Full URL

https://pwamarket.fra1.digitaloceanspaces.com/2025-01-17/678a3e9465104.jpg

Requested by

Host: bison-everon.buzz
URL: https://bison-everon.buzz/?ad_campaign_id=%7B%7Bcampaign.id%7D%7D&source=FB&user_id=17&landing_name=Koc&fb_dynamic_pixel=948257907199662

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

5.101.109.44 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

fra1.digitaloceanspaces.com

Software

Resource Hash

26e394612d9e1d10009064cffc7660e5b40a64480d591d705469cb2d11c25241

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bison-everon.buzz/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
x-envoy-upstream-healthchecked-cluster
etag: "a058e3a9ed793efff9a6113cd4007075"
x-amz-request-id: tx000009b81246388f5da4f-00678c0943-12863ec70-fra1b
accept-ranges: bytes
content-length: 5820
x-rgw-object-type: Normal
date: Sat, 18 Jan 2025 20:04:19 GMT
last-modified: Fri, 17 Jan 2025 11:27:16 GMT
content-type: application/octet-stream
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method

GET
H2 200 678a3e945ce28.jpg
pwamarket.fra1.digitaloceanspaces.com/2025-01-17/ 6 KB
6 KB 1890ms
1888ms Image
application/octet-stream 5.101.109.44
DIGITALOCEAN-ASN

General

Check archive.org

Download Go to Show image

Full URL

https://pwamarket.fra1.digitaloceanspaces.com/2025-01-17/678a3e945ce28.jpg

Requested by

Host: bison-everon.buzz
URL: https://bison-everon.buzz/?ad_campaign_id=%7B%7Bcampaign.id%7D%7D&source=FB&user_id=17&landing_name=Koc&fb_dynamic_pixel=948257907199662

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

5.101.109.44 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

fra1.digitaloceanspaces.com

Software

Resource Hash

0cf8b1b5890ff7a08db203e5dfcc9d2333fe99791004cc878b6429544ac95c88

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bison-everon.buzz/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
x-envoy-upstream-healthchecked-cluster
etag: "831461bb4291db40c9518821eec8b7c3"
x-amz-request-id: tx00000ee38e7d87b1a9492-00678c0943-1289b6b7c-fra1b
accept-ranges: bytes
content-length: 6037
x-rgw-object-type: Normal
date: Sat, 18 Jan 2025 20:04:19 GMT
last-modified: Fri, 17 Jan 2025 11:27:16 GMT
content-type: application/octet-stream
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method

GET
H2 200 678a3e945364b.jpg
pwamarket.fra1.digitaloceanspaces.com/2025-01-17/ 5 KB
6 KB 1836ms
1835ms Image
application/octet-stream 5.101.109.44
DIGITALOCEAN-ASN

General

Check archive.org

Download Go to Show image

Full URL

https://pwamarket.fra1.digitaloceanspaces.com/2025-01-17/678a3e945364b.jpg

Requested by

Host: bison-everon.buzz
URL: https://bison-everon.buzz/?ad_campaign_id=%7B%7Bcampaign.id%7D%7D&source=FB&user_id=17&landing_name=Koc&fb_dynamic_pixel=948257907199662

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

5.101.109.44 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

fra1.digitaloceanspaces.com

Software

Resource Hash

ecf74db24336cff77e4f120efc5abf59e0915f8d7eaf3e390576b65a8b32df85

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bison-everon.buzz/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
x-envoy-upstream-healthchecked-cluster
etag: "afbad365affc80cad57ba8d3479d9c67"
x-amz-request-id: tx00000be118432e7b91fe4-00678c0943-12863ec70-fra1b
accept-ranges: bytes
content-length: 5613
x-rgw-object-type: Normal
date: Sat, 18 Jan 2025 20:04:19 GMT
last-modified: Fri, 17 Jan 2025 11:27:16 GMT
content-type: application/octet-stream
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method

GET
H2 200 678a3e944b153.jpg
pwamarket.fra1.digitaloceanspaces.com/2025-01-17/ 10 KB
10 KB 1917ms
1915ms Image
application/octet-stream 5.101.109.44
DIGITALOCEAN-ASN

General

Check archive.org

Download Go to Show image

Full URL

https://pwamarket.fra1.digitaloceanspaces.com/2025-01-17/678a3e944b153.jpg

Requested by

Host: bison-everon.buzz
URL: https://bison-everon.buzz/?ad_campaign_id=%7B%7Bcampaign.id%7D%7D&source=FB&user_id=17&landing_name=Koc&fb_dynamic_pixel=948257907199662

