bio.to Open in urlscan Pro
34.240.121.52 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://click.convertkit-mail3.com/wvu0ld5qpotgh5vemkxi7/m2h7h5holk694vim/aHR0cHM6Ly9iaW8udG8vMjhqdW4=
Effective URL:
https://bio.to/28jun
Submission: On December 05 via manual (December 5th 2022, 8:56:17 am UTC) from RS — Scanned from DE

Summary HTTP 19 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 8 IPs in 3 countries across 7 domains to perform 19 HTTP transactions. The main IP is 34.240.121.52, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is bio.to.
TLS certificate: Issued by Amazon on April 18th 2022. Valid for: a year.

This is the only time bio.to was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	3.141.235.236 3.141.235.236	16509 (AMAZON-02) (AMAZON-02)
2	34.240.121.52 34.240.121.52	16509 (AMAZON-02) (AMAZON-02)
4	52.222.236.112 52.222.236.112	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
2	52.85.49.22 52.85.49.22	16509 (AMAZON-02) (AMAZON-02)
5 5	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
19	8

1 3.141.235.236 (Columbus, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: el2.convertkit-mail3.com

click.convertkit-mail3.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.240.121.52 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-240-121-52.eu-west-1.compute.amazonaws.com

bio.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.222.236.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-112.fra56.r.cloudfront.net

static.assetlab.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.85.49.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-49-22.hel50.r.cloudfront.net

linkstorage.linkfire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany) 5 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

t0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

t3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	gstatic.com t0.gstatic.com t2.gstatic.com t3.gstatic.com fonts.gstatic.com	84 KB
5	google.com 5 redirects www.google.com — Cisco Umbrella Rank: 2	1017 B
4	assetlab.io static.assetlab.io — Cisco Umbrella Rank: 113179	682 KB
2	linkfire.com linkstorage.linkfire.com — Cisco Umbrella Rank: 127760	42 KB
2	bio.to bio.to	30 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 51	1 KB
1	convertkit-mail3.com 1 redirects click.convertkit-mail3.com — Cisco Umbrella Rank: 513655	517 B
19	7

	Domain	Requested by
5	fonts.gstatic.com	fonts.googleapis.com
5	www.google.com	5 redirects
4	static.assetlab.io	bio.to static.assetlab.io
3	t0.gstatic.com	bio.to
2	linkstorage.linkfire.com	bio.to
2	bio.to	bio.to
1	t3.gstatic.com	bio.to
1	t2.gstatic.com	bio.to
1	fonts.googleapis.com	bio.to
1	click.convertkit-mail3.com	1 redirects
19	10

This site contains links to these domains. Also see Links.

Domain
28jun.org
www.paypal.com
www.facebook.com
validation.cafamerica.org
shop.28jun.org

Subject Issuer	Validity	Valid
*.bio.to Amazon	`2022-04-18` - `2023-05-17`	a year	crt.sh
static.assetlab.io Amazon	`2022-10-20` - `2023-11-18`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
linkfire.com Amazon	`2022-03-29` - `2023-04-25`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://bio.to/28jun
Frame ID: 1B76ACDA8911FC4BCDDA9255932F6C3A
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

28. Jun

Page URL History Show full URLs

https://click.convertkit-mail3.com/wvu0ld5qpotgh5vemkxi7/m2h7h5holk694vim/aHR0cHM6Ly9iaW8udG8vMjhqdW4= HTTP 302
https://bio.to/28jun Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

19
Requests

74 %
HTTPS

56 %
IPv6

7
Domains

10
Subdomains

8
IPs

3
Countries

840 kB
Transfer

1605 kB
Size

0
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://28jun.org/donate
Title: DONATE HERE ❤️

Search URL Search Domain Scan URL

URL: https://www.paypal.com/donate?hosted_button_id=TDDDCJ336H3MQ
Title: PayPal paypal.com

Search URL Search Domain Scan URL

URL: https://28jun.org/donate/
Title: Credit Card 28jun.org

Search URL Search Domain Scan URL

URL: https://www.facebook.com/28jun/fundraisers
Title: Facebook Fundraisers facebook.com

Search URL Search Domain Scan URL

URL: https://validation.cafamerica.org/bde16ded-ab87-475a-bc2e-747600df0764
Title: Transparency validation.cafamerica.org

