Submitted URL: http://support.bayanonline.org/
Effective URL: https://support.bayanonline.org/
Submission Tags: @ecarlesi possiblethreat Search All
Submission: On May 16 via api from IT — Scanned from IT

Summary

This website contacted 12 IPs in 2 countries across 11 domains to perform 28 HTTP transactions. The main IP is 199.60.103.254, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is support.bayanonline.org.
TLS certificate: Issued by GTS CA 1P5 on May 16th 2024. Valid for: 3 months.
This is the only time support.bayanonline.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 199.60.103.254 209242 (CLOUDFLAR...)
5 104.18.88.62 13335 (CLOUDFLAR...)
1 104.17.175.91 13335 (CLOUDFLAR...)
2 104.16.107.254 13335 (CLOUDFLAR...)
1 104.17.223.152 13335 (CLOUDFLAR...)
3 172.64.153.27 13335 (CLOUDFLAR...)
1 104.17.175.201 13335 (CLOUDFLAR...)
2 104.16.117.116 13335 (CLOUDFLAR...)
2 104.16.118.116 13335 (CLOUDFLAR...)
1 142.250.186.42 15169 (GOOGLE)
1 104.19.175.188 13335 (CLOUDFLAR...)
2 216.58.206.67 15169 (GOOGLE)
28 12
Apex Domain
Subdomains
Transfer
7 bayanonline.org
support.bayanonline.org
75 KB
5 hubspot.net
cdn2.hubspot.net — Cisco Umbrella Rank: 8737
10 KB
4 hubspot.com
js.hubspot.com — Cisco Umbrella Rank: 4098
app.hubspot.com — Cisco Umbrella Rank: 5794
cta-service-cms2.hubspot.com — Cisco Umbrella Rank: 4060
track.hubspot.com — Cisco Umbrella Rank: 2393
27 KB
3 hs-banner.com
js.hs-banner.com — Cisco Umbrella Rank: 2189
24 KB
2 gstatic.com
fonts.gstatic.com
46 KB
2 hscollectedforms.net
js.hscollectedforms.net — Cisco Umbrella Rank: 4572
forms.hscollectedforms.net — Cisco Umbrella Rank: 4722
26 KB
1 hsforms.com
perf-na1.hsforms.com — Cisco Umbrella Rank: 4386
1 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
868 B
1 hs-analytics.net
js.hs-analytics.net — Cisco Umbrella Rank: 2225
21 KB
1 hsadspixel.net
js.hsadspixel.net — Cisco Umbrella Rank: 3146
4 KB
1 hsappstatic.net
static.hsappstatic.net — Cisco Umbrella Rank: 5709
5 KB
28 11
Domain Requested by
7 support.bayanonline.org support.bayanonline.org
5 cdn2.hubspot.net support.bayanonline.org
3 js.hs-banner.com support.bayanonline.org
js.hs-banner.com
2 fonts.gstatic.com fonts.googleapis.com
1 track.hubspot.com
1 perf-na1.hsforms.com support.bayanonline.org
1 forms.hscollectedforms.net js.hscollectedforms.net
1 fonts.googleapis.com js.hs-banner.com
1 cta-service-cms2.hubspot.com js.hubspot.com
1 app.hubspot.com support.bayanonline.org
1 js.hubspot.com support.bayanonline.org
1 js.hs-analytics.net support.bayanonline.org
1 js.hsadspixel.net support.bayanonline.org
1 js.hscollectedforms.net support.bayanonline.org
1 static.hsappstatic.net support.bayanonline.org
28 15

This site contains links to these domains. Also see Links.

Domain
www.bayanonline.org
Subject Issuer Validity Valid
support.bayanonline.org
GTS CA 1P5
2024-05-16 -
2024-08-14
3 months crt.sh
hubspot.net
Cloudflare Inc ECC CA-3
2024-03-06 -
2024-12-31
10 months crt.sh
hsappstatic.net
E1
2024-05-08 -
2024-08-06
3 months crt.sh
hscollectedforms.net
E1
2024-03-29 -
2024-06-27
3 months crt.sh
hsadspixel.net
E1
2024-04-16 -
2024-07-15
3 months crt.sh
hs-banner.com
E1
2024-04-01 -
2024-06-30
3 months crt.sh
hs-analytics.net
GTS CA 1P5
2024-04-13 -
2024-07-12
3 months crt.sh
hubspot.com
Cloudflare Inc ECC CA-3
2024-01-06 -
2024-12-31
a year crt.sh
upload.video.google.com
WR2
2024-05-06 -
2024-07-29
3 months crt.sh
hsforms.com
GTS CA 1P5
2024-04-17 -
2024-07-16
3 months crt.sh
*.gstatic.com
WR2
2024-05-06 -
2024-07-29
3 months crt.sh

This page contains 1 frames:

Primary Page: https://support.bayanonline.org/
Frame ID: D32C660A4BDACE0457B92C73130B0397
Requests: 27 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://support.bayanonline.org/ HTTP 307
    https://support.bayanonline.org/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.hs-analytics\.net/analytics

Page Statistics

28
Requests

100 %
HTTPS

0 %
IPv6

11
Domains

15
Subdomains

12
IPs

2
Countries

240 kB
Transfer

505 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://support.bayanonline.org/ HTTP 307
    https://support.bayanonline.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
support.bayanonline.org/
Redirect Chain
  • http://support.bayanonline.org/
  • https://support.bayanonline.org/
47 KB
10 KB
Document
General
Full URL
https://support.bayanonline.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
340829420cf9093052090442d19fbff8839d083faa34d9c4acacf6c5742aa4b1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
it-IT,it;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
false
alt-svc
h3=":443"; ma=86400
cache-control
s-maxage=5,max-age=5
cf-cache-status
EXPIRED
cf-ray
8849b3d2ea410e61-MXP
content-encoding
br
content-security-policy
upgrade-insecure-requests
content-type
text/html;charset=utf-8
date
Thu, 16 May 2024 07:37:26 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2Z3xU4mLRL5IXThOZZNF1yYgMNJZ4sQZJI0dukjouQtKlQt8ZJ5ZSx%2FQTCJNQCci9jGNhv%2BJ54vvFabX2Nq11OQ%2Frrjq3a3tCnbMcQXWrWgqqZ1AwRzxCswAyXjOM2N9adpDNRh0chB7"}],"group":"cf-nel","max_age":604800}
server
cloudflare
speculation-rules
"/cdn-cgi/speculation-rules?url=support.bayanonline.org%2F"
strict-transport-security
max-age=31536000
vary
origin, Accept-Encoding
x-content-type-options
nosniff
x-envoy-upstream-service-time
72
x-evy-trace-listener
listener_https
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-route-service-name
envoyset-translator
x-evy-trace-served-by-pod
iad02/cms-20-29-td/envoy-proxy-799fdf4564-pghq7
x-evy-trace-virtual-host
all
x-hs-prerendered-error
Wed, 06 Mar 2024 10:16:09 GMT
x-hs-reason
No view mapper found to handle request
x-hubspot-correlation-id
4a9fe2b1-a144-4a77-962e-6e797c95be2f
x-hubspot-notfound
true
x-request-id
4a9fe2b1-a144-4a77-962e-6e797c95be2f

