urlscan.io logo urlscan.io
SecurityTrails logo

au.admin.aest2.btlnet.com Open in urlscan Pro
52.48.155.162  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://au.admin.aest2.btlnet.com/
Effective URL: https://au.admin.aest2.btlnet.com/login
Submission Tags: krdprod
Submission: On October 02 via api from JP — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 3 domains to perform 13 HTTP transactions. The main IP is 52.48.155.162, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is au.admin.aest2.btlnet.com.
TLS certificate: Issued by R3 on October 1st 2021. Valid for: 3 months.
This is the only time au.admin.aest2.btlnet.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 52.48.155.162 16509 (AMAZON-02)
6 13.224.193.6 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
13 6
2    52.48.155.162 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-155-162.eu-west-1.compute.amazonaws.com
au.admin.aest2.btlnet.com
6    13.224.193.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-6.fra2.r.cloudfront.net
files.btlnet.com
1    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Domain Requested by
6 files.btlnet.com files.btlnet.com
4 fonts.gstatic.com fonts.googleapis.com
2 au.admin.aest2.btlnet.com 1 redirects
1 fonts.googleapis.com ajax.googleapis.com
1 ajax.googleapis.com files.btlnet.com
13 5

This site contains no links.

Subject Issuer Validity Valid
en.admin.aest2.btlnet.com
R3		 2021-10-01 -
2021-12-30		 3 months crt.sh
files.btlnet.com
Amazon		 2021-02-22 -
2022-03-23		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh

This page contains 1 frames:

Primary Page: https://au.admin.aest2.btlnet.com/login
Frame ID: 4940664E0D96D0D5ED1A5E88640FADE4
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Login | Australia Aesthetics

Page URL History Show full URLs

  1. https://au.admin.aest2.btlnet.com/ HTTP 302
    https://au.admin.aest2.btlnet.com/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
  • googleapis\.com/.+webfont

