Submitted URL: http://my.guideline.com/
Effective URL: https://my.guideline.com/
Submission: On December 05 via api from US — Scanned from DE

Summary

This website contacted 5 IPs in 1 countries across 4 domains to perform 17 HTTP transactions. The main IP is 2606:4700:3108::ac42:2b45, located in United States and belongs to CLOUDFLARENET, US. The main domain is my.guideline.com. The Cisco Umbrella rank of the primary domain is 499345.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on September 29th 2023. Valid for: a year.
This is the only time my.guideline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
10 2606:4700:310... 13335 (CLOUDFLAR...)
3 13.227.222.191 16509 (AMAZON-02)
1 65.9.95.22 16509 (AMAZON-02)
3 35.81.90.104 16509 (AMAZON-02)
17 5
Apex Domain
Subdomains
Transfer
10 guideline.com
my.guideline.com — Cisco Umbrella Rank: 499345
4 MB
3 segment.io
api.segment.io — Cisco Umbrella Rank: 1340
523 B
3 segment.com
cdn.segment.com — Cisco Umbrella Rank: 1681
25 KB
1 madkudu.com
cdn.madkudu.com — Cisco Umbrella Rank: 44137
26 KB
17 4
Domain Requested by
10 my.guideline.com my.guideline.com
3 api.segment.io my.guideline.com
3 cdn.segment.com my.guideline.com
1 cdn.madkudu.com cdn.segment.com
17 4

This site contains links to these domains. Also see Links.

Domain
www.guideline.com
Subject Issuer Validity Valid
*.guideline.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-09-29 -
2024-10-01
a year crt.sh
*.segment.com
Amazon RSA 2048 M03
2023-11-14 -
2024-12-13
a year crt.sh
*.madkudu.com
Amazon RSA 2048 M01
2023-09-18 -
2024-10-15
a year crt.sh
*.segment.io
Amazon RSA 2048 M01
2023-02-10 -
2024-02-10
a year crt.sh

This page contains 1 frames:

Primary Page: https://my.guideline.com/
Frame ID: 1CD5BD3D0E885EB41D0450ADCFB4F102
Requests: 18 HTTP requests in this frame

