bybio.co Open in urlscan Pro
2606:4700:20::681a:781 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://bybio.co/xagqd39zxg
Submission: On June 16 via manual (June 16th 2023, 1:41:51 am UTC) from MX — Scanned from DE

Summary HTTP 58 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 23 IPs in 4 countries across 23 domains to perform 58 HTTP transactions. The main IP is 2606:4700:20::681a:781, located in United States and belongs to CLOUDFLARENET, US. The main domain is bybio.co.
TLS certificate: Issued by E1 on May 29th 2023. Valid for: 3 months.

This is the only time bybio.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
14	2606:4700:20:... 2606:4700:20::681a:781	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:bdf::45 2620:1ec:bdf::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	146.75.116.157 146.75.116.157	54113 (FASTLY) (FASTLY)
2	2620:116:800d... 2620:116:800d:21:7eb1:3826:be7e:d981	16509 (AMAZON-02) (AMAZON-02)
6	2.16.186.242 2.16.186.242	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 2	67.199.248.10 67.199.248.10	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	2606:4700::68... 2606:4700::6812:6528	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:311... 2606:4700:3110::6812:336a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2606:4700:311... 2606:4700:311f::6812:3f7e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:249... 2600:9000:2490:9c00:7:49a5:5fd2:8621	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c02::9d	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223c:4200:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	52.152.143.207 52.152.143.207	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
58	23

14 2606:4700:20::681a:781 (United States)

ASN13335 (CLOUDFLARENET, US)

bybio.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.116.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:7eb1:3826:be7e:d981 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2.16.186.242 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-242.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.199.248.10 (United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:6528 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

chaturbate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3110::6812:336a (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

go.xlviiirdr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:311f::6812:3f7e (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

stripchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
de.stripchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

maxlink.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2490:9c00:7:49a5:5fd2:8621 (United States)

ASN16509 (AMAZON-02, US)

www.amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.5 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c02::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:4200:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.152.143.207 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

o.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	bybio.co bybio.co	554 KB
6	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 716	118 KB
6	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1007 c.clarity.ms — Cisco Umbrella Rank: 1573 o.clarity.ms — Cisco Umbrella Rank: 8800	27 KB
5	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2890 www.google.com — Cisco Umbrella Rank: 3	973 B
4	google.de www.google.de — Cisco Umbrella Rank: 4835	777 B
4	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 57 stats.g.doubleclick.net — Cisco Umbrella Rank: 124	4 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 176	156 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 60	21 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 101	239 B
2	stripchat.com 1 redirects stripchat.com — Cisco Umbrella Rank: 14646 de.stripchat.com — Cisco Umbrella Rank: 136467	689 B
2	chaturbate.com 1 redirects chaturbate.com — Cisco Umbrella Rank: 12363	4 KB
2	bit.ly 2 redirects bit.ly — Cisco Umbrella Rank: 5113	548 B
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1215 pixel.quantserve.com — Cisco Umbrella Rank: 977	10 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 82	178 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 246	742 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1141	632 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 721	725 B
1	t.co t.co — Cisco Umbrella Rank: 504	378 B
1	amazon.com www.amazon.com — Cisco Umbrella Rank: 414
1	maxlink.ly 1 redirects maxlink.ly	645 B
1	xlviiirdr.com 1 redirects go.xlviiirdr.com — Cisco Umbrella Rank: 45826	576 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 768	15 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 422	31 KB
58	23

	Domain	Requested by
14	bybio.co	bybio.co
6	analytics.tiktok.com	bybio.co analytics.tiktok.com
4	www.google.de
3	www.google.com
3	connect.facebook.net	www.googletagmanager.com connect.facebook.net
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	o.clarity.ms	www.clarity.ms
2	c.clarity.ms	1 redirects
2	www.facebook.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	region1.analytics.google.com	www.googletagmanager.com
2	chaturbate.com	1 redirects www.googletagmanager.com
2	bit.ly	2 redirects
2	www.clarity.ms	www.googletagmanager.com www.clarity.ms
2	googleads.g.doubleclick.net	www.googletagmanager.com
2	www.googletagmanager.com	bybio.co www.googletagmanager.com
1	pixel.quantserve.com
1	c.bing.com	1 redirects
1	rules.quantcount.com	secure.quantserve.com
1	analytics.twitter.com
1	t.co
1	www.amazon.com	www.googletagmanager.com
1	maxlink.ly	1 redirects
1	de.stripchat.com	www.googletagmanager.com
1	stripchat.com	1 redirects
1	go.xlviiirdr.com	1 redirects
1	secure.quantserve.com	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	ajax.googleapis.com	bybio.co
58	29

This site contains links to these domains. Also see Links.

Domain
vdmarketing.postaffiliatepro.com

Subject Issuer	Validity	Valid
bybio.co E1	`2023-05-29` - `2023-08-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-03-25` - `2023-06-23`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-12-01` - `2023-12-01`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.tiktok.com RapidSSL TLS ECC CA G1	`2023-03-13` - `2024-04-12`	a year	crt.sh
*.highwebmedia.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-03` - `2023-10-05`	a year	crt.sh
stripchat.com Cloudflare Inc ECC CA-3	`2023-01-31` - `2024-01-31`	a year	crt.sh
www.amazon.com DigiCert Global CA G2	`2023-01-17` - `2024-01-16`	a year	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
quantserve.com R3	`2023-06-13` - `2023-09-11`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://bybio.co/xagqd39zxg
Frame ID: B18119615ED6ECCEA9B01C4D3169A8D6
Requests: 55 HTTP requests in this frame

Frame: https://chaturbate.com/?join_overlay=1&tour=grq0&campaign=Bxm5E&disable_sound=0
Frame ID: EC876D5F4C07F22D142ECDD727B0DEF5
Requests: 1 HTTP requests in this frame

Frame: https://de.stripchat.com/girls/latin?affiliateId=160623mtqo83ozz7y67bk9d930zfx2980ijyx8ci0e18svyfpjnbg1hxvdoe3e90&realDomain=go.xlviiirdr.com&referrer=https%3A%2F%2Fbybio.co%2Fxagqd39zxg&showModal=signup&sourceId=bybio&stripbotVariation=NullWidget&userId=52a7d69a638a986da4b545fc728a38bd59df14229d5da7eb55aec3c243453b59
Frame ID: C2F6AF8C2E12083E74C96ED46B867097
Requests: 1 HTTP requests in this frame

Frame: https://www.amazon.com/dp/B0B6254P8K?coliid=I3G3NJ94BCJAZV&colid=1OJKNKALCK3TD&psc=1&linkCode=ll1&tag=maxterpc00-20&linkId=d2b31b0da98e09ee2a140420e83a3397&language=es_US&ref_=as_li_ss_tl&utm_source=bybio
Frame ID: 0EB14EABA4093F9BF19869F680184A75
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

xagqd39zxg - BYBIO

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

58
Requests

98 %
HTTPS

74 %
IPv6

23
Domains

29
Subdomains

23
IPs

4
Countries

1117 kB
Transfer

3494 kB
Size

42
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://vdmarketing.postaffiliatepro.com/scripts/qzcw1549?a_aid=Serrano5542&a_bid=114ab182&chan=code19
Title: INGRESA AQUÍ Y SOLICITALO YA 👇🏻👇🏻👇🏻👇🏻👇🏻👇

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24

https://bit.ly/3COKWyl HTTP 301
https://chaturbate.com/in/?tour=grq0&campaign=Bxm5E&track=bybio HTTP 302
https://chaturbate.com/?join_overlay=1&tour=grq0&campaign=Bxm5E&disable_sound=0

Request Chain 25

https://bit.ly/3QvXkJh HTTP 301
https://go.xlviiirdr.com/api/goToTheTag?sourceId=bybio&userId=52a7d69a638a986da4b545fc728a38bd59df14229d5da7eb55aec3c243453b59&tag=girls/latin&showModal=signup& HTTP 302
https://stripchat.com/girls/latin?affiliateId=160623mtqo83ozz7y67bk9d930zfx2980ijyx8ci0e18svyfpjnbg1hxvdoe3e90&realDomain=go.xlviiirdr.com&referrer=https%3A%2F%2Fbybio.co%2Fxagqd39zxg&showModal=signup&sourceId=bybio&stripbotVariation=NullWidget&userId=52a7d69a638a986da4b545fc728a38bd59df14229d5da7eb55aec3c243453b59 HTTP 302
https://de.stripchat.com/girls/latin?affiliateId=160623mtqo83ozz7y67bk9d930zfx2980ijyx8ci0e18svyfpjnbg1hxvdoe3e90&realDomain=go.xlviiirdr.com&referrer=https%3A%2F%2Fbybio.co%2Fxagqd39zxg&showModal=signup&sourceId=bybio&stripbotVariation=NullWidget&userId=52a7d69a638a986da4b545fc728a38bd59df14229d5da7eb55aec3c243453b59

Request Chain 26

https://maxlink.ly/TDsSz HTTP 302
https://www.amazon.com/dp/B0B6254P8K?coliid=I3G3NJ94BCJAZV&colid=1OJKNKALCK3TD&psc=1&linkCode=ll1&tag=maxterpc00-20&linkId=d2b31b0da98e09ee2a140420e83a3397&language=es_US&ref_=as_li_ss_tl&utm_source=bybio

Request Chain 44

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=52E24E4AF6A74B9895F98535CD461C45&RedC=c.clarity.ms&MXFR=23318316EF6161E33AE89024EB616F29 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=52E24E4AF6A74B9895F98535CD461C45&MUID=2F32C67FAFB966A117EAD54DAEB967CD

58 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request xagqd39zxg Show response
bybio.co/ 27 KB
9 KB 1033ms
991ms Document
text/html 2606:4700:20::681a:781
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bybio.co/xagqd39zxg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:781 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea297d6cc847a236d822c10c1552f3feb6768b9d8f9cb24abfacb2987048b334

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors bybio.co byfans.co bybio.me
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7d7f5a21eb7f9a2a-FRA
content-encoding: br
content-security-policy: frame-ancestors bybio.co byfans.co bybio.me
content-type: text/html; charset=UTF-8
date: Fri, 16 Jun 2023 01:41:44 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy: fullscreen=(), geolocation=()
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y4jBo5eilGzsGIPYsU8Tnn8ofTjjbqTbUpwhiOC2RqjgqpQP4Y6M2dF88eUS5ZdYJC58LeK3GDVEqMSmrC4Zt4KiFbWfvH44MlcDNOqEolTINiW%2FmNbgINymb1LonsorDlVbeTKj"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1;mode=block