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

5.101.109.44 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

fra1.digitaloceanspaces.com

Software

Resource Hash

e85d0bbc8ba3c2abacbebc7067303a7876c6a39d0e974d12389af22ccb5d7186

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bison-everon.buzz/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
x-envoy-upstream-healthchecked-cluster
etag: "dc6df612df1141f6d39c5fea6fc67964"
x-amz-request-id: tx00000115241fa198a53ae-00678c0943-12863ec70-fra1b
accept-ranges: bytes
content-length: 10522
x-rgw-object-type: Normal
date: Sat, 18 Jan 2025 20:04:19 GMT
last-modified: Fri, 17 Jan 2025 11:27:16 GMT
content-type: application/octet-stream
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method

GET
H2 200 678a3e943efa4.jpg
pwamarket.fra1.digitaloceanspaces.com/2025-01-17/ 9 KB
9 KB 2057ms
2055ms Image
application/octet-stream 5.101.109.44
DIGITALOCEAN-ASN

General

Check archive.org

Download Go to Show image

Full URL

https://pwamarket.fra1.digitaloceanspaces.com/2025-01-17/678a3e943efa4.jpg

Requested by

Host: bison-everon.buzz
URL: https://bison-everon.buzz/?ad_campaign_id=%7B%7Bcampaign.id%7D%7D&source=FB&user_id=17&landing_name=Koc&fb_dynamic_pixel=948257907199662

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

5.101.109.44 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

fra1.digitaloceanspaces.com

Software

Resource Hash

befe3383c3185da1a5964daa9c038d11f31ef73442f190ca315c149e23d6cfe5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bison-everon.buzz/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
x-envoy-upstream-healthchecked-cluster
etag: "f0769b6cde99819e9ae803142f78641c"
x-amz-request-id: tx00000155404a9a8ac6d05-00678c0943-1288da013-fra1b
accept-ranges: bytes
content-length: 8790
x-rgw-object-type: Normal
date: Sat, 18 Jan 2025 20:04:19 GMT
last-modified: Fri, 17 Jan 2025 11:27:16 GMT
content-type: application/octet-stream
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method

GET
H2 200 678a3e94c1b5d.jpg
pwamarket.fra1.digitaloceanspaces.com/2025-01-17/ 11 KB
11 KB 2031ms
2029ms Image
application/octet-stream 5.101.109.44
DIGITALOCEAN-ASN

General

Check archive.org

Download Go to Show image

Full URL

https://pwamarket.fra1.digitaloceanspaces.com/2025-01-17/678a3e94c1b5d.jpg

Requested by

Host: bison-everon.buzz
URL: https://bison-everon.buzz/?ad_campaign_id=%7B%7Bcampaign.id%7D%7D&source=FB&user_id=17&landing_name=Koc&fb_dynamic_pixel=948257907199662

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

5.101.109.44 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

fra1.digitaloceanspaces.com

Software

Resource Hash

da4fafdd489a877cecc106110835a97f4e9daebb5b5abdccb1eb6f865579cbf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bison-everon.buzz/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
x-envoy-upstream-healthchecked-cluster
etag: "5f89d3ec1a3f4cefbbfcbcb622ac6e1f"
x-amz-request-id: tx000005eabb813bcd6d97c-00678c0943-128aca35e-fra1b
accept-ranges: bytes
content-length: 11477
x-rgw-object-type: Normal
date: Sat, 18 Jan 2025 20:04:19 GMT
last-modified: Fri, 17 Jan 2025 11:27:16 GMT
content-type: application/octet-stream
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method

GET
H3 200 right-arrow.svg
bison-everon.buzz/index_files/ 226 B
883 B 35ms
34ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://bison-everon.buzz/index_files/right-arrow.svg
Requested by: Host: bison-everon.buzz
URL: https://bison-everon.buzz/?ad_campaign_id=%7B%7Bcampaign.id%7D%7D&source=FB&user_id=17&landing_name=Koc&fb_dynamic_pixel=948257907199662
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e83c7215bc8fc58ea06d5e459ee3c3823cb9a556f967326884189f281699e33e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bison-everon.buzz/?ad_campaign_id=%7B%7Bcampaign.id%7D%7D&source=FB&user_id=17&landing_name=Koc&fb_dynamic_pixel=948257907199662

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"61391114-e2"
age: 491
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2D1%2Bj5P5aM8yQiwh3DlYmF%2FGqgmitzGWpLMhLbH0sw6SWdgMj%2FX3fUYaCDKa5sDqh9rSfiZPz%2F0cr747a1FzieCgwrTgFfpBIi6hMsitctk4HRT9WdUjFMn%2Bp0zIx%2FFYLVlBOg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=20424&min_rtt=14827&rtt_var=2787&sent=82&recv=47&lost=0&retrans=1&sent_bytes=67989&recv_bytes=17299&delivery_rate=27273&cwnd=42000&unsent_bytes=0&cid=6195c83865ded376&ts=264&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 18 Jan 2025 20:04:19 GMT
content-type: image/svg+xml
last-modified: Wed, 08 Sep 2021 19:37:56 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 9041318329c765f1-AMS
server: cloudflare

