protection.byguardio.com Open in urlscan Pro
34.102.209.210 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://protection.byguardio.com/?utm_source=adx_grd_gen11_2_test&utm_test=affscan&rpdskclid=b19242b2-a992-11ed-bc68-92289f8569a9...
Effective URL:
https://protection.byguardio.com/?utm_source=adx_grd_gen11_2_test&utm_test=affscan&rpdskclid=b19242b2-a992-11ed-bc68-92289f8569a9...
Submission Tags: falconsandbox
Submission: On February 11 via api (February 11th 2023, 12:39:21 am UTC) from US — Scanned from DE

Summary HTTP 40 Redirects Behaviour Indicators

Summary

This website contacted 11 IPs in 4 countries across 9 domains to perform 40 HTTP transactions. The main IP is 34.102.209.210, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is protection.byguardio.com. The Cisco Umbrella rank of the primary domain is 641532.
TLS certificate: Issued by GTS CA 1D4 on January 20th 2023. Valid for: 3 months.

This is the only time protection.byguardio.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 6	34.102.209.210 34.102.209.210	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1288:f03... 2a00:1288:f03d:1fa::4000	10310 (YAHOO-1) (YAHOO-1)
8	34.98.65.253 34.98.65.253	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
7	2a02:26f0:11a... 2a02:26f0:11a::217:9a48	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	34.102.139.130 34.102.139.130	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
9	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2600:1f18:24e... 2600:1f18:24e6:b901:5ce2:fb29:33d9:37f1	14618 (AMAZON-AES) (AMAZON-AES)
1	2a02:26f0:11a... 2a02:26f0:11a::217:9a4b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
40	11

6 34.102.209.210 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 210.209.102.34.bc.googleusercontent.com

protection.byguardio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:f03d:1fa::4000 (United Kingdom)

ASN10310 (YAHOO-1, US)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 34.98.65.253 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 253.65.98.34.bc.googleusercontent.com

cdn.byguardio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:26f0:11a::217:9a48 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.102.139.130 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 130.139.102.34.bc.googleusercontent.com

guard.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:24e6:b901:5ce2:fb29:33d9:37f1 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

rum.browser-intake-datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:11a::217:9a4b (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	byguardio.com 1 redirects protection.byguardio.com — Cisco Umbrella Rank: 641532 cdn.byguardio.com — Cisco Umbrella Rank: 764079	999 KB
9	facebook.com www.facebook.com — Cisco Umbrella Rank: 110	451 B
8	typekit.net use.typekit.net — Cisco Umbrella Rank: 426 p.typekit.net — Cisco Umbrella Rank: 554	290 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 152	353 KB
2	browser-intake-datadoghq.com rum.browser-intake-datadoghq.com — Cisco Umbrella Rank: 2471	571 B
2	guard.io guard.io — Cisco Umbrella Rank: 23982	1 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2
1	youtube.com 1 redirects www.youtube.com — Cisco Umbrella Rank: 71	485 B
1	yimg.com s.yimg.com — Cisco Umbrella Rank: 459	6 KB
40	9

	Domain	Requested by
9	www.facebook.com	protection.byguardio.com
8	cdn.byguardio.com	protection.byguardio.com
7	use.typekit.net	cdn.byguardio.com protection.byguardio.com
6	protection.byguardio.com	1 redirects protection.byguardio.com cdn.byguardio.com
4	connect.facebook.net	protection.byguardio.com connect.facebook.net
2	rum.browser-intake-datadoghq.com	cdn.byguardio.com
2	guard.io	cdn.byguardio.com
1	p.typekit.net	protection.byguardio.com
1	www.google.com	protection.byguardio.com
1	www.youtube.com	1 redirects
1	s.yimg.com	protection.byguardio.com
40	11

This site contains no links.

Subject Issuer	Validity	Valid
protection.byguardio.com GTS CA 1D4	`2023-01-20` - `2023-04-20`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-11-20` - `2023-02-18`	3 months	crt.sh
*.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-01-19` - `2023-03-08`	2 months	crt.sh
cdn.byguardio.com GTS CA 1D4	`2023-02-07` - `2023-05-08`	3 months	crt.sh
use.typekit.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-14` - `2023-10-15`	a year	crt.sh
guard.io GTS CA 1D4	`2023-01-31` - `2023-05-01`	3 months	crt.sh
*.browser-intake-datadoghq.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-21` - `2023-07-22`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://protection.byguardio.com/?utm_source=adx_grd_gen11_2_test&utm_test=affscan&rpdskclid=b19242b2-a992-11ed-bc68-92289f8569a9&mid=b19242b2-a992-11ed-bc68-92289f8569a9
Frame ID: D9772CDB2D2AD266601BDDBB05FC734C
Requests: 44 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 37BE7CDBA87176E937F6ACE11C58CDCF
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 00210A20E2EE5183DA7F7C4C540B5026
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 5B84FCED484D86B9D8CA6ABE8F730225
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Experience a cleaner, safer web | GuardioGuardio

Page URL History Show full URLs

http://protection.byguardio.com/?utm_source=adx_grd_gen11_2_test&utm_test=affscan&rpdskclid=b19242b2-a992-11... HTTP 303
https://protection.byguardio.com/?utm_source=adx_grd_gen11_2_test&utm_test=affscan&rpdskclid=b19242b2-a992-11... Page URL

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Page Statistics

40
Requests

98 %
HTTPS

73 %
IPv6

9
Domains

11
Subdomains

11
IPs

4
Countries

1651 kB
Transfer

2556 kB
Size

13
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://protection.byguardio.com/?utm_source=adx_grd_gen11_2_test&utm_test=affscan&rpdskclid=b19242b2-a992-11ed-bc68-92289f8569a9&mid=b19242b2-a992-11ed-bc68-92289f8569a9 HTTP 303
https://protection.byguardio.com/?utm_source=adx_grd_gen11_2_test&utm_test=affscan&rpdskclid=b19242b2-a992-11ed-bc68-92289f8569a9&mid=b19242b2-a992-11ed-bc68-92289f8569a9 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23

https://www.youtube.com/iframe_api HTTP 302
https://www.google.com/sorry/index?continue=https://www.youtube.com/iframe_api&q=EhAqAxsgAAbwEQAAAAAAAABuGLTHm58GIjCyX4twrQUfFaMOh0Al4rltw6Jz79ecLTIpp8AolggaqfTGfX8y1UqUA1yu6VYMxw4yAXI