GET
H2 200 bootstrap.min.css
bybio.co/themes/altum/assets/css/ 211 KB
32 KB 1664ms
1662ms Stylesheet
text/css 2606:4700:20::681a:781
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bybio.co/themes/altum/assets/css/bootstrap.min.css?v=1686879704

Requested by

Host: bybio.co
URL: https://bybio.co/xagqd39zxg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:781 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dce9999a5fd8a4397a7b3d6f310dff803ecf58beb83c9d830296cc7becf37e4d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors bybio.co byfans.co bybio.me
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bybio.co/xagqd39zxg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 01:41:45 GMT
content-security-policy: frame-ancestors bybio.co byfans.co bybio.me
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1;mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 26 Sep 2022 23:47:59 GMT
server: cloudflare
etag: W/"34dd2-5e99d284fa9c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JsxryhvK%2B%2F%2FCkx8J68WQqNk8KKvm%2BaJmty%2B%2F4%2F64%2BsdIhMS%2FoSxGJFzWzAR97%2FOq2vDoUAFsUuW9TZ2p29hTjjZaf%2F2zLW4VKgtsCc8z%2B5qj5zCf9fyYBXIBTFJpHltlDKT4Zd%2Fi"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
permissions-policy: fullscreen=(), geolocation=()
cf-ray: 7d7f5a282f419a2a-FRA
expires: Sun, 16 Jul 2023 01:41:44 GMT

GET
H2 200 custom.css
bybio.co/themes/altum/assets/css/ 13 KB
4 KB 1031ms
1029ms Stylesheet
text/css 2606:4700:20::681a:781
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bybio.co/themes/altum/assets/css/custom.css?v=1686879704

Requested by

Host: bybio.co
URL: https://bybio.co/xagqd39zxg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:781 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e87f2aeb0346b989b054b8ef080e8d65abe9737d57121dee7a111785f25f50ca

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors bybio.co byfans.co bybio.me
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bybio.co/xagqd39zxg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 01:41:45 GMT
content-security-policy: frame-ancestors bybio.co byfans.co bybio.me
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1;mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 30 Dec 2022 03:48:38 GMT
server: cloudflare
etag: W/"357d-5f1037a069180"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lUJh7X2KlUnBoabPEI9GG8raFjJBqpj5WTIbsY8aKebASdalF3%2BNwhVXFd6ZHaClXZVAIYKOI5fcLWcBLMi9DTmBrnvUQhvsi0brijEhEW9qrM2t%2FH4tdfbroa7ES7urkLXgcf8D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
permissions-policy: fullscreen=(), geolocation=()
cf-ray: 7d7f5a282f429a2a-FRA
expires: Sun, 16 Jul 2023 01:41:44 GMT

GET
H2 200 link-custom.css
bybio.co/themes/altum/assets/css/ 4 KB
1 KB 804ms
803ms Stylesheet
text/css 2606:4700:20::681a:781
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bybio.co/themes/altum/assets/css/link-custom.css?v=1686879704

Requested by

Host: bybio.co
URL: https://bybio.co/xagqd39zxg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:781 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e41cfeefd6a420b3da9a9329c68f2d99ff50784ca16e5c6afc68d1577d91da5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors bybio.co byfans.co bybio.me
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bybio.co/xagqd39zxg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 01:41:45 GMT
content-security-policy: frame-ancestors bybio.co byfans.co bybio.me
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1;mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 27 Nov 2022 20:10:31 GMT
server: cloudflare
etag: W/"e8b-5ee7958c03bc0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ihpLiFn2z99qvepYmfWilZozitBoNlN3jT6315RwRCLidw5aus1mlJGbxR17csCZRyeuDDNkgfPpbRaWxttrL1n2KjQfJZUbpsE4Zktg7%2B%2FjreX%2BMfkLwgKegiXu%2F5soTk3saIHy"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
permissions-policy: fullscreen=(), geolocation=()
cf-ray: 7d7f5a282f449a2a-FRA
expires: Sun, 16 Jul 2023 01:41:44 GMT

GET
H2 200 animate.min.css
bybio.co/themes/altum/assets/css/ 70 KB
6 KB 1339ms
1337ms Stylesheet
text/css 2606:4700:20::681a:781
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bybio.co/themes/altum/assets/css/animate.min.css?v=1686879704

Requested by

Host: bybio.co
URL: https://bybio.co/xagqd39zxg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:781 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

721fd25fad2ceea766b483f7692fc840097de75bb54185273920adf62da63e15

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors bybio.co byfans.co bybio.me
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bybio.co/xagqd39zxg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 01:41:45 GMT
content-security-policy: frame-ancestors bybio.co byfans.co bybio.me
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1;mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 03 Dec 2020 04:46:06 GMT
server: cloudflare
etag: W/"11847-5b58809abff80"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fZUANgrNFsiu3uLthK9H0M5ukb2M7mHOz4i74oX81n4278yTf4WoxOzpIFVrFBoIspTfCID21JjwBHpBuDFVaDurG381UzXMlKuyJnbmvD0ymWOJYmHNuPwzW7eQaSrbMSXjQez4"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
permissions-policy: fullscreen=(), geolocation=()
cf-ray: 7d7f5a282f459a2a-FRA
expires: Sun, 16 Jul 2023 01:41:44 GMT

GET
H2 200 8730d9d34d1bb03c0aa162e3ad43f353.png
bybio.co/uploads/avatars/ 4 KB
4 KB 804ms
804ms Image
image/png 2606:4700:20::681a:781
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bybio.co/uploads/avatars/8730d9d34d1bb03c0aa162e3ad43f353.png

Requested by

Host: bybio.co
URL: https://bybio.co/xagqd39zxg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:781 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2300f708c5062e8fa6c41bdf11de0b45ab8669e20add85689e8e5bd6ab138cd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors bybio.co byfans.co bybio.me
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bybio.co/xagqd39zxg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 01:41:45 GMT
content-security-policy: frame-ancestors bybio.co byfans.co bybio.me
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400
content-length: 3918
x-xss-protection: 1;mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 09 Feb 2023 12:54:10 GMT
server: cloudflare
etag: "f4e-5f443e08257c3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2JuUBAU9Dr4BSvwwcvxntBmwvucURKSH0IV5EjeZIb1%2BPPIwqb2o5rCIEUHhRwAzcJMaZ5e3lp9j0igt%2BSawYft4io3tdHKcOjDXjx9rAy9pzaWf1K2IpQfQllk0xsO0rs2Bvexq"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
permissions-policy: fullscreen=(), geolocation=()
accept-ranges: bytes
cf-ray: 7d7f5a282f469a2a-FRA
expires: Sat, 15 Jun 2024 01:41:44 GMT

GET
H2 200 0321f9cc0d3a7cd315812071216e2d51.png
bybio.co/uploads/logo/ 5 KB
5 KB 16ms
16ms Image
image/webp 2606:4700:20::681a:781
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bybio.co/uploads/logo/0321f9cc0d3a7cd315812071216e2d51.png

Requested by

Host: bybio.co
URL: https://bybio.co/xagqd39zxg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:781 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

06cedcdccb290280d887597acf569e4ae0865b20c662179533af86adb894c86e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors bybio.co byfans.co bybio.me
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bybio.co/xagqd39zxg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 01:41:44 GMT
content-security-policy: frame-ancestors bybio.co byfans.co bybio.me
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 1405398
cf-polished: origFmt=png, origSize=11577
content-disposition: inline; filename="0321f9cc0d3a7cd315812071216e2d51.webp"
alt-svc: h3=":443"; ma=86400
content-length: 4968
x-xss-protection: 1;mode=block
referrer-policy: no-referrer-when-downgrade
cf-bgj: imgq:100,h2pri
last-modified: Wed, 30 Nov 2022 03:37:22 GMT
server: cloudflare
etag: "2d39-5eea7d286bc73"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ifuqmhe54IpO5joWZD9mrlxAVydzXg%2BVRRBZGY9enZkuW09iXL9GQNhfrRMwqGp%2FbApMPmFZOBH20ZR8VRyBbkzUtgSzCIQ8POf3ssXmtZCLMtN8hh%2FolY5axoQXgO5Y8ADqutJZ"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
permissions-policy: fullscreen=(), geolocation=()
accept-ranges: bytes
cf-ray: 7d7f5a282f479a2a-FRA
expires: Wed, 29 May 2024 19:18:26 GMT

GET
H3 200 facebook.svg
bybio.co/themes/altum/assets/images/ 447 B
937 B 19ms
19ms Image
image/svg+xml 2606:4700:20::681a:781
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bybio.co/themes/altum/assets/images/facebook.svg

Requested by

Host: bybio.co
URL: https://bybio.co/xagqd39zxg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:781 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

493851cada9002d13fe1e1295db3fba203d76602d01daf24e898414a99be89ed

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors bybio.co byfans.co bybio.me
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bybio.co/xagqd39zxg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 01:41:44 GMT
content-security-policy: frame-ancestors bybio.co byfans.co bybio.me
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 11657506
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1;mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 06 Dec 2021 17:16:02 GMT
server: cloudflare
etag: W/"1bf-5d27d693e7880"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Gw8iSaWyd1Ngt9BYcbHtH4jW31nxZXcZ4CXls3COydU1XWShfwG0cuhmyjDrSkl2cDkn4ypsZJHVFQGRxOusr%2Bt2aeLJQwc0Gq95ZFYezuCEXxyRao00L%2F5h7e7ElxpNPsEaXkp"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
permissions-policy: fullscreen=(), geolocation=()
cf-ray: 7d7f5a2a8aef195c-FRA
expires: Thu, 01 Feb 2024 03:29:58 GMT