Redirect headers

Location
https://support.bayanonline.org/
Non-Authoritative-Reason
HttpsUpgrades
speculation-rules
support.bayanonline.org/cdn-cgi/
0
0
Other
General
Full URL
https://support.bayanonline.org/cdn-cgi/speculation-rules?url=support.bayanonline.org%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://support.bayanonline.org/
Origin
https://support.bayanonline.org
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 07:37:26 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EPFb56ti%2FnUKuLD3FiVJ%2B2d16BBt%2Bn6oMGjOc%2BRCrLuJUzazT8apNozpWQVvlmcfoJo%2FAMo96jp3S0zreIXxfsD2af%2F4vtxxbXkiE0VSAPLW%2B3LzHSqlTTbKHVaW5Ymih%2BYmom%2B1qZfj"}],"group":"cf-nel","max_age":604800}
content-type
application/speculationrules+json
cf-ray
8849b3d52e5c0e61-MXP
alt-svc
h3=":443"; ma=86400
content-length
15
main.min.css
cdn2.hubspot.net/hub/7052064/hub_generated/template_assets/1709587129227/hubspot/session/css/
16 KB
5 KB
Stylesheet
General
Full URL
https://cdn2.hubspot.net/hub/7052064/hub_generated/template_assets/1709587129227/hubspot/session/css/main.min.css
Requested by
Host: support.bayanonline.org
URL: https://support.bayanonline.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.88.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd52acc2e3ed50f3594b3a9cd1a7528317faf81abc1804970128299e6aba4055

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://support.bayanonline.org/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
br
age
1063123
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.EnforceAclForReads 3
x-evy-trace-listener
listener_https
etag
W/"7678e930d71e1983c6f4d313eac22fe2"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1709587130047
cache-control
s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-evy-trace-virtual-host
all
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 3
date
Thu, 16 May 2024 07:37:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD89-C1
x-hs-alternate-content-type
text/plain
x-hubspot-correlation-id
02f6f417-50c6-4e23-accf-3f4c2a370f73
x-amz-storage-class
INTELLIGENT_TIERING
x-envoy-upstream-service-time
164
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-request-id
02f6f417-50c6-4e23-accf-3f4c2a370f73
last-modified
Mon, 04 Mar 2024 21:18:51 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Blnl5yQ6B8B%2FS63VaSylDr%2BtbO%2B%2B1e6XM4PLr76%2Fg4SnJbrzWE1kl1sV%2FlSEKIfa11sRIS7jhWNIRRYooNKqhflO82ALBUxDOs45p5BCzcX6g9JIAsYxPcFjjhxaThDT95c%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
iad02/cms-cdn2-td/envoy-proxy-64d59778d6-f6gc6
cf-ray
8849b3d8280c4be9-MXP
timing-allow-origin
cdn2.hubspot.net
system.min.css
cdn2.hubspot.net/hub/7052064/hub_generated/template_assets/1709587125371/hubspot/session/css/templates/
2 KB
2 KB
Stylesheet
General
Full URL
https://cdn2.hubspot.net/hub/7052064/hub_generated/template_assets/1709587125371/hubspot/session/css/templates/system.min.css
Requested by
Host: support.bayanonline.org
URL: https://support.bayanonline.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.88.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68b4d81789a88733c384f39a7634d75942fde839725e62cb3637afecd123469b

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://support.bayanonline.org/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
br
age
1069082
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.EnforceAclForReads 3
x-evy-trace-listener
listener_https
etag
W/"83e964dbcea772613f2b4558e5d0331e"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1709587126025
cache-control
s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-evy-trace-virtual-host
all
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 3
date
Thu, 16 May 2024 07:37:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD89-C1
x-hs-alternate-content-type
text/plain
x-hubspot-correlation-id
ff80cb95-c64c-4a43-b523-cf8af2ba6eae
x-amz-storage-class
INTELLIGENT_TIERING
x-envoy-upstream-service-time
161
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-request-id
ff80cb95-c64c-4a43-b523-cf8af2ba6eae
last-modified
Mon, 04 Mar 2024 21:18:47 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1Z%2Fl%2FtdRd6nI9yk%2FBWLFGeNPLuKg8aQQibxuIzIkoTT6SssRhZd5%2BaEHqhSk2jWivkxxIDPEJum9nDMm8mr6JK0KQdEmViR9nvEPzuXe4OYMcCaS4HzbbaWKQcQ19UX7FYQ%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
iad02/cms-cdn2-td/envoy-proxy-64d59778d6-f6gc6
cf-ray
8849b3d828114be9-MXP
timing-allow-origin
cdn2.hubspot.net
module_-25202732329_Menu.min.css
cdn2.hubspot.net/hub/-1/hub_generated/module_assets/-25202732329/1709693258489/
4 KB
1 KB
Stylesheet
General
Full URL
https://cdn2.hubspot.net/hub/-1/hub_generated/module_assets/-25202732329/1709693258489/module_-25202732329_Menu.min.css
Requested by
Host: support.bayanonline.org
URL: https://support.bayanonline.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.88.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4d47de9a5721cf96ec3d04544d26a843f4740f688387e2ed5467aed7fb1ea14