40 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
protection.byguardio.com/
Redirect Chain

http://protection.byguardio.com/?utm_source=adx_grd_gen11_2_test&utm_test=affscan&rpdskclid=b19242b2-a992-11ed-bc68-92289f8569a9&mid=b19242b2-a992-11ed-bc68-92289f8569a9
https://protection.byguardio.com/?utm_source=adx_grd_gen11_2_test&utm_test=affscan&rpdskclid=b19242b2-a992-11ed-bc68-92289f8569a9&mid=b19242b2-a992-11ed-bc68-92289f8569a9

16 KB
17 KB

172ms
141ms

Document
text/html

34.102.209.210
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://protection.byguardio.com/?utm_source=adx_grd_gen11_2_test&utm_test=affscan&rpdskclid=b19242b2-a992-11ed-bc68-92289f8569a9&mid=b19242b2-a992-11ed-bc68-92289f8569a9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.209.210 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 210.209.102.34.bc.googleusercontent.com
Software: /
Resource Hash: d565a1f428b5a257aa9cfe334e232af8faba9cad37930d1be683d50e9fa96866

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
content-length: 16628
content-type: text/html; charset=UTF-8
date: Sat, 11 Feb 2023 00:39:16 GMT
expires: 0
pragma: no-cache
server
via: 1.1 google

Redirect headers

Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Sat, 11 Feb 2023 00:39:16 GMT
Expires: 0
Location: https://protection.byguardio.com/?utm_source=adx_grd_gen11_2_test&utm_test=affscan&rpdskclid=b19242b2-a992-11ed-bc68-92289f8569a9&mid=b19242b2-a992-11ed-bc68-92289f8569a9
Pragma: no-cache
Server
Via: 1.1 google

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 106 KB
28 KB 26ms
9ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: protection.byguardio.com
URL: https://protection.byguardio.com/?utm_source=adx_grd_gen11_2_test&utm_test=affscan&rpdskclid=b19242b2-a992-11ed-bc68-92289f8569a9&mid=b19242b2-a992-11ed-bc68-92289f8569a9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c1e56ad863615fc191d80d7807852db95e57579f6535186d83d04ecdebef5236

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://protection.byguardio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 11 Feb 2023 00:39:16 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27843
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: DQ7/09VJyai8gykeV/5VBMO4ZkGFZmesmaLV8dlCGW5rmFaa3xLt8YZFHPwiiQhEzJJ21EuewMk5t3WOnLpAzw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 16 KB
6 KB 135ms
32ms Script
application/javascript 2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://protection.byguardio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 00:22:10 GMT
x-amz-version-id: .QD3nDfK79S8_ikLSJXTL23Tdis9tg0C
content-encoding: gzip
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
x-amz-request-id: CXYBF9BS9H6NKJQA
age: 1027
x-amz-server-side-encryption: AES256
x-amz-id-2: MjuHllr9E/wXgzIPI4iALq3BU2PA5LoFSpM2u2i4MEUH+9s9uC+NYAtNWEN9Mx2c2GzlnCFATVY=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Tue, 14 Jun 2022 12:21:31 GMT
server: ATS
etag: "6a624022b5d271dcefb070b0b6670abc-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=3600
accept-ranges: bytes

GET
H2 200 webpack-runtime-b5446ff61670b32ccf85.js Show response
cdn.byguardio.com/static/silly-kabuto-83de85/ 4 KB
4 KB 62ms
16ms Script
text/javascript 34.98.65.253
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.byguardio.com/static/silly-kabuto-83de85/webpack-runtime-b5446ff61670b32ccf85.js
Requested by: Host: protection.byguardio.com
URL: https://protection.byguardio.com/?utm_source=adx_grd_gen11_2_test&utm_test=affscan&rpdskclid=b19242b2-a992-11ed-bc68-92289f8569a9&mid=b19242b2-a992-11ed-bc68-92289f8569a9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.65.253 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 253.65.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3ad2baf39b7c0033efb47fc099ce44f4eea8a38b1257c96150521aff721fcf0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://protection.byguardio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 13:15:36 GMT
age: 213820
x-guploader-uploadid: ADPycdshrddK6VQhqJFOPgsZEDVIcILGI2khWwEGuo-x-KWeixHNV8Yjv345xoTbWAN7qjRL1uB7G723AGxYjeWEX2USuR2z2Ztl
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3634
last-modified: Tue, 24 Jan 2023 08:58:42 GMT
server: UploadServer
etag: "e0c697594414a6d64bc9c852bf7f2dd5"
vary: Origin
x-goog-generation: 1674550722790031
x-goog-hash: crc32c=eiI8Ow==, md5=4MaXWUQUptZLychSv38t1Q==
content-type: text/javascript
cache-control: public, max-age=31104000
x-goog-stored-content-length: 3634
accept-ranges: bytes
expires: Sat, 03 Feb 2024 13:15:36 GMT

GET
H2 200 framework-d8828dfe553df4b67e27.js Show response
cdn.byguardio.com/static/silly-kabuto-83de85/ 146 KB
146 KB 87ms
40ms Script
text/javascript 34.98.65.253
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.byguardio.com/static/silly-kabuto-83de85/framework-d8828dfe553df4b67e27.js
Requested by: Host: protection.byguardio.com
URL: https://protection.byguardio.com/?utm_source=adx_grd_gen11_2_test&utm_test=affscan&rpdskclid=b19242b2-a992-11ed-bc68-92289f8569a9&mid=b19242b2-a992-11ed-bc68-92289f8569a9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.65.253 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 253.65.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 212decdf57382382a93c998f69804c31afe47c0a995d2a055d5e7cc89ffff9e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://protection.byguardio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 13:15:36 GMT
age: 213820
x-guploader-uploadid: ADPycds3lDHbRjeOIdC5p5gkyVFUjEit6un_VdFsVY3piYb_6sn_uklkt1wt9zpjlonJkssmCamxd5MlKzKfqUQj_SYO0qQz64pg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 149043
last-modified: Tue, 24 Jan 2023 08:58:42 GMT
server: UploadServer
etag: "8130e2d8e82cb4a5f17c008e83d8cab1"
vary: Origin
x-goog-generation: 1674550722519841
x-goog-hash: crc32c=lfk/ug==, md5=gTDi2OgstKXxfACOg9jKsQ==
content-type: text/javascript
cache-control: public, max-age=31104000
x-goog-stored-content-length: 149043
accept-ranges: bytes
expires: Sat, 03 Feb 2024 13:15:36 GMT