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
31 KB 76ms
17ms Script
application/javascript 2a04:4e42:400::649
FASTLY

General

Check archive.org

Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: bison-everon.buzz
URL: https://bison-everon.buzz/?ad_campaign_id=%7B%7Bcampaign.id%7D%7D&source=FB&user_id=17&landing_name=Koc&fb_dynamic_pixel=948257907199662
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://bison-everon.buzz
Referer: https://bison-everon.buzz/

Response headers

content-encoding: gzip
etag: W/"28feccc0-15d9d"
age: 5753950
x-cache: HIT, HIT
date: Sat, 18 Jan 2025 20:04:19 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
x-cache-hits: 51, 225960
x-served-by: cache-lga21931-LGA, cache-bru1480025-BRU
vary: Accept-Encoding
cache-control: public, max-age=31536000, stale-while-revalidate=604800
x-timer: S1737230659.096882,VS0,VE0
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 30875
server: nginx

GET
H3 200 main.js Show response
bison-everon.buzz/index_files/ 2 KB
1 KB 51ms
50ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://bison-everon.buzz/index_files/main.js?v=5
Requested by: Host: bison-everon.buzz
URL: https://bison-everon.buzz/?ad_campaign_id=%7B%7Bcampaign.id%7D%7D&source=FB&user_id=17&landing_name=Koc&fb_dynamic_pixel=948257907199662
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fe0703fd5c8e34526b66d296ac8709b5eefcdb2e02af16a773ca8214b37a1db

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bison-everon.buzz/?ad_campaign_id=%7B%7Bcampaign.id%7D%7D&source=FB&user_id=17&landing_name=Koc&fb_dynamic_pixel=948257907199662

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"66d84fa4-6ca"
age: 491
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rKEUrfSGT7%2FfgFPUtyRSX8Y0Bvai%2BRG%2BGj2XGP%2Bzx%2BuC98CNxnQ10MYitZZvy02Dvu0ca7TPR6iHufk1oEpI8qE4m35KYUic7h0TtvGDxTpUZWMLHmzCglFPm%2B1cRBhbBn0z3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19392&min_rtt=14827&rtt_var=1368&sent=90&recv=54&lost=0&retrans=1&sent_bytes=73078&recv_bytes=18313&delivery_rate=155739&cwnd=42000&unsent_bytes=0&cid=6195c83865ded376&ts=277&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 18 Jan 2025 20:04:19 GMT
content-type: application/javascript
last-modified: Wed, 04 Sep 2024 12:16:36 GMT
vary: Accept-Encoding
priority: u=2,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 9041318349e865f1-AMS
server: cloudflare

GET
H3 200 ua-parser.min.js Show response
bison-everon.buzz/ 19 KB
8 KB 37ms
35ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://bison-everon.buzz/ua-parser.min.js?v=1
Requested by: Host: bison-everon.buzz
URL: https://bison-everon.buzz/?ad_campaign_id=%7B%7Bcampaign.id%7D%7D&source=FB&user_id=17&landing_name=Koc&fb_dynamic_pixel=948257907199662
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aea853709c74898200ed661ba52d5af3c75ecfd4e3459718828a512f08fb1b33

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bison-everon.buzz/?ad_campaign_id=%7B%7Bcampaign.id%7D%7D&source=FB&user_id=17&landing_name=Koc&fb_dynamic_pixel=948257907199662

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"6150766d-4bb5"
age: 491
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4WhU5r7gwXy58jktEvD%2FgB0a7okmdlASx9aGTmjZUh%2FnQostYuQjGXpdvSfwkgd5wi%2FpS1PyZXKSeUVcaZXlkCcr87%2Fo7mlWx%2Bk1%2B3vNiCkeHlaaJDu%2B2fxlAXOiG6gWxhnGjw%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=20424&min_rtt=14827&rtt_var=2787&sent=74&recv=47&lost=0&retrans=1&sent_bytes=58886&recv_bytes=17299&delivery_rate=27273&cwnd=42000&unsent_bytes=0&cid=6195c83865ded376&ts=259&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 18 Jan 2025 20:04:19 GMT
content-type: application/javascript
last-modified: Sun, 26 Sep 2021 13:32:29 GMT
vary: Accept-Encoding
priority: u=2,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 9041318329bd65f1-AMS
server: cloudflare

GET
H2 200 js.cookie.min.js Show response
cdn.jsdelivr.net/npm/js-cookie@3.0.1/dist/ 2 KB
2 KB 78ms
31ms Script
application/javascript 2606:4700::6812:bb1f
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://cdn.jsdelivr.net/npm/js-cookie@3.0.1/dist/js.cookie.min.js

