startbot.botlibra.site Open in urlscan Pro
172.245.112.197 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://startbot.botlibra.site/
Effective URL:
https://startbot.botlibra.site/
Submission: On March 27 via api (March 27th 2024, 5:31:54 am UTC) from US — Scanned from DE

Summary HTTP 17 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 17 HTTP transactions. The main IP is 172.245.112.197, located in Buffalo, United States and belongs to AS-COLOCROSSING, CA. The main domain is startbot.botlibra.site.
TLS certificate: Issued by R3 on March 24th 2024. Valid for: 3 months.

This is the only time startbot.botlibra.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	172.245.112.197 172.245.112.197	36352 (AS-COLOCR...) (AS-COLOCROSSING)
1	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
17	5

12 172.245.112.197 (Buffalo, United States)

ASN36352 (AS-COLOCROSSING, CA)
PTR: 172-245-112-197-host.colocrossing.com

startbot.botlibra.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	botlibra.site startbot.botlibra.site	200 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 246	70 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 97	273 B
1	gstatic.com fonts.gstatic.com	46 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 112	1 KB
17	5

	Domain	Requested by
12	startbot.botlibra.site	startbot.botlibra.site
2	connect.facebook.net	startbot.botlibra.site connect.facebook.net
1	www.facebook.com	startbot.botlibra.site
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	startbot.botlibra.site
17	5

This site contains no links.

Subject Issuer	Validity	Valid
startbot.botlibra.site R3	`2024-03-24` - `2024-06-22`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-01-04` - `2024-04-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://startbot.botlibra.site/
Frame ID: D7F2263301C6E305C367467FD74CADF2
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Welcome to the Libra project!

Page URL History Show full URLs

http://startbot.botlibra.site/ HTTP 307
https://startbot.botlibra.site/ Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

17
Requests

100 %
HTTPS

80 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

317 kB
Transfer

563 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://startbot.botlibra.site/ HTTP 307
https://startbot.botlibra.site/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
startbot.botlibra.site/
Redirect Chain

http://startbot.botlibra.site/
https://startbot.botlibra.site/

17 KB
6 KB

914ms
481ms

Document
text/html

172.245.112.197
AS-COLOCROSSING

General

Check archive.org

Show headers Download Go to

Full URL: https://startbot.botlibra.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.245.112.197 Buffalo, United States, ASN36352 (AS-COLOCROSSING, CA),
Reverse DNS: 172-245-112-197-host.colocrossing.com
Software: openresty /
Resource Hash: 1343052adae7960373c29041ac2f9b0339679cffd1f61dc67bb141b11b1ff098

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 27 Mar 2024 05:31:46 GMT
server: openresty
vary: Accept-Encoding Accept-Encoding Accept-Encoding

Redirect headers

Location: https://startbot.botlibra.site/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 css2
fonts.googleapis.com/ 9 KB
1 KB 130ms
19ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@300;400;600;700&display=swap

Requested by

Host: startbot.botlibra.site
URL: https://startbot.botlibra.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aa503ed4b75f03eebbb4626b542f503e7b9246f1addb0dedd48e53735cb6a4c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://startbot.botlibra.site/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Wed, 27 Mar 2024 05:31:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 27 Mar 2024 05:22:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 27 Mar 2024 05:31:46 GMT

GET
H2 200 style.css
startbot.botlibra.site/prel_libra_L105_CAN/css/ 7 KB
2 KB 369ms
311ms Stylesheet
text/css 172.245.112.197
AS-COLOCROSSING

General

Check archive.org

Show headers Download Go to

Full URL: https://startbot.botlibra.site/prel_libra_L105_CAN/css/style.css
Requested by: Host: startbot.botlibra.site
URL: https://startbot.botlibra.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.245.112.197 Buffalo, United States, ASN36352 (AS-COLOCROSSING, CA),
Reverse DNS: 172-245-112-197-host.colocrossing.com
Software: openresty /
Resource Hash: 09a80d505d9b4ab6ccf60a8f8e96078f85ff77e034f188912ded42eca4766c63