GET
H2 200 app-51063100e3664a02a651.js Show response
cdn.byguardio.com/static/silly-kabuto-83de85/ 364 KB
364 KB 77ms
31ms Script
text/javascript 34.98.65.253
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.byguardio.com/static/silly-kabuto-83de85/app-51063100e3664a02a651.js
Requested by: Host: protection.byguardio.com
URL: https://protection.byguardio.com/?utm_source=adx_grd_gen11_2_test&utm_test=affscan&rpdskclid=b19242b2-a992-11ed-bc68-92289f8569a9&mid=b19242b2-a992-11ed-bc68-92289f8569a9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.65.253 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 253.65.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: c423db1eb63bd7004c95ec712b4035f3e3a7442a2c66f22e26f4c1dbb17a2a2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://protection.byguardio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 15:24:43 GMT
age: 206073
x-guploader-uploadid: ADPycdsyf2YIR6mTOPBhWsaUBGt5-26RcBpF_Mufge98bWPKWjzA-Y9TWsK1Xr_pljKcG60GhRXkzcwU48D2t07mNfXz7Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 372622
last-modified: Tue, 24 Jan 2023 08:58:42 GMT
server: UploadServer
etag: "fdba4d77319395d1c6b4b901b0fd5138"
vary: Origin
x-goog-generation: 1674550722885708
x-goog-hash: crc32c=qlc36g==, md5=/bpNdzGTldHGtLkBsP1ROA==
content-type: text/javascript
cache-control: public, max-age=31104000
x-goog-stored-content-length: 372622
accept-ranges: bytes
expires: Sat, 03 Feb 2024 15:24:43 GMT

GET
H2 200 commons-022af7c8e3a0d9f807f1.js Show response
cdn.byguardio.com/static/silly-kabuto-83de85/ 70 KB
70 KB 92ms
46ms Script
text/javascript 34.98.65.253
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.byguardio.com/static/silly-kabuto-83de85/commons-022af7c8e3a0d9f807f1.js
Requested by: Host: protection.byguardio.com
URL: https://protection.byguardio.com/?utm_source=adx_grd_gen11_2_test&utm_test=affscan&rpdskclid=b19242b2-a992-11ed-bc68-92289f8569a9&mid=b19242b2-a992-11ed-bc68-92289f8569a9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.65.253 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 253.65.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 9eb85be926731d5aa25dd6a630a214792ff4e04a7e2b77e6bc576fa74b49572d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://protection.byguardio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 13:15:36 GMT
age: 213820
x-guploader-uploadid: ADPycdupIgITnZFzLFZyWhwEmfKBO_3b8NNtzkzcGIeoays51Kx86tK9JwVfXIkKHhcpbPXAJXmotJkg5Pt8Vl_phI8Tcw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71565
last-modified: Tue, 24 Jan 2023 08:58:43 GMT
server: UploadServer
etag: "4a061da0711915c208d4078c68829753"
vary: Origin
x-goog-generation: 1674550723020730
x-goog-hash: crc32c=BXG0eg==, md5=SgYdoHEZFcII1AeMaIKXUw==
content-type: text/javascript
cache-control: public, max-age=31104000
x-goog-stored-content-length: 71565
accept-ranges: bytes
expires: Sat, 03 Feb 2024 13:15:36 GMT

GET
H2 200 component---src-templates-landing-page-tsx-3258bf357abeca79e216.js Show response
cdn.byguardio.com/static/silly-kabuto-83de85/ 393 KB
393 KB 66ms
20ms Script
text/javascript 34.98.65.253
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.byguardio.com/static/silly-kabuto-83de85/component---src-templates-landing-page-tsx-3258bf357abeca79e216.js
Requested by: Host: protection.byguardio.com
URL: https://protection.byguardio.com/?utm_source=adx_grd_gen11_2_test&utm_test=affscan&rpdskclid=b19242b2-a992-11ed-bc68-92289f8569a9&mid=b19242b2-a992-11ed-bc68-92289f8569a9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.65.253 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 253.65.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 0ea5d41cd2a58f4a69ac955148573ed0a2c655bf750fd531c4d6f543c0d250d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://protection.byguardio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 14:43:35 GMT
age: 208541
x-guploader-uploadid: ADPycdtC4uyxiTBcAlJn00J-4CB7DRhJPCiFegbM_pcm5PFwGDVd2rcrpXtrrEjyLIjESGJzAG5qIrHCtMgGKoOtflfmmQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 402424
last-modified: Tue, 24 Jan 2023 08:58:42 GMT
server: UploadServer
etag: "7c42c89784bfaaa22b40d61762291581"
vary: Origin
x-goog-generation: 1674550722670754
x-goog-hash: crc32c=YPASVA==, md5=fELIl4S/qqIrQNYXYikVgQ==
content-type: text/javascript
cache-control: public, max-age=31104000
x-goog-stored-content-length: 402424
accept-ranges: bytes
expires: Sat, 03 Feb 2024 14:43:35 GMT

GET
H2 200 page-data.json
cdn.byguardio.com/static/silly-kabuto-83de85/page-data/index/ 3 KB
3 KB 174ms
128ms Other
text/html 34.98.65.253
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.byguardio.com/static/silly-kabuto-83de85/page-data/index/page-data.json
Requested by: Host: protection.byguardio.com
URL: https://protection.byguardio.com/?utm_source=adx_grd_gen11_2_test&utm_test=affscan&rpdskclid=b19242b2-a992-11ed-bc68-92289f8569a9&mid=b19242b2-a992-11ed-bc68-92289f8569a9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.65.253 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 253.65.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: dc7c6c8908bbe0c4927257cfe0dea4a248f18f3b312beb8b4af5414a867fd413

Request headers

Referer: https://protection.byguardio.com/
Origin: https://protection.byguardio.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 00:39:16 GMT
age: 0
x-guploader-uploadid: ADPycdssJOZJpTdyo3iKzV2OjxRb_ss5irHtpNNg7vPopdV9yzM_mK0G7yI8gGon_ECLpEhWTHceCadTbH_Ztx44s-h_Swysk4lf
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2725
last-modified: Tue, 24 Jan 2023 08:58:43 GMT
server: UploadServer
etag: "0a5427f701430070f626e10da598eacd"
vary: Origin
x-goog-generation: 1674550723269176
x-goog-hash: crc32c=rnHzpA==, md5=ClQn9wFDAHD2JuENpZjqzQ==
access-control-allow-origin: https://protection.byguardio.com
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600
x-goog-stored-content-length: 2725
accept-ranges: bytes
content-type: text/html
expires: Sat, 11 Feb 2023 01:39:16 GMT