Search URL Search Domain Scan URL

URL: https://shop.28jun.org/
Title: Shop shop.28jun.org

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://click.convertkit-mail3.com/wvu0ld5qpotgh5vemkxi7/m2h7h5holk694vim/aHR0cHM6Ly9iaW8udG8vMjhqdW4= HTTP 302
https://bio.to/28jun Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

https://www.google.com/s2/favicons?domain=www.paypal.com HTTP 301
https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://www.paypal.com&size=16

Request Chain 10

https://www.google.com/s2/favicons?domain=28jun.org HTTP 301
https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://28jun.org&size=16

Request Chain 11

https://www.google.com/s2/favicons?domain=www.facebook.com HTTP 301
https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://www.facebook.com&size=16

Request Chain 12

https://www.google.com/s2/favicons?domain=validation.cafamerica.org HTTP 301
https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://validation.cafamerica.org&size=16

Request Chain 13

https://www.google.com/s2/favicons?domain=shop.28jun.org HTTP 301
https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://shop.28jun.org&size=16

19 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 28jun Show response
bio.to/
Redirect Chain

https://click.convertkit-mail3.com/wvu0ld5qpotgh5vemkxi7/m2h7h5holk694vim/aHR0cHM6Ly9iaW8udG8vMjhqdW4=
https://bio.to/28jun

30 KB
30 KB

349ms
224ms

Document
text/html

34.240.121.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bio.to/28jun
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.240.121.52 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-240-121-52.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: a1efc4e95231d97ab979c17291b98e24d8ef2f364bf7a5c5938703fecb20cf10

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-type: text/html; charset=UTF-8
date: Mon, 05 Dec 2022 08:56:12 GMT
server: nginx
x-redirector-version: redirector-v3

Redirect headers

Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Date: Mon, 05 Dec 2022 08:56:11 GMT
Location: https://bio.to/28jun
Referrer-Policy: strict-origin-when-cross-origin
Server: nginx/1.18.0
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Request-Id: 92c18376-d390-41c4-b006-6cd32e51583f
X-Runtime: 0.013708
X-XSS-Protection: 1; mode=block

GET
H2 200 biolink.css
static.assetlab.io/red3/489/ 59 KB
34 KB 142ms
44ms Stylesheet
text/css 52.222.236.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.assetlab.io/red3/489/biolink.css
Requested by: Host: bio.to
URL: https://bio.to/28jun
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-112.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4a06ecb3d8849a889b4daf5c0178f57ef9de8e91bcf359737425ebda87099312

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bio.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-amz-version-id: 8C24y3DqhnebrszfHowdc_IGk6toC4pz
content-encoding: gzip
via: 1.1 c813ed55721b9ee3209e2abab7207a00.cloudfront.net (CloudFront)
date: Sun, 04 Dec 2022 11:27:43 GMT
last-modified: Mon, 28 Nov 2022 10:40:45 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 83196
x-amz-server-side-encryption: AES256
etag: W/"61167a6c7a74738285a7693ebda00650"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: J090MDQTJ2YXUdIwaY_GxmdUJ1nV5K9L1soPaPu5kdUdAdzwuYiO8A==

GET
H2 200 css
fonts.googleapis.com/ 7 KB
1 KB 128ms
47ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=IBM+Plex+Sans:400,500,600,700

Requested by

Host: bio.to
URL: https://bio.to/28jun

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6524c350a290de87263e5f0c449fb7871e6aaa61a308540f42a8d16edb29945b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bio.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 05 Dec 2022 08:56:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 08:31:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 05 Dec 2022 08:56:12 GMT

GET
H2 200 biolink.js Show response
static.assetlab.io/red3/489/ 1 MB
626 KB 170ms
73ms Script
application/javascript 52.222.236.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.assetlab.io/red3/489/biolink.js
Requested by: Host: bio.to
URL: https://bio.to/28jun
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-112.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1e5f92dc304ca30ac63add4cebca209b257b4a781cd1ebae528a3326a8e0ec1f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bio.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-amz-version-id: W6.fJuQCDIQuFCbemZZarjUp3LoWB0ly
content-encoding: gzip
via: 1.1 c813ed55721b9ee3209e2abab7207a00.cloudfront.net (CloudFront)
date: Sun, 04 Dec 2022 09:18:39 GMT
last-modified: Mon, 28 Nov 2022 10:40:45 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 85054
x-amz-server-side-encryption: AES256
etag: W/"55ca7feddd5ccf1ad06bdc57c20902f3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: hG_xAU21W1hCW-vcd_s_AUP19nt4HeJq8dLMJNnT6aojGw7d2jtjIQ==