GET
H3 200 rocket-loader.min.js Show response
bybio.co/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 10ms
9ms Script
application/javascript 2606:4700:20::681a:781
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bybio.co/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: bybio.co
URL: https://bybio.co/xagqd39zxg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:781 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bybio.co/xagqd39zxg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 01:41:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Fri, 09 Jun 2023 14:46:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: gzip
etag: W/"64833b49-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ycGyaU16WDErep%2BScicKnm2ilYvzNVW89%2BtNikf53VWiSszlzNEgBknrQJLe5R%2Bo0kXe%2FhscuNRTSLCT5WsrIFEMmXfOf0mWQ3YEcCfN%2BwvIAHoaIIdc%2FCp%2F6WYburF33yZ2EWdm"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 7d7f5a2a8af0195c-FRA
expires: Sun, 18 Jun 2023 01:41:44 GMT

GET
H3 200 fontawesome-all.min.js Show response
bybio.co/themes/altum/assets/js/libraries/ 1 MB
426 KB 34ms
33ms Script
application/javascript 2606:4700:20::681a:781
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bybio.co/themes/altum/assets/js/libraries/fontawesome-all.min.js?v=2200

Requested by

Host: bybio.co
URL: https://bybio.co/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:781 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

812ab0e46f86b2ce98ab2425ab2224b90d0845952a1ac0d5abd734b6217e98bf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors bybio.co byfans.co bybio.me
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bybio.co/xagqd39zxg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 01:41:46 GMT
content-security-policy: frame-ancestors bybio.co byfans.co bybio.me
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 1288508
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1;mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 04 Aug 2021 22:25:46 GMT
server: cloudflare
etag: W/"1242a2-5c8c3489d4e80"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fwkYqYsIk9tjnUFDtIvmvqXhIKzbXp1kSxaEizf5N%2BHz4%2BdDYMJrEQSWb1QGOzCLwRTSEpXfk1XIwhHZW7yhX5kh9h8e%2B6VhxEVZsQdJ1foL74X0%2B2bfQFhIl381d5EwOKYMv8vk"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
permissions-policy: fullscreen=(), geolocation=()
cf-ray: 7d7f5a3298a9195c-FRA
expires: Sat, 01 Jul 2023 03:42:45 GMT

GET
H3 200 custom.js Show response
bybio.co/themes/altum/assets/js/ 23 KB
6 KB 18ms
17ms Script
application/javascript 2606:4700:20::681a:781
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bybio.co/themes/altum/assets/js/custom.js?v=2200

Requested by

Host: bybio.co
URL: https://bybio.co/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:781 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9bd64529fc41aa48b04e729af2c1ed05cc9290e9d96d4afa427c50e3bcb0e81

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors bybio.co byfans.co bybio.me
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bybio.co/xagqd39zxg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 01:41:46 GMT
content-security-policy: frame-ancestors bybio.co byfans.co bybio.me
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 1287698
cf-polished: origSize=25735
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1;mode=block
referrer-policy: no-referrer-when-downgrade
cf-bgj: minify
last-modified: Fri, 03 Feb 2023 09:51:11 GMT
server: cloudflare
etag: W/"6487-5f3c89f0d21c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pi2ENQgQMMs1%2BHeCN0lPBaS6n1Zz%2BYpgR2xvL0CT9To19Si5U7gs1mgu4c3xcRJrQEu4cb6BXRTx3x0afLIsJuHOSST2jLiygqF1HlE7AkaSeFpQ9mHCHSGwn0BwvXFJ9p2J5dIx"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
permissions-policy: fullscreen=(), geolocation=()
cf-ray: 7d7f5a3298ac195c-FRA
expires: Sat, 01 Jul 2023 04:00:08 GMT

GET
H3 200 bootstrap.min.js Show response
bybio.co/themes/altum/assets/js/libraries/ 62 KB
16 KB 27ms
26ms Script
application/javascript 2606:4700:20::681a:781
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bybio.co/themes/altum/assets/js/libraries/bootstrap.min.js?v=2200

Requested by

Host: bybio.co
URL: https://bybio.co/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:781 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aef771d2e517167fe65b281ebbd263d11f079c3a07e91d022a7d1e79d558d7c6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors bybio.co byfans.co bybio.me
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bybio.co/xagqd39zxg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 01:41:46 GMT
content-security-policy: frame-ancestors bybio.co byfans.co bybio.me
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 1287698
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1;mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 24 May 2021 19:19:48 GMT
server: cloudflare
etag: W/"f7c2-5c3184af8bd00"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B2dVtpl7r9oiwTH2%2FJycHWaEMuow4zqktGElNIAXOMkQXvCE2KFAjLgGW5HzswuRem2Rs91VvLdgWz%2BcqShuoLxKqbLG0YozibpvOYicpvB6rC6i2a5e3Mlc6KznjcF4LJf0v5M%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
permissions-policy: fullscreen=(), geolocation=()
cf-ray: 7d7f5a3298ad195c-FRA
expires: Sat, 01 Jul 2023 04:00:08 GMT

GET
H3 200 popper.min.js Show response
bybio.co/themes/altum/assets/js/libraries/ 19 KB
7 KB 20ms
19ms Script
application/javascript 2606:4700:20::681a:781
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bybio.co/themes/altum/assets/js/libraries/popper.min.js?v=2200

Requested by

Host: bybio.co
URL: https://bybio.co/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:781 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3675f226f985b64eea6ae8544d5496a32d19993aae1ac4a3fa101263ef3206f7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors bybio.co byfans.co bybio.me
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bybio.co/xagqd39zxg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 01:41:46 GMT
content-security-policy: frame-ancestors bybio.co byfans.co bybio.me
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 1287698
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1;mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 06 Sep 2020 22:47:24 GMT
server: cloudflare
etag: W/"4a32-5aeace2aab700"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P20LI8RRPPJW3QWXgSfusCfGFDXOQmFjxu4VNO15Lxx5aacEAh%2B7pGWbyE0b1ZFJAbCxWTcRrnMeJmer9kPhtll1CC9RHK4k%2BEUvn%2BuO4nm9zRIBottDm%2BPiz4AbgbqFIoXixMHX"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
permissions-policy: fullscreen=(), geolocation=()
cf-ray: 7d7f5a3298af195c-FRA
expires: Sat, 01 Jul 2023 04:00:08 GMT

GET
H3 200 jquery.min.js Show response
bybio.co/themes/altum/assets/js/libraries/ 87 KB
32 KB 24ms
23ms Script
application/javascript 2606:4700:20::681a:781
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bybio.co/themes/altum/assets/js/libraries/jquery.min.js?v=2200

Requested by

Host: bybio.co
URL: https://bybio.co/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:781 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors bybio.co byfans.co bybio.me
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bybio.co/xagqd39zxg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 01:41:46 GMT
content-security-policy: frame-ancestors bybio.co byfans.co bybio.me
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 1686404
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1;mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 22 Sep 2020 02:30:34 GMT
server: cloudflare
etag: W/"15d84-5afddc0648680"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FuitJtHTMAYWxmEU6XFMxD%2BdCI%2Fz3A6wHThExPRR%2BZkfX0LInIqurX%2B1Ff5gmgHlDTR16LWvecSvW%2BvuTiCx%2Bc7biifs%2Fm3xi1At38lCNzrn4oUnMBcRO5hTE31zwMmN8fBjLRoG"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
permissions-policy: fullscreen=(), geolocation=()
cf-ray: 7d7f5a3298b0195c-FRA
expires: Mon, 26 Jun 2023 13:15:02 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 87 KB
31 KB 59ms
8ms Script
text/javascript 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: bybio.co
URL: https://bybio.co/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bybio.co/xagqd39zxg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 08:00:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63659
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31017
x-xss-protection: 0
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Jun 2024 08:00:47 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 277 KB
92 KB 94ms
36ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T58Z86P

Requested by

Host: bybio.co
URL: https://bybio.co/xagqd39zxg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9925609e0274f3d0ae5abe272b757a767db399c2fe1d85a5dfeaf5bb0b421766

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bybio.co/xagqd39zxg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 01:41:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94283
x-xss-protection: 0
last-modified: Fri, 16 Jun 2023 00:25:58 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 16 Jun 2023 01:41:46 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 49ms
13ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T58Z86P

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bybio.co/xagqd39zxg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 16 Jun 2023 01:04:46 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 2220
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Fri, 16 Jun 2023 03:04:46 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 108 KB
28 KB 49ms
8ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T58Z86P

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

64816ef42196992f1120608cafa36df8e03c81064551abb6f23bc00f69bf6727

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bybio.co/xagqd39zxg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 16 Jun 2023 01:41:46 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27810
x-xss-protection: 0
pragma: public
x-fb-debug: O7sIq1sWDQG1xgEjOssy02fw6bWxxSnPLmxncu9g2IORcawcnRe2KNbY8+zLQJvO6olSethxbHWpQRVryES7mw==
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10889780793/ 3 KB
2 KB 66ms
27ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10889780793/?random=1686879706256&cv=11&fst=1686879706256&bg=ffffff&guid=ON&async=1&gtm=45He36e0&u_w=1600&u_h=1200&url=https%3A%2F%2Fbybio.co%2Fxagqd39zxg&hn=www.googleadservices.com&frm=0&tiba=xagqd39zxg%20-%20BYBIO&auid=1969652671.1686879706&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T58Z86P

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f5e9bf52453d40060aba8ccd82401a6434065c6a70427951d3f8d00dcb211a34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bybio.co/xagqd39zxg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Jun 2023 01:41:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10973909352/ 3 KB
1 KB 66ms
28ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10973909352/?random=1686879706260&cv=11&fst=1686879706260&bg=ffffff&guid=ON&async=1&gtm=45He36e0&u_w=1600&u_h=1200&url=https%3A%2F%2Fbybio.co%2Fxagqd39zxg&hn=www.googleadservices.com&frm=0&tiba=xagqd39zxg%20-%20BYBIO&auid=1969652671.1686879706&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T58Z86P

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5aaa4e269fd78b5660efcb2cf3fcfac9320fc5651c245615d8c33b803cb13b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bybio.co/xagqd39zxg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Jun 2023 01:41:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1302
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fwa0yjj493 Show response
www.clarity.ms/tag/ 1 KB
2 KB 168ms
100ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/fwa0yjj493?ref=gtm
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T58Z86P
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: ccd0a2dde931d3bd4ae4f42148c7566750e16729b781d81ad302877da9cffbce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bybio.co/xagqd39zxg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires: -1
date: Fri, 16 Jun 2023 01:41:46 GMT
x-azure-ref: 20230616T014146Z-yues8k2g5p7x18hbd3wck3q1kw00000002qg00000000grnt
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 1257
request-context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 42ms
7ms Script
application/javascript 146.75.116.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T58Z86P
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bybio.co/xagqd39zxg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 01:41:46 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-fra-eddf8230037-FRA