GET
H2 200 1614255152.json
cdn.byguardio.com/static/silly-kabuto-83de85/page-data/sq/d/ 116 B
350 B 179ms
133ms Other
text/html 34.98.65.253
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.byguardio.com/static/silly-kabuto-83de85/page-data/sq/d/1614255152.json
Requested by: Host: protection.byguardio.com
URL: https://protection.byguardio.com/?utm_source=adx_grd_gen11_2_test&utm_test=affscan&rpdskclid=b19242b2-a992-11ed-bc68-92289f8569a9&mid=b19242b2-a992-11ed-bc68-92289f8569a9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.65.253 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 253.65.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 9eb84d167a28290507f1aa3dd080eec2e7b3392dc030219cc3879b8dbb3e509e

Request headers

Referer: https://protection.byguardio.com/
Origin: https://protection.byguardio.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 00:39:16 GMT
age: 0
x-guploader-uploadid: ADPycdvuzQJinDzuymCvFTSLzWkD4Y3XsSWaadM7jgreIgYYTKIPDTolJVtfGXBstxHz9URZ93LWu4OLP7aVu01vLydRTKb_sWsk
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 116
last-modified: Tue, 24 Jan 2023 08:58:43 GMT
server: UploadServer
etag: "f52ef111b930490640f4b4482904af64"
vary: Origin
x-goog-generation: 1674550723345966
x-goog-hash: crc32c=iNqnVA==, md5=9S7xEbkwSQZA9LRIKQSvZA==
access-control-allow-origin: https://protection.byguardio.com
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600
x-goog-stored-content-length: 116
accept-ranges: bytes
content-type: text/html
expires: Sat, 11 Feb 2023 01:39:16 GMT

GET
H2 200 app-data.json
cdn.byguardio.com/static/silly-kabuto-83de85/page-data/ 50 B
668 B 169ms
124ms Other
text/html 34.98.65.253
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.byguardio.com/static/silly-kabuto-83de85/page-data/app-data.json
Requested by: Host: protection.byguardio.com
URL: https://protection.byguardio.com/?utm_source=adx_grd_gen11_2_test&utm_test=affscan&rpdskclid=b19242b2-a992-11ed-bc68-92289f8569a9&mid=b19242b2-a992-11ed-bc68-92289f8569a9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.65.253 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 253.65.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 1619fb45a2eb80391b90ab0e0045caf2b0bdf12988f97733eafa3f07943783af

Request headers

Referer: https://protection.byguardio.com/
Origin: https://protection.byguardio.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 00:39:16 GMT
age: 0
x-guploader-uploadid: ADPycdvdMJvzvQt97X9UqIx8PoTFzI1sO9Ll8_MKp6fD2djINzZZtpT0CZ_mQjsqqIgbFZuP-mubz7J_bZy3MbS0PL90PQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50
last-modified: Tue, 24 Jan 2023 08:58:43 GMT
server: UploadServer
etag: "fd0fa8265ae50a55221231291e90caed"
vary: Origin
x-goog-generation: 1674550723204216
x-goog-hash: crc32c=FaLG9g==, md5=/Q+oJlrlClUiEjEpHpDK7Q==
access-control-allow-origin: https://protection.byguardio.com
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600
x-goog-stored-content-length: 50
accept-ranges: bytes
content-type: text/html
expires: Sat, 11 Feb 2023 01:39:16 GMT

GET
H2 200 hload
protection.byguardio.com/ 42 B
114 B 124ms
123ms Image
image/gif 34.102.209.210
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protection.byguardio.com/hload
Requested by: Host: protection.byguardio.com
URL: https://protection.byguardio.com/?utm_source=adx_grd_gen11_2_test&utm_test=affscan&rpdskclid=b19242b2-a992-11ed-bc68-92289f8569a9&mid=b19242b2-a992-11ed-bc68-92289f8569a9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.209.210 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 210.209.102.34.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://protection.byguardio.com/?utm_source=adx_grd_gen11_2_test&utm_test=affscan&rpdskclid=b19242b2-a992-11ed-bc68-92289f8569a9&mid=b19242b2-a992-11ed-bc68-92289f8569a9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Feb 2023 00:39:16 GMT
via: 1.1 google
server
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
expires: 0

GET
H2 200 145413639486927 Show response
connect.facebook.net/signals/config/ 380 KB
109 KB 65ms
65ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/145413639486927?v=2.9.95&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7c7ff3b2b38673a252daa06d20721393ecdebedf7f554e90f49f7f4304e0f97a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://protection.byguardio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 11 Feb 2023 00:39:16 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: sToyO358iPW7eXS5gXYjH8nplSxyMoK89+z5rJo05uIW0RTO66ITa79EdD94hOSN/dZd2d4d2pDmtSB1j852Mw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 800164860398368 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 73ms
73ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/800164860398368?v=2.9.95&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7f2ae81ea854e84521729cb6951f3f793af51163aa595d617dba59f480543532

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://protection.byguardio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 11 Feb 2023 00:39:16 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: Uc9aahRo9OL5VQlxY/FkafnLvp86TdCCKIYF0i4cVWL8VjvO759zDY0X1ciy0anNbfsK64hRmNLVnuAUlZps1A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 iyq7cgf.js Show response
use.typekit.net/ 18 KB
7 KB 278ms
140ms Script
text/javascript 2a02:26f0:11a::217:9a48
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/iyq7cgf.js

Requested by

Host: cdn.byguardio.com
URL: https://cdn.byguardio.com/static/silly-kabuto-83de85/app-51063100e3664a02a651.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::217:9a48 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

23f1acc91b2624d9e843d97d6e8a171e151cbc3b781b68f19bfa83f100c6db21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://protection.byguardio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Sat, 11 Feb 2023 00:39:16 GMT
server: nginx
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 6788

GET
DATA 200
OK truncated
/ 336 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7dd7f78199d6c9dcf37370519523ee9ff1cca6a32146b8e9cad704d2c46bd67d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 807 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9eba4917f281c9933b61be5602c6a9e02a3f1b0ab6e18d492ca27c1717d7643e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 511 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 20df950ca35d4f2cfd93930c3dfef3cb2be85fa099710808524cf7ddbc478a8d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 306 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc6a1d4c78bc08d21c501f2187febd981a13538cb6291e2a61d733554c98dfda

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 397 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db02c6c3e7679e4613196c6103b8467cb2c84d48f8cb98f43a330127c8c2888e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 173 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9eed7c299b33fbfaa9abb7e8af2503ae6a0ef517917f28fc2b78f15417cffe19