GET
H2 200 consent.js Show response
static.assetlab.io/consent/1.5.15/ 53 KB
17 KB 193ms
193ms Script
application/javascript 52.222.236.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.assetlab.io/consent/1.5.15/consent.js
Requested by: Host: bio.to
URL: https://bio.to/28jun
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-112.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e7b29707ddd9bf0b1604fcbc8d6f4741d886de7361a9cba0cd0d1b38860af1d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bio.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-amz-version-id: G2bubUOnP1lz17CgMSXE1IK5HdcOok6P
content-encoding: gzip
via: 1.1 c813ed55721b9ee3209e2abab7207a00.cloudfront.net (CloudFront)
date: Sun, 04 Dec 2022 09:15:53 GMT
last-modified: Wed, 22 Jun 2022 14:15:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 85220
x-amz-server-side-encryption: AES256
etag: W/"f71041de856bdbd4558fdaa65aeaf30d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: sO46lwqJsVLvadcYZyhebc3y9qAffe-Sf8BGUM4PhM315VBYVHc30Q==

POST
H2 200 / Show response
bio.to/~/tr/pageview/ 70 B
186 B 110ms
109ms XHR
application/json 34.240.121.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bio.to/~/tr/pageview/
Requested by: Host: bio.to
URL: https://bio.to/28jun
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.240.121.52 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-240-121-52.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 9bb89ddefc92c78b65b2513ebb084b771726b0d9ad03144df90df79db6036658

Request headers

Referer: https://bio.to/28jun
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 05 Dec 2022 08:56:12 GMT
x-redirector-version: redirector-v3
server: nginx
content-type: application/json; charset=UTF-8

GET
H2 200 artwork-440x440.jpg
linkstorage.linkfire.com/medialinks/images/37f770ec-bc3c-46a3-a533-4850c5e1898c/ 33 KB
33 KB 226ms
69ms Image
image/jpeg 52.85.49.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://linkstorage.linkfire.com/medialinks/images/37f770ec-bc3c-46a3-a533-4850c5e1898c/artwork-440x440.jpg

Requested by

Host: bio.to
URL: https://bio.to/28jun

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.49.22 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-49-22.hel50.r.cloudfront.net

Software

The Great Gig In The Sky / Master of Puppets

Resource Hash

eab87e0c7b3532e02bf6cc1fa87a16c3a331d138b583299a7e7478e0e6d6f3d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=10368000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bio.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 09:26:19 GMT
strict-transport-security: max-age=10368000; includeSubdomains; preload
x-content-type-options: nosniff
via: 1.1 c0ee6c90b748e4d13d8e8a1cad2d9426.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL50-C2
age: 84594
x-powered-by: Master of Puppets
x-cache: Hit from cloudfront
content-length: 33506
x-xss-protection: 1; mode=block
x-linkfire-security: security@linkfire.com
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 01 Dec 2022 21:33:29 GMT
server: The Great Gig In The Sky
etag: "869aa1adbd42eeb6b375eabd1a0ac7fe"
expect-ct: max-age=0
x-frame-options: DENY
content-type: image/jpeg
accept-ranges: bytes
x-amz-cf-id: 1ADSuFqlz8kk2C902W7mtJQN5oRgd5xrUPDLKLbvjBHNidZVsPM_dg==

GET
DATA 200
OK truncated
/ 670 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e92ad0b85e62c4b3258390a3b5f95d1da9e15e7356e348a2d7ab23652e4b63a1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 artwork-190x190.jpg
linkstorage.linkfire.com/medialinks/images/90e08094-ecd2-4a7b-9b60-b0ee479135e5/ 8 KB
9 KB 218ms
63ms Image
image/jpeg 52.85.49.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://linkstorage.linkfire.com/medialinks/images/90e08094-ecd2-4a7b-9b60-b0ee479135e5/artwork-190x190.jpg

Requested by

Host: bio.to
URL: https://bio.to/28jun

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.49.22 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-49-22.hel50.r.cloudfront.net