Screenshot

Page Title

Guideline

Page URL History Show full URLs

  1. http://my.guideline.com/ HTTP 307
    https://my.guideline.com/ Page URL

Page Statistics

17
Requests

100 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

5
IPs

1
Countries

3894 kB
Transfer

12773 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://my.guideline.com/ HTTP 307
    https://my.guideline.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
my.guideline.com/
Redirect Chain
  • http://my.guideline.com/
  • https://my.guideline.com/
1 KB
3 KB
Document
General
Full URL
https://my.guideline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a82cf7641033a5ff316036b4cdbbbb56ff92b7e7b1e8ba70a13adecf4278127f
Security Headers
Name Value
Content-Security-Policy child-src 'self' app.pendo.io *.youtube.com; default-src * 'unsafe-inline'; font-src 'self' fonts.gstatic.com data:; frame-src 'self' app.pendo.io *.plaid.com js.stripe.com *.youtube.com https://*.doubleclick.net https://a20898485993.cdn.optimizely.com https://a20898485993.cdn-pci.optimizely.com https://*.flatfile.com https://www.facebook.com/ https://tpc.googlesyndication.com; img-src 'self' *.guideline.com cdn.cookielaw.org res.cloudinary.com/guideline-assets/ data.pendo.io cdn.pendo.io app.pendo.io pendo-static-6259783729020928.storage.googleapis.com www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com https://googleads.g.doubleclick.net https://www.google.com https://www.google-analytics.com https://www.facebook.com ads-twitter.com *.bing.com *.microsoft.com https://*.adsymptotic.com https://t.co https://*.linkedin.com https://cdn.optimizely.com https://analytics.twitter.com https://trkn.us https://www.gravatar.com https://*.flatfile.com https://*.googleadservices.com data:; manifest-src 'self'; media-src 'self'; object-src 'none'; script-src 'self' https://*.optimizely.com https://optimizely.s3.amazonaws.com https://cdn-assets-prod.s3.amazonaws.com 'unsafe-eval' 'nonce-f7d53a143ae052aa45bb45ae737d8dd5' 'strict-dynamic'; worker-src 'self' *.youtube.com; base-uri 'self'; frame-ancestors 'self' app.pendo.io https://*.squareup.com https://squareup.com https://*.squareupstaging.com https://squareupstaging.com https://*.checkhq.com https://*.eddy.com https://*.joinwarp.com https://*.monograph.com; report-uri https://sentry.guideline.tools/api/20/security/?sentry_key=56eb414770a74919be3dda898db2a192;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff nosniff
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, must-revalidate, max-age=0, s-max-age=0
cf-cache-status
DYNAMIC
cf-ray
830de059bdca3813-FRA
content-encoding
gzip
content-security-policy
child-src 'self' app.pendo.io *.youtube.com; default-src * 'unsafe-inline'; font-src 'self' fonts.gstatic.com data:; frame-src 'self' app.pendo.io *.plaid.com js.stripe.com *.youtube.com https://*.doubleclick.net https://a20898485993.cdn.optimizely.com https://a20898485993.cdn-pci.optimizely.com https://*.flatfile.com https://www.facebook.com/ https://tpc.googlesyndication.com; img-src 'self' *.guideline.com cdn.cookielaw.org res.cloudinary.com/guideline-assets/ data.pendo.io cdn.pendo.io app.pendo.io pendo-static-6259783729020928.storage.googleapis.com www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com https://googleads.g.doubleclick.net https://www.google.com https://www.google-analytics.com https://www.facebook.com ads-twitter.com *.bing.com *.microsoft.com https://*.adsymptotic.com https://t.co https://*.linkedin.com https://cdn.optimizely.com https://analytics.twitter.com https://trkn.us https://www.gravatar.com https://*.flatfile.com https://*.googleadservices.com data:; manifest-src 'self'; media-src 'self'; object-src 'none'; script-src 'self' https://*.optimizely.com https://optimizely.s3.amazonaws.com https://cdn-assets-prod.s3.amazonaws.com 'unsafe-eval' 'nonce-f7d53a143ae052aa45bb45ae737d8dd5' 'strict-dynamic'; worker-src 'self' *.youtube.com; base-uri 'self'; frame-ancestors 'self' app.pendo.io https://*.squareup.com https://squareup.com https://*.squareupstaging.com https://squareupstaging.com https://*.checkhq.com https://*.eddy.com https://*.joinwarp.com https://*.monograph.com; report-uri https://sentry.guideline.tools/api/20/security/?sentry_key=56eb414770a74919be3dda898db2a192;
content-security-policy-report-only
child-src 'self' app.pendo.io *.youtube.com; default-src * 'unsafe-inline'; font-src 'self' fonts.gstatic.com data:; frame-src 'self' app.pendo.io *.plaid.com js.stripe.com *.youtube.com https://*.doubleclick.net https://a20898485993.cdn.optimizely.com https://a20898485993.cdn-pci.optimizely.com https://*.flatfile.com https://www.facebook.com/ https://tpc.googlesyndication.com; img-src 'self' *.guideline.com cdn.cookielaw.org res.cloudinary.com/guideline-assets/ data.pendo.io cdn.pendo.io app.pendo.io pendo-static-6259783729020928.storage.googleapis.com www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com https://googleads.g.doubleclick.net https://www.google.com https://www.google-analytics.com https://www.facebook.com ads-twitter.com *.bing.com *.microsoft.com https://*.adsymptotic.com https://t.co https://*.linkedin.com https://cdn.optimizely.com https://analytics.twitter.com https://trkn.us https://www.gravatar.com https://*.flatfile.com https://*.googleadservices.com data:; manifest-src 'self'; media-src 'self'; object-src 'none'; script-src 'self' https://*.optimizely.com https://optimizely.s3.amazonaws.com https://cdn-assets-prod.s3.amazonaws.com 'unsafe-eval' 'nonce-f7d53a143ae052aa45bb45ae737d8dd5' 'strict-dynamic'; worker-src 'self' *.youtube.com; base-uri 'self'; frame-ancestors 'self' app.pendo.io https://*.squareup.com https://squareup.com https://*.squareupstaging.com https://squareupstaging.com https://*.checkhq.com https://*.eddy.com https://*.joinwarp.com https://*.monograph.com; report-uri https://sentry.guideline.tools/api/20/security/?sentry_key=56eb414770a74919be3dda898db2a192;
content-type
text/html
date
Tue, 05 Dec 2023 17:05:52 GMT
expires
Wed 01 Jan 2000 12:00:00 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff nosniff
x-xss-protection
1; mode=block 1; mode=block