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://support.bayanonline.org/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
br
age
966238
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.EnforceAclForReads 3
x-evy-trace-listener
listener_https
etag
W/"047f382d735397d21c6a7cd83cd4fc63"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1709693258489
cache-control
s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-evy-trace-virtual-host
all
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 3
date
Thu, 16 May 2024 07:37:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD89-C1
x-hs-alternate-content-type
text/plain
x-hubspot-correlation-id
c725a9b6-5d17-46f0-81cc-a264a8993bc2
x-amz-storage-class
INTELLIGENT_TIERING
x-envoy-upstream-service-time
146
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-request-id
c725a9b6-5d17-46f0-81cc-a264a8993bc2
last-modified
Wed, 06 Mar 2024 02:47:39 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z0k9rZ9eLfvmpfKY%2BRUqsQ%2B5lX%2F8oqK9XmWA3X03XmZqhpazYzzg2snsnWBqbI8qSWqPJCZSlbtwQxeg1m7WGC2Gl5kHjWIbC0JrTWndEDU1rnjYyofjq0zVtMz8y9pjbxU%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
iad02/cms-cdn2-td/envoy-proxy-64d59778d6-f6gc6
cf-ray
8849b3d828104be9-MXP
embed.js
static.hsappstatic.net/content-cwv-embed/static-1.717/
13 KB
5 KB
Script
General
Full URL
https://static.hsappstatic.net/content-cwv-embed/static-1.717/embed.js
Requested by
Host: support.bayanonline.org
URL: https://support.bayanonline.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.175.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36d6b3ab9eaa454416f840a5e837c83451a80083393f9da3a9355770004cf351
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://support.bayanonline.org/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 07:37:27 GMT
x-amz-version-id
jp75NmV7naz7Gz7NlqYDnQ00gtr7FLxE
via
1.1 33e14b5e35da41c50782d5d51d6b09a8.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
MXP63-P2
age
1418982
x-amz-server-side-encryption
AES256
content-encoding
br
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 12 Feb 2024 20:51:13 GMT
server
cloudflare
etag
W/"3ef631314aaf7605ed20df9a1b273ca1"
vary
Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m1z3KGB%2BAAZfT2QGjGndhdKxzgn2hs7qZUU6E%2FjaNeb%2FLeopjjsVwmquA2whuSAd0rBW2ZYRl2y6IPxPuYnbJpIabck1hpt50uIAd%2FNUflQnqnQ7X1J9hSDoc6DnUUvIG%2FQt3yW%2BLGA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8849b3db9b6a0e51-MXP
x-amz-cf-id
1NPtiqchNdfiPBFdwA_UaXygJBZoDOxrrRSj46WoqaLA6A22_tU2sg==
expires
Fri, 16 May 2025 07:37:27 GMT
main.min.js
cdn2.hubspot.net/hub/7052064/hub_generated/template_assets/1709587119754/hubspot/session/js/
1 KB
1 KB
Script
General
Full URL
https://cdn2.hubspot.net/hub/7052064/hub_generated/template_assets/1709587119754/hubspot/session/js/main.min.js
Requested by
Host: support.bayanonline.org
URL: https://support.bayanonline.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.88.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a9c86fb2ed23c10fb9f7256229e085f179b8b638055309930939d79efea0b33

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://support.bayanonline.org/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
br
age
1073411
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.EnforceAclForReads 3
x-evy-trace-listener
listener_https
etag
W/"f841250c79be64a5ad06d530648283e6"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1709587119911
cache-control
s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-evy-trace-virtual-host
all
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 3
date
Thu, 16 May 2024 07:37:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD89-C1
x-hs-alternate-content-type
text/plain
x-hubspot-correlation-id
ef0843ec-7e34-4ab9-9829-ab9c2a524675
x-amz-storage-class
INTELLIGENT_TIERING
x-envoy-upstream-service-time
201
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-request-id
ef0843ec-7e34-4ab9-9829-ab9c2a524675
last-modified
Mon, 04 Mar 2024 21:18:40 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O3T40%2FQNixXy8OLfozpKgNX96i7cVNUAs%2ByVK15CpFejoXNC%2BmjMziOn19g1Zwd5t%2BeF%2BV%2BCCJCoAsE469JX9SvFOqKIfinFSBhfSDMU5HLzGg2YMgVyxAhNpObKyJzhbLk%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
iad02/cms-cdn2-td/envoy-proxy-64d59778d6-jrv7z
cf-ray
8849b3d828164be9-MXP
timing-allow-origin
cdn2.hubspot.net
project.js
support.bayanonline.org/hs/hsstatic/cos-i18n/static-1.53/bundles/
1 KB
1 KB
Script
General
Full URL
https://support.bayanonline.org/hs/hsstatic/cos-i18n/static-1.53/bundles/project.js
Requested by
Host: support.bayanonline.org
URL: https://support.bayanonline.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://support.bayanonline.org/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 07:37:26 GMT
strict-transport-security
max-age=31536000
via
1.1 032d5acf8b9877b36c8078e2a86a3836.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy
upgrade-insecure-requests
age
4876777
x-amz-cf-pop
MXP63-P3
x-amz-server-side-encryption
AES256
x-amz-version-id
P9ES7sOpFzrLl1QoRwjEAy5outPo5_GO
content-encoding
br
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 09 Nov 2021 16:12:42 GMT
server
cloudflare
etag
W/"61ca66de658cab9587e4636894680d5d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0Na5oFtbfzoOTgHtAXyNqYN4owyiuqmoJ8Ydi6ktXZVY2HqrCJdoCNxpIbU5C2thkG1dzLMC1HRcY5XQJ5y%2Fag7SIe3Nk5Dho4atEvg%2FD36AEg82mQ6U5B%2BneVNxhzL%2FnCp5qywdP%2Bdd"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8849b3d54eb30e61-MXP
x-amz-cf-id
g7aV13gIRreP17-H83ceFqxmrwJ42vExRh50bjxJmIYmj5Xmf3fj6Q==
expires
Fri, 16 May 2025 07:37:26 GMT
module_-25202732329_Menu.min.js
cdn2.hubspot.net/hub/-1/hub_generated/module_assets/-25202732329/1709693257790/
349 B
658 B
Script
General
Full URL
https://cdn2.hubspot.net/hub/-1/hub_generated/module_assets/-25202732329/1709693257790/module_-25202732329_Menu.min.js
Requested by
Host: support.bayanonline.org
URL: https://support.bayanonline.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.88.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d71fe37ecfc22727832f2ebedb2f036c3360a2350a7a53e90a2a508513ec05af