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 sync Show response
guard.io/v2/aff/ 0
845 B 222ms
122ms Fetch
application/javascript 34.102.139.130
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://guard.io/v2/aff/sync?sid=b19242b2-a992-11ed-bc68-92289f8569a9&uid=uid_cicfWtybaWAQVcnzszMMDnMLxSUVi5A4&utm_source=adx_grd_gen11_2_test&aff_params=eyJ1dG1fc291cmNlIjogImFkeF9ncmRfZ2VuMTFfMl90ZXN0IiwgInV0bV90ZXN0IjogImFmZnNjYW4iLCAicnBkc2tjbGlkIjogImIxOTI0MmIyLWE5OTItMTFlZC1iYzY4LTkyMjg5Zjg1NjlhOSIsICJtaWQiOiAiYjE5MjQyYjItYTk5Mi0xMWVkLWJjNjgtOTIyODlmODU2OWE5In0=
Requested by: Host: cdn.byguardio.com
URL: https://cdn.byguardio.com/static/silly-kabuto-83de85/app-51063100e3664a02a651.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.139.130 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 130.139.102.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://protection.byguardio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Feb 2023 00:39:16 GMT
via: 1.1 google
server
content-type: application/javascript
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: 0

GET
H3 200 csync Show response
protection.byguardio.com/ 2 B
19 B 123ms
122ms Fetch
application/json 34.102.209.210
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://protection.byguardio.com/csync
Requested by: Host: cdn.byguardio.com
URL: https://cdn.byguardio.com/static/silly-kabuto-83de85/app-51063100e3664a02a651.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.209.210 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 210.209.102.34.bc.googleusercontent.com
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://protection.byguardio.com/?utm_source=adx_grd_gen11_2_test&utm_test=affscan&rpdskclid=b19242b2-a992-11ed-bc68-92289f8569a9&mid=b19242b2-a992-11ed-bc68-92289f8569a9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Feb 2023 00:39:16 GMT
via: 1.1 google
server
content-type: application/json
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: 0

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7c0fedbfb5e4ffd9f9a7df3d7cf3fe12569d4723ba688f39f7af7ed55d9c3770

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

429

index
www.google.com/sorry/
Redirect Chain

https://www.youtube.com/iframe_api
https://www.google.com/sorry/index?continue=https://www.youtube.com/iframe_api&q=EhAqAxsgAAbwEQAAAAAAAABuGLTHm58GIjCyX4twrQUfFaMOh0Al4rltw6Jz79ecLTIpp8AolggaqfTGfX8y1UqUA1yu6VYMxw4yAXI

0
0

123ms
45ms

Script
text/html

2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/sorry/index?continue=https://www.youtube.com/iframe_api&q=EhAqAxsgAAbwEQAAAAAAAABuGLTHm58GIjCyX4twrQUfFaMOh0Al4rltw6Jz79ecLTIpp8AolggaqfTGfX8y1UqUA1yu6VYMxw4yAXI
Requested by: Host: protection.byguardio.com
URL: https://protection.byguardio.com/?utm_source=adx_grd_gen11_2_test&utm_test=affscan&rpdskclid=b19242b2-a992-11ed-bc68-92289f8569a9&mid=b19242b2-a992-11ed-bc68-92289f8569a9
Protocol: H2
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://protection.byguardio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Sat, 11 Feb 2023 00:39:17 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://www.google.com/sorry/index?continue=https://www.youtube.com/iframe_api&q=EhAqAxsgAAbwEQAAAAAAAABuGLTHm58GIjCyX4twrQUfFaMOh0Al4rltw6Jz79ecLTIpp8AolggaqfTGfX8y1UqUA1yu6VYMxw4yAXI
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-store, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 385
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 396644971396753 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 72ms
72ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/396644971396753?v=2.9.95&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5ac094908511ea20380e668dc096e962560f3eff344dfbadd45ba93ad8b4c3a2

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://protection.byguardio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 11 Feb 2023 00:39:16 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: xD+8tFGO+grjNMB6C9alCJR+b2SNIg5Fzbu61KReOrRKfP++Ew8Gg+9CyIznZklXzeawWJE6HrwBY/JdtN4nhw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 27ms
9ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=145413639486927&ev=PageView&dl=https%3A%2F%2Fprotection.byguardio.com%2F%3Futm_source%3Dadx_grd_gen11_2_test%26utm_test%3Daffscan%26rpdskclid%3Db19242b2-a992-11ed-bc68-92289f8569a9%26mid%3Db19242b2-a992-11ed-bc68-92289f8569a9&rl=&if=false&ts=1676075956864&sw=1600&sh=1200&v=2.9.95&r=stable&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%22687525262879314%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22additionalType%22%3A%22product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%22703581111424342%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22additionalType%22%3A%22product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[2]=%7B%22extractorID%22%3A%22855292105731647%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22additionalType%22%3A%22product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[3]=%7B%22extractorID%22%3A%221430860900782539%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[4]=%7B%22extractorID%22%3A%222118544385009336%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[5]=%7B%22extractorID%22%3A%22648186367081877%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&cs_est=true&fbp=fb.1.1676075956863.942190567&it=1676075956438&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://protection.byguardio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 11 Feb 2023 00:39:16 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 27ms
9ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=800164860398368&ev=PageView&dl=https%3A%2F%2Fprotection.byguardio.com%2F%3Futm_source%3Dadx_grd_gen11_2_test%26utm_test%3Daffscan%26rpdskclid%3Db19242b2-a992-11ed-bc68-92289f8569a9%26mid%3Db19242b2-a992-11ed-bc68-92289f8569a9&rl=&if=false&ts=1676075956866&sw=1600&sh=1200&v=2.9.95&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1676075956863.942190567&it=1676075956438&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://protection.byguardio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 11 Feb 2023 00:39:16 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 27ms
10ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=396644971396753&ev=PageView&dl=https%3A%2F%2Fprotection.byguardio.com%2F%3Futm_source%3Dadx_grd_gen11_2_test%26utm_test%3Daffscan%26rpdskclid%3Db19242b2-a992-11ed-bc68-92289f8569a9%26mid%3Db19242b2-a992-11ed-bc68-92289f8569a9&rl=&if=false&ts=1676075956866&sw=1600&sh=1200&v=2.9.95&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1676075956863.942190567&it=1676075956438&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://protection.byguardio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 11 Feb 2023 00:39:16 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 27ms
10ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=145413639486927&ev=ViewContent&dl=https%3A%2F%2Fprotection.byguardio.com%2F%3Futm_source%3Dadx_grd_gen11_2_test%26utm_test%3Daffscan%26rpdskclid%3Db19242b2-a992-11ed-bc68-92289f8569a9%26mid%3Db19242b2-a992-11ed-bc68-92289f8569a9&rl=&if=false&ts=1676075956867&sw=1600&sh=1200&v=2.9.95&r=stable&ec=1&o=30&fbp=fb.1.1676075956863.942190567&it=1676075956438&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://protection.byguardio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 11 Feb 2023 00:39:16 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 28ms
10ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=800164860398368&ev=ViewContent&dl=https%3A%2F%2Fprotection.byguardio.com%2F%3Futm_source%3Dadx_grd_gen11_2_test%26utm_test%3Daffscan%26rpdskclid%3Db19242b2-a992-11ed-bc68-92289f8569a9%26mid%3Db19242b2-a992-11ed-bc68-92289f8569a9&rl=&if=false&ts=1676075956867&sw=1600&sh=1200&v=2.9.95&r=stable&ec=1&o=30&fbp=fb.1.1676075956863.942190567&it=1676075956438&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://protection.byguardio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 11 Feb 2023 00:39:16 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 28ms
11ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=396644971396753&ev=ViewContent&dl=https%3A%2F%2Fprotection.byguardio.com%2F%3Futm_source%3Dadx_grd_gen11_2_test%26utm_test%3Daffscan%26rpdskclid%3Db19242b2-a992-11ed-bc68-92289f8569a9%26mid%3Db19242b2-a992-11ed-bc68-92289f8569a9&rl=&if=false&ts=1676075956868&sw=1600&sh=1200&v=2.9.95&r=stable&ec=1&o=30&fbp=fb.1.1676075956863.942190567&it=1676075956438&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://protection.byguardio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 11 Feb 2023 00:39:16 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 202 rum Show response
rum.browser-intake-datadoghq.com/api/v2/ 53 B
286 B 532ms
222ms Fetch
application/json 2600:1f18:24e6:b901:5ce2:fb29:33d9:37f1
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.30.1%2Capi%3Afetch%2Cenv%3Aprod%2Cservice%3Aguardio-front-rum&dd-api-key=pub0c7d13ea127fab0d675a4a28a4e80eaa&dd-evp-origin-version=4.30.1&dd-evp-origin=browser&dd-request-id=c0a04bb5-8752-4de4-8cfe-f2793c5fb062&batch_time=1676075956898