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://my.guideline.com/
Non-Authoritative-Reason
HSTS
session~runtime-d2c42eeab2.js
my.guideline.com/assets/
3 KB
1 KB
Script
General
Full URL
https://my.guideline.com/assets/session~runtime-d2c42eeab2.js
Requested by
Host: my.guideline.com
URL: https://my.guideline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
911f3a1a1c9620c44e9ea425d6a48d7d4106711d33ac817559149ec2bd0e86c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.guideline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 17:05:52 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 04 Dec 2023 19:19:52 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
830de05cba053813-FRA
alt-svc
h3=":443"; ma=86400
content-length
1436
expires
Thu, 31 Dec 2037 23:55:55 GMT
vendor-54d2b6a040.js
my.guideline.com/assets/
10 MB
3 MB
Script
General
Full URL
https://my.guideline.com/assets/vendor-54d2b6a040.js
Requested by
Host: my.guideline.com
URL: https://my.guideline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a78e68b6faa1f089458176c5cd185f64c7164d417bcaf6dfdbc01ae8c02dbb9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.guideline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 17:05:52 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 04 Dec 2023 19:19:52 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
830de05cba063813-FRA
alt-svc
h3=":443"; ma=86400
content-length
3195351
expires
Thu, 31 Dec 2037 23:55:55 GMT
session-7d536a5844.js
my.guideline.com/assets/
1 MB
414 KB
Script
General
Full URL
https://my.guideline.com/assets/session-7d536a5844.js
Requested by
Host: my.guideline.com
URL: https://my.guideline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c796f7c8cce0f422c5ca3f4847594afb876f00c9b26648f58ab5edb76e8a4af1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.guideline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 17:05:52 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 04 Dec 2023 19:19:52 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
830de05cca213813-FRA
alt-svc
h3=":443"; ma=86400
content-length
423714
expires
Thu, 31 Dec 2037 23:55:55 GMT
session-7d536a5844.css
my.guideline.com/assets/
354 KB
51 KB
Stylesheet
General
Full URL
https://my.guideline.com/assets/session-7d536a5844.css
Requested by
Host: my.guideline.com
URL: https://my.guideline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19dc11d0f590d361268f2baa6030113f4b27a850828e91b884d4271157393a2e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.guideline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 17:05:52 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 04 Dec 2023 19:19:52 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
830de05cba033813-FRA
alt-svc
h3=":443"; ma=86400
content-length
51788
expires
Thu, 31 Dec 2037 23:55:55 GMT
public_features.json
my.guideline.com/api/v1/cors/
3 KB
2 KB
XHR
General
Full URL
https://my.guideline.com/api/v1/cors/public_features.json
Requested by
Host: my.guideline.com
URL: https://my.guideline.com/assets/vendor-54d2b6a040.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2b45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8242f2b9c5c9e809bfbd194f84f319af924a4d74256b1515e9a2d99eaed1b1d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
X-JS-UTC-OFFSET
60
Referer
https://my.guideline.com/
X-GL-CLIENT
web
X-GL-UUID
gdl-ca-3DDBE98545
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 17:05:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
x-permitted-cross-domain-policies
none
x-gl-request-id
WEB-c4e38b2d
x-gl-uuid
gdl-ca-3DDBE98545
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
22521397-cece-40de-bdca-761c697953f6
pragma
no-cache
x-runtime
0.008513
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 05 Dec 2023 17:05:54 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.guideline.com
access-control-allow-methods
POST, OPTIONS
cache-control
no-store
access-control-max-age
1728000
x-gl-version
cc0b859a9742b8fa0c6e16e10cd5dddf4d9368e8
x-robots-tag
none
access-control-allow-headers
Accept, Content-Type, X-JS-UTC-OFFSET, Authorization
cf-ray
830de0671b4165de-FRA
expires
0
settings
cdn.segment.com/v1/projects/Hpe1TigDh4p59lN1T8PBsma5stJIjrd1/
1 KB
1 KB
Fetch
General
Full URL
https://cdn.segment.com/v1/projects/Hpe1TigDh4p59lN1T8PBsma5stJIjrd1/settings
Requested by
Host: my.guideline.com
URL: https://my.guideline.com/assets/vendor-54d2b6a040.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.222.191 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-222-191.ams54.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
29c2dec5b64c761502b2e6366d4dc8c37ea3c904f6d093c1b7a78d3330f43086