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://support.bayanonline.org/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
br
age
949939
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.EnforceAclForReads 3
x-evy-trace-listener
listener_https
etag
W/"ac432fe795742ca5389e59414a7e03e8"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1709693257790
cache-control
s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-evy-trace-virtual-host
all
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 3
date
Thu, 16 May 2024 07:37:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD89-C1
x-hs-alternate-content-type
text/plain
x-hubspot-correlation-id
7532e41b-5259-4374-b293-4658244305a0
x-amz-storage-class
INTELLIGENT_TIERING
x-envoy-upstream-service-time
169
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-request-id
7532e41b-5259-4374-b293-4658244305a0
last-modified
Wed, 06 Mar 2024 02:47:38 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hhPZO78%2F0DZ%2F4Log03IpccBzDznr60qGV1HwDFVm67F%2FxCbwSlD3J3v0v6cIS%2F71hIToEGJDVZ%2BQZT86V07hL1juOleTZA6jUxXoyx0Q6l%2B9yQFRu8Bdrq9r6sZ2LE6pJkw%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
iad02/cms-cdn2-td/envoy-proxy-64d59778d6-f6gc6
cf-ray
8849b3d828134be9-MXP
20234420.js
support.bayanonline.org/hs/scriptloader/
2 KB
1 KB
Script
General
Full URL
https://support.bayanonline.org/hs/scriptloader/20234420.js?businessUnitId=0
Requested by
Host: support.bayanonline.org
URL: https://support.bayanonline.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8fe315fb5906aca3a52200bb9aec6f1877c6dd1f467b5d44e2fc4f4c100a2ae
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://support.bayanonline.org/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 07:37:27 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy
upgrade-insecure-requests
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
0f177e68-ff68-437c-8cd4-28f4902e3c44
content-encoding
br
x-envoy-upstream-service-time
21
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
0f177e68-ff68-437c-8cd4-28f4902e3c44
last-modified
Thu, 16 May 2024 07:37:27 GMT
server
cloudflare
vary
origin, Accept-Encoding
access-control-max-age
3600
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://support.bayanonline.org
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-5d47c8d44f-7c5tp
cache-control
public, max-age=90
access-control-allow-credentials
true
x-evy-trace-virtual-host
all
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5wDtUVqOfH4XQB17hJGVZwW6cFlR9AIdngWULALeKlV%2BBGRnfEN5T%2BxqcVFhqCZAAB6MTYZJaBrsyNjiZmyp7yoVRICgbLoGpPvA6gTaGdesCehJbwYtfZmYYQHiY9BguQIendgI7mpd"}],"group":"cf-nel","max_age":604800}
cf-ray
8849b3d8edaf0e61-MXP
expires
Thu, 16 May 2024 07:38:57 GMT
index.js
support.bayanonline.org/hs/hsstatic/HubspotToolsMenu/static-1.306/js/
12 KB
5 KB
Script
General
Full URL
https://support.bayanonline.org/hs/hsstatic/HubspotToolsMenu/static-1.306/js/index.js
Requested by
Host: support.bayanonline.org
URL: https://support.bayanonline.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ece800b64104306a9cbd7d25e04cd00d059860f9911ffc7979f2c2453c98fa4d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://support.bayanonline.org/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 07:37:27 GMT
strict-transport-security
max-age=31536000
via
1.1 33e14b5e35da41c50782d5d51d6b09a8.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy
upgrade-insecure-requests
age
6261793
x-amz-cf-pop
MXP63-P2
x-amz-server-side-encryption
AES256
x-amz-version-id
nkYWEsJeBBBSkgKe.x3v3cHrmwsGmdMQ
content-encoding
br
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 22 Feb 2024 19:54:51 GMT
server
cloudflare
etag
W/"67f399904da15fb5553302476b8bd9db"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9gX%2BHChpqCyHeGHYrt2ZTxfv9AyApJBomdE%2FONuC75KgI7doFNPNBA9zIkCoxdsbNs%2BXC7PrhUqTuf10gBx6pWABcAt5pyBd5bN5tr5TqIhOdEl9F5KKrrPElex0e7vTqMBERNlrd0pw"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8849b3d8edb50e61-MXP
x-amz-cf-id
MooUqjOV4w-su5GlfLg_SWGyX3wIz0etSKkzAMnYTyymwt6TlnRKUQ==
expires
Fri, 16 May 2025 07:37:27 GMT
Bayan-Only-Color-on-Clear-1.png
support.bayanonline.org/hs-fs/hubfs/
5 KB
6 KB
Image
General
Full URL
https://support.bayanonline.org/hs-fs/hubfs/Bayan-Only-Color-on-Clear-1.png?width=180&height=80&name=Bayan-Only-Color-on-Clear-1.png
Requested by
Host: support.bayanonline.org
URL: https://support.bayanonline.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4af67338abcbd697a169889a34c250003171e6575d376c7644a4837ff28ce0d7
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://support.bayanonline.org/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 07:37:28 GMT
strict-transport-security
max-age=31536000
via
1.1 aa89236c3ef628703c4b8322e4ce6d96.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
cache-tag
F-68818813585,P-20234420,FLS-ALL
alt-svc
h3=":443"; ma=86400
content-length
5004
cf-resized
internal=ok/m q=0 n=761+0 c=0+5 v=2024.5.2 l=5004
last-modified
Thu, 17 Mar 2022 17:44:01 GMT
cf-bgj
imgq:86,h2pri
server
cloudflare
etag
"cfthZPJdL00VUm9Ei6jH2LW5-MqqgS993RVc40B_yODQ:a22a561c70886dd552e507c7d8a9aa0a"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BmnUQ4Aj%2FGaF%2FoUbEslEWomaDdF8v4%2FmAXjD6I1oJiQnGNR9poEi2HC6TEnQHu0vxqJcQT%2BY3M8ZOYemTlO5S2VpuvpUqSh6qUqVYKKQqGTzVg8itNx6WcvF2l966k09HBW%2BGUYht9gy"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
accept-ranges
bytes
cf-ray
8849b3d92e4d0e61-MXP
timing-allow-origin
d8fk70yj6xfhx.cloudfront.net
collectedforms.js
js.hscollectedforms.net/
69 KB
25 KB
Script
General
Full URL
https://js.hscollectedforms.net/collectedforms.js
Requested by
Host: support.bayanonline.org
URL: https://support.bayanonline.org/hs/scriptloader/20234420.js?businessUnitId=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.107.254 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53a3dc763a0bd679523a77f5610e4ab27231fe6763d7089c1c92966daa1663f7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://support.bayanonline.org/
Origin
https://support.bayanonline.org
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 07:37:28 GMT
x-amz-version-id
WQne3xdBhaNpu67z_dXMAVxQ_qJQQf8W
via
1.1 68a3b1d5c75429221abc685a453afb60.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
MISS
x-amz-cf-pop
IAD12-P3
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
7f224aea-906b-4ee7-86ec-6dd86a01339d
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.503/bundles/project.js&cfRay=8849b3dd4b1b522e-MXP
x-cache
Hit from cloudfront
cache-tag
staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
content-encoding
br
x-envoy-upstream-service-time
1
x-amz-replication-status
COMPLETED
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
7f224aea-906b-4ee7-86ec-6dd86a01339d
last-modified
Wed, 15 May 2024 14:34:44 UTC
server
cloudflare
etag
W/"7d377a186677c174f204d466b8fa5fdb"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-evy-trace-virtual-host
all
x-hs-cache-status
HIT
cache-control
s-maxage=600, max-age=300
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-68b7f7fbff-lw8xd
cf-ray
8849b3dd4b1b522e-MXP
x-amz-cf-id
WXo5IR0bOIv-K1YeBNwug5ckTfHt65026Zp9gd0dnqVui_sY6dWwCw==
x-hs-target-asset
collected-forms-embed-js/static-1.503/bundles/project.js
fb.js
js.hsadspixel.net/
6 KB
4 KB
Script
General
Full URL
https://js.hsadspixel.net/fb.js
Requested by
Host: support.bayanonline.org
URL: https://support.bayanonline.org/hs/scriptloader/20234420.js?businessUnitId=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.223.152 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef61f745ab49ef3bbdb192b7f791f9d645caa5f89817f099470397b13e742ea8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://support.bayanonline.org/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 07:37:27 GMT
x-amz-version-id
mFY3j4a3uPqa1nxwSjuH9WwSOlmw5rRi
via
1.1 e21fbbed60133ff896ee44224814dc5c.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
x-amz-cf-pop
IAD12-P3
age
293
x-amz-server-side-encryption
AES256
x-evy-trace-route-service-name
envoyset-translator
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.557/bundles/pixels-release.js&cfRay=8849acb21ed25236-MXP
x-cache
Hit from cloudfront
x-hubspot-correlation-id
e2c1c85b-290d-46a2-9129-44c884665140
cache-tag
staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
content-encoding
br
x-envoy-upstream-service-time
1
x-amz-replication-status
COMPLETED
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
e2c1c85b-290d-46a2-9129-44c884665140
last-modified
Mon, 13 May 2024 14:08:11 UTC
server
cloudflare
etag
W/"c43db96a42a0426e882c9ce0209630a5"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-hs-cache-status
HIT
x-evy-trace-virtual-host
all
cache-control
max-age=600
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-68b7f7fbff-qbnbs
cf-ray
8849b3dd0d324be7-MXP
x-amz-cf-id
BgJEy9N4CHgIERumldACPNISRTwtjHax24qwl0zvsUOzlmO4b7sBdw==
x-hs-target-asset
adsscriptloaderstatic/static-1.557/bundles/pixels-release.js
banner.js
js.hs-banner.com/v2/20234420/
79 KB
24 KB
Script
General
Full URL
https://js.hs-banner.com/v2/20234420/banner.js
Requested by
Host: support.bayanonline.org
URL: https://support.bayanonline.org/hs/scriptloader/20234420.js?businessUnitId=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.153.27 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a000494c65be3edd8d9b463fbbb6eb79759712e9fb925c37bddb5da32195d13