Requested by

Host: bison-everon.buzz
URL: https://bison-everon.buzz/?ad_campaign_id=%7B%7Bcampaign.id%7D%7D&source=FB&user_id=17&landing_name=Koc&fb_dynamic_pixel=948257907199662

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bb1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d07dcdbb3ddaba0dda7d56d496cbb5d8fbb1bdadc23f812126d3c4c6ab39e158

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bison-everon.buzz/

Response headers

access-control-expose-headers: *
content-encoding: br
cf-cache-status: HIT
etag: W/"691-nsW9ygnrEUkpEGcvy0hZTQTrY68"
age: 1879584
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6WgTWBAKmfXg%2BYd3ckem24T0Jdtvhxeu8uOzZ1yJvN8g%2BVucIaLEL5wb3qam6ectg3EtaJp9TBV8nmAnGToV1C1K5cUz7IWuwjUlydj1Qbtem%2BVaMr6KPGPY5%2Fhq5KEUGXyQf3Il3yvv6eVGnNA%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443"; ma=86400
x-cache: HIT, HIT
date: Sat, 18 Jan 2025 20:04:19 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-eddf8230092-FRA, cache-lga21929-LGA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 904131836c860bbc-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 841
server: cloudflare
x-jsd-version: 3.0.1

GET
H3 200 grt_v2.js Show response
bison-everon.buzz/js/ 3 KB
2 KB 34ms
32ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://bison-everon.buzz/js/grt_v2.js
Requested by: Host: bison-everon.buzz
URL: https://bison-everon.buzz/?ad_campaign_id=%7B%7Bcampaign.id%7D%7D&source=FB&user_id=17&landing_name=Koc&fb_dynamic_pixel=948257907199662
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63395bd7041ecb472847123b22974675644a4dfb5c4fe36ec1f9485c93e0de15

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bison-everon.buzz/?ad_campaign_id=%7B%7Bcampaign.id%7D%7D&source=FB&user_id=17&landing_name=Koc&fb_dynamic_pixel=948257907199662

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"669fb78f-ccc"
age: 491
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KB6uM1EQV6sVO5E8tKlzlnG8HZGtMvdE1ziUw%2BHMGCaCoK%2FNZBRW73mJP0VFSsWsk%2BHjRSpm%2BYNGr%2BsoCXrCPgojOunIvv3eLngPcvjW7%2Fh%2B%2BSAUha5oc38S1mtHYb3zms3KiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=20424&min_rtt=14827&rtt_var=2787&sent=71&recv=47&lost=0&retrans=1&sent_bytes=56126&recv_bytes=17299&delivery_rate=27273&cwnd=42000&unsent_bytes=0&cid=6195c83865ded376&ts=258&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 18 Jan 2025 20:04:19 GMT
content-type: application/javascript
last-modified: Tue, 23 Jul 2024 14:00:47 GMT
vary: Accept-Encoding
priority: u=2,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 9041318329be65f1-AMS
server: cloudflare

GET
H3 200 font-awesome.min.css
netdna.bootstrapcdn.com/font-awesome/4.1.0/css/ 20 KB
5 KB 59ms
29ms Stylesheet
text/css 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://netdna.bootstrapcdn.com/font-awesome/4.1.0/css/font-awesome.min.css

Requested by

Host: bison-everon.buzz
URL: https://bison-everon.buzz/index_files/style.css?v=16

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b769324e0921f9f649611113e65f528ebae5e140da8a7e63c5d6ea7bc7a33bc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bison-everon.buzz/

Response headers

cdn-status: 200
content-encoding: br
cf-cache-status: HIT
etag: "bbfef9385083d307ad2692c0cf99f611"
age: 2140284
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 18 Jan 2025 20:04:18 GMT
last-modified: Mon, 25 Jan 2021 22:04:53 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-cache: HIT
cdn-cachedat: 09/26/2024 12:21:36
cdn-requestpullcode: 200
priority: u=0,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31919000
cdn-requestpullsuccess: True
timing-allow-origin: *
cdn-requesttime: 0
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 465a002681566a6f89d0599242e7fc27
cross-origin-resource-policy: cross-origin
cdn-pullzone: 252412
cdn-proxyver: 1.04
cf-ray: 90413182afe8b90f-AMS
access-control-allow-origin: *
cdn-edgestorageid: 1002
server: cloudflare
cdn-requestcountrycode: US

GET
H2 200 css2
fonts.googleapis.com/ 66 KB
3 KB 97ms
63ms Stylesheet
text/css 2a00:1450:400e:800::200a
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Requested by

Host: bison-everon.buzz
URL: https://bison-everon.buzz/index_files/style.css?v=16

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:800::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4e10df21374bf29431a4189a853d94cfa2ddaba4e89e8dff3b823f94b10e5d95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bison-everon.buzz/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sat, 18 Jan 2025 20:04:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 18 Jan 2025 20:04:19 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Sat, 18 Jan 2025 18:27:58 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 240 KB
61 KB 54ms
26ms Script
application/x-javascript 157.240.252.13
FACEBOOK