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.guideline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
pAvn03UoBifA6R6Iw9JWsUrbE2TGFaCE
content-encoding
gzip
via
1.1 2b11d6e7cfac22d5fd2bf9a0df8c4d2a.cloudfront.net (CloudFront)
date
Tue, 05 Dec 2023 14:33:48 GMT
x-amz-cf-pop
AMS54-C1
age
9413
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 31 Jul 2023 15:09:51 GMT
server
AmazonS3
etag
W/"82bac9c5efd3dc17042d12f459dd9164"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=10800
vary
Accept-Encoding
x-amz-cf-id
N4-E-aYc7ONCGIFyTLvYbwsb-zKiYeHCUHTbMBxayTtElOIewKtCAw==
truncated
/
132 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0d9fe7b1c777c841617895382f69c4bd5576ea98b692e6209bafe5a8f2369d15

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml
normal-b5c3b1b97e.woff2
my.guideline.com/assets/fonts/
81 KB
81 KB
Font
General
Full URL
https://my.guideline.com/assets/fonts/normal-b5c3b1b97e.woff2
Requested by
Host: my.guideline.com
URL: https://my.guideline.com/assets/session-7d536a5844.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2b45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b88f5b8c113366b9cc272287e0c4d90cdc44ee51a572cc2fd63a704c1817d735
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://my.guideline.com/assets/session-7d536a5844.css
Origin
https://my.guideline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 17:05:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
last-modified
Thu, 30 Nov 2023 19:20:16 GMT
server
cloudflare
age
11768
vary
Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
830de0675bb565de-FRA
alt-svc
h3=":443"; ma=86400
content-length
83008
expires
Thu, 31 Dec 2037 23:55:55 GMT
demibold-dfe7c28043.woff2
my.guideline.com/assets/fonts/
81 KB
82 KB
Font
General
Full URL
https://my.guideline.com/assets/fonts/demibold-dfe7c28043.woff2
Requested by
Host: my.guideline.com
URL: https://my.guideline.com/assets/session-7d536a5844.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2b45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2beb731cd230656ac1099eca5dd6a1ca15f3bf0cc2a04a265ec2273a14ea7d0d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://my.guideline.com/assets/session-7d536a5844.css
Origin
https://my.guideline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 17:05:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
last-modified
Wed, 29 Nov 2023 19:20:00 GMT
server
cloudflare
age
11768
vary
Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
830de0675bb965de-FRA
alt-svc
h3=":443"; ma=86400
content-length
83280
expires
Thu, 31 Dec 2037 23:55:55 GMT
bold-3f540bc6ff.woff2
my.guideline.com/assets/fonts/
82 KB
82 KB
Font
General
Full URL
https://my.guideline.com/assets/fonts/bold-3f540bc6ff.woff2
Requested by
Host: my.guideline.com
URL: https://my.guideline.com/assets/session-7d536a5844.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2b45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29021ac5f7999f434b9be7ca594063035ab51c8c2fe97f560713a2524e1005d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://my.guideline.com/assets/session-7d536a5844.css
Origin
https://my.guideline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 17:05:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
last-modified
Wed, 29 Nov 2023 19:20:00 GMT
server
cloudflare
age
11768
vary
Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
830de0675bbd65de-FRA
alt-svc
h3=":443"; ma=86400
content-length
84004
expires
Thu, 31 Dec 2037 23:55:55 GMT
guideline--default-6e6279155f.svg
my.guideline.com/assets/images/
5 KB
2 KB
Image
General
Full URL
https://my.guideline.com/assets/images/guideline--default-6e6279155f.svg
Requested by
Host: my.guideline.com
URL: https://my.guideline.com/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2b45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d966a3eb7489a2bb2e3883dca239e956a157eb6b23a5069beebac1b5d278a886
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.guideline.com/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 17:05:53 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 29 Nov 2023 19:20:00 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
11768
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
830de0675bc365de-FRA
alt-svc
h3=":443"; ma=86400
content-length
1977
expires
Thu, 31 Dec 2037 23:55:55 GMT
madkudu.dynamic.js.gz
cdn.segment.com/next-integrations/integrations/madkudu/2.0.2/
3 KB
2 KB
Script
General
Full URL
https://cdn.segment.com/next-integrations/integrations/madkudu/2.0.2/madkudu.dynamic.js.gz
Requested by
Host: my.guideline.com
URL: https://my.guideline.com/assets/vendor-54d2b6a040.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.222.191 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-222-191.ams54.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ab0c82914b3410c4e5d8208f9ff7e863a28c4b3711d9f0d3fd95927161d88494