Software

The Great Gig In The Sky / Master of Puppets

Resource Hash

eeb61a4acfca210aeaa064a5798bda26885940c00e3f44e300ac4dfaa5495a89

Security Headers

Name	Value
Strict-Transport-Security	max-age=10368000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bio.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=10368000; includeSubdomains; preload
date: Sun, 04 Dec 2022 09:26:19 GMT
x-content-type-options: nosniff
via: 1.1 c0ee6c90b748e4d13d8e8a1cad2d9426.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL50-C2
age: 84594
x-powered-by: Master of Puppets
x-cache: Hit from cloudfront
content-length: 8155
x-xss-protection: 1; mode=block
x-linkfire-security: security@linkfire.com
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 09 Nov 2021 10:01:54 GMT
server: The Great Gig In The Sky
etag: "4ef3362049f49bbfb09b39d9be3731c2"
expect-ct: max-age=0
x-frame-options: DENY
content-type: image/jpeg
accept-ranges: bytes
x-amz-cf-id: h-_yCXwcgl5e6ef-nxslj_yUkmpZJThrSRmGdC4XgrVoZYXV89nJIQ==

GET
DATA 200
OK truncated
/ 352 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 977807492121faa589fbb4d39e2444e320f697b4d2e88d4f243c03d344a71b01

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2

200

faviconV2
t0.gstatic.com/
Redirect Chain

https://www.google.com/s2/favicons?domain=www.paypal.com
https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://www.paypal.com&size=16

321 B
967 B

147ms
37ms

Image
image/png

2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://www.paypal.com&size=16

Requested by

Host: bio.to
URL: https://bio.to/28jun

Protocol

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1aa0f5699802d679c320492033d1cb3aa3e87c3ab636866bc6d7885bd0b411e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bio.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 04:08:33 GMT
x-content-type-options: nosniff
age: 190059
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 321
x-xss-protection: 0
last-modified: Wed, 29 Nov 2017 12:34:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-location: https://www.paypalobjects.com/webstatic/icon/pp32.png
expires: Sat, 10 Dec 2022 04:08:33 GMT

Redirect headers

date: Mon, 05 Dec 2022 08:28:01 GMT
x-content-type-options: nosniff
server: sffe
age: 1691
content-type: text/html; charset=UTF-8
location: https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://www.paypal.com&size=16
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 334
x-xss-protection: 0
expires: Mon, 05 Dec 2022 08:58:01 GMT

GET
H2

200

faviconV2
t2.gstatic.com/
Redirect Chain

https://www.google.com/s2/favicons?domain=28jun.org
https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://28jun.org&size=16

505 B
1 KB

156ms
51ms

Image
image/png

2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://28jun.org&size=16

Requested by

Host: bio.to
URL: https://bio.to/28jun

Protocol

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b590da37fcbf83a229b0381716043e528dfc75c947f5fe7a3094739926b06e8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bio.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:56:12 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 505
x-xss-protection: 0
last-modified: Wed, 09 Feb 2022 02:40:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-location: https://28jun.org/wp-content/uploads/2022/02/cropped-28jun-logo-icon-1-32x32.png
expires: Mon, 12 Dec 2022 08:56:12 GMT

Redirect headers

date: Mon, 05 Dec 2022 08:56:12 GMT
x-content-type-options: nosniff
server: sffe
content-type: text/html; charset=UTF-8
location: https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://28jun.org&size=16
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Mon, 05 Dec 2022 09:26:12 GMT

GET
H2

200

faviconV2
t0.gstatic.com/
Redirect Chain

https://www.google.com/s2/favicons?domain=www.facebook.com
https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://www.facebook.com&size=16

404 B
563 B

147ms
38ms

Image
image/png

2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://www.facebook.com&size=16

Requested by

Host: bio.to
URL: https://bio.to/28jun

Protocol

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e4262072fd2e9ad103d4d43be4334ffcad014d799a9eb97aeaa14d266b656adf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bio.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 13:45:48 GMT
x-content-type-options: nosniff
age: 241824
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 404
x-xss-protection: 0
last-modified: Fri, 09 Apr 2021 14:01:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-location: https://static.xx.fbcdn.net/rsrc.php/yb/r/hLRJ1GG_y0J.ico
expires: Fri, 09 Dec 2022 13:45:48 GMT

Redirect headers

date: Mon, 05 Dec 2022 08:29:34 GMT
x-content-type-options: nosniff
server: sffe
age: 1598
content-type: text/html; charset=UTF-8
location: https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://www.facebook.com&size=16
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 336
x-xss-protection: 0
expires: Mon, 05 Dec 2022 08:59:34 GMT

GET
H2

404

faviconV2
t0.gstatic.com/
Redirect Chain

https://www.google.com/s2/favicons?domain=validation.cafamerica.org
https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://validation.cafamerica.org&size=16

726 B
790 B

148ms
45ms

Image
image/png

2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://validation.cafamerica.org&size=16