General

Check archive.org

Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: bison-everon.buzz
URL: https://bison-everon.buzz/?ad_campaign_id=%7B%7Bcampaign.id%7D%7D&source=FB&user_id=17&landing_name=Koc&fb_dynamic_pixel=948257907199662

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra3.fbcdn.net

Software

Resource Hash

a02acce44f2c6df068972d20e54f5b2632f994db79a2ed7f907fd378033411ef

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-3pFf7XM4' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bison-everon.buzz/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 18 Jan 2025 20:04:19 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-3pFf7XM4' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=23, rtx=0, c=23, mss=1232, tbw=4485, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: mMA6Z1cArfkiRP/R5nVpv4ho68KIHJeqJ6s221jW5gV1/gCO5i00cRd7ats4yKQuj0K1mSWqFryNxFIlN+X1ig==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62391
x-xss-protection: 0
origin-agent-cluster: ?1

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f497ed4562ab6c6ff653368793bc430394ae4bf47f5aaef56575f5bd675c65d6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H3 200 KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
fonts.gstatic.com/s/roboto/v47/ 39 KB
39 KB 58ms
25ms Font
font/woff2 142.250.185.99
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://bison-everon.buzz
Referer: https://fonts.googleapis.com/

Response headers

age: 373054
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 14 Jan 2026 12:26:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 14 Jan 2025 12:26:45 GMT
last-modified: Wed, 08 Jan 2025 18:23:10 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 40128
x-xss-protection: 0
server: sffe

GET
H3 200 KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMawCUBGEe.woff2
fonts.gstatic.com/s/roboto/v47/ 40 KB
40 KB 83ms
51ms Font
font/woff2 142.250.185.99
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMawCUBGEe.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

d758e85352971dffe51a5992405eb8f9b316b1bed82495445c328699ee400830

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://bison-everon.buzz
Referer: https://fonts.googleapis.com/

Response headers

age: 373103
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 14 Jan 2026 12:25:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 14 Jan 2025 12:25:56 GMT
last-modified: Wed, 08 Jan 2025 18:23:13 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 40572
x-xss-protection: 0
server: sffe

GET
H3 200 KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3KUBGEe.woff2
fonts.gstatic.com/s/roboto/v47/ 26 KB
26 KB 70ms
37ms Font
font/woff2 142.250.185.99
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3KUBGEe.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

884933fb5789b478d2da68a4cb0bd5cc138d995f1fea9a957ba29cb3c00f1bf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://bison-everon.buzz
Referer: https://fonts.googleapis.com/

Response headers

age: 371958
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 14 Jan 2026 12:45:01 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 14 Jan 2025 12:45:01 GMT
last-modified: Wed, 08 Jan 2025 18:23:11 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 26428
x-xss-protection: 0
server: sffe

GET
H3 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 284 KB
68 KB 40ms
40ms Script
application/javascript 104.17.111.223
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151606

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.111.223 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

785d3e9ea187b7242e1a4365a48c3fd95dd7a469245d24c6769b8d46c4ef4b81

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bison-everon.buzz/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"7e91359b46e1da637080a03b759164fa"
age: 515
expires: Tue, 21 Jan 2025 20:04:19 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 18 Jan 2025 20:04:19 GMT
content-type: application/javascript
vary: Accept-Encoding
priority: u=3,i=?0
access-control-allow-headers: OneSignal-Subscription-Id
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: public, max-age=259200
via: 1.1 google
cf-ray: 904131838b509726-AMS
server: cloudflare

GET
H3 200 ua.php Show response
bison-everon.buzz/ 18 B
748 B 53ms
53ms XHR
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://bison-everon.buzz/ua.php?type=installer&action=store&device=Chrome&utm_source=null&utm_medium=null&utm_campaign=null&utm_term=null&utm_content=null
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.0.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46d3d5c65b528a06eeb77c80c61ed597a9bad2e19d6cbf05ab2328cd37c92071

Request headers

Referer: https://bison-everon.buzz/?ad_campaign_id=%7B%7Bcampaign.id%7D%7D&source=FB&user_id=17&landing_name=Koc&fb_dynamic_pixel=948257907199662
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, text/javascript, */*; q=0.01

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X9IB%2FcpblAaLPLb0gg8TYnmRov%2BGen030E%2BTKPkGBwyhk7dUlSPGxXGoH%2FlYuhdu7qFJ1UhQeaacn981vSQuGILrrTJ4R%2FzLT4VcO105vb0h4UWeKQhgPhchFWJwvdUBvsAh6w%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 90413183aa2f65f1-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18284&min_rtt=14827&rtt_var=2448&sent=96&recv=62&lost=0&retrans=1&sent_bytes=75631&recv_bytes=20258&delivery_rate=38844&cwnd=42000&unsent_bytes=0&cid=6195c83865ded376&ts=361&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 18 Jan 2025 20:04:19 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
server: cloudflare
priority: u=1,i