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
9 KB 58ms
8ms Script
application/javascript 2620:116:800d:21:7eb1:3826:be7e:d981
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T58Z86P
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bybio.co/xagqd39zxg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 01:41:46 GMT
content-encoding: gzip
etag: "sLp6xTjO7svFVaOemhLWUQ=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Fri, 23 Jun 2023 01:41:46 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 3 KB
2 KB 196ms
113ms Script
application/javascript 2.16.186.242
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C9LHDTBC77U4P674L6B0&lib=ttq
Requested by: Host: bybio.co
URL: https://bybio.co/xagqd39zxg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-242.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 1ddfa31aab860bc5d7efe5333bf630b415ce0ed74ecc46331d9aa491a756d976

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bybio.co/xagqd39zxg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-akamai-request-id: 61e97ec8.b41f4c8
date: Fri, 16 Jun 2023 01:41:46 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-238.deploy.akamaitechnologies.com (AkamaiGHost/11.1.1-48600985) (-)
x-parent-response-time: 95,2.16.186.238
server-timing: cdn-cache; desc=MISS, edge; dur=88, origin; dur=8, inner; dur=3
content-length: 1316
pragma: no-cache
server: nginx
x-tt-logid: 2023061601414647AC7B3E82BE6B194716
x-cache-remote: TCP_MISS from a23-220-104-6.deploy.akamaitechnologies.com (AkamaiGHost/11.1.1-48600985) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 8,23.220.104.6
x-tt-trace-host: 01266107169c69e137edb0816b6253e8eb3f2f75dcfd9880f8b3244e2b1c6d5cad498f959c40bbf10fe8edecad53bf50108c06d7c4656d585b8f49f34b13c01a20169ad093bb7db5b3835af42208a5cef17bef7ce9b1e176d268e8576a20f8a7977c7709bba29783a12ad82952c60dd931
expires: Fri, 16 Jun 2023 01:41:46 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 3 KB
2 KB 197ms
115ms Script
application/javascript 2.16.186.242
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CABUR4BC77U9LQHLQ0P0&lib=ttq
Requested by: Host: bybio.co
URL: https://bybio.co/xagqd39zxg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-242.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 3b79ccf728488f4e60d29caa1949a2e09c8b78e0a12cab6d488ff85294d8c288

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bybio.co/xagqd39zxg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-akamai-request-id: b41f4cd
date: Fri, 16 Jun 2023 01:41:46 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-238.deploy.akamaitechnologies.com (AkamaiGHost/11.1.1-48600985) (-)
server-timing: inner; dur=2, cdn-cache; desc=MISS, edge; dur=2, origin; dur=91
content-length: 1321
pragma: no-cache
server: nginx
x-tt-logid: 20230616014146D4C2EDA118F52BD4675A
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 91,2.16.186.238
x-tt-trace-host: 01266107169c69e137edb0816b6253e8ebfec4753684b6cf19fc3c0bdb442233f9edd989f3c859db041a98c747992bf36f25cef70fec609a13f1531a2eb3c2915d4ce1222daaabb5f7474ab86e37d87f23a6beab8050678f8f8fa3cbb5700b3772
expires: Fri, 16 Jun 2023 01:41:46 GMT

GET
H2

200

/
chaturbate.com/ Frame EC87
Redirect Chain

https://bit.ly/3COKWyl
https://chaturbate.com/in/?tour=grq0&campaign=Bxm5E&track=bybio
https://chaturbate.com/?join_overlay=1&tour=grq0&campaign=Bxm5E&disable_sound=0

0
0

374ms
373ms

Document
text/html

2606:4700::6812:6528
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://chaturbate.com/?join_overlay=1&tour=grq0&campaign=Bxm5E&disable_sound=0

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T58Z86P

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6528 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://.mmcdn.com https://.highwebmedia.com https://.chaturbate.com https://chaturbate.com https://ajax.googleapis.com https://js-agent.newrelic.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://.googletagmanager.com https://www.google.com/recaptcha/ https://www.google.com/cv/ https://www.gstatic.com/recaptcha/ https://www.gstatic.com/cv/ https://www.gstatic.com/eureka/ https://www.gstatic.com/cast/ https://.nr-data.net https://certify-js.alexametrics.com https://player.vimeo.com/api/player.js https://static.hotjar.com https://script.hotjar.com ; style-src 'self' data: 'unsafe-inline' https://.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.googleapis.com https://static.hotjar.com https://script.hotjar.com; img-src 'self' data: https://.mmcdn.com https://.highwebmedia.com https://.stream.highwebmedia.com https://.chaturbate.com https://chaturbate.com https://.google-analytics.com https://.googletagmanager.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://cdnjs.cloudflare.com https://www.gstatic.com https://.nr-data.net https://certify.alexametrics.com https://stats.g.doubleclick.net https://cbgames.s3.amazonaws.com https://player.vimeo.com https://script.hotjar.com http://script.hotjar.com ; font-src 'self' data: https://.mmcdn.com https://.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.gstatic.com http://script.hotjar.com https://script.hotjar.com ; connect-src 'self' blob: blob https://.mmcdn.com wss://.mmcdn.com wss://.mmcdn.com:8443 https://.highwebmedia.com wss://.highwebmedia.com wss://.highwebmedia.com:8443 https://.nr-data.net https://.chaturbate.com https://chaturbate.com https://.google-analytics.com https://.analytics.google.com https://.googletagmanager.com https://cbvideoupload.s3-accelerate.amazonaws.com https://stats.g.doubleclick.net https://internet-up.ably-realtime.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://tls-use1.fpapi.io https://use1.fptls.com https://eun1.fptls.com https://aps1.fptls.com https://.hotjar.com https://.hotjar.io wss://.hotjar.com ; media-src 'self' https://.mmcdn.com https://.highwebmedia.com https://.chaturbate.com https://chaturbate.com mediasource: blob: data: https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com; object-src 'self' https://.mmcdn.com https://.highwebmedia.com https://download.macromedia.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com ; frame-src 'self' https://.mmcdn.com https://.chaturbate.com https://chaturbate.com https://.highwebmedia.com https://adserver.exoticads.com https://www.google.com/recaptcha/ https://.wnu.com https://wnu.com https://checkout.2000charge.com https://www.sofort.com https://.girogate.de https://player.vimeo.com https://vars.hotjar.com https://directory-live.cb.dev https://.web.cb.dev ; child-src 'self' blob: blob ; worker-src 'self' blob: blob ; form-action 'self' https://.chaturbate.com https://chaturbate.com https://.stream.highwebmedia.com https://.wnu.com https://wnu.com https://devportal.cb.dev https://.web.amer-1.jumio.ai https://smartpay.coinsmart.com https://secure.paygarden.com ; manifest-src 'self' https://.mmcdn.com https://.highwebmedia.com ; report-uri https://report-uri.mmcdn.com/r/t/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://report-uri.highwebmedia.com/r/t/xss/enforce

Request headers

Referer: https://bybio.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7d7f5a363d6d926e-FRA
content-encoding: br
content-language: de
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://ajax.googleapis.com https://js-agent.newrelic.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://*.googletagmanager.com https://www.google.com/recaptcha/ https://www.google.com/cv/ https://www.gstatic.com/recaptcha/ https://www.gstatic.com/cv/ https://www.gstatic.com/eureka/ https://www.gstatic.com/cast/ https://*.nr-data.net https://certify-js.alexametrics.com https://player.vimeo.com/api/player.js https://static.hotjar.com https://script.hotjar.com ; style-src 'self' data: 'unsafe-inline' https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.googleapis.com https://static.hotjar.com https://script.hotjar.com; img-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://*.stream.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://*.google-analytics.com https://*.googletagmanager.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://cdnjs.cloudflare.com https://www.gstatic.com https://*.nr-data.net https://certify.alexametrics.com https://stats.g.doubleclick.net https://cbgames.s3.amazonaws.com https://player.vimeo.com https://script.hotjar.com http://script.hotjar.com ; font-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.gstatic.com http://script.hotjar.com https://script.hotjar.com ; connect-src 'self' blob: blob https://*.mmcdn.com wss://*.mmcdn.com wss://*.mmcdn.com:8443 https://*.highwebmedia.com wss://*.highwebmedia.com wss://*.highwebmedia.com:8443 https://*.nr-data.net https://*.chaturbate.com https://chaturbate.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://cbvideoupload.s3-accelerate.amazonaws.com https://stats.g.doubleclick.net https://internet-up.ably-realtime.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://tls-use1.fpapi.io https://use1.fptls.com https://eun1.fptls.com https://aps1.fptls.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com ; media-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com mediasource: blob: data: https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com; object-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://download.macromedia.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com ; frame-src 'self' https://*.mmcdn.com https://*.chaturbate.com https://chaturbate.com https://*.highwebmedia.com https://adserver.exoticads.com https://www.google.com/recaptcha/ https://*.wnu.com https://wnu.com https://checkout.2000charge.com https://www.sofort.com https://*.girogate.de https://player.vimeo.com https://vars.hotjar.com https://directory-live.cb.dev https://*.web.cb.dev ; child-src 'self' blob: blob ; worker-src 'self' blob: blob ; form-action 'self' https://*.chaturbate.com https://chaturbate.com https://*.stream.highwebmedia.com https://*.wnu.com https://wnu.com https://devportal.cb.dev https://*.web.amer-1.jumio.ai https://smartpay.coinsmart.com https://secure.paygarden.com ; manifest-src 'self' https://*.mmcdn.com https://*.highwebmedia.com ; report-uri https://report-uri.mmcdn.com/r/t/csp/enforce;
content-type: text/html; charset=utf-8
date: Fri, 16 Jun 2023 01:41:46 GMT
nel: {"report_to":"default","max_age":2592000,"include_subdomains":true}
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
referrer-policy: strict-origin-when-cross-origin
report-to: {"group":"default","max_age":2592000,"endpoints":[{"url":"https://report-uri.mmcdn.com/a/t/g"}],"include_subdomains":true}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding Cookie, Accept-Language
via: 1.1 google
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block; report=https://report-uri.highwebmedia.com/r/t/xss/enforce