Page Statistics

13
Requests

100 %
HTTPS

60 %
IPv6

3
Domains

5
Subdomains

6
IPs

3
Countries

617 kB
Transfer

2094 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://au.admin.aest2.btlnet.com/ HTTP 302
    https://au.admin.aest2.btlnet.com/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set login
au.admin.aest2.btlnet.com/
Redirect Chain
  • https://au.admin.aest2.btlnet.com/
  • https://au.admin.aest2.btlnet.com/login
4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://au.admin.aest2.btlnet.com/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.48.155.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-155-162.eu-west-1.compute.amazonaws.com
Software
nginx/1.14.2 + Phusion Passenger(R) 6.0.9 / Phusion Passenger(R) 6.0.9
Resource Hash
0201f529c40b72ea7af04722eb6b886e8cc42a101de740ed48cfb63956ef0d3b
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
au.admin.aest2.btlnet.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Cookie
_btl_admin2_session=Baysu4fMz6Ix1HKb2%2BOBE9jJs7FvqbN8h3dPj6tymg6ZJ74wa1Hs7fKne34TrdNqyU0fIfsKp68n47NKcbK7mr%2BZky2SE7YVx5%2BXEG5K%2FuqriBAPVqNE2VgnYpKrbL4r9C9pJZ3xkqXusu34Qg1i79fiC1bRFjP00FibA1ZzeEkHsehSMcwzF2KagqvrD8ErNLo%2Fi%2BefuJ4NOZCaKGs0shheqPv3GEDiB36yI6pgsSL4YHwLj%2BMxu4hG7K0YFR%2F%2BwWt0PuEqd6pDZhyQpZxZelUv94WxdvpLnLavIyCuHiKRwj96lGbjk3dWbApe0%2BKuC4n35mql%2BsV%2BBpxjmA%2FXE2og8sGJr%2BbBBL8kX7DcyugfU0EeYCWoSuU7nJMjLUF%2BdVQmM516FeE7URg%3D--6wvLnfDkysN6G%2BMV--7%2FW4cK3ts7qtlpjgYVq49g%3D%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Status
200 OK
Cache-Control
max-age=0, private, must-revalidate
Vary
Accept-Encoding
Content-Encoding
gzip
Referrer-Policy
strict-origin-when-cross-origin
X-Permitted-Cross-Domain-Policies
none
X-XSS-Protection
1; mode=block
X-Request-Id
8365240d-ce8a-4898-b9fd-4686f7897529
Link
<https://files.btlnet.com/assets/a/882e247f-d727-4b38-baaf-e6453f60cfd4/active_admin-d1d79ad171278499d61816c5a8b34ad1e7274253b4f503be9a0965fde8f6577d.css>; rel=preload; as=style; nopush,<https://files.btlnet.com/assets/a/882e247f-d727-4b38-baaf-e6453f60cfd4/application-e3b4180a4bc13a1f4d4740800bd97a41fa804d3a759ec7cfa699007136f75fe3.css>; rel=preload; as=style; nopush,<https://files.btlnet.com/assets/a/882e247f-d727-4b38-baaf-e6453f60cfd4/admin-font-awesome-4290dc6729afe8f8d32e4edbc236d4a63f039516a25a3ff5caba5ecc4adddc3e.css>; rel=preload; as=style; nopush,<https://files.btlnet.com/assets/a/882e247f-d727-4b38-baaf-e6453f60cfd4/active_admin-4177c42a62ed6823cfa923baa1ad3e40fc21f868fc9203692c5388c8d45dbf93.js>; rel=preload; as=script; crossorigin=anonymous; nopush,<https://files.btlnet.com/assets/a/882e247f-d727-4b38-baaf-e6453f60cfd4/application-ff025dd91d4a6117f662e59d2341e308de2d851c9d55a288cc34317804208418.js>; rel=preload; as=script; crossorigin=anonymous; nopush
X-Download-Options
noopen
ETag
W/"10daaceb7579075251fac125c7c853e4"
X-Frame-Options
SAMEORIGIN
X-Runtime
0.036280
X-Content-Type-Options
nosniff
Date
Sat, 02 Oct 2021 00:37:33 GMT
Set-Cookie
_btl_admin2_session=S%2By1vjIu8SZ0T1DBCGFFu3cuMRxatxhq13mH%2F8Sei%2B5tjh1PrfAG0BA6JRzvoNojEyZcks0ttBhN8IGBY23KbG6dVLzto7VBJi3vL4J3NS5VII%2FXA4i17oIryScP6W5eBjnlP%2F7LaTmjMLvSVvE897Fm%2BvexY71NXdZmVpfj27oCoxFLSWnk3GDZw04AsjLE1UwFw9aaKtwTKUvh0HxRG59ozKEwCg1DZU56WaO54vLgFS6RPDjz6CvCt2InnwyQbmoK4LV5xB3ANlW1ZuzXriivdQJQcINoJt64hc7Crx2RVQ2iVzhmWBHvwxhxcvEaLEpiRmSwEZswHvNqHlpB--ilp6wJ946Pcwh3uV--IYVwIzcK%2B%2FZYnfRq17WXiQ%3D%3D; path=/; HttpOnly; SameSite=Lax
X-Powered-By
Phusion Passenger(R) 6.0.9
Server
nginx/1.14.2 + Phusion Passenger(R) 6.0.9
Strict-Transport-Security
max-age=0