Requested by

Host: cdn.byguardio.com
URL: https://cdn.byguardio.com/static/silly-kabuto-83de85/app-51063100e3664a02a651.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:24e6:b901:5ce2:fb29:33d9:37f1 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

cf9cf0d04e779aaab7c83b6215b7e947bd27cabd6821188c0cf005101f21b895

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800;
X-Content-Type-Options	nosniff

Request headers

Referer: https://protection.byguardio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 11 Feb 2023 00:39:17 GMT
strict-transport-security: max-age=15724800;
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 53

GET
H2 200 l
use.typekit.net/af/b4b708/00000000000000003b9b46f5/27/ 47 KB
47 KB 72ms
18ms Font
application/font-woff2 2a02:26f0:11a::217:9a48
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/b4b708/00000000000000003b9b46f5/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n9&v=3
Requested by: Host: protection.byguardio.com
URL: https://protection.byguardio.com/?utm_source=adx_grd_gen11_2_test&utm_test=affscan&rpdskclid=b19242b2-a992-11ed-bc68-92289f8569a9&mid=b19242b2-a992-11ed-bc68-92289f8569a9
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::217:9a48 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 63730ef77655ce420743eb607aa015e52e0a2884266e8e4613c58577c2e7408a

Request headers

Referer: https://protection.byguardio.com/
Origin: https://protection.byguardio.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 00:39:17 GMT
server: nginx
etag: "4f3e80403659d4605b51073e6e0b243ca6fbe719"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 48168

GET
H2 200 l
use.typekit.net/af/02ad94/00000000000000003b9b46f3/27/ 47 KB
48 KB 108ms
54ms Font
application/font-woff2 2a02:26f0:11a::217:9a48
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/02ad94/00000000000000003b9b46f3/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: protection.byguardio.com
URL: https://protection.byguardio.com/?utm_source=adx_grd_gen11_2_test&utm_test=affscan&rpdskclid=b19242b2-a992-11ed-bc68-92289f8569a9&mid=b19242b2-a992-11ed-bc68-92289f8569a9
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::217:9a48 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 547b25285152529ca4f1cf1866154c61f5d92fd3d090d7f976d741f6551e321a

Request headers

Referer: https://protection.byguardio.com/
Origin: https://protection.byguardio.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 00:39:17 GMT
server: nginx
etag: "4589238bed773a5851c5884d8dd0501591bd1cb5"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 48496

GET
H2 200 l
use.typekit.net/af/f5f3eb/00000000000000003b9b46eb/27/ 47 KB
47 KB 71ms
17ms Font
application/font-woff2 2a02:26f0:11a::217:9a48
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/f5f3eb/00000000000000003b9b46eb/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by: Host: protection.byguardio.com
URL: https://protection.byguardio.com/?utm_source=adx_grd_gen11_2_test&utm_test=affscan&rpdskclid=b19242b2-a992-11ed-bc68-92289f8569a9&mid=b19242b2-a992-11ed-bc68-92289f8569a9
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::217:9a48 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: d76f3dbd3a38c0368b22939b1a274e1ce82a0fed2cbd75b1e9c43ba7eb74739c

Request headers

Referer: https://protection.byguardio.com/
Origin: https://protection.byguardio.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 00:39:17 GMT
server: nginx
etag: "c0597c4577b9f724759e93539ba87807de337cd0"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 47656

GET
H2 200 l
use.typekit.net/af/227c77/00000000000000003b9b46ef/27/ 47 KB
47 KB 105ms
52ms Font
application/font-woff2 2a02:26f0:11a::217:9a48
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/227c77/00000000000000003b9b46ef/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by: Host: protection.byguardio.com
URL: https://protection.byguardio.com/?utm_source=adx_grd_gen11_2_test&utm_test=affscan&rpdskclid=b19242b2-a992-11ed-bc68-92289f8569a9&mid=b19242b2-a992-11ed-bc68-92289f8569a9
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::217:9a48 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 4957270c5656830e4a47087b3fd215cf3868f0b7079fb589251b9f952a0c6bac

Request headers

Referer: https://protection.byguardio.com/
Origin: https://protection.byguardio.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 00:39:17 GMT
server: nginx
etag: "4bbd1b56bd1769959a4c53d8946b8a7bcb97dce4"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 47928