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://startbot.botlibra.site/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 05:31:46 GMT
content-encoding: gzip
server: openresty
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 218 KB
59 KB 29ms
9ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: startbot.botlibra.site
URL: https://startbot.botlibra.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

047e3259b6f0b42d781532fa122b2d8de9aed187d766fd45efcf119450eeb4c4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://startbot.botlibra.site/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 27 Mar 2024 05:31:46 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58040
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=7, rtx=0, c=12, mss=1294, tbw=2765, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: Ozfjagu5R4aYhEQ3fA0JjLFuIQv4WCysWbqnox0FbTIk6RO9uPnVwk/DZwRGibXYiemTP3p+T6GngmN9anCGvg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 1.jpg
startbot.botlibra.site/prel_libra_L105_CAN/img/ 83 KB
83 KB 346ms
333ms Image
image/jpeg 172.245.112.197
AS-COLOCROSSING

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://startbot.botlibra.site/prel_libra_L105_CAN/img/1.jpg
Requested by: Host: startbot.botlibra.site
URL: https://startbot.botlibra.site/prel_libra_L105_CAN/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.245.112.197 Buffalo, United States, ASN36352 (AS-COLOCROSSING, CA),
Reverse DNS: 172-245-112-197-host.colocrossing.com
Software: openresty /
Resource Hash: f79f245f090bc3db7bc669293473c0653b77db51a538f6e60444b20e57fd8bf8

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://startbot.botlibra.site/prel_libra_L105_CAN/css/style.css
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 05:31:47 GMT
server: openresty
vary: Accept-Encoding
content-type: image/jpeg

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ 46 KB
46 KB 59ms
10ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@300;400;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://startbot.botlibra.site
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 07:44:24 GMT
x-content-type-options: nosniff
age: 78443
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46704
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Mar 2025 07:44:24 GMT

GET
H2 200 3.jpg
startbot.botlibra.site/prel_libra_L105_CAN/img/ 46 KB
46 KB 402ms
397ms Image
image/jpeg 172.245.112.197
AS-COLOCROSSING

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://startbot.botlibra.site/prel_libra_L105_CAN/img/3.jpg
Requested by: Host: startbot.botlibra.site
URL: https://startbot.botlibra.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.245.112.197 Buffalo, United States, ASN36352 (AS-COLOCROSSING, CA),
Reverse DNS: 172-245-112-197-host.colocrossing.com
Software: openresty /
Resource Hash: 17a77aafff6ab2da793055a249d1b86e8db96502a52e187412ee5b24b9870fe8

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://startbot.botlibra.site/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 05:31:47 GMT
server: openresty
vary: Accept-Encoding
content-type: image/jpeg

GET
H2 200 2.jpg
startbot.botlibra.site/prel_libra_L105_CAN/img/ 39 KB
39 KB 505ms
500ms Image
image/jpeg 172.245.112.197
AS-COLOCROSSING

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://startbot.botlibra.site/prel_libra_L105_CAN/img/2.jpg
Requested by: Host: startbot.botlibra.site
URL: https://startbot.botlibra.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.245.112.197 Buffalo, United States, ASN36352 (AS-COLOCROSSING, CA),
Reverse DNS: 172-245-112-197-host.colocrossing.com
Software: openresty /
Resource Hash: 31b2d12569278d0adc13dc3904c412f50a0ec0bb9aab82f044f2b203dfba8588

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://startbot.botlibra.site/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 05:31:47 GMT
server: openresty
vary: Accept-Encoding
content-type: image/jpeg

GET
H2 200 icon-1.webp
startbot.botlibra.site/prel_libra_L105_CAN/img/ 3 KB
3 KB 401ms
397ms Image
image/webp 172.245.112.197
AS-COLOCROSSING