Redirect headers

Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Status
302 Found
Cache-Control
no-cache
X-Request-Id
b98b05eb-2e10-4262-96c7-cc7676dbaba3
Location
https://au.admin.aest2.btlnet.com/login
X-Runtime
0.007446
Date
Sat, 02 Oct 2021 00:37:33 GMT
Set-Cookie
_btl_admin2_session=Baysu4fMz6Ix1HKb2%2BOBE9jJs7FvqbN8h3dPj6tymg6ZJ74wa1Hs7fKne34TrdNqyU0fIfsKp68n47NKcbK7mr%2BZky2SE7YVx5%2BXEG5K%2FuqriBAPVqNE2VgnYpKrbL4r9C9pJZ3xkqXusu34Qg1i79fiC1bRFjP00FibA1ZzeEkHsehSMcwzF2KagqvrD8ErNLo%2Fi%2BefuJ4NOZCaKGs0shheqPv3GEDiB36yI6pgsSL4YHwLj%2BMxu4hG7K0YFR%2F%2BwWt0PuEqd6pDZhyQpZxZelUv94WxdvpLnLavIyCuHiKRwj96lGbjk3dWbApe0%2BKuC4n35mql%2BsV%2BBpxjmA%2FXE2og8sGJr%2BbBBL8kX7DcyugfU0EeYCWoSuU7nJMjLUF%2BdVQmM516FeE7URg%3D--6wvLnfDkysN6G%2BMV--7%2FW4cK3ts7qtlpjgYVq49g%3D%3D; path=/; HttpOnly; SameSite=Lax
X-Powered-By
Phusion Passenger(R) 6.0.9
Server
nginx/1.14.2 + Phusion Passenger(R) 6.0.9
Strict-Transport-Security
max-age=0
active_admin-d1d79ad171278499d61816c5a8b34ad1e7274253b4f503be9a0965fde8f6577d.css
files.btlnet.com/assets/a/882e247f-d727-4b38-baaf-e6453f60cfd4/ 		160 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://files.btlnet.com/assets/a/882e247f-d727-4b38-baaf-e6453f60cfd4/active_admin-d1d79ad171278499d61816c5a8b34ad1e7274253b4f503be9a0965fde8f6577d.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-6.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5f32b7ee37de29d762d19c0846802b5b24f0db5a337c1e1dd16f402a33900a76

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://au.admin.aest2.btlnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 11:43:10 GMT
content-encoding
gzip
age
46464
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
content-length
27169
last-modified
Fri, 17 Sep 2021 13:21:09 GMT
server
AmazonS3
etag
"354cc92396d8ab74e3c4af6ae6f34476"
x-amz-version-id
basvjOpOdcPyyWziibtVSqmjaPaG6hrx
via
1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
cache-control
public, max-age=31557600
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-type
text/css
x-amz-cf-id
0NgM70PifKXC_WudQGHo4HXivvVqoN0Nz-qZI9ptsyBNvv315_-a6w==
expires
Sat, 17 Sep 2022 19:21:08 GMT
application-e3b4180a4bc13a1f4d4740800bd97a41fa804d3a759ec7cfa699007136f75fe3.css
files.btlnet.com/assets/a/882e247f-d727-4b38-baaf-e6453f60cfd4/ 		21 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://files.btlnet.com/assets/a/882e247f-d727-4b38-baaf-e6453f60cfd4/application-e3b4180a4bc13a1f4d4740800bd97a41fa804d3a759ec7cfa699007136f75fe3.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-6.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1c37bbe89b52b1a371a69e3a33646f9209d8d787ed5a0c7c5057417e4749a869

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://au.admin.aest2.btlnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 11:43:10 GMT
content-encoding
gzip
age
46464
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
content-length
4695
last-modified
Fri, 17 Sep 2021 13:21:09 GMT
server
AmazonS3
etag
"8a94c224ea75fef607f2eb97e53e4aa2"
x-amz-version-id
_8uLdNPPDuVvJZEsPU4h4kSYY1h5AYKf
via
1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
cache-control
public, max-age=31557600
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-type
text/css
x-amz-cf-id
cwpFXh_B-R2z9HqS9fZdki3Iv8e4h5BRVo9-BKQiNTwiBaoAeXDYtQ==
expires
Sat, 17 Sep 2022 19:21:08 GMT
admin-font-awesome-4290dc6729afe8f8d32e4edbc236d4a63f039516a25a3ff5caba5ecc4adddc3e.css
files.btlnet.com/assets/a/882e247f-d727-4b38-baaf-e6453f60cfd4/ 		94 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://files.btlnet.com/assets/a/882e247f-d727-4b38-baaf-e6453f60cfd4/admin-font-awesome-4290dc6729afe8f8d32e4edbc236d4a63f039516a25a3ff5caba5ecc4adddc3e.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-6.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
18fbe35effc8230df618c104a11467c45462a033c3e0bab809d3aae974a18455