GET
H2 200 l
use.typekit.net/af/4cc789/00000000000000003b9b46ed/27/ 46 KB
47 KB 107ms
54ms Font
application/font-woff2 2a02:26f0:11a::217:9a48
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/4cc789/00000000000000003b9b46ed/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: protection.byguardio.com
URL: https://protection.byguardio.com/?utm_source=adx_grd_gen11_2_test&utm_test=affscan&rpdskclid=b19242b2-a992-11ed-bc68-92289f8569a9&mid=b19242b2-a992-11ed-bc68-92289f8569a9
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::217:9a48 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: b3db5b321134954282781d3367d7914e8a8cf5285dc35427820ecd889df5ff5a

Request headers

Referer: https://protection.byguardio.com/
Origin: https://protection.byguardio.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 00:39:17 GMT
server: nginx
etag: "f9c1c4c847938c564b6f041956a850b045edf78a"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 47364

GET
H2 200 l
use.typekit.net/af/4526e4/00000000000000003b9b46f1/27/ 47 KB
48 KB 71ms
18ms Font
application/font-woff2 2a02:26f0:11a::217:9a48
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/4526e4/00000000000000003b9b46f1/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3
Requested by: Host: protection.byguardio.com
URL: https://protection.byguardio.com/?utm_source=adx_grd_gen11_2_test&utm_test=affscan&rpdskclid=b19242b2-a992-11ed-bc68-92289f8569a9&mid=b19242b2-a992-11ed-bc68-92289f8569a9
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::217:9a48 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 4d298f2d42f50301cf50ec78cfb20039be148951fbe22a994e4fbff8f5fb2ae5

Request headers

Referer: https://protection.byguardio.com/
Origin: https://protection.byguardio.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 00:39:17 GMT
server: nginx
etag: "8ad4a251c361eeb581708637071c6c3564d271bf"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 48632

POST
H3 200 events Show response
protection.byguardio.com/api/ 0
15 B 131ms
131ms XHR
text/html 34.102.209.210
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://protection.byguardio.com/api/events
Requested by: Host: cdn.byguardio.com
URL: https://cdn.byguardio.com/static/silly-kabuto-83de85/app-51063100e3664a02a651.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.209.210 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 210.209.102.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://protection.byguardio.com/?utm_source=adx_grd_gen11_2_test&utm_test=affscan&rpdskclid=b19242b2-a992-11ed-bc68-92289f8569a9&mid=b19242b2-a992-11ed-bc68-92289f8569a9
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sat, 11 Feb 2023 00:39:17 GMT
via: 1.1 google
server
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: 0

GET
H2 200 p.gif
p.typekit.net/ 35 B
214 B 135ms
17ms Image
image/gif 2a02:26f0:11a::217:9a4b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.typekit.net/p.gif?s=1&k=iyq7cgf&ht=tk&h=protection.byguardio.com&f=24537.24539.24543.24545.24547.24549&a=20415993&js=1.21.0&app=typekit&e=js&_=1676075957076
Requested by: Host: protection.byguardio.com
URL: https://protection.byguardio.com/?utm_source=adx_grd_gen11_2_test&utm_test=affscan&rpdskclid=b19242b2-a992-11ed-bc68-92289f8569a9&mid=b19242b2-a992-11ed-bc68-92289f8569a9
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::217:9a4b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://protection.byguardio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 00:39:17 GMT
last-modified: Sat, 09 Oct 2021 06:43:10 GMT
server: nginx
etag: "616139fe-23"
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 35

GET
H2 200 attribution Show response
guard.io/v2/aff/ 0
383 B 125ms
124ms Fetch
text/html 34.102.139.130
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://guard.io/v2/aff/attribution?location=lead
Requested by: Host: cdn.byguardio.com
URL: https://cdn.byguardio.com/static/silly-kabuto-83de85/app-51063100e3664a02a651.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.139.130 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 130.139.102.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://protection.byguardio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Feb 2023 00:39:17 GMT
via: 1.1 google
server
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://protection.byguardio.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

POST
H2 202 rum Show response
rum.browser-intake-datadoghq.com/api/v2/ 53 B
285 B 243ms
243ms Fetch
application/json 2600:1f18:24e6:b901:5ce2:fb29:33d9:37f1
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.30.1%2Capi%3Afetch%2Cenv%3Aprod%2Cservice%3Aguardio-front-rum&dd-api-key=pub0c7d13ea127fab0d675a4a28a4e80eaa&dd-evp-origin-version=4.30.1&dd-evp-origin=browser&dd-request-id=3bcf042d-94a0-4dc4-b6d2-7865f12d60fd&batch_time=1676075957212

Requested by

Host: cdn.byguardio.com
URL: https://cdn.byguardio.com/static/silly-kabuto-83de85/app-51063100e3664a02a651.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:24e6:b901:5ce2:fb29:33d9:37f1 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

c55916830e0d4db60394eace4b8cdb901bc5268446871bce4d3bedd01e86b106

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800;
X-Content-Type-Options	nosniff

Request headers

Referer: https://protection.byguardio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 11 Feb 2023 00:39:17 GMT
strict-transport-security: max-age=15724800;
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 53

POST
H2 200 / Show response
www.facebook.com/tr/ Frame 37BE 0
78 B 7ms
7ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://protection.byguardio.com
Referer: https://protection.byguardio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://protection.byguardio.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Sat, 11 Feb 2023 00:39:17 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 0021 0
18 B 7ms
7ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://protection.byguardio.com
Referer: https://protection.byguardio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://protection.byguardio.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Sat, 11 Feb 2023 00:39:17 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 5B84 0
15 B 7ms
7ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://protection.byguardio.com
Referer: https://protection.byguardio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://protection.byguardio.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Sat, 11 Feb 2023 00:39:17 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H3 200 events Show response
protection.byguardio.com/api/ 0
15 B 131ms
131ms XHR
text/html 34.102.209.210
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://protection.byguardio.com/api/events
Requested by: Host: cdn.byguardio.com
URL: https://cdn.byguardio.com/static/silly-kabuto-83de85/app-51063100e3664a02a651.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.209.210 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 210.209.102.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://protection.byguardio.com/?utm_source=adx_grd_gen11_2_test&utm_test=affscan&rpdskclid=b19242b2-a992-11ed-bc68-92289f8569a9&mid=b19242b2-a992-11ed-bc68-92289f8569a9
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sat, 11 Feb 2023 00:39:17 GMT
via: 1.1 google
server
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: 0