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://startbot.botlibra.site/prel_libra_L105_CAN/img/icon-1.webp
Requested by: Host: startbot.botlibra.site
URL: https://startbot.botlibra.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.245.112.197 Buffalo, United States, ASN36352 (AS-COLOCROSSING, CA),
Reverse DNS: 172-245-112-197-host.colocrossing.com
Software: openresty /
Resource Hash: 43a0fff2a17d01f35a29c020cec30de7c3b6c08873f4cde7174a4a91ca3b26e8

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://startbot.botlibra.site/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 05:31:47 GMT
server: openresty
vary: Accept-Encoding
content-type: image/webp

GET
H2 200 icon-2.webp
startbot.botlibra.site/prel_libra_L105_CAN/img/ 3 KB
3 KB 503ms
500ms Image
image/webp 172.245.112.197
AS-COLOCROSSING

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://startbot.botlibra.site/prel_libra_L105_CAN/img/icon-2.webp
Requested by: Host: startbot.botlibra.site
URL: https://startbot.botlibra.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.245.112.197 Buffalo, United States, ASN36352 (AS-COLOCROSSING, CA),
Reverse DNS: 172-245-112-197-host.colocrossing.com
Software: openresty /
Resource Hash: 15149a360d5cdbd9f21d765ea1dae186f62083b7e75e08752753bdf034ebb7f2

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://startbot.botlibra.site/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 05:31:47 GMT
server: openresty
vary: Accept-Encoding
content-type: image/webp

GET
H2 200 icon-5.webp
startbot.botlibra.site/prel_libra_L105_CAN/img/ 3 KB
3 KB 503ms
500ms Image
image/webp 172.245.112.197
AS-COLOCROSSING

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://startbot.botlibra.site/prel_libra_L105_CAN/img/icon-5.webp
Requested by: Host: startbot.botlibra.site
URL: https://startbot.botlibra.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.245.112.197 Buffalo, United States, ASN36352 (AS-COLOCROSSING, CA),
Reverse DNS: 172-245-112-197-host.colocrossing.com
Software: openresty /
Resource Hash: 0ff88ba678e78122c7c803d8f2cf30fd60af24fb724de40232e91eff8ddc4354

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://startbot.botlibra.site/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 05:31:47 GMT
server: openresty
vary: Accept-Encoding
content-type: image/webp

GET
H2 200 icon-3.webp
startbot.botlibra.site/prel_libra_L105_CAN/img/ 8 KB
8 KB 400ms
398ms Image
image/webp 172.245.112.197
AS-COLOCROSSING

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://startbot.botlibra.site/prel_libra_L105_CAN/img/icon-3.webp
Requested by: Host: startbot.botlibra.site
URL: https://startbot.botlibra.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.245.112.197 Buffalo, United States, ASN36352 (AS-COLOCROSSING, CA),
Reverse DNS: 172-245-112-197-host.colocrossing.com
Software: openresty /
Resource Hash: 1271f16d22d3263b63831e9340d0fbe6d2174442dd1762b851b7448e7de5a993

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://startbot.botlibra.site/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 05:31:47 GMT
server: openresty
vary: Accept-Encoding
content-type: image/webp

GET
H2 200 icon-4.webp
startbot.botlibra.site/prel_libra_L105_CAN/img/ 912 B
992 B 501ms
499ms Image
image/webp 172.245.112.197
AS-COLOCROSSING

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://startbot.botlibra.site/prel_libra_L105_CAN/img/icon-4.webp
Requested by: Host: startbot.botlibra.site
URL: https://startbot.botlibra.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.245.112.197 Buffalo, United States, ASN36352 (AS-COLOCROSSING, CA),
Reverse DNS: 172-245-112-197-host.colocrossing.com
Software: openresty /
Resource Hash: 2630be30659d89ebb38d973056b352f979ebc5d508107861cfccc5cf01beae12

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://startbot.botlibra.site/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 05:31:47 GMT
server: openresty
vary: Accept-Encoding
content-type: image/webp

GET
H2 200 icon-6.webp
startbot.botlibra.site/prel_libra_L105_CAN/img/ 4 KB
4 KB 500ms
498ms Image
image/webp 172.245.112.197
AS-COLOCROSSING