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://au.admin.aest2.btlnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 00:37:34 GMT
content-encoding
gzip
x-edge-origin-shield-skipped
0
x-cache
Miss from cloudfront
content-length
17505
last-modified
Fri, 17 Sep 2021 13:21:09 GMT
server
AmazonS3
etag
"b070dc77ad5659ac6d0b717ccac5fb8d"
x-amz-version-id
ehxTq2kNJt2MCD53SkMJXTDhEKJ5iD6Y
via
1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
cache-control
public, max-age=31557600
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-type
text/css
x-amz-cf-id
V3-ifwd3a8XFzyP6vBXPoIsWdXTgjBYfyMWLGsBseq0Eyb_qiVOeIA==
expires
Sat, 17 Sep 2022 19:21:08 GMT
active_admin-4177c42a62ed6823cfa923baa1ad3e40fc21f868fc9203692c5388c8d45dbf93.js
files.btlnet.com/assets/a/882e247f-d727-4b38-baaf-e6453f60cfd4/ 		2 MB
444 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://files.btlnet.com/assets/a/882e247f-d727-4b38-baaf-e6453f60cfd4/active_admin-4177c42a62ed6823cfa923baa1ad3e40fc21f868fc9203692c5388c8d45dbf93.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-6.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d6747b6aec7819ae0737eba1fc2e46d5eea6a60213928e2e393a496aeb1ebb4b

Request headers

Referer
https://au.admin.aest2.btlnet.com/
Origin
https://au.admin.aest2.btlnet.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 11:47:44 GMT
content-encoding
gzip
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
46190
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
content-length
453215
access-control-allow-origin
*
last-modified
Fri, 24 Sep 2021 10:14:57 GMT
server
AmazonS3
etag
"31caf0d4b41ce60cf19990e431cea599"
access-control-max-age
3000
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD
x-amz-version-id
m_BT8kSJRGSBovWP156W_o1v6iE3q070
via
1.1 96283be49fd5bce30b3a0e9559bd2d9e.cloudfront.net (CloudFront)
cache-control
public, max-age=31557600
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
9CeajVZf9YJNlRkg5iMvg8wo7hN4KxBfdHIgTvbHgxkWZ2DuGWYXhA==
expires
Sat, 24 Sep 2022 16:14:56 GMT
application-ff025dd91d4a6117f662e59d2341e308de2d851c9d55a288cc34317804208418.js
files.btlnet.com/assets/a/882e247f-d727-4b38-baaf-e6453f60cfd4/ 		126 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://files.btlnet.com/assets/a/882e247f-d727-4b38-baaf-e6453f60cfd4/application-ff025dd91d4a6117f662e59d2341e308de2d851c9d55a288cc34317804208418.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-6.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9a67e79ed1a5659954ebb5c25cec6a6730effa8576474160687eb6a482ac7135