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7d7f5a353cf6926e-FRA
content-language: de
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://ajax.googleapis.com https://js-agent.newrelic.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://*.googletagmanager.com https://www.google.com/recaptcha/ https://www.google.com/cv/ https://www.gstatic.com/recaptcha/ https://www.gstatic.com/cv/ https://www.gstatic.com/eureka/ https://www.gstatic.com/cast/ https://*.nr-data.net https://certify-js.alexametrics.com https://player.vimeo.com/api/player.js https://static.hotjar.com https://script.hotjar.com ; style-src 'self' data: 'unsafe-inline' https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.googleapis.com https://static.hotjar.com https://script.hotjar.com; img-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://*.stream.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://*.google-analytics.com https://*.googletagmanager.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://cdnjs.cloudflare.com https://www.gstatic.com https://*.nr-data.net https://certify.alexametrics.com https://stats.g.doubleclick.net https://cbgames.s3.amazonaws.com https://player.vimeo.com https://script.hotjar.com http://script.hotjar.com ; font-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.gstatic.com http://script.hotjar.com https://script.hotjar.com ; connect-src 'self' blob: blob https://*.mmcdn.com wss://*.mmcdn.com wss://*.mmcdn.com:8443 https://*.highwebmedia.com wss://*.highwebmedia.com wss://*.highwebmedia.com:8443 https://*.nr-data.net https://*.chaturbate.com https://chaturbate.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://cbvideoupload.s3-accelerate.amazonaws.com https://stats.g.doubleclick.net https://internet-up.ably-realtime.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://tls-use1.fpapi.io https://use1.fptls.com https://eun1.fptls.com https://aps1.fptls.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com ; media-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com mediasource: blob: data: https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com; object-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://download.macromedia.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com ; frame-src 'self' https://*.mmcdn.com https://*.chaturbate.com https://chaturbate.com https://*.highwebmedia.com https://adserver.exoticads.com https://www.google.com/recaptcha/ https://*.wnu.com https://wnu.com https://checkout.2000charge.com https://www.sofort.com https://*.girogate.de https://player.vimeo.com https://vars.hotjar.com https://directory-live.cb.dev https://*.web.cb.dev ; child-src 'self' blob: blob ; worker-src 'self' blob: blob ; form-action 'self' https://*.chaturbate.com https://chaturbate.com https://*.stream.highwebmedia.com https://*.wnu.com https://wnu.com https://devportal.cb.dev https://*.web.amer-1.jumio.ai https://smartpay.coinsmart.com https://secure.paygarden.com ; manifest-src 'self' https://*.mmcdn.com https://*.highwebmedia.com ; report-uri https://report-uri.mmcdn.com/r/t/csp/enforce;
content-type: text/html; charset=utf-8
date: Fri, 16 Jun 2023 01:41:46 GMT
location: /?join_overlay=1&tour=grq0&campaign=Bxm5E&disable_sound=0
nel: {"report_to":"default","max_age":2592000,"include_subdomains":true}
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
referrer-policy: strict-origin-when-cross-origin
report-to: {"group":"default","max_age":2592000,"endpoints":[{"url":"https://report-uri.mmcdn.com/a/t/g"}],"include_subdomains":true}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Language, Cookie
via: 1.1 google
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block; report=https://report-uri.highwebmedia.com/r/t/xss/enforce

GET
H2

200

latin
de.stripchat.com/girls/ Frame C2F6
Redirect Chain

https://bit.ly/3QvXkJh
https://go.xlviiirdr.com/api/goToTheTag?sourceId=bybio&userId=52a7d69a638a986da4b545fc728a38bd59df14229d5da7eb55aec3c243453b59&tag=girls/latin&showModal=signup&
https://stripchat.com/girls/latin?affiliateId=160623mtqo83ozz7y67bk9d930zfx2980ijyx8ci0e18svyfpjnbg1hxvdoe3e90&realDomain=go.xlviiirdr.com&referrer=https%3A%2F%2Fbybio.co%2Fxagqd39zxg&showModal=sig...
https://de.stripchat.com/girls/latin?affiliateId=160623mtqo83ozz7y67bk9d930zfx2980ijyx8ci0e18svyfpjnbg1hxvdoe3e90&realDomain=go.xlviiirdr.com&referrer=https%3A%2F%2Fbybio.co%2Fxagqd39zxg&showModal=...

0
0

208ms
191ms

Document
text/html

2606:4700:311f::6812:3f7e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://de.stripchat.com/girls/latin?affiliateId=160623mtqo83ozz7y67bk9d930zfx2980ijyx8ci0e18svyfpjnbg1hxvdoe3e90&realDomain=go.xlviiirdr.com&referrer=https%3A%2F%2Fbybio.co%2Fxagqd39zxg&showModal=signup&sourceId=bybio&stripbotVariation=NullWidget&userId=52a7d69a638a986da4b545fc728a38bd59df14229d5da7eb55aec3c243453b59

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T58Z86P

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:311f::6812:3f7e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	deny

Request headers

Referer: https://bybio.co/xagqd39zxg
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7d7f5a363dd40a75-AMS
content-encoding: br
content-security-policy-report-only: default-src 'self' *.stripchat.com data: blob: *.amplitude.com *.google-analytics.com *.googletagmanager.com *.googleapis.com *.gstatic.com *.lovense.club:* *.lovense.com *.lovense-api.com *.stripcdn.com *.stripst.com *.stripst.dev *.strpst.com *.strwst.com *.doppiocdn.com *.doppiocdn.net *.doppiocdn.org *.trafficjunky.net main.exoclick.com tsyndicate.com *.hotjar.com *.hotjar.io;img-src 'self' * data: blob: android-webview-video-poster:;script-src 'self' *.stripchat.com data: 'unsafe-inline' 'unsafe-eval' blob: *.amplitude.com *.google-analytics.com *.googletagmanager.com *.googleapis.com *.gstatic.com *.hpyrdr.dev *.hytto.com *.lovense.club:* *.lovense.com *.lovense-api.com *.stripst.com *.stripst.dev *.strpst.com *.strwst.com *.trafficjunky.net *.google.com platform.twitter.com main.exoclick.com tsyndicate.com wss://*.sc-apps.com www.googleadservices.com cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/2.1.2/fingerprint2.min.js *.hotjar.com *.crowdin.com cdntechone.com *.nktrdr.com *.ktkjmp.com *.xhamster.com *.llyjmp.com *.lxzrdr.com *.mgdjmp.com *.rdfxgo.com *.smljmp.com *.stripcash.com *.xxxjmp.com *.xxxivjmp.com *.xxxvjmp.com *.xxxviijmp.com *.xxxviiijmp.com *.xlrdr.com *.xlirdr.com *.xliirdr.com *.xlivrdr.com *.xlvrdr.com *.xlviirdr.com *.xlviiirdr.com *.zybrdr.com *.bbrdbr.com *.dmsktmld.com *.fxmnba.com;connect-src 'self' *.stripchat.com *.amplitude.com *.doubleclick.net *.flixstorage.com *.google-analytics.com *.googletagmanager.com *.googleapis.com *.hytto.com *.lovense.club:* *.lovense.com *.lovense-api.com *.stripcdn.com *.xhamsterlive.com *.xlivesex.com *.stripst.com *.stripst.dev *.strpst.com *.strwst.com *.doppiocdn.com *.doppiocdn.net *.doppiocdn.org syndication.twitter.com wss://*.stripchat.com wss://*.stripcdn.com wss://*.stripcdn.com:8090 wss://*.stripst.com wss://*.stripst.dev wss://*.strpst.com wss://*.strwst.com wss://*.doppiocdn.com wss://*.doppiocdn.org wss://*.lovense.com wss://*.lovense-api.com wss://*.sc-apps.com *.crowdin.com crowdin.com datatechone.com stquality.org accounts.google.com *.nktrdr.com *.ktkjmp.com *.xhamster.com *.llyjmp.com *.lxzrdr.com *.mgdjmp.com *.rdfxgo.com *.smljmp.com *.stripcash.com *.xxxjmp.com *.xxxivjmp.com *.xxxvjmp.com *.xxxviijmp.com *.xxxviiijmp.com *.xlrdr.com *.xlirdr.com *.xliirdr.com *.xlivrdr.com *.xlvrdr.com *.xlviirdr.com *.xlviiirdr.com *.zybrdr.com *.bbrdbr.com *.dmsktmld.com *.fxmnba.com;media-src 'self' *.stripchat.com data: blob: *.ahcdn.com *.lovense.club:* *.lovense.com *.lovense-api.com *.stripcdn.com *.stripst.com *.stripst.dev *.strpst.com *.strwst.com *.doppiocdn.com *.doppiocdn.net *.doppiocdn.org;style-src 'self' *.stripchat.com 'unsafe-inline' *.googleapis.com *.hytto.com *.lovense.club:* *.lovense.com *.lovense-api.com *.stripcdn.com *.stripst.com *.stripst.dev *.strpst.com *.strwst.com *.tagmanager.google.com *.crowdin.com accounts.google.com;frame-src * data:;report-uri /_csp
content-type: text/html; charset=utf-8
date: Fri, 16 Jun 2023 01:41:46 GMT
server: cloudflare
strict-transport-security: max-age=15768000
x-backend: golf-ssr-application-7bc548644c-xwmjx
x-cache-status: MISS
x-frame-options: deny
x-geoip: DE

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7d7f5a35ed9e0a75-AMS
content-type: text/html
date: Fri, 16 Jun 2023 01:41:46 GMT
location: https://de.stripchat.com/girls/latin?affiliateId=160623mtqo83ozz7y67bk9d930zfx2980ijyx8ci0e18svyfpjnbg1hxvdoe3e90&realDomain=go.xlviiirdr.com&referrer=https%3A%2F%2Fbybio.co%2Fxagqd39zxg&showModal=signup&sourceId=bybio&stripbotVariation=NullWidget&userId=52a7d69a638a986da4b545fc728a38bd59df14229d5da7eb55aec3c243453b59
server: cloudflare
strict-transport-security: max-age=15768000
x-frame-options: deny

GET
H2

200

B0B6254P8K
www.amazon.com/dp/ Frame 0EB1
Redirect Chain

https://maxlink.ly/TDsSz
https://www.amazon.com/dp/B0B6254P8K?coliid=I3G3NJ94BCJAZV&colid=1OJKNKALCK3TD&psc=1&linkCode=ll1&tag=maxterpc00-20&linkId=d2b31b0da98e09ee2a140420e83a3397&language=es_US&ref_=as_li_ss_tl&utm_sourc...