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://startbot.botlibra.site/prel_libra_L105_CAN/img/icon-6.webp
Requested by: Host: startbot.botlibra.site
URL: https://startbot.botlibra.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.245.112.197 Buffalo, United States, ASN36352 (AS-COLOCROSSING, CA),
Reverse DNS: 172-245-112-197-host.colocrossing.com
Software: openresty /
Resource Hash: 66cfafe3e6d553f1400bc7dc76ba394a1b22df0734b6d3e574250f3c0fa4ebba

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://startbot.botlibra.site/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 05:31:47 GMT
server: openresty
vary: Accept-Encoding
content-type: image/webp

GET
H2 200 1312232366835549 Show response
connect.facebook.net/signals/config/ 55 KB
12 KB 80ms
75ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1312232366835549?v=2.9.151&r=stable&domain=startbot.botlibra.site&hme=8ce74e881727851b4427183947937854816d72704925561b9de6420cd43214ee&ex_m=66%2C111%2C98%2C102%2C57%2C3%2C92%2C65%2C15%2C90%2C83%2C48%2C50%2C157%2C160%2C171%2C167%2C168%2C170%2C28%2C93%2C49%2C72%2C169%2C152%2C155%2C164%2C165%2C172%2C120%2C14%2C47%2C176%2C175%2C122%2C17%2C32%2C36%2C1%2C40%2C61%2C62%2C63%2C67%2C87%2C16%2C13%2C89%2C86%2C85%2C99%2C101%2C35%2C100%2C29%2C25%2C153%2C156%2C129%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C53%2C58%2C60%2C70%2C94%2C26%2C71%2C8%2C7%2C75%2C45%2C20%2C96%2C95%2C9%2C19%2C18%2C77%2C82%2C44%2C43%2C81%2C37%2C39%2C80%2C52%2C78%2C31%2C41%2C34%2C69%2C0%2C88%2C4%2C84%2C76%2C79%2C2%2C33%2C59%2C38%2C97%2C42%2C74%2C64%2C103%2C56%2C55%2C30%2C91%2C54%2C51%2C46%2C73%2C68%2C23%2C104

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2b3118baf180f4e6cfb7e2690fc7919646f890d7c872acd95ab24db9ade6245c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://startbot.botlibra.site/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 27 Mar 2024 05:31:47 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=13, rtx=0, c=59, mss=1294, tbw=63195, tp=-1, tpl=-1, uplat=67, ullat=0
pragma: public
x-fb-debug: 2rpx91B4y9k152ghW3lXR7Yaq6FXHL5xtuP1R2pBwBLg57R9FeAeyKPepeZE/bB2m2uDAdTAM/U7URDcLoqlfQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
273 B 33ms
8ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1312232366835549&ev=PageView&dl=https%3A%2F%2Fstartbot.botlibra.site%2F&rl=&if=false&ts=1711517507172&sw=800&sh=600&v=2.9.151&r=stable&ec=0&o=4126&fbp=fb.1.1711517507170.1523542036&ler=empty&cdl=API_unavailable&it=1711517507071&coo=false&rqm=GET

Requested by

Host: startbot.botlibra.site
URL: https://startbot.botlibra.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://startbot.botlibra.site/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=7, rtx=0, c=10, mss=1294, tbw=2779, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 27 Mar 2024 05:31:47 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 favicon.ico
startbot.botlibra.site/ 21 KB
1 KB 439ms
438ms Other
image/x-icon 172.245.112.197
AS-COLOCROSSING

General

Check archive.org

Show headers Download Go to

Full URL: https://startbot.botlibra.site/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.245.112.197 Buffalo, United States, ASN36352 (AS-COLOCROSSING, CA),
Reverse DNS: 172-245-112-197-host.colocrossing.com
Software: openresty /
Resource Hash: 450939a1c00447ed541cf22ea5d193c9e65f89eb0275f59e12d89bcb4ec0516a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://startbot.botlibra.site/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 05:31:48 GMT
content-encoding: gzip
server: openresty
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/x-icon