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://support.bayanonline.org/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 07:37:28 GMT
x-amz-version-id
bM4Vf1fzKlr6FJnd5zrxUwoOH6o4dNGu
content-encoding
br
cf-cache-status
REVALIDATED
x-amz-request-id
ARZ1SCYXZJXZC6PK
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
b646a01c-ee29-4846-9c2f-aef5d34a691f
x-envoy-upstream-service-time
98
x-amz-id-2
YpUtFUdKxIGRkUNgJnUOEmOezm7bx4PHHmQ0MU6YLWcRypu1YIVvNw7AQ1tsWAAskQjDefCsi8M=
x-evy-trace-listener
listener_https
x-request-id
b646a01c-ee29-4846-9c2f-aef5d34a691f
x-evy-trace-route-configuration
listener_https/all
last-modified
Sun, 28 Apr 2024 02:33:27 GMT
server
cloudflare
etag
W/"4b2636ea55079111167c1a8346f566ba"
access-control-max-age
604800
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://www.bayanonline.org
x-evy-trace-virtual-host
all
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300,public
access-control-allow-credentials
true
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-78cb6f459b-q4rbs
vary
origin, Accept-Encoding
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray
8849b3dd0b570e85-MXP
expires
Thu, 16 May 2024 07:42:27 GMT
20234420.js
js.hs-analytics.net/analytics/1715844900000/
67 KB
21 KB
Script
General
Full URL
https://js.hs-analytics.net/analytics/1715844900000/20234420.js
Requested by
Host: support.bayanonline.org
URL: https://support.bayanonline.org/hs/scriptloader/20234420.js?businessUnitId=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.175.201 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae68d85154159b9126b88df1cd77a310a05e065b984ae125feee60aff16f6292