Request headers

Referer
https://au.admin.aest2.btlnet.com/
Origin
https://au.admin.aest2.btlnet.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 11:43:10 GMT
content-encoding
gzip
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
46464
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
content-length
22530
access-control-allow-origin
*
last-modified
Fri, 24 Sep 2021 13:29:43 GMT
server
AmazonS3
etag
"ad920cc89759b6381202c14a72590906"
access-control-max-age
3000
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD
x-amz-version-id
hcp1grlxRKnNGnhm2315iO.tJurbmsWz
via
1.1 96283be49fd5bce30b3a0e9559bd2d9e.cloudfront.net (CloudFront)
cache-control
public, max-age=31557600
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
B4uhZu77ovicDa2DQ_fNZEaxbNQXdvGZkQ2wBeeXzIS395bMR9HvOA==
expires
Sat, 24 Sep 2022 19:29:42 GMT
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1/ 		13 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
Requested by
Host: files.btlnet.com
URL: https://files.btlnet.com/assets/a/882e247f-d727-4b38-baaf-e6453f60cfd4/active_admin-4177c42a62ed6823cfa923baa1ad3e40fc21f868fc9203692c5388c8d45dbf93.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://au.admin.aest2.btlnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 08:37:10 GMT
x-content-type-options
nosniff
age
144023
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13188
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="hosted-libraries-pushers"
expires
Fri, 30 Sep 2022 08:37:10 GMT
bg-727c5ec2e7c82a0b49ed4f0a0e415810ec7696848a605e2bdcdcc2a7f837b138.jpg
files.btlnet.com/assets/a/882e247f-d727-4b38-baaf-e6453f60cfd4/active_admin/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.btlnet.com/assets/a/882e247f-d727-4b38-baaf-e6453f60cfd4/active_admin/bg-727c5ec2e7c82a0b49ed4f0a0e415810ec7696848a605e2bdcdcc2a7f837b138.jpg
Requested by
Host: files.btlnet.com
URL: https://files.btlnet.com/assets/a/882e247f-d727-4b38-baaf-e6453f60cfd4/active_admin-d1d79ad171278499d61816c5a8b34ad1e7274253b4f503be9a0965fde8f6577d.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-6.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8c46f435aa74a2055585c6d11aea9706f4a97fc951537d2633a0e292eb6947e3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://files.btlnet.com/assets/a/882e247f-d727-4b38-baaf-e6453f60cfd4/active_admin-d1d79ad171278499d61816c5a8b34ad1e7274253b4f503be9a0965fde8f6577d.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 11:43:10 GMT
via
1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
age
46464
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
content-length
18746
last-modified
Fri, 17 Sep 2021 13:21:48 GMT
server
AmazonS3
etag
"27614bae5fbae19aa2a2bfa842f09780"
x-amz-version-id
iJ_tNlebzy80LNUQwlek4DOzqf_4qFAM
cache-control
public, max-age=31557600
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-type
image/jpeg
x-amz-cf-id
Vff5YFIhvsdot-xdz27OGWFQaGegauP3GK_u4Rq5jgz5HdiBJWjH9g==
expires
Sat, 17 Sep 2022 19:21:47 GMT
truncated
/ 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d2437ddf45aa84303d14cc4569941c1ae58e8accca92216349c1332794015c6f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/gif
css
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=RobotoDraft:regular,medium,bold,italic&subset=latin
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
67e5fcfd0cd5968eff1509e274c4d1a19718d7a51c9e21320dde927c3f6939ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://au.admin.aest2.btlnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 02 Oct 2021 00:37:34 GMT
server
ESF
date
Sat, 02 Oct 2021 00:37:34 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Sat, 02 Oct 2021 00:37:34 GMT
2sDHZGBLgJnUjLre-wxFG10ABq0aRCw.woff2
fonts.gstatic.com/s/robotodraft/v10/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotodraft/v10/2sDHZGBLgJnUjLre-wxFG10ABq0aRCw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=RobotoDraft:regular,medium,bold,italic&subset=latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
73cde620c1df5b268a50016363a0d231de55b61baf98d46a3971b22c196c012a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://au.admin.aest2.btlnet.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 10:59:01 GMT
x-content-type-options
nosniff
age
394713
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15588
x-xss-protection
0
last-modified
Tue, 01 Sep 2020 04:30:47 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 27 Sep 2022 10:59:01 GMT
2sDaZGBLgJnUjLre-wxFG1W7I7g.woff2
fonts.gstatic.com/s/robotodraft/v10/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotodraft/v10/2sDaZGBLgJnUjLre-wxFG1W7I7g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=RobotoDraft:regular,medium,bold,italic&subset=latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
485e2dcff4bd3a0fb758f568dc1555292be94a1da6c51590ae9c2b2011b76966
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://au.admin.aest2.btlnet.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 17:39:13 GMT
x-content-type-options
nosniff
age
284301
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15492
x-xss-protection
0
last-modified
Tue, 01 Sep 2020 05:07:57 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 28 Sep 2022 17:39:13 GMT
2sDHZGBLgJnUjLre-wxFG11IAK0aRCw.woff2
fonts.gstatic.com/s/robotodraft/v10/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotodraft/v10/2sDHZGBLgJnUjLre-wxFG11IAK0aRCw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=RobotoDraft:regular,medium,bold,italic&subset=latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
17ef64c0f0b2e76cf3dc7c09183491a46d555a7e8c246b80d680c83deb058e96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://au.admin.aest2.btlnet.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 09:26:04 GMT
x-content-type-options
nosniff
age
54690
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15596
x-xss-protection
0
last-modified
Tue, 01 Sep 2020 04:59:20 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 01 Oct 2022 09:26:04 GMT
2sDYZGBLgJnUjLre-wxFG1W-E7o9YQ.woff2
fonts.gstatic.com/s/robotodraft/v10/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotodraft/v10/2sDYZGBLgJnUjLre-wxFG1W-E7o9YQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=RobotoDraft:regular,medium,bold,italic&subset=latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
642f2c8f0e794a463bea17e3aedb9b408c4831283f82c64fd8e901abef22c14c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://au.admin.aest2.btlnet.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 21:02:11 GMT
x-content-type-options
nosniff
age
185723
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16816
x-xss-protection
0
last-modified
Tue, 01 Sep 2020 05:13:50 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 29 Sep 2022 21:02:11 GMT