0
0

308ms
242ms

Document
text/html

2600:9000:2490:9c00:7:49a5:5fd2:8621
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.amazon.com/dp/B0B6254P8K?coliid=I3G3NJ94BCJAZV&colid=1OJKNKALCK3TD&psc=1&linkCode=ll1&tag=maxterpc00-20&linkId=d2b31b0da98e09ee2a140420e83a3397&language=es_US&ref_=as_li_ss_tl&utm_source=bybio

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T58Z86P

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:9c00:7:49a5:5fd2:8621 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;

Request headers

Referer: https://bybio.co/xagqd39zxg
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: ect,rtt,downlink,device-memory,sec-ch-device-memory,viewport-width,sec-ch-viewport-width,dpr,sec-ch-dpr
accept-ch-lifetime: 86400
cache-control: no-cache, no-transform
content-encoding: gzip
content-security-policy: upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
content-security-policy-report-only: default-src 'self' blob: https: data: mediastream: 'unsafe-eval' 'unsafe-inline';report-uri https://metrics.media-amazon.com/
content-type: text/html;charset=UTF-8
date: Fri, 16 Jun 2023 01:41:46 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml",CP="CAO DSP LAW CUR ADM IVAo IVDo CONo OTPo OUR DELi PUBi OTRi BUS PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA HEA PRE LOC GOV OTC "
server: Server
strict-transport-security: max-age=47474747; includeSubDomains; preload
vary: Content-Type,Accept-Encoding,User-Agent
via: 1.1 c3fc8d1fb362a6655af993732c376dc4.cloudfront.net (CloudFront)
x-amz-cf-id: Vu7uip6URgghNRVbVFQXxqKc8-kySv8Dq9MEBaBfRZ_8P1_8Zy1IPw==
x-amz-cf-pop: FRA56-P6
x-amz-rid: HV4NE30MRSZ4E333S7PF
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1;

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7d7f5a34aa38365b-FRA
date: Fri, 16 Jun 2023 01:41:46 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
location: https://www.amazon.com/dp/B0B6254P8K?coliid=I3G3NJ94BCJAZV&colid=1OJKNKALCK3TD&psc=1&linkCode=ll1&tag=maxterpc00-20&linkId=d2b31b0da98e09ee2a140420e83a3397&language=es_US&ref_=as_li_ss_tl&utm_source=bybio
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xnK8zSBI%2BepS5iwmqnvqMdmTEAn6a8FQXUl781HHYuo1KSdGXdUaQSuM%2BGi6g6fu081%2FKcxMO8LAbVnr7aF8Bq3r%2FEz9jLgUZzilHDxhfKsBBTMaiSDCIs%2BvhyPuRwNcndIR5fit46rh"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=0; preload
vary: Accept-Encoding

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 251 KB
86 KB 31ms
30ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-NXSZZFPR7J&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T58Z86P

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

aa6bb771d03d7044b61243cc6ea7f9129a9d892808db01dbfd9c48506bac1ce7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bybio.co/xagqd39zxg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 01:41:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 87755
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 16 Jun 2023 01:41:46 GMT

GET
H2 200 adsct
t.co/1/i/ 43 B
378 B 170ms
122ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=684d4512-d996-46ac-bf62-e6374ec0dbb9&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=a798466c-2189-49d1-bf46-0be83951410a&tw_document_href=https%3A%2F%2Fbybio.co%2Fxagqd39zxg&tw_iframe_status=0&txn_id=odxwt&type=javascript&version=2.3.29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bybio.co/xagqd39zxg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-response-time: 108
date: Fri, 16 Jun 2023 01:41:45 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 326fe2d85f2788aa
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 9196bdd0a68129da09c24df6413b2804c3e5856c47faf7c3941f7d92f1622d73
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/1/i/ 43 B
725 B 162ms
127ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=684d4512-d996-46ac-bf62-e6374ec0dbb9&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=a798466c-2189-49d1-bf46-0be83951410a&tw_document_href=https%3A%2F%2Fbybio.co%2Fxagqd39zxg&tw_iframe_status=0&txn_id=odxwt&type=javascript&version=2.3.29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bybio.co/xagqd39zxg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-response-time: 114
date: Fri, 16 Jun 2023 01:41:46 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 439e96b1c7d1e8fa
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: ea5cc5adfa237f4183371ef86b2fffd91eeb2a447f2495046ff59a4502ca8a69
content-length: 43

GET
H2 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 9ms
9ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.107

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bybio.co/xagqd39zxg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 16 Jun 2023 01:41:46 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20722
x-xss-protection: 0
pragma: public
x-fb-debug: 5jteUfa1zsYYSp9qqUiraPj+KU49vKdC8Fzdb94KH4lvwG0roziapMmZke4XkuN+MmkthMYFtryuq7KzQcLxeQ==
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 376822870575782 Show response
connect.facebook.net/signals/config/ 376 KB
108 KB 61ms
61ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/376822870575782?v=2.9.107&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ec03102288cc4b5c654d1c170ad657e5963fef641c45a9cf0547ed86eda3ba47

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bybio.co/xagqd39zxg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 16 Jun 2023 01:41:46 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: iXKGjHkEH6mpPV6s5VtCghyDrzJBiJksWW+LgxpYv440l12C4qMffmtrUozuzO/eAP3+2xd6hQe2ys6t6IzNWA==
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
204 B 21ms
20ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1658600975&t=pageview&_s=1&dl=https%3A%2F%2Fbybio.co%2Fxagqd39zxg&ul=en-us&de=UTF-8&dt=xagqd39zxg%20-%20BYBIO&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEABBAAAACAAI~&jid=612417387&gjid=1807800154&cid=345213430.1686879706&tid=UA-189695239-1&_gid=1906551683.1686879706&_r=1&_slc=1&gtm=45He36e0n81T58Z86P&z=82114922

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bybio.co/xagqd39zxg
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 16 Jun 2023 01:41:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bybio.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
249 B 40ms
15ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-NXSZZFPR7J&gtm=45je36e0&_p=1658600975&_gaz=1&cid=345213430.1686879706&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1686879706&sct=1&seg=0&dl=https%3A%2F%2Fbybio.co%2Fxagqd39zxg&dt=xagqd39zxg%20-%20BYBIO&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NXSZZFPR7J&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bybio.co/xagqd39zxg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Jun 2023 01:41:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bybio.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 61ms
20ms Ping
text/plain 2a00:1450:400c:c02::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-NXSZZFPR7J&cid=345213430.1686879706&gtm=45je36e0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NXSZZFPR7J&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c02::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bybio.co/xagqd39zxg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Jun 2023 01:41:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bybio.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 60ms
24ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-NXSZZFPR7J&cid=345213430.1686879706&gtm=45je36e0&aip=1&z=1291830014

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bybio.co/xagqd39zxg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Jun 2023 01:41:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/10973909352/ 42 B
108 B 62ms
26ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10973909352/?random=1686879706260&cv=11&fst=1686877200000&bg=ffffff&guid=ON&async=1&gtm=45He36e0&u_w=1600&u_h=1200&url=https%3A%2F%2Fbybio.co%2Fxagqd39zxg&frm=0&tiba=xagqd39zxg%20-%20BYBIO&fmt=3&is_vtc=1&random=1843075596&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bybio.co/xagqd39zxg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Jun 2023 01:41:46 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/10973909352/ 42 B
154 B 41ms
25ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/10973909352/?random=1686879706260&cv=11&fst=1686877200000&bg=ffffff&guid=ON&async=1&gtm=45He36e0&u_w=1600&u_h=1200&url=https%3A%2F%2Fbybio.co%2Fxagqd39zxg&frm=0&tiba=xagqd39zxg%20-%20BYBIO&fmt=3&is_vtc=1&random=1843075596&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bybio.co/xagqd39zxg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Jun 2023 01:41:46 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/10889780793/ 42 B
455 B 41ms
24ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10889780793/?random=1686879706256&cv=11&fst=1686877200000&bg=ffffff&guid=ON&async=1&gtm=45He36e0&u_w=1600&u_h=1200&url=https%3A%2F%2Fbybio.co%2Fxagqd39zxg&frm=0&tiba=xagqd39zxg%20-%20BYBIO&fmt=3&is_vtc=1&random=831872250&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bybio.co/xagqd39zxg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Jun 2023 01:41:46 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/10889780793/ 42 B
108 B 26ms
26ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/10889780793/?random=1686879706256&cv=11&fst=1686877200000&bg=ffffff&guid=ON&async=1&gtm=45He36e0&u_w=1600&u_h=1200&url=https%3A%2F%2Fbybio.co%2Fxagqd39zxg&frm=0&tiba=xagqd39zxg%20-%20BYBIO&fmt=3&is_vtc=1&random=831872250&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bybio.co/xagqd39zxg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Jun 2023 01:41:46 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rules-p-GC2k6K7v-UkXh.js Show response
rules.quantcount.com/ 160 B
632 B 52ms
12ms Script
application/javascript 2600:9000:223c:4200:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-GC2k6K7v-UkXh.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:4200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 556f4c9a83840bb8bee2946dad7028627eb2e778964ca51157cf918912be3973

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bybio.co/xagqd39zxg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 01:05:27 GMT
via: 1.1 e44e0b24e706487eaec6b9e01f2166dc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 2183
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Fri, 14 Oct 2022 06:35:26 GMT
server: AmazonS3
etag: "3d9ecfcfd908eb9717da4162609bc9a4"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: KiT-OWH3VsWq2Ans1l9BDoP-fY0w0CAw_FZDfp22Xn-YETIgRX-JJA==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
344 B 33ms
19ms XHR
text/plain 2a00:1450:400c:c02::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-189695239-1&cid=345213430.1686879706&jid=612417387&gjid=1807800154&_gid=1906551683.1686879706&_u=YGBACEAABAAAACAAI~&z=1586445859