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://support.bayanonline.org/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 07:37:28 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
MISS
x-amz-request-id
FTQ0DHBV5FZPWEP2
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
a5819650-cb75-4483-b4db-36645f3a88dd
x-envoy-upstream-service-time
70
x-amz-id-2
LRG+QHf5RGk4wPXYwhJVhHz31GUvHF7Ca6V4ZZPRywm/M7w4486JvjUNP9n60qrMG06WJuwFBSc=
x-evy-trace-listener
listener_https
x-request-id
a5819650-cb75-4483-b4db-36645f3a88dd
x-evy-trace-route-configuration
listener_https/all
last-modified
Sun, 28 Apr 2024 02:33:26 GMT
server
cloudflare
etag
W/"979da08247db09c03cdcb62be4bf5239"
vary
origin, Accept-Encoding
content-type
text/javascript
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-78cb6f459b-9fld2
cache-control
max-age=300,public
access-control-allow-credentials
false
cf-ray
8849b3dd0c6559ef-MXP
expires
Thu, 16 May 2024 07:42:27 GMT
web-interactives-embed.js
js.hubspot.com/
82 KB
25 KB
Script
General
Full URL
https://js.hubspot.com/web-interactives-embed.js
Requested by
Host: support.bayanonline.org
URL: https://support.bayanonline.org/hs/scriptloader/20234420.js?businessUnitId=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.117.116 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf6683ec2fb825072bc67ba2b4831425951dc365245d5334ca6f2150f50e1590
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://support.bayanonline.org/
Origin
https://support.bayanonline.org
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
br
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=web-interactives-embed/static-2.1122/bundles/project.js&cfRay=8849b3dd09234be2-MXP
x-amz-replication-status
COMPLETED
x-evy-trace-listener
listener_https
etag
W/"fa60ef0d372e46facb8180b2d901ba81"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-evy-trace-virtual-host
all
cache-control
max-age=600
x-hs-target-asset
web-interactives-embed/static-2.1122/bundles/project.js
date
Thu, 16 May 2024 07:37:27 GMT
x-amz-version-id
TKnbzs9HpFoaV4UGBsfs5UANej3HQBO9
via
1.1 9d2dee9b44718f249b789987d2cbe62c.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
IAD12-P3
x-hubspot-correlation-id
78c6d4c7-bdf3-42c9-b1b9-25f4d1614d9a
x-cache
Hit from cloudfront
cache-tag
staticjsapp-web-interactives-embed-web-prod,staticjsapp-prod
x-envoy-upstream-service-time
0
x-evy-trace-route-configuration
listener_https/all
x-request-id
78c6d4c7-bdf3-42c9-b1b9-25f4d1614d9a
last-modified
Tue, 14 May 2024 11:26:52 UTC
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xT%2FWkzM6WA2GX0Am%2FmqrZ4OtYs%2FHlT44qtRh4Ox7uxTuXAvRAjcAPiwc2vyMIcxQwKGtBJxT3IwRcnwld97I0ARABSzIKVD%2Bxe%2B91X04SS4p1RhPDk%2BVdJ8Fpxx1aIs1"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status
HIT
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-68b7f7fbff-w988t
cf-ray
8849b3dd09234be2-MXP
x-amz-cf-id
2F4AcUIGv8IBWF5Jnth3_gsp49Rh_JEuEnflO7jGLVJdkfG2lRB0Hw==
has-permission-json
app.hubspot.com/content-tools-menu/api/v1/tools-menu/
0
1 KB
XHR
General
Full URL
https://app.hubspot.com/content-tools-menu/api/v1/tools-menu/has-permission-json?portalId=20234420
Requested by
Host: support.bayanonline.org
URL: https://support.bayanonline.org/hs/hsstatic/HubspotToolsMenu/static-1.306/js/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.118.116 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options no-sniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://support.bayanonline.org/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 07:37:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
no-sniff
cf-cache-status
DYNAMIC
x-hs-worker-debug-mode
false
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
a760980d-01a9-41af-b95f-7c641c0eb1ba
x-envoy-upstream-service-time
3
x-evy-trace-route-configuration
listener_https/all
reporting-endpoints
default="https://send.hsbrowserreports.com/csp/reports?cfRay=8849b3df1d3d0dfe&resource=unknown"
x-evy-trace-listener
listener_https
x-request-id
a760980d-01a9-41af-b95f-7c641c0eb1ba
server
cloudflare
vary
origin, Accept-Encoding
access-control-allow-methods
GET
report-to
{"group":"default","max_age":86400,"endpoints":[{"url":"https://send.hsbrowserreports.com/csp/reports"}]}
access-control-allow-origin
https://support.bayanonline.org
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-68b7f7fbff-zjnrr
cache-control
max-age=0
access-control-allow-credentials
true
x-evy-trace-virtual-host
all
cf-ray
8849b3df1d3d0dfe-MXP
combinedConfigs
cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/
433 B
1 KB
Fetch
General
Full URL
https://cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/combinedConfigs?portalId=20234420&currentUrl=https%3A%2F%2Fsupport.bayanonline.org%2F&contentId=null
Requested by
Host: js.hubspot.com
URL: https://js.hubspot.com/web-interactives-embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.117.116 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4bf8910a202b24bd61be26e28eaa8c5f83a48d78999b2693a9cbdf4c9910cf1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://support.bayanonline.org/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 07:37:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
05e803f1-4e3a-4563-a319-ed462919f8e4
content-encoding
br
x-envoy-upstream-service-time
10
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
05e803f1-4e3a-4563-a319-ed462919f8e4
server
cloudflare
vary
origin
access-control-allow-methods
OPTIONS, GET
content-type
application/json;charset=utf-8
access-control-allow-origin
https://support.bayanonline.org
x-evy-trace-virtual-host
all
access-control-max-age
180
access-control-allow-credentials
true
cache-control
max-age=0, no-cache, no-store
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LUy8GB7uP87VWyzN35jJpYKI8FcIrrWvLOlXQ3oCpYkMaikFAPVHQqkiJmMKkEeFYC0bN6DUkDjPiZKECjQQ4eqQV5TNF%2F04iwV6ZmMXCojbD5e8oJeUxWFGmB3HCQzjicnOAF0Md8kjiDxPipM%3D"}],"group":"cf-nel","max_age":604800}
x-robots-tag
noindex, follow
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray
8849b3de9afb4be2-MXP
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-9fd6b4b-h57s4
view
js.hs-banner.com/v2/activity/
0
0
Preflight
General
Full URL
https://js.hs-banner.com/v2/activity/view
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.153.27 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://support.bayanonline.org
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin
https://support.bayanonline.org
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-max-age
604800
cf-cache-status
DYNAMIC
cf-ray
8849b3e1af6e83ac-MXP
content-length
0
content-type
application/octet-stream
date
Thu, 16 May 2024 07:37:28 GMT
server
cloudflare
timing-allow-origin
*
vary
origin
x-envoy-upstream-service-time
10
x-evy-trace-listener
listener_https
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-route-service-name
envoyset-translator
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-78cb6f459b-9fld2
x-evy-trace-virtual-host
all
x-hubspot-correlation-id
f2de7fcf-e252-4851-b946-d61c5b59172b
x-request-id
f2de7fcf-e252-4851-b946-d61c5b59172b
css2
fonts.googleapis.com/
2 KB
868 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,400;0,700;1,400&display=swap
Requested by
Host: js.hs-banner.com
URL: https://js.hs-banner.com/v2/20234420/banner.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f10.1e100.net
Software
ESF /
Resource Hash
fba31c2cd9699431dba47604216525f9bcc0cb1d5980fbae9b19c8b86454d2fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://support.bayanonline.org/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Thu, 16 May 2024 07:37:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 16 May 2024 05:46:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 16 May 2024 07:37:28 GMT