Requested by

Host: bio.to
URL: https://bio.to/28jun

Protocol

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bio.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:56:12 GMT
x-content-type-options: nosniff
server: sffe
content-type: image/png
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 726
x-xss-protection: 0

Redirect headers

date: Mon, 05 Dec 2022 08:56:12 GMT
x-content-type-options: nosniff
server: sffe
content-type: text/html; charset=UTF-8
location: https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://validation.cafamerica.org&size=16
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 345
x-xss-protection: 0
expires: Mon, 05 Dec 2022 09:26:12 GMT

GET
H2

200

faviconV2
t3.gstatic.com/
Redirect Chain

https://www.google.com/s2/favicons?domain=shop.28jun.org
https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://shop.28jun.org&size=16

426 B
1 KB

135ms
38ms

Image
image/png

2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://shop.28jun.org&size=16

Requested by

Host: bio.to
URL: https://bio.to/28jun

Protocol

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

abd3d8341ba83929d5822eb57790302c2b5170ec5dece0bb050addb847666ab4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bio.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 12:59:40 GMT
x-content-type-options: nosniff
age: 71792
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 426
x-xss-protection: 0
last-modified: Tue, 26 Jul 2022 12:53:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-location: https://cdn.shopify.com/s/files/1/0142/5627/5514/files/serbian-flag-28-jun-icon_32x32.png?v=1629556179
expires: Sun, 11 Dec 2022 12:59:40 GMT

Redirect headers

date: Mon, 05 Dec 2022 08:56:12 GMT
x-content-type-options: nosniff
server: sffe
content-type: text/html; charset=UTF-8
location: https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://shop.28jun.org&size=16
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 334
x-xss-protection: 0
expires: Mon, 05 Dec 2022 09:26:12 GMT

GET
H2 200 zYX9KVElMYYaJe8bpLHnCwDKjSL9AIFsdA.woff2
fonts.gstatic.com/s/ibmplexsans/v14/ 18 KB
19 KB 127ms
41ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexsans/v14/zYX9KVElMYYaJe8bpLHnCwDKjSL9AIFsdA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:400,500,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49791a696302b5112cec6f474d4d188ec3da019fab43b744b558c8b5e6644785

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bio.to
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 19:09:52 GMT
x-content-type-options: nosniff
age: 481580
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18860
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:50:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Nov 2023 19:09:52 GMT

GET
H2 200 zYXgKVElMYYaJe8bpLHnCwDKhdHeFQ.woff2
fonts.gstatic.com/s/ibmplexsans/v14/ 18 KB
18 KB 141ms
55ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexsans/v14/zYXgKVElMYYaJe8bpLHnCwDKhdHeFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:400,500,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fcecb97c12786d7a9387a81e74e4179790fd84425c9c75be1aec3aed645bf6e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bio.to
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 03:39:48 GMT
x-content-type-options: nosniff
age: 364584
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18000
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:46:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Dec 2023 03:39:48 GMT

GET
H2 200 zYX9KVElMYYaJe8bpLHnCwDKjWr7AIFsdA.woff2
fonts.gstatic.com/s/ibmplexsans/v14/ 18 KB
18 KB 183ms
97ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexsans/v14/zYX9KVElMYYaJe8bpLHnCwDKjWr7AIFsdA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:400,500,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea18ca3fe3ae4d94d21bb36a2912258193fb4f257be81be3dabe0e3809a312e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bio.to
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 17:35:30 GMT
x-content-type-options: nosniff
age: 228042
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18232
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:45:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Dec 2023 17:35:30 GMT

GET
H2 200 zYXgKVElMYYaJe8bpLHnCwDKhd_eFb5N.woff2
fonts.gstatic.com/s/ibmplexsans/v14/ 15 KB
15 KB 167ms
85ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexsans/v14/zYXgKVElMYYaJe8bpLHnCwDKhd_eFb5N.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:400,500,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f23485df5ed4dce8e85e2305d3c2e58fd19ba87d36a3dc893cc75f33864566a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bio.to
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 21:26:30 GMT
x-content-type-options: nosniff
age: 473382
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15060
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:12:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Nov 2023 21:26:30 GMT

GET
H2 200 zYXgKVElMYYaJe8bpLHnCwDKhdXeFb5N.woff2
fonts.gstatic.com/s/ibmplexsans/v14/ 10 KB
10 KB 191ms
109ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexsans/v14/zYXgKVElMYYaJe8bpLHnCwDKhdXeFb5N.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:400,500,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a0b950cebebc50ccabfb8a46c12345218a551ef91d1bffca17810477a31ac02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bio.to
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 08:51:08 GMT
x-content-type-options: nosniff
age: 518704
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10216
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:46:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Nov 2023 08:51:08 GMT