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c02::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bybio.co/xagqd39zxg
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 16 Jun 2023 01:41:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bybio.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 54ms
7ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=376822870575782&ev=PageView&dl=https%3A%2F%2Fbybio.co%2Fxagqd39zxg&rl=&if=false&ts=1686879706431&sw=1600&sh=1200&v=2.9.107&r=stable&ec=0&o=30&fbp=fb.1.1686879706430.1861991838&cs_est=true&it=1686879706332&coo=false&tm=1&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bybio.co/xagqd39zxg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 16 Jun 2023 01:41:46 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.8/ 57 KB
24 KB 17ms
17ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.8/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/fwa0yjj493?ref=gtm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 9987dcc652130026523219440b654a3e307d16f186019031ad60a28d6f73aa2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bybio.co/xagqd39zxg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 01:41:46 GMT
content-encoding: br
last-modified: Mon, 12 Jun 2023 16:14:21 GMT
etag: W/"0x8DB6B6014B0AA22"
vary: Accept-Encoding
x-azure-ref: 20230616T014146Z-yues8k2g5p7x18hbd3wck3q1kw00000002qg00000000grpb
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: fdd9dea1-401e-000a-4df5-9e8a6c000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=52E24E4AF6A74B9895F98535CD461C45&RedC=c.clarity.ms&MXFR=23318316EF6161E33AE89024EB616F29
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=52E24E4AF6A74B9895F98535CD461C45&MUID=2F32C67FAFB966A117EAD54DAEB967CD

42 B
443 B

31ms
31ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=52E24E4AF6A74B9895F98535CD461C45&MUID=2F32C67FAFB966A117EAD54DAEB967CD
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bybio.co/xagqd39zxg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Jun 2023 01:41:45 GMT
last-modified: Tue, 06 Jun 2023 17:31:23 GMT
server: Microsoft-IIS/10.0
etag: "dca6ffb69c98d91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Fri, 16 Jun 2023 01:41:46 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 657AD0126A61478B9767D8379CE20AC1 Ref B: FRAEDGE1719 Ref C: 2023-06-16T01:41:46Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=52E24E4AF6A74B9895F98535CD461C45&MUID=2F32C67FAFB966A117EAD54DAEB967CD
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 26ms
24ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-189695239-1&cid=345213430.1686879706&jid=612417387&_u=YGBACEAABAAAACAAI~&z=1954308737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bybio.co/xagqd39zxg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Jun 2023 01:41:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 26ms
25ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-189695239-1&cid=345213430.1686879706&jid=612417387&_u=YGBACEAABAAAACAAI~&z=1954308737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bybio.co/xagqd39zxg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Jun 2023 01:41:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 15ms
14ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=1658600975&t=event&ni=1&_s=2&dl=https%3A%2F%2Fbybio.co%2Fxagqd39zxg&ul=en-us&de=UTF-8&dt=xagqd39zxg%20-%20BYBIO&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Clarity&ea=185uygm&_u=aHBACEABBAAAACAAI~&jid=&gjid=&cid=345213430.1686879706&tid=UA-189695239-1&_gid=1906551683.1686879706&gtm=45He36e0n81T58Z86P&cd1=https%3A%2F%2Fclarity.microsoft.com%2Fga%2Ffwa0yjj493%2F11x6src%2F185uygm&z=1437021465

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bybio.co/xagqd39zxg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jun 2023 21:21:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 15643
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.MWE4ZjFkYTAyMQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 310 KB
82 KB 18ms
18ms Script
application/javascript 2.16.186.242
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE4ZjFkYTAyMQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C9LHDTBC77U4P674L6B0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-242.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a755080ac27c65d216be0aa2a896fb5d2612f2695f6cee15b4d241944c9eebc2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bybio.co/xagqd39zxg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-akamai-request-id: b41f537
date: Fri, 16 Jun 2023 01:41:46 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202306151209134D422198AF48820D5D63
vary: Accept-Encoding
x-cache: TCP_HIT from a2-16-186-238.deploy.akamaitechnologies.com (AkamaiGHost/11.1.1-48600985) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 0105027b80374eaf5939a2ea4bdde446a0d6534ca07a831ab80cdfa07201cb366aa8da011661673f7a72e3b856af461c3f5a2964a817daa47ec777086b5afe4c21477ecfa466459ae85f063b3041e729ff5a24bd8a1ef2d0612d9a4691c6e100ad
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length: 83696

GET
H2 200 pixel;r=1236677175;source=gtm;rf=0;a=p-GC2k6K7v-UkXh;url=https%3A%2F%2Fbybio.co%2Fxagqd39zxg;uht=2;fpan=1;fpa=P0-1539092993-1686879706409;pbc=;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;...
pixel.quantserve.com/ 35 B
372 B 21ms
9ms Image
image/gif 2620:116:800d:21:7eb1:3826:be7e:d981
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1236677175;source=gtm;rf=0;a=p-GC2k6K7v-UkXh;url=https%3A%2F%2Fbybio.co%2Fxagqd39zxg;uht=2;fpan=1;fpa=P0-1539092993-1686879706409;pbc=;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;ref=;d=bybio.co;dst=0;et=1686879706497;tzo=0;ogl=;ses=5b4f487d-90a1-4c45-a478-5b947fd19e83;mdl=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bybio.co/xagqd39zxg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Jun 2023 01:41:46 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 identify_f7fa8.js Show response
analytics.tiktok.com/i18n/pixel/static/ 114 KB
31 KB 19ms
18ms Script
application/javascript 2.16.186.242
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_f7fa8.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE4ZjFkYTAyMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-242.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bybio.co/xagqd39zxg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-akamai-request-id: b41f573
date: Fri, 16 Jun 2023 01:41:46 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202306151209133CD2F2E89DC7C7BF2266
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a2-16-186-238.deploy.akamaitechnologies.com (AkamaiGHost/11.1.1-48600985) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 0105027b80374eaf5939a2ea4bdde446a0d6534ca07a831ab80cdfa07201cb366ae1a7adf8cef9f3550b1bb2d11f956dfed296ee4e2d83f52d73254e61ba92900dc46ee2b21c3948de78405100ea30cf1248e3d596beb62c67f6ec63d78f51d098
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length: 30703

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
689 B 161ms
161ms Ping
text/plain 2.16.186.242
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE4ZjFkYTAyMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-242.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bybio.co/xagqd39zxg
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 91931993.b41f5a6
date: Fri, 16 Jun 2023 01:41:46 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-238.deploy.akamaitechnologies.com (AkamaiGHost/11.1.1-48600985) (-)
x-parent-response-time: 129,2.16.186.238
server-timing: cdn-cache; desc=MISS, edge; dur=111, origin; dur=31, inner; dur=28
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20230616014146A5040301B89438705A87
x-cache-remote: TCP_MISS from a23-220-104-7.deploy.akamaitechnologies.com (AkamaiGHost/11.1.1-48600985) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 32,23.220.104.7
x-tt-trace-host: 01266107169c69e137edb0816b6253e8eb3f2f75dcfd9880f8b3244e2b1c6d5cad1b552b3cc134cfe34ebd1d66bbbcfc09f68120354380925130dae48a90f1e2980a52056b79a87baab5afef9e916497b6288f46a6e03067602d4dc28987f03ad6f00df238217b505da8f4dc82ac4294be
expires: Fri, 16 Jun 2023 01:41:46 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
552 B 241ms
241ms Ping
text/plain 2.16.186.242
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE4ZjFkYTAyMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-242.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bybio.co/xagqd39zxg
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 16 Jun 2023 01:41:46 GMT
x-akamai-request-id: b41f5a9
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 20230616014146D4C2EDA118F52BD4676E
x-cache: TCP_MISS from a2-16-186-238.deploy.akamaitechnologies.com (AkamaiGHost/11.1.1-48600985) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 214,2.16.186.238
x-tt-trace-host: 01266107169c69e137edb0816b6253e8ebfec4753684b6cf19fc3c0bdb442233f9edd989f3c859db041a98c747992bf36f76d7e5e9313e0168d1b068d14a827f9958c396321bbd90cf286111057f71177b7a3e116309d2445949e68b1c5bdfc620
server-timing: inner; dur=127, cdn-cache; desc=MISS, edge; dur=5, origin; dur=214
content-length: 0
expires: Fri, 16 Jun 2023 01:41:46 GMT

POST
H/1.1 204
No Content collect Show response
o.clarity.ms/ 0
288 B 391ms
186ms XHR
text/plain 52.152.143.207
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://o.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.8/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.152.143.207 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://bybio.co/xagqd39zxg
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://bybio.co
Date: Fri, 16 Jun 2023 01:41:46 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

POST
H/1.1 204
No Content collect Show response
o.clarity.ms/ 0
288 B 93ms
93ms XHR
text/plain 52.152.143.207
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://o.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.8/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.152.143.207 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://bybio.co/xagqd39zxg
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://bybio.co
Date: Fri, 16 Jun 2023 01:41:47 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H2 200 /
www.facebook.com/tr/ 0
54 B 8ms
7ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=376822870575782&ev=Microdata&dl=https%3A%2F%2Fbybio.co%2Fxagqd39zxg&rl=&if=false&ts=1686879707934&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22xagqd39zxg%20-%20BYBIO%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.107&r=stable&ec=1&o=30&fbp=fb.1.1686879706430.1861991838&it=1686879706332&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bybio.co/xagqd39zxg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 16 Jun 2023 01:41:47 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 15ms
15ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-NXSZZFPR7J&gtm=45je36e0&_p=1658600975&cid=345213430.1686879706&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1686879706&sct=1&seg=0&dl=https%3A%2F%2Fbybio.co%2Fxagqd39zxg&dt=xagqd39zxg%20-%20BYBIO&en=scroll&epn.percent_scrolled=90&_et=7
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NXSZZFPR7J&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bybio.co/xagqd39zxg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Jun 2023 01:41:51 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bybio.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