view
js.hs-banner.com/v2/activity/
0
0
Fetch
General
Full URL
https://js.hs-banner.com/v2/activity/view
Requested by
Host: js.hs-banner.com
URL: https://js.hs-banner.com/v2/20234420/banner.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.153.27 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://support.bayanonline.org/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 16 May 2024 07:37:28 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-evy-trace-route-service-name
envoyset-translator, envoyset-translator
x-hubspot-correlation-id
eaa4a4a8-db1b-472a-8598-3f9c5f64aed3
x-envoy-upstream-service-time
21
x-evy-trace-route-configuration
listener_http/all, listener_https/all
x-evy-trace-listener
listener_http, listener_https
x-request-id
eaa4a4a8-db1b-472a-8598-3f9c5f64aed3
server
cloudflare
vary
origin
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-evy-trace-virtual-host
all, all
x-evy-trace-served-by-pod
iad02/private-hubapi-td/envoy-proxy-5f998ff6dc-8drbk, iad02/analytics-js-proxy-td/envoy-proxy-78cb6f459b-q4rbs
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-origin
https://support.bayanonline.org
access-control-allow-credentials
true
access-control-max-age
604800
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray
8849b3e2b8db83ac-MXP
json
forms.hscollectedforms.net/collected-forms/v1/config/
135 B
455 B
XHR
General
Full URL
https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=20234420&utk=
Requested by
Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.107.254 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63a5474dc83fa5ed7d12f81e8a70be383df07e0a63fb3b65dd663f52e1ea7338
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://support.bayanonline.org/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 07:37:28 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
3da591b6-e090-4f7a-a7a0-bbe73847133f
x-envoy-upstream-service-time
7
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
3da591b6-e090-4f7a-a7a0-bbe73847133f
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://support.bayanonline.org
x-evy-trace-virtual-host
all
cache-control
max-age=0
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-68b7f7fbff-r5jtt
access-control-max-age
180
x-robots-tag
none
access-control-allow-headers
*
cf-ray
8849b3df9e57522e-MXP
counters.gif
perf-na1.hsforms.com/embed/v3/
35 B
1 KB
Image
General
Full URL
https://perf-na1.hsforms.com/embed/v3/counters.gif?key=config-loaded-success&value=1
Requested by
Host: support.bayanonline.org
URL: https://support.bayanonline.org/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.19.175.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://support.bayanonline.org/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 16 May 2024 07:37:28 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
CF-Cache-Status
MISS
x-evy-trace-route-service-name
envoyset-translator
X-HubSpot-Correlation-Id
e50b49f6-827b-45af-890e-4feddbb08a0f
x-envoy-upstream-service-time
2
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
35
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
e50b49f6-827b-45af-890e-4feddbb08a0f
Last-Modified
Thu, 16 May 2024 07:37:28 GMT
Server
cloudflare
Vary
origin, Accept-Encoding
Content-Type
image/gif
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-9fd6b4b-rxkvm
Access-Control-Expose-Headers
X-Origin-Hublet
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
X-Robots-Tag
none
CF-RAY
8849b3e28c7a0e21-MXP
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,400;0,700;1,400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tzfraa-aa-in-f3.1e100.net
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://support.bayanonline.org
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 07:44:48 GMT
x-content-type-options
nosniff
age
172361
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23040
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:07:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 May 2025 07:44:48 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,400;0,700;1,400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tzfraa-aa-in-f3.1e100.net
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://support.bayanonline.org
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 14:11:11 GMT
x-content-type-options
nosniff
age
149178
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 May 2025 14:11:11 GMT
__ptq.gif
track.hubspot.com/
45 B
605 B
Image
General
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=it-it&bfp=2999608170&v=1.1&a=20234420&ct=standard-page&ccu=https%3A%2F%2Fsupport.bayanonline.org%2F404&lvc=en&pu=https%3A%2F%2Fsupport.bayanonline.org%2F&cts=1715845049199&rv=1&vi=aafe2921e74df4c24a12707d61999589&nc=true&ce=false&cc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.118.116 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://support.bayanonline.org/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 07:37:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
d5a2a702-e98d-41a9-911a-719f0bf0409b
p3p
CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time
8
content-length
45
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
d5a2a702-e98d-41a9-911a-719f0bf0409b
server
cloudflare
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PPR%2FeH%2BHaEsnPuHA0Mn3HKDkoZFZhIVodbDyzyBe%2Fox5AHmMvTDxdkL%2BKR36A1zQM9B2YyVz1Qt676cw0kMOQJNHrOjuP%2Fd3d0EZ7W%2FQOL21tJ2lwlqnhmwuJyB2W%2B5xbq0c"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
x-evy-trace-served-by-pod
iad02/analytics-tracking-td/envoy-proxy-76d96f8b5d-d8gbc
x-evy-trace-virtual-host
all
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
cf-ray
8849b3e5bc960dfe-MXP
x-robots-tag
none
Bayan-Symbol-Color-on-Clear_77-1.png
support.bayanonline.org/hubfs/
50 KB
51 KB
Other
General
Full URL
https://support.bayanonline.org/hubfs/Bayan-Symbol-Color-on-Clear_77-1.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
582b331502390f8e219fb45279822cd1fd1143786d38dabfdcd17f1b9c2edee1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://support.bayanonline.org/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
upgrade-insecure-requests
x-amz-meta-cache-tag
F-68818824588,P-20234420,FLS-ALL
x-amz-request-id
P34P04GHQGHHX4HZ
x-amz-server-side-encryption
AES256
edge-cache-tag
F-68818824588,P-20234420,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.EnforceAclForReads 3
etag
"fc602e3f5fd2f7155c77e5daad09fb63"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1647539052986
cache-control
s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 3
date
Thu, 16 May 2024 07:37:29 GMT
strict-transport-security
max-age=31536000
via
1.1 eaaa1e97697a6ab196c5224bbc70d9c8.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
BaZ7RtnSpQrGSaByYvuWqFvcC4RQlzc0
x-amz-cf-pop
MXP64-C2
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
cache-tag
F-68818824588,P-20234420,FLS-ALL
x-amz-meta-index-tag
all
alt-svc
h3=":443"; ma=86400
content-length
51319
x-amz-id-2
6Wo+CfjjYmoNRf1+czZj08Ys5LPJeB2KZP/syK/Zuo/y6e71wvpZaz0+hjHkX/MlQse31KF8mAc=
last-modified
Thu, 17 Mar 2022 17:44:14 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qMYyqojTSzqdTZtqfZovhU99PzcN3%2BuL5dGptjwTmQxyCLz9eS7INllXRZurocWU7LZkC77T1SFExNSzqWsQUI6Z5AA9%2BxUzL3tUF1qTNaKYujW%2B9k0aCk7BN0rSAudCj%2FmvrS%2F5Xmcu"}],"group":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
8849b3e5bbc50e61-MXP
timing-allow-origin
d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id
lwJ3EUaomh1lEiv_T9vpIj7mYx6f5PeTWOu7GJzBrawpW66lk4uU_A==