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.guideline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 07:59:33 GMT
content-encoding
gzip
via
1.1 1bc76a14967a660022b25f573baec632.cloudfront.net (CloudFront)
x-amz-version-id
vQNwmInkJlJ36SvTdNO9MtlFv.st2vV2
x-amz-cf-pop
AMS54-C1
age
4698381
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
1356
last-modified
Tue, 10 Oct 2023 12:17:23 GMT
server
AmazonS3
etag
"89856c7202bdfddad23de33ed37d9c46"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
x-amz-cf-id
SEIXO4sFqE1514GWydri5sH4NmjHAUKDFLJldkKmYE937QIr_H3tTA==
commons.c42222c4cb2f8913500f.js.gz
cdn.segment.com/next-integrations/integrations/vendor/
73 KB
22 KB
Script
General
Full URL
https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz
Requested by
Host: my.guideline.com
URL: https://my.guideline.com/assets/vendor-54d2b6a040.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.222.191 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-222-191.ams54.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b17b4a5cc840a366a4c006794502f887a316402f781f85e913ac4af19a93fc13

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.guideline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 01:51:18 GMT
content-encoding
gzip
via
1.1 1bc76a14967a660022b25f573baec632.cloudfront.net (CloudFront)
x-amz-version-id
uOfxQOMLwdt.eKHcMs4MBn7QUxA0mLtL
x-amz-cf-pop
AMS54-C1
age
2128476
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
22177
last-modified
Wed, 18 Oct 2023 10:36:32 GMT
server
AmazonS3
etag
"befb217271e2e926c7d898f1c85f6cb7"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
x-amz-cf-id
HTt5uXrrndxuysGMO78HXJF4CD1IaqOqO165x8IZLrvd7tT-3txr3Q==
madkudu.min.js
cdn.madkudu.com/madkudu.js/v1/7144066c99c3dacbb5269920681814e3/
82 KB
26 KB
Script
General
Full URL
https://cdn.madkudu.com/madkudu.js/v1/7144066c99c3dacbb5269920681814e3/madkudu.min.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-22.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7d4fe3d20bcfd39ad5169e56f39eaf39612747e305d7fa2c09758bf1a2dd7348