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onpagereveal function| fbq function| _fbq

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.botlibra.site/	1970-01-20 21:34:53	Name: _fbp Value: fb.1.1711517507170.1523542036

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://connect.facebook.net/signals/config/1312232366835549?v=2.9.151&r=stable&domain=startbot.botlibra.site&hme=8ce74e881727851b4427183947937854816d72704925561b9de6420cd43214ee&ex_m=66%2C111%2C98%2C102%2C57%2C3%2C92%2C65%2C15%2C90%2C83%2C48%2C50%2C157%2C160%2C171%2C167%2C168%2C170%2C28%2C93%2C49%2C72%2C169%2C152%2C155%2C164%2C165%2C172%2C120%2C14%2C47%2C176%2C175%2C122%2C17%2C32%2C36%2C1%2C40%2C61%2C62%2C63%2C67%2C87%2C16%2C13%2C89%2C86%2C85%2C99%2C101%2C35%2C100%2C29%2C25%2C153%2C156%2C129%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C53%2C58%2C60%2C70%2C94%2C26%2C71%2C8%2C7%2C75%2C45%2C20%2C96%2C95%2C9%2C19%2C18%2C77%2C82%2C44%2C43%2C81%2C37%2C39%2C80%2C52%2C78%2C31%2C41%2C34%2C69%2C0%2C88%2C4%2C84%2C76%2C79%2C2%2C33%2C59%2C38%2C97%2C42%2C74%2C64%2C103%2C56%2C55%2C30%2C91%2C54%2C51%2C46%2C73%2C68%2C23%2C104(Line 97) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
startbot.botlibra.site
www.facebook.com
172.245.112.197
2a00:1450:4001:806::200a
2a00:1450:4001:830::2003
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
047e3259b6f0b42d781532fa122b2d8de9aed187d766fd45efcf119450eeb4c4
09a80d505d9b4ab6ccf60a8f8e96078f85ff77e034f188912ded42eca4766c63
0ff88ba678e78122c7c803d8f2cf30fd60af24fb724de40232e91eff8ddc4354
1271f16d22d3263b63831e9340d0fbe6d2174442dd1762b851b7448e7de5a993
1343052adae7960373c29041ac2f9b0339679cffd1f61dc67bb141b11b1ff098
15149a360d5cdbd9f21d765ea1dae186f62083b7e75e08752753bdf034ebb7f2
17a77aafff6ab2da793055a249d1b86e8db96502a52e187412ee5b24b9870fe8
2630be30659d89ebb38d973056b352f979ebc5d508107861cfccc5cf01beae12
2b3118baf180f4e6cfb7e2690fc7919646f890d7c872acd95ab24db9ade6245c
31b2d12569278d0adc13dc3904c412f50a0ec0bb9aab82f044f2b203dfba8588
43a0fff2a17d01f35a29c020cec30de7c3b6c08873f4cde7174a4a91ca3b26e8
450939a1c00447ed541cf22ea5d193c9e65f89eb0275f59e12d89bcb4ec0516a
66cfafe3e6d553f1400bc7dc76ba394a1b22df0734b6d3e574250f3c0fa4ebba
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
aa503ed4b75f03eebbb4626b542f503e7b9246f1addb0dedd48e53735cb6a4c8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f79f245f090bc3db7bc669293473c0653b77db51a538f6e60444b20e57fd8bf8

startbot.botlibra.site Open in urlscan Pro 172.245.112.197 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

17 Requests

100 %HTTPS

80 %IPv6

5 Domains

5 Subdomains

5 IPs

2 Countries

317 kBTransfer

563 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

1 Cookies

1 Console Messages

Indicators

startbot.botlibra.site Open in urlscan Pro
172.245.112.197 Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

100 %
HTTPS

80 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

317 kB
Transfer

563 kB
Size

1
Cookies

17 HTTP transactions
0 data transactions