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| _hsp function| gtag boolean| useGoogleConsentModeV2 function| hsLoadGtm object| dataLayer string| adroll_adv_id string| adroll_pix_id object| hsVars function| hs_i18n_log function| hs_i18n_substituteStrings function| hs_i18n_insertPlaceholders function| hs_i18n_getMessage undefined| module_25202732329 object| _hsq boolean| PIXELS_RAN object| enabledEventSettings object| hsCtasOnReady object| __PRIVATE__HubspotCtaClient object| hsCallsToActionsReady object| __hsWebInteractiveInstance object| hsConversationsOnReady object| HubSpotCallsToActions boolean| hubspot_web_interactives_running object| hsCookieBanner boolean| _hspb_loaded boolean| _hspb_ran boolean| google-font-injected object| _paq function| sanitizeKey boolean| _hstc_loaded object| __hsCollectedFormsDebug boolean| __adroll_loaded boolean| _hstc_ran string| __hsUserToken number| expireDateTime

6 Cookies

Domain/Path Name / Value
.support.bayanonline.org/ Name: __cf_bm
Value: YEpX8.z6Tx_gvRksU58d6SOrzXDRtqjnb_X5Beoa9nM-1715845046-1.0.1.1-ufzM_tQwBDWoKWBh4oBTC_6sLoaES6leBNK9OX9LLsz0ollhCeZjqUEuGzmT90YjJ8pBg0FjkSE9ed06uF10Ag
.support.bayanonline.org/ Name: __cfruid
Value: d876853ab30678c807728177f30e53178ca4b3fb-1715845046
.hubspot.com/ Name: __cf_bm
Value: AXrDT2lWu2OjhgxknSd7BepikDcLgBcqdxCC4E4AOPY-1715845048-1.0.1.1-kqL0bckvrQGv80RmipgSs6YCWGecBNrDU59GPU8oNTUBl.saJCLLOKq2i_pinJJeXvDlBMuMiOs7drqbT0OCpg
.hubspot.com/ Name: _cfuvid
Value: bR44l7bp1BJDDaNZxzGkp0RAYPiOhVTnnE0HXlkIJzA-1715845048309-0.0.1.1-604800000
.hsforms.com/ Name: __cf_bm
Value: hk7eOaiDQRDueNDEkgOxqLP6fGStuB5Up7pukqCLkRQ-1715845048-1.0.1.1-iSrGOkNOZjce8zNWRSQHzpFQnLxxmeAeemwTsWAgH3ByBSfC_2VbdHUQLNp.E_iz0.3mhx_LgezWpMV2bouh.Q
.hsforms.com/ Name: _cfuvid
Value: IEp6vZ_akjMPEDSeS8gWxBdTA2wkybO5q7IiZBkz.w0-1715845048879-0.0.1.1-604800000

9 Console Messages

Source Level URL
Text
network error URL: https://support.bayanonline.org/
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://support.bayanonline.org/cdn-cgi/speculation-rules?url=support.bayanonline.org%2F
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://support.bayanonline.org/
Message:
Load failed or canceled (net::ERR_ABORTED; HTTP status 404) for rule set requested from "https://support.bayanonline.org/cdn-cgi/speculation-rules?url=support.bayanonline.org%2F" found in Speculation-Rules header.
other warning URL: https://support.bayanonline.org/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://support.bayanonline.org/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://support.bayanonline.org/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://support.bayanonline.org/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://support.bayanonline.org/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://support.bayanonline.org/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.hubspot.com
cdn2.hubspot.net
cta-service-cms2.hubspot.com
fonts.googleapis.com
fonts.gstatic.com
forms.hscollectedforms.net
js.hs-analytics.net
js.hs-banner.com
js.hsadspixel.net
js.hscollectedforms.net
js.hubspot.com
perf-na1.hsforms.com
static.hsappstatic.net
support.bayanonline.org
track.hubspot.com
104.16.107.254
104.16.117.116
104.16.118.116
104.17.175.201
104.17.175.91
104.17.223.152
104.18.88.62
104.19.175.188
142.250.186.42
172.64.153.27
199.60.103.254
216.58.206.67
1a9c86fb2ed23c10fb9f7256229e085f179b8b638055309930939d79efea0b33
340829420cf9093052090442d19fbff8839d083faa34d9c4acacf6c5742aa4b1
36d6b3ab9eaa454416f840a5e837c83451a80083393f9da3a9355770004cf351
4af67338abcbd697a169889a34c250003171e6575d376c7644a4837ff28ce0d7
53a3dc763a0bd679523a77f5610e4ab27231fe6763d7089c1c92966daa1663f7
582b331502390f8e219fb45279822cd1fd1143786d38dabfdcd17f1b9c2edee1
63a5474dc83fa5ed7d12f81e8a70be383df07e0a63fb3b65dd663f52e1ea7338
68b4d81789a88733c384f39a7634d75942fde839725e62cb3637afecd123469b
6a000494c65be3edd8d9b463fbbb6eb79759712e9fb925c37bddb5da32195d13
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
ae68d85154159b9126b88df1cd77a310a05e065b984ae125feee60aff16f6292
b4bf8910a202b24bd61be26e28eaa8c5f83a48d78999b2693a9cbdf4c9910cf1
b8fe315fb5906aca3a52200bb9aec6f1877c6dd1f467b5d44e2fc4f4c100a2ae
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
cd52acc2e3ed50f3594b3a9cd1a7528317faf81abc1804970128299e6aba4055
cf6683ec2fb825072bc67ba2b4831425951dc365245d5334ca6f2150f50e1590
d4d47de9a5721cf96ec3d04544d26a843f4740f688387e2ed5467aed7fb1ea14
d71fe37ecfc22727832f2ebedb2f036c3360a2350a7a53e90a2a508513ec05af
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ece800b64104306a9cbd7d25e04cd00d059860f9911ffc7979f2c2453c98fa4d
ef61f745ab49ef3bbdb192b7f791f9d645caa5f89817f099470397b13e742ea8
fba31c2cd9699431dba47604216525f9bcc0cb1d5980fbae9b19c8b86454d2fc