GET
H3 200 948257907199662 Show response
connect.facebook.net/signals/config/ 69 KB
14 KB 72ms
72ms Script
application/x-javascript 157.240.252.13
FACEBOOK

General

Check archive.org

Download Go to

Full URL

https://connect.facebook.net/signals/config/948257907199662?v=2.9.180&r=stable&domain=bison-everon.buzz&hme=1b2b48fb279bc2e2881583cc2153b57f55e340ed882b2c5394167c8bc992d930&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C174%2C177%2C189%2C185%2C186%2C188%2C29%2C101%2C53%2C77%2C187%2C169%2C172%2C182%2C183%2C190%2C132%2C41%2C192%2C193%2C34%2C144%2C15%2C50%2C198%2C197%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C170%2C173%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra3.fbcdn.net

Software

Resource Hash

072583931ff1bee8338f45373e1db8da506bef116fd64aa83231a744cf1af270

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-TiWOB1GH' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bison-everon.buzz/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 18 Jan 2025 20:04:19 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-TiWOB1GH' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=24, rtx=0, c=77, mss=1232, tbw=70659, tp=66, tpl=0, uplat=43, ullat=0
pragma: public
x-fb-debug: 8QNQ4tC7tp/5Ryfol1f/ZmWaSi3c5kefdoLxmKJMgvFRJtwo6jBX6WVuC/S3BNFuQG+/oHggj1QKOdUJQX7ctQ==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 60ms
25ms Image
text/plain 157.240.0.35
FACEBOOK

General

Check archive.org

Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=948257907199662&ev=PageView&dl=https%3A%2F%2Fbison-everon.buzz%2F%3Fad_campaign_id%3D%257B%257Bcampaign.id%257D%257D%26source%3DFB%26user_id%3D17%26landing_name%3DKoc%26fb_dynamic_pixel%3D948257907199662&rl=&if=false&ts=1737230659234&sw=1600&sh=1200&v=2.9.180&r=stable&ec=0&o=12318&fbp=fb.1.1737230659234.186774066229501685&ler=empty&cdl=API_unavailable&it=1737230659147&coo=false&rqm=GET

Requested by

Host: bison-everon.buzz
URL: https://bison-everon.buzz/?ad_campaign_id=%7B%7Bcampaign.id%7D%7D&source=FB&user_id=17&landing_name=Koc&fb_dynamic_pixel=948257907199662

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bison-everon.buzz/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=23, rtx=0, c=23, mss=1232, tbw=4534, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Sat, 18 Jan 2025 20:04:19 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
195 B 185ms
150ms Image
image/png 157.240.0.35
FACEBOOK

General

Check archive.org

Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=948257907199662&ev=PageView&dl=https%3A%2F%2Fbison-everon.buzz%2F%3Fad_campaign_id%3D%257B%257Bcampaign.id%257D%257D%26source%3DFB%26user_id%3D17%26landing_name%3DKoc%26fb_dynamic_pixel%3D948257907199662&rl=&if=false&ts=1737230659234&sw=1600&sh=1200&v=2.9.180&r=stable&ec=0&o=12318&fbp=fb.1.1737230659234.186774066229501685&ler=empty&cdl=API_unavailable&it=1737230659147&coo=false&rqm=FGET

Requested by

Host: bison-everon.buzz
URL: https://bison-everon.buzz/?ad_campaign_id=%7B%7Bcampaign.id%7D%7D&source=FB&user_id=17&landing_name=Koc&fb_dynamic_pixel=948257907199662

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bison-everon.buzz/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7461348867988208579"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 18 Jan 2025 20:04:19 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: V7x2O0hijI+otmddEGa738DOfg6J0SL72t4O5A4jCwrCJmrdJkD7a4TVbD6+Be1p0iMXgUrCuJpNxBo1zKj2Ug==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7461348867988208579", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=23, rtx=0, c=23, mss=1232, tbw=4902, tp=13, tpl=0, uplat=124, ullat=0
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 404 favicon.ico
bison-everon.buzz/ 16 B
0 70ms
70ms Other
text/html

General

Check archive.org

Download Go to

Full URL: https://bison-everon.buzz/favicon.ico
Protocol: H3
Server: -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bison-everon.buzz/?ad_campaign_id=%7B%7Bcampaign.id%7D%7D&source=FB&user_id=17&landing_name=Koc&fb_dynamic_pixel=948257907199662