GET
H2 200 consent.css
static.assetlab.io/consent/1.5.15/ 23 KB
4 KB 37ms
37ms Stylesheet
text/css 52.222.236.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.assetlab.io/consent/1.5.15/consent.css
Requested by: Host: static.assetlab.io
URL: https://static.assetlab.io/consent/1.5.15/consent.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-112.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 52da3158656fa25f0cf23f4c607cec939b53480478e9f72dbc79c98aeeae664d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bio.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-amz-version-id: ZztqAdLKuuTcx96RVIbPdB_CAI0ozWZx
content-encoding: gzip
via: 1.1 c813ed55721b9ee3209e2abab7207a00.cloudfront.net (CloudFront)
date: Sun, 04 Dec 2022 14:33:07 GMT
last-modified: Wed, 22 Jun 2022 14:15:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 66185
x-amz-server-side-encryption: AES256
etag: W/"df42cc979f3e0534af60d4cf312c4ff1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: R2lsuCzKussx07QxR8RGXjVfi0XfDHEeNJXvm4YJocdmrFTImxPsyg==

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://validation.cafamerica.org&size=16 Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bio.to
click.convertkit-mail3.com
fonts.googleapis.com
fonts.gstatic.com
linkstorage.linkfire.com
static.assetlab.io
t0.gstatic.com
t2.gstatic.com
t3.gstatic.com
www.google.com
2a00:1450:4001:806::200a
2a00:1450:4001:80b::2004
2a00:1450:4001:80e::2004
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::2004
3.141.235.236
34.240.121.52
52.222.236.112
52.85.49.22
1aa0f5699802d679c320492033d1cb3aa3e87c3ab636866bc6d7885bd0b411e7
1e5f92dc304ca30ac63add4cebca209b257b4a781cd1ebae528a3326a8e0ec1f
3f23485df5ed4dce8e85e2305d3c2e58fd19ba87d36a3dc893cc75f33864566a
49791a696302b5112cec6f474d4d188ec3da019fab43b744b558c8b5e6644785
4a06ecb3d8849a889b4daf5c0178f57ef9de8e91bcf359737425ebda87099312
52da3158656fa25f0cf23f4c607cec939b53480478e9f72dbc79c98aeeae664d
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
6524c350a290de87263e5f0c449fb7871e6aaa61a308540f42a8d16edb29945b
6a0b950cebebc50ccabfb8a46c12345218a551ef91d1bffca17810477a31ac02
977807492121faa589fbb4d39e2444e320f697b4d2e88d4f243c03d344a71b01
9bb89ddefc92c78b65b2513ebb084b771726b0d9ad03144df90df79db6036658
a1efc4e95231d97ab979c17291b98e24d8ef2f364bf7a5c5938703fecb20cf10
abd3d8341ba83929d5822eb57790302c2b5170ec5dece0bb050addb847666ab4
b590da37fcbf83a229b0381716043e528dfc75c947f5fe7a3094739926b06e8c
e4262072fd2e9ad103d4d43be4334ffcad014d799a9eb97aeaa14d266b656adf
e7b29707ddd9bf0b1604fcbc8d6f4741d886de7361a9cba0cd0d1b38860af1d1
e92ad0b85e62c4b3258390a3b5f95d1da9e15e7356e348a2d7ab23652e4b63a1
ea18ca3fe3ae4d94d21bb36a2912258193fb4f257be81be3dabe0e3809a312e5
eab87e0c7b3532e02bf6cc1fa87a16c3a331d138b583299a7e7478e0e6d6f3d9
eeb61a4acfca210aeaa064a5798bda26885940c00e3f44e300ac4dfaa5495a89
fcecb97c12786d7a9387a81e74e4179790fd84425c9c75be1aec3aed645bf6e2

bio.to Open in urlscan Pro 34.240.121.52 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

19 Requests

74 %HTTPS

56 %IPv6

7 Domains

10 Subdomains

8 IPs

3 Countries

840 kBTransfer

1605 kBSize

0 Cookies

6 Outgoing links

Page URL History

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

bio.to Open in urlscan Pro
34.240.121.52 Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

74 %
HTTPS

56 %
IPv6

7
Domains

10
Subdomains

8
IPs

3
Countries

840 kB
Transfer

1605 kB
Size

0
Cookies

19 HTTP transactions
2 data transactions