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.guideline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 16:07:40 GMT
content-encoding
gzip
via
1.1 2a5c925255bb252ff0ed65977311f74e.cloudfront.net (CloudFront)
last-modified
Thu, 30 Jun 2022 13:21:29 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
3495
etag
W/"13fc4f1c1f9d6b6e1657f9a04f643000"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
ot03ny9YR2T3G5CmFpQdMwSYbWLd8tZbzb6nA-cW1Rfes9e-uETmaw==
p
api.segment.io/v1/
21 B
174 B
Fetch
General
Full URL
https://api.segment.io/v1/p
Requested by
Host: my.guideline.com
URL: https://my.guideline.com/assets/vendor-54d2b6a040.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.81.90.104 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-81-90-104.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://my.guideline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://my.guideline.com
date
Tue, 05 Dec 2023 17:05:54 GMT
strict-transport-security
max-age=31536000
content-length
21
vary
Origin
content-type
application/json
t
api.segment.io/v1/
21 B
174 B
Fetch
General
Full URL
https://api.segment.io/v1/t
Requested by
Host: my.guideline.com
URL: https://my.guideline.com/assets/vendor-54d2b6a040.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.81.90.104 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-81-90-104.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://my.guideline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://my.guideline.com
date
Tue, 05 Dec 2023 17:05:54 GMT
strict-transport-security
max-age=31536000
content-length
21
vary
Origin
content-type
application/json
p
api.segment.io/v1/
21 B
175 B
Fetch
General
Full URL
https://api.segment.io/v1/p
Requested by
Host: my.guideline.com
URL: https://my.guideline.com/assets/vendor-54d2b6a040.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.81.90.104 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-81-90-104.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://my.guideline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://my.guideline.com
date
Tue, 05 Dec 2023 17:05:54 GMT
strict-transport-security
max-age=31536000
content-length
21
vary
Origin
content-type
application/json

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| webpackChunk_guideline_app_app object| SENTRY_RELEASE object| SENTRY_RELEASES object| service object| ajaxOngoingRequests object| ajaxFailedRequests function| applyFocusVisiblePolyfill object| regeneratorRuntime function| IMask object| __SEGMENT_INSPECTOR__ string| GL_PRODUCT_KEY object| __SENTRY__ object| gtmDataLayer object| optimizely object| madkuduDeps function| madkuduLoader object| webpackJsonp_name_Integration function| setImmediate function| clearImmediate function| madkuduIntegration object| madkudu

5 Cookies

Domain/Path Name / Value
.guideline.com/ Name: gl-uuid
Value: gdl-ca-3DDBE98545
.guideline.com/ Name: gdl-analytics-session
Value: 1701797753786
.guideline.com/ Name: ajs_anonymous_id
Value: gdl-ca-3DDBE98545
.guideline.com/ Name: mkjs_user_id
Value: null
.guideline.com/ Name: mkjs_group_id
Value: null

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy child-src 'self' app.pendo.io *.youtube.com; default-src * 'unsafe-inline'; font-src 'self' fonts.gstatic.com data:; frame-src 'self' app.pendo.io *.plaid.com js.stripe.com *.youtube.com https://*.doubleclick.net https://a20898485993.cdn.optimizely.com https://a20898485993.cdn-pci.optimizely.com https://*.flatfile.com https://www.facebook.com/ https://tpc.googlesyndication.com; img-src 'self' *.guideline.com cdn.cookielaw.org res.cloudinary.com/guideline-assets/ data.pendo.io cdn.pendo.io app.pendo.io pendo-static-6259783729020928.storage.googleapis.com www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com https://googleads.g.doubleclick.net https://www.google.com https://www.google-analytics.com https://www.facebook.com ads-twitter.com *.bing.com *.microsoft.com https://*.adsymptotic.com https://t.co https://*.linkedin.com https://cdn.optimizely.com https://analytics.twitter.com https://trkn.us https://www.gravatar.com https://*.flatfile.com https://*.googleadservices.com data:; manifest-src 'self'; media-src 'self'; object-src 'none'; script-src 'self' https://*.optimizely.com https://optimizely.s3.amazonaws.com https://cdn-assets-prod.s3.amazonaws.com 'unsafe-eval' 'nonce-f7d53a143ae052aa45bb45ae737d8dd5' 'strict-dynamic'; worker-src 'self' *.youtube.com; base-uri 'self'; frame-ancestors 'self' app.pendo.io https://*.squareup.com https://squareup.com https://*.squareupstaging.com https://squareupstaging.com https://*.checkhq.com https://*.eddy.com https://*.joinwarp.com https://*.monograph.com; report-uri https://sentry.guideline.tools/api/20/security/?sentry_key=56eb414770a74919be3dda898db2a192;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff nosniff
X-Xss-Protection 1; mode=block 1; mode=block