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HlahfvsDDX5bwH%2Fk4%2BLQdyXt1XBvhOXjCxRiG%2FtGBTCkfsjbXau4pyFT%2B%2BbtAE3x%2F2nAygPEVoC74BhLNelycqGMFCHJ6gv8cQQyV8q%2FQJkuHo8CHxdLOOc5LqBAWaH2juSsdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 904131c90f5165f1-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18359&min_rtt=14827&rtt_var=1984&sent=98&recv=64&lost=0&retrans=1&sent_bytes=76428&recv_bytes=21140&delivery_rate=17593&cwnd=42000&unsent_bytes=0&cid=6195c83865ded376&ts=11480&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 18 Jan 2025 20:04:30 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
server: cloudflare
priority: u=1,i

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
bison-everon.buzz/	1970-01-21 02:35:38	Name: pixel Value: 948257907199662
bison-everon.buzz/	1970-01-21 02:35:38	Name: url Value: https%3A%2F%2Fbison-everon.buzz%2F%3Fad_campaign_id%3D%257B%257Bcampaign.id%257D%257D%26source%3DFB%26user_id%3D17%26landing_name%3DKoc%26fb_dynamic_pixel%3D948257907199662
bison-everon.buzz/	1970-01-21 02:35:38	Name: v_params Value: %7B%22ad_campaign_id%22%3A%22%7B%7Bcampaign.id%7D%7D%22%2C%22source%22%3A%22FB%22%2C%22user_id%22%3A%2217%22%2C%22landing_name%22%3A%22Koc%22%2C%22fb_dynamic_pixel%22%3A%22948257907199662%22%7D
.bison-everon.buzz/	1970-01-21 11:19:26	Name: googtrans Value: %2Fru%2Ftr
bison-everon.buzz/	1970-01-21 03:27:50	Name: onesignal_id Value: 678c0942d5bd95.15525534
bison-everon.buzz/	1970-01-21 03:17:02	Name: genuie Value: 1
.onesignal.com/	1970-01-21 02:33:52	Name: __cf_bm Value: M003EHhJl2t2.zavy9Xbbl8bZ1OKCuzmk8ZzU1DwyGU-1737230659-1.0.1.1-xnCyZUehjC95wE9dsZtwumVlnHbJnfgTz0Hae5gIIjyqUEajaNdPVbSxU9ZFVyys1B0ZTU0o7P_a3XkhMjPi7Q
bison-everon.buzz/	1970-01-21 02:55:26	Name: tracking_id Value: 1050079103
.bison-everon.buzz/	1970-01-21 04:43:26	Name: _fbp Value: fb.1.1737230659234.186774066229501685