42 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
bybio.co/	1969-12-31 23:59:59	Name: __Secure-PHPSESSID Value: gaiktunf26ep8vo77hl2q24lts
bybio.co/	1970-01-20 12:36:06	Name: s_statistics_368844 Value: 0
.bybio.co/	1970-01-20 14:44:15	Name: _gcl_au Value: 1.1.1969652671.1686879706
.doubleclick.net/	1970-01-20 12:34:40	Name: test_cookie Value: CheckForPermission
.bybio.co/	1970-01-20 12:36:06	Name: _gid Value: GA1.2.1906551683.1686879706
.bybio.co/	1970-01-20 12:34:39	Name: _gat_UA-189695239-1 Value: 1
.bybio.co/	1970-01-20 22:10:39	Name: _ga Value: GA1.1.345213430.1686879706
.bybio.co/	1970-01-20 22:10:39	Name: _ga_NXSZZFPR7J Value: GS1.1.1686879706.1.0.1686879706.60.0.0
.bybio.co/	1970-01-20 14:44:15	Name: _fbp Value: fb.1.1686879706430.1861991838
www.clarity.ms/	1970-01-20 21:20:15	Name: CLID Value: 5673293afedc43f9983d722e1c6be732.20230616.20240615
.bybio.co/	1970-01-20 21:20:15	Name: _clck Value: 11x6src\|2\|fci\|0\|1262
.tiktok.com/	1970-01-20 21:56:15	Name: _ttp Value: 2RGc9RPfwJRusFG7MOCfzUXnGVR
.twitter.com/	1970-01-20 22:10:39	Name: guest_id_marketing Value: v1%3A168687970640816447
.twitter.com/	1970-01-20 22:10:39	Name: guest_id_ads Value: v1%3A168687970640816447
.twitter.com/	1970-01-20 22:10:39	Name: personalization_id Value: "v1_K/bGg66yEQ9gX6fbeDMehg=="
.twitter.com/	1970-01-20 22:10:39	Name: guest_id Value: v1%3A168687970640816447
.t.co/	1970-01-20 22:10:39	Name: muc_ads Value: e5793756-bb03-4912-9d35-1ab2b75d42c2
.go.xlviiirdr.com/	1970-01-20 13:17:51	Name: stripbotVariationName-StripcashTest16 Value: NullWidget
go.xlviiirdr.com/	1970-01-20 12:36:06	Name: __cflb Value: 02DiuDFRFiBZBvMSLtrthB7vPWzPQsdrAJbmhEbCvRBxx
.quantserve.com/	1970-01-20 22:04:54	Name: mc Value: 648bbdda-7d710-3c075-3a2c9
.bybio.co/	1970-01-20 21:59:08	Name: __qca Value: P0-1539092993-1686879706409
.stripchat.com/	1970-01-20 12:34:41	Name: __cf_bm Value: 0yefBK7Xh8RnAw53lwz1GiMhmA2r5CQuSs4jUf7_BK0-1686879706-0-AedW93hNnHl3sQMr2yw9o3CMM6mNnL+jWYigU208WqS3hjOsZv0UznHevGh0ouAQCt+nIet8KhlvL/77nnTaf1I=
stripchat.com/	1970-01-20 12:36:02	Name: __cflb Value: 02DiuFntVtrkFMde1dj5JeFn29SCwPep9jhJxuin7vVzc
.bybio.co/	1970-01-20 21:56:15	Name: _tt_enable_cookie Value: 1
chaturbate.com/	1970-01-20 12:41:51	Name: u_grq0 Value: 1
chaturbate.com/	1969-12-31 23:59:59	Name: us_grq0 Value: 1
.chaturbate.com/	1970-01-20 13:17:51	Name: affkey Value: "eJyrVipRslJQSi8qNFDSUVBKzi0AcZ0qck1dQfySomwQP6kyKTMfxC8C8TJKSgqKrfT1waJ6yfn6FYnphSnGllUV6SA1iWlpIFW5iRUlqUUFySAhsKFGhkq1ANiJH7U="
.chaturbate.com/	1969-12-31 23:59:59	Name: fromaffiliate Value: 1
chaturbate.com/	1970-01-20 12:35:01	Name: noads Value: 1
.chaturbate.com/	1970-01-20 22:10:39	Name: sbr Value: sec:sbr0909be0f-2d41-4e88-8374-7503d2322a14:1q9yTC:7Jna-uyQV5yy27gHD6_solmTCSk
.chaturbate.com/	1970-01-20 12:34:41	Name: __cf_bm Value: 6p1QXT2xS3XA3ixm1MDZ6gmtHLQKhZhGCxn4L9yu6zA-1686879706-0-AaovBDr2+CAYoR1JbbuHVBcm/roK9zFvHjMHGQ3NJfiauCYDQLndJuonx7hFM5TVVqcVOhIIqOl9ekkKI+MmoEw=
.bybio.co/	1970-01-20 21:56:15	Name: _ttp Value: blsPQqS4IWdBcTb8aTr8LG0XSWw
.bing.com/	1970-01-20 21:56:15	Name: MUID Value: 2F32C67FAFB966A117EAD54DAEB967CD
.c.bing.com/	1970-01-20 12:44:44	Name: MR Value: 0
.c.bing.com/	1970-01-20 21:56:15	Name: SRM_B Value: 2F32C67FAFB966A117EAD54DAEB967CD
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 21:56:15	Name: MUID Value: 2F32C67FAFB966A117EAD54DAEB967CD
.c.clarity.ms/	1970-01-20 12:44:44	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 12:34:40	Name: ANONCHK Value: 0
de.stripchat.com/	1970-01-20 12:36:02	Name: __cflb Value: 02DiuFntVtrkFMde1diFXXJ5SQKgV1y8tC5zFTj8ZngtL
.chaturbate.com/	1970-01-20 21:18:49	Name: csrftoken Value: fwHSCraw5Hhezpm12bnxLUKL9AFdIRmv5JUHD07ueqt4fcWiikYU1upEK6sRY5NO
.bybio.co/	1970-01-20 12:36:06	Name: _clsk Value: 185uygm\|1686879707033\|1\|1\|o.clarity.ms/collect

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.amazon.com/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://de.stripchat.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://chaturbate.com/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors bybio.co byfans.co bybio.me
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
analytics.tiktok.com
analytics.twitter.com
bit.ly
bybio.co
c.bing.com
c.clarity.ms
chaturbate.com
connect.facebook.net
de.stripchat.com
go.xlviiirdr.com
googleads.g.doubleclick.net
maxlink.ly
o.clarity.ms
pixel.quantserve.com
region1.analytics.google.com
rules.quantcount.com
secure.quantserve.com
static.ads-twitter.com
stats.g.doubleclick.net
stripchat.com
t.co
www.amazon.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
104.244.42.5
104.244.42.67
146.75.116.157
2.16.186.242
2001:4860:4802:34::36
2600:9000:223c:4200:6:44e3:f8c0:93a1
2600:9000:2490:9c00:7:49a5:5fd2:8621
2606:4700:20::681a:781
2606:4700:3110::6812:336a
2606:4700:311f::6812:3f7e
2606:4700::6812:6528
2620:116:800d:21:7eb1:3826:be7e:d981
2620:1ec:bdf::45
2620:1ec:c11::200
2a00:1450:4001:80e::2008
2a00:1450:4001:810::200a
2a00:1450:4001:828::2003
2a00:1450:4001:82a::2004
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2002
2a00:1450:400c:c02::9d
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a06:98c1:3120::3
52.152.143.207
67.199.248.10
68.219.88.97
06cedcdccb290280d887597acf569e4ae0865b20c662179533af86adb894c86e
1ddfa31aab860bc5d7efe5333bf630b415ce0ed74ecc46331d9aa491a756d976
1e41cfeefd6a420b3da9a9329c68f2d99ff50784ca16e5c6afc68d1577d91da5
3675f226f985b64eea6ae8544d5496a32d19993aae1ac4a3fa101263ef3206f7
3b79ccf728488f4e60d29caa1949a2e09c8b78e0a12cab6d488ff85294d8c288
493851cada9002d13fe1e1295db3fba203d76602d01daf24e898414a99be89ed
556f4c9a83840bb8bee2946dad7028627eb2e778964ca51157cf918912be3973
64816ef42196992f1120608cafa36df8e03c81064551abb6f23bc00f69bf6727
721fd25fad2ceea766b483f7692fc840097de75bb54185273920adf62da63e15
7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f
812ab0e46f86b2ce98ab2425ab2224b90d0845952a1ac0d5abd734b6217e98bf
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
9925609e0274f3d0ae5abe272b757a767db399c2fe1d85a5dfeaf5bb0b421766
9987dcc652130026523219440b654a3e307d16f186019031ad60a28d6f73aa2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a5aaa4e269fd78b5660efcb2cf3fcfac9320fc5651c245615d8c33b803cb13b9
a755080ac27c65d216be0aa2a896fb5d2612f2695f6cee15b4d241944c9eebc2
aa6bb771d03d7044b61243cc6ea7f9129a9d892808db01dbfd9c48506bac1ce7
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aef771d2e517167fe65b281ebbd263d11f079c3a07e91d022a7d1e79d558d7c6
c9bd64529fc41aa48b04e729af2c1ed05cc9290e9d96d4afa427c50e3bcb0e81
ccd0a2dde931d3bd4ae4f42148c7566750e16729b781d81ad302877da9cffbce
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d2300f708c5062e8fa6c41bdf11de0b45ab8669e20add85689e8e5bd6ab138cd
dce9999a5fd8a4397a7b3d6f310dff803ecf58beb83c9d830296cc7becf37e4d
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e87f2aeb0346b989b054b8ef080e8d65abe9737d57121dee7a111785f25f50ca
ea297d6cc847a236d822c10c1552f3feb6768b9d8f9cb24abfacb2987048b334
ec03102288cc4b5c654d1c170ad657e5963fef641c45a9cf0547ed86eda3ba47
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5e9bf52453d40060aba8ccd82401a6434065c6a70427951d3f8d00dcb211a34
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

bybio.co Open in urlscan Pro 2606:4700:20::681a:781 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

58 Requests

98 %HTTPS

74 %IPv6

23 Domains

29 Subdomains

23 IPs

4 Countries

1117 kBTransfer

3494 kBSize

42 Cookies

1 Outgoing links

Redirected requests

58 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

bybio.co Open in urlscan Pro
2606:4700:20::681a:781 Public Scan

Screenshot
Live screenshot

Full Image

58
Requests

98 %
HTTPS

74 %
IPv6

23
Domains

29
Subdomains

23
IPs

4
Countries

1117 kB
Transfer

3494 kB
Size

42
Cookies

58 HTTP transactions
0 data transactions