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.byguardio.com/	1970-01-20 19:10:35	Name: utm_source Value: adx_grd_gen11_2_test
.byguardio.com/	1970-01-20 19:10:35	Name: utm_source_cross Value: adx_grd_gen11_2_test
.byguardio.com/	1970-01-20 19:10:35	Name: uid Value: uid_cicfWtybaWAQVcnzszMMDnMLxSUVi5A4
.byguardio.com/	1970-01-20 19:10:35	Name: uid_cross Value: uid_cicfWtybaWAQVcnzszMMDnMLxSUVi5A4
.byguardio.com/	1970-01-20 19:10:35	Name: salt Value: salt_5zDVd26TU7GvYbaPRehj79hB7BSahXQ
.byguardio.com/	1970-01-20 19:10:35	Name: fid Value: fid_ZLdEkpoJbs8aWzWgk2HconZxRo6Cq7Vx
.byguardio.com/	1970-01-20 09:34:43	Name: mid Value: b19242b2-a992-11ed-bc68-92289f8569a9
.byguardio.com/	1970-01-20 11:44:11	Name: _fbp Value: fb.1.1676075956863.942190567
.guard.io/	1970-01-20 19:10:35	Name: utm_source_cross Value: adx_grd_gen11_2_test
.guard.io/	1970-01-20 09:34:43	Name: mid_cross Value: b19242b2-a992-11ed-bc68-92289f8569a9
.guard.io/	1970-01-20 19:10:35	Name: uid_cross Value: uid_cicfWtybaWAQVcnzszMMDnMLxSUVi5A4
.guard.io/	1970-01-20 19:10:35	Name: rpdskclid_cross Value: b19242b2-a992-11ed-bc68-92289f8569a9
protection.byguardio.com/	1970-01-20 09:34:36	Name: _dd_s Value: rum=2&id=811708bf-e97f-492a-9841-405389e41191&created=1676075956630&expire=1676076856639&logs=1

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://cdn.byguardio.com/static/silly-kabuto-83de85/app-51063100e3664a02a651.js(Line 1) Message: Fetch API cannot load chrome-extension://gjfpmkejnolcfklaaddjnckanhhgegla/assets/installed.json. URL scheme "chrome-extension" is not supported.
network	error	URL: https://www.google.com/sorry/index?continue=https://www.youtube.com/iframe_api&q=EhAqAxsgAAbwEQAAAAAAAABuGLTHm58GIjCyX4twrQUfFaMOh0Al4rltw6Jz79ecLTIpp8AolggaqfTGfX8y1UqUA1yu6VYMxw4yAXI Message: Failed to load resource: the server responded with a status of 429 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.byguardio.com
connect.facebook.net
guard.io
p.typekit.net
protection.byguardio.com
rum.browser-intake-datadoghq.com
s.yimg.com
use.typekit.net
www.facebook.com
www.google.com
www.youtube.com
2600:1f18:24e6:b901:5ce2:fb29:33d9:37f1
2a00:1288:f03d:1fa::4000
2a00:1450:4001:808::200e
2a00:1450:4001:830::2004
2a02:26f0:11a::217:9a48
2a02:26f0:11a::217:9a4b
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
34.102.139.130
34.102.209.210
34.98.65.253
0ea5d41cd2a58f4a69ac955148573ed0a2c655bf750fd531c4d6f543c0d250d0
1619fb45a2eb80391b90ab0e0045caf2b0bdf12988f97733eafa3f07943783af
20df950ca35d4f2cfd93930c3dfef3cb2be85fa099710808524cf7ddbc478a8d
212decdf57382382a93c998f69804c31afe47c0a995d2a055d5e7cc89ffff9e4
23f1acc91b2624d9e843d97d6e8a171e151cbc3b781b68f19bfa83f100c6db21
249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f
3ad2baf39b7c0033efb47fc099ce44f4eea8a38b1257c96150521aff721fcf0e
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4957270c5656830e4a47087b3fd215cf3868f0b7079fb589251b9f952a0c6bac
4d298f2d42f50301cf50ec78cfb20039be148951fbe22a994e4fbff8f5fb2ae5
547b25285152529ca4f1cf1866154c61f5d92fd3d090d7f976d741f6551e321a
5ac094908511ea20380e668dc096e962560f3eff344dfbadd45ba93ad8b4c3a2
63730ef77655ce420743eb607aa015e52e0a2884266e8e4613c58577c2e7408a
7c0fedbfb5e4ffd9f9a7df3d7cf3fe12569d4723ba688f39f7af7ed55d9c3770
7c7ff3b2b38673a252daa06d20721393ecdebedf7f554e90f49f7f4304e0f97a
7dd7f78199d6c9dcf37370519523ee9ff1cca6a32146b8e9cad704d2c46bd67d
7f2ae81ea854e84521729cb6951f3f793af51163aa595d617dba59f480543532
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
9eb84d167a28290507f1aa3dd080eec2e7b3392dc030219cc3879b8dbb3e509e
9eb85be926731d5aa25dd6a630a214792ff4e04a7e2b77e6bc576fa74b49572d
9eba4917f281c9933b61be5602c6a9e02a3f1b0ab6e18d492ca27c1717d7643e
9eed7c299b33fbfaa9abb7e8af2503ae6a0ef517917f28fc2b78f15417cffe19
b3db5b321134954282781d3367d7914e8a8cf5285dc35427820ecd889df5ff5a
bc6a1d4c78bc08d21c501f2187febd981a13538cb6291e2a61d733554c98dfda
c1e56ad863615fc191d80d7807852db95e57579f6535186d83d04ecdebef5236
c423db1eb63bd7004c95ec712b4035f3e3a7442a2c66f22e26f4c1dbb17a2a2a
c55916830e0d4db60394eace4b8cdb901bc5268446871bce4d3bedd01e86b106
cf9cf0d04e779aaab7c83b6215b7e947bd27cabd6821188c0cf005101f21b895
d565a1f428b5a257aa9cfe334e232af8faba9cad37930d1be683d50e9fa96866
d76f3dbd3a38c0368b22939b1a274e1ce82a0fed2cbd75b1e9c43ba7eb74739c
db02c6c3e7679e4613196c6103b8467cb2c84d48f8cb98f43a330127c8c2888e
dc7c6c8908bbe0c4927257cfe0dea4a248f18f3b312beb8b4af5414a867fd413
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

protection.byguardio.com Open in urlscan Pro 34.102.209.210 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

40 Requests

98 %HTTPS

73 %IPv6

9 Domains

11 Subdomains

11 IPs

4 Countries

1651 kBTransfer

2556 kBSize

13 Cookies

0 Outgoing links

Page URL History

Redirected requests

40 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

protection.byguardio.com Open in urlscan Pro
34.102.209.210 Public Scan

Screenshot
Live screenshot

Full Image

40
Requests

98 %
HTTPS

73 %
IPv6

9
Domains

11
Subdomains

11
IPs

4
Countries

1651 kB
Transfer

2556 kB
Size

13
Cookies

40 HTTP transactions
7 data transactions