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://bison-everon.buzz/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bison-everon.buzz
cdn.jsdelivr.net
cdn.onesignal.com
code.jquery.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
netdna.bootstrapcdn.com
pwamarket.fra1.digitaloceanspaces.com
www.facebook.com
104.17.111.223
104.18.11.207
142.250.185.99
157.240.0.35
157.240.252.13
188.114.97.3
2606:4700::6812:bb1f
2a00:1450:400e:800::200a
2a04:4e42:400::649
5.101.109.44
0185f27f583261f6f1dcef9b36b8648d8e1f31d8676beb95bff107dc256ed895
02e8e39c2f1a58488efe8e4a4d6f7a53f83084dbf4af32d423826a021e63067c
0669f9592c91d8641bbd403f76e4c9f44caa47ae6b55d77c11b2028a036b15bb
072583931ff1bee8338f45373e1db8da506bef116fd64aa83231a744cf1af270
0ce6741bddb996656e41640ca3b4fdc8d64a6175be3910e59359773cd86d469f
0cf8b1b5890ff7a08db203e5dfcc9d2333fe99791004cc878b6429544ac95c88
0ebb9fe215655ca06215613c88e1e46b9d460f0dc32e3577d4f0593701cae3f5
145eb340c9eced8239386a9c07c3bcb916940be94282efc6e14b5cfee7f0158e
20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2
26e394612d9e1d10009064cffc7660e5b40a64480d591d705469cb2d11c25241
30adea68c36542ca7d4aed5eb374d95ed0fdb39d0f5578cf862ec87c666c15f5
33834ee0e379cef6aba9fb76c8f36194d87dc930193fc53de330a2d955065b01
38ec1d8b7d4b66f131f79489feca40ff46a74bd2e6500c2d1dc2cceb737a4ef5
3d1510bb842ca08d4529ada5711e0bd4724153439efe49c5ff6f2f8d36c23027
46d3d5c65b528a06eeb77c80c61ed597a9bad2e19d6cbf05ab2328cd37c92071
47e6b91dab5fdcba9bf8a75cb96bf083fc6567f682b30e18165fe0e20e9e1f4a
4e10df21374bf29431a4189a853d94cfa2ddaba4e89e8dff3b823f94b10e5d95
574e6736e88a5caa266019532517eb78ae6d4382f7165ebb0bdf675768e2e675
5c365eaa619f6335a9690b9cfaa51afec93cc182234527503749ff93b4ee5e94
63395bd7041ecb472847123b22974675644a4dfb5c4fe36ec1f9485c93e0de15
7427c6f35ab3fb782fc17226cf39b11bae9f955e49889e0fdd9318a2789507e4
785d3e9ea187b7242e1a4365a48c3fd95dd7a469245d24c6769b8d46c4ef4b81
7aa419e1cdbbd9d24b84bf61b80a31ff8b7e133fb5c3c0bc9e34c98a172b3657
805ff2295a2a3310761664192cb9c7c611f36f069aad7107358722a66c9b8123
87c58108dce6f9bb7ce3862ed1525f48154ee31e3fb89680fdea8f3122097346
884933fb5789b478d2da68a4cb0bd5cc138d995f1fea9a957ba29cb3c00f1bf7
886990b83e2e1109929a372cff38601c8e2aa450157066a904ed1e002c0a2424
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
8ae9138b283e4c1610ab6dadf018f8876ceb2ef37e9002970978c3d21b9a4df2
8fe0703fd5c8e34526b66d296ac8709b5eefcdb2e02af16a773ca8214b37a1db
9137b07942abada9db72a2a5596506a46532a071339fd07f7434a76017bbacd0
9ada85fc4e56ffd27456471802c084e2718e3ba4dab684db79fb3cd16639e6ed
a02acce44f2c6df068972d20e54f5b2632f994db79a2ed7f907fd378033411ef
a523dab47d048a09afaeefbf499f9d404bb6fbf4af0c7756a087d734ae888007
a9e27d8eba1218faddef32d698f93a083f3a26198530394931db9052cd859981
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aea853709c74898200ed661ba52d5af3c75ecfd4e3459718828a512f08fb1b33
b19b8bcfd89ede801a909691cd493a6d774851be59ef55fa153d92af9984819c
b769324e0921f9f649611113e65f528ebae5e140da8a7e63c5d6ea7bc7a33bc0
b7e7afcbab2b930de9d4a6dbc2dc98ca96c048a9c1f5b91c359ee061a7ac0df9
bd8f97e57e0a39a0371f14681dfd1e2412b742902a388e2401746478585738e3
befe3383c3185da1a5964daa9c038d11f31ef73442f190ca315c149e23d6cfe5
befec7379f0d8bbe70c822cf70f7e556f99e080e50728090593bc0f4bbf0c1a8
c70d73820ae3c8186599c6f0e2e204fa3dce93af72f67aefd03e6d99094b03f8
cba2bcaf6a7c6b03c3cef6fa45956724f407c73c256e23c70a416ae5ee4dd650
cf458f596c607bf313e0573230585fe07d4407f4b43f25d725f2f3aa55e177ac
d07dcdbb3ddaba0dda7d56d496cbb5d8fbb1bdadc23f812126d3c4c6ab39e158
d758e85352971dffe51a5992405eb8f9b316b1bed82495445c328699ee400830
da4fafdd489a877cecc106110835a97f4e9daebb5b5abdccb1eb6f865579cbf8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e83c7215bc8fc58ea06d5e459ee3c3823cb9a556f967326884189f281699e33e
e85d0bbc8ba3c2abacbebc7067303a7876c6a39d0e974d12389af22ccb5d7186
eb68e5e182c2ea63f5ac7de3ee2ee8c709f8994384c4e62c00f6c802e0ec4319
ec8b1b07980996f574075e1b7e895d5d47794b9dcf345a68d60fbb17034f7bef
ecf74db24336cff77e4f120efc5abf59e0915f8d7eaf3e390576b65a8b32df85
f28ac63d178208e05f592076f2a1f698d34a22c17d8c4ed25b3e052fcb1f1774
f497ed4562ab6c6ff653368793bc430394ae4bf47f5aaef56575f5bd675c65d6
f68de87ac3309dfb485b3b4cb2e7a01f0ad64c58e145140ac8c9a71f5dffbc5f
fa5f8af9fc748230649d7721e7f8e3df4f6fdeed0643b571fed7a5400ff034da
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

bison-everon.buzz Open in urlscan Pro 188.114.97.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

60 Requests

98 %HTTPS

30 %IPv6

10 Domains

10 Subdomains

11 IPs

5 Countries

6053 kBTransfer

6830 kBSize

9 Cookies

0 Outgoing links

Redirected requests

60 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

bison-everon.buzz Open in urlscan Pro
188.114.97.3 Public Scan

Screenshot
Live screenshot

Full Image

60
Requests

98 %
HTTPS

30 %
IPv6

10
Domains

10
Subdomains

11
IPs

5
Countries

6053 kB
Transfer

6830 kB
Size

9
Cookies

60 HTTP transactions
1 data transactions