Verdicts & Comments Add Verdict or Comment

95 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster function| dfEvalCondition function| dfSetupField function| dfSetValue function| dfUpdateField function| initDynamicFields function| initSFJB function| addField function| requiredField function| selectedChoice function| addChoice function| loadForm function| initEasyUi function| buttonValidationError function| initSortable function| initCustomForm string| CKEDITOR_BASEPATH boolean| MXI_DEBUG function| $ function| jQuery object| ActiveAdmin object| CKEDITOR object| moxie object| plupload object| WebFontConfig function| delay function| generateGUID function| openWin function| openViewer function| openShots function| openCustomFormEditor function| openCKBrowser function| customButton function| copyLink function| finishMovement function| finishTraversable function| reloadTreegrid function| cloneOutsideMultiple function| copyToPageMultiple function| exportFormSubmissions function| exportProvider function| exportProviderPlaceSubmissions function| exportProviderClinicSubmissions function| exportTranslationMultiple function| createContentItem function| finishCreateContentItem function| moveItem function| moveItemDetail function| actionItem function| deleteObject function| deleteMultipleDatagrid function| deleteMultipleTreegrid function| deleteMultipleContentItems function| deleteHi function| deleteHiMultiple function| workingCopy function| markAsDoneTranslation function| markAsDoneContentPointerMutation function| showContentType function| gridNullFormatter function| gridNullStyler function| updateMenu function| prepareValidations function| ckEditorValidationError function| prepare_autocomplete_input function| plUploadError function| inViewport function| initGrids function| cellStylerInternalName function| initModal function| initComboBox function| initAutocompleteBox function| initAutocompleteLocalBox function| initAutocompleteGridBox function| initAutocompleteTreeBox function| initAutocompleteTagBox function| initTagBox function| initCheckBox function| initSwitchButton function| initRadio function| initSlider function| initNumberBox function| initMaskedBox function| initPasswordBox function| initTextBox function| initTextArea function| initDateBox function| initColorBox function| initFileBox function| initCKEditorBox function| initHierarchyItem function| showContentChanges function| showViewer object| WebFont

1 Cookies

Domain/Path Name / Value
au.admin.aest2.btlnet.com/ Name: _btl_admin2_session
Value: S%2By1vjIu8SZ0T1DBCGFFu3cuMRxatxhq13mH%2F8Sei%2B5tjh1PrfAG0BA6JRzvoNojEyZcks0ttBhN8IGBY23KbG6dVLzto7VBJi3vL4J3NS5VII%2FXA4i17oIryScP6W5eBjnlP%2F7LaTmjMLvSVvE897Fm%2BvexY71NXdZmVpfj27oCoxFLSWnk3GDZw04AsjLE1UwFw9aaKtwTKUvh0HxRG59ozKEwCg1DZU56WaO54vLgFS6RPDjz6CvCt2InnwyQbmoK4LV5xB3ANlW1ZuzXriivdQJQcINoJt64hc7Crx2RVQ2iVzhmWBHvwxhxcvEaLEpiRmSwEZswHvNqHlpB--ilp6wJ946Pcwh3uV--IYVwIzcK%2B%2FZYnfRq17WXiQ%3D%3D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block