scan.identityguard.com Open in urlscan Pro
143.204.98.12 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://scan.identityguard.com/
Effective URL:
https://scan.identityguard.com/
Submission: On April 18 via api (April 18th 2024, 9:05:43 pm UTC) from US — Scanned from DE

Summary HTTP 45 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 24 IPs in 4 countries across 20 domains to perform 45 HTTP transactions. The main IP is 143.204.98.12, located in United States and belongs to AMAZON-02, US. The main domain is scan.identityguard.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on July 30th 2023. Valid for: a year.

This is the only time scan.identityguard.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	143.204.98.12 143.204.98.12	16509 (AMAZON-02) (AMAZON-02)
2	142.250.185.196 142.250.185.196	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81d::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	18.66.122.54 18.66.122.54	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
1 3	2606:4700:20:... 2606:4700:20::681a:b13	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:20:... 2606:4700:20::ac43:4b99	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.186.249.72 35.186.249.72	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700::68... 2606:4700::6811:1fae	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1288:80:... 2a00:1288:80:807::2	203220 (YAHOO-DEB) (YAHOO-DEB)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	54.194.110.229 54.194.110.229	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:80d8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.95.127.121 34.95.127.121	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
1	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700:440... 2606:4700:4400::6812:22d6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.74.206 142.250.74.206	15169 (GOOGLE) (GOOGLE)
45	24

3 143.204.98.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-12.fra50.r.cloudfront.net

scan.identityguard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.122.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-54.fra60.r.cloudfront.net

api.figleaf.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:b13 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

loader.wisepops.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
activity.wisepops.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::ac43:4b99 (United States)

ASN13335 (CLOUDFLARENET, US)

wisepops.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.249.72 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 72.249.186.35.bc.googleusercontent.com

d.impactradius-event.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:1fae (United States)

ASN13335 (CLOUDFLARENET, US)

diffuser-cdn.app-us1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.194.110.229 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-110-229.eu-west-1.compute.amazonaws.com

identityguard.y8uw.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:80d8 (United States)

ASN13335 (CLOUDFLARENET, US)

prism.app-us1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.95.127.121 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 121.127.95.34.bc.googleusercontent.com

www.ojrq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:22d6 (United States)

ASN13335 (CLOUDFLARENET, US)

trackcmp.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.74.206 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31 region1.google-analytics.com — Cisco Umbrella Rank: 2404	21 KB
4	bing.com bat.bing.com — Cisco Umbrella Rank: 337	14 KB
4	gstatic.com www.gstatic.com fonts.gstatic.com	251 KB
3	wisepops.net wisepops.net — Cisco Umbrella Rank: 13828	29 KB
3	wisepops.com 1 redirects loader.wisepops.com — Cisco Umbrella Rank: 17658 activity.wisepops.com — Cisco Umbrella Rank: 16535	468 B
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	294 KB
3	identityguard.com scan.identityguard.com	97 KB
2	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 1556	541 B
2	y8uw.net identityguard.y8uw.net	2 KB
2	yimg.com s.yimg.com — Cisco Umbrella Rank: 651	7 KB
2	app-us1.com diffuser-cdn.app-us1.com — Cisco Umbrella Rank: 9262 prism.app-us1.com — Cisco Umbrella Rank: 9348	8 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	72 KB
2	google.com www.google.com — Cisco Umbrella Rank: 2	883 B
1	trackcmp.net trackcmp.net — Cisco Umbrella Rank: 9438	315 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 97	274 B
1	ojrq.net www.ojrq.net — Cisco Umbrella Rank: 5499	457 B
1	impactradius-event.com d.impactradius-event.com — Cisco Umbrella Rank: 4021	16 KB
1	figleaf.online api.figleaf.online	1014 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33	953 B
0	figleafapp.com Failed events.figleafapp.com Failed
45	20

	Domain	Requested by
4	bat.bing.com	scan.identityguard.com bat.bing.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com scan.identityguard.com
3	wisepops.net	scan.identityguard.com loader.wisepops.com
3	fonts.gstatic.com	fonts.googleapis.com
3	www.googletagmanager.com	scan.identityguard.com www.googletagmanager.com
3	scan.identityguard.com	scan.identityguard.com
2	activity.wisepops.com	loader.wisepops.com
2	sp.analytics.yahoo.com	scan.identityguard.com
2	identityguard.y8uw.net	d.impactradius-event.com
2	region1.google-analytics.com	www.googletagmanager.com
2	s.yimg.com	scan.identityguard.com s.yimg.com
2	connect.facebook.net	scan.identityguard.com connect.facebook.net
2	www.google.com	scan.identityguard.com www.gstatic.com
1	trackcmp.net	diffuser-cdn.app-us1.com
1	www.facebook.com	scan.identityguard.com
1	www.ojrq.net	scan.identityguard.com
1	prism.app-us1.com	diffuser-cdn.app-us1.com
1	diffuser-cdn.app-us1.com	scan.identityguard.com
1	d.impactradius-event.com	scan.identityguard.com
1	loader.wisepops.com	1 redirects
1	api.figleaf.online	scan.identityguard.com
1	www.gstatic.com	www.google.com
1	fonts.googleapis.com	scan.identityguard.com
0	events.figleafapp.com Failed	scan.identityguard.com
45	24

This site contains links to these domains. Also see Links.

Domain
identityguard.com
www.identityguard.com
aura.com

Subject Issuer	Validity	Valid
scan.identityguard.com Amazon RSA 2048 M02	`2023-07-30` - `2024-08-26`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-03-18` - `2024-06-10`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-03-18` - `2024-06-10`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-03-18` - `2024-06-10`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-03-18` - `2024-06-10`	3 months	crt.sh
figleafapp.com Amazon RSA 2048 M03	`2023-08-06` - `2024-09-04`	a year	crt.sh
*.impactradius-event.com Sectigo RSA Domain Validation Secure Server CA	`2023-12-08` - `2025-01-06`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-01-27` - `2024-04-26`	3 months	crt.sh
diffuser-cdn.app-us1.com E1	`2024-03-30` - `2024-06-28`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 02	`2024-04-18` - `2024-06-27`	2 months	crt.sh
*.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2024-04-02` - `2024-05-22`	2 months	crt.sh
cpd3.net Amazon RSA 2048 M02	`2023-12-25` - `2025-01-22`	a year	crt.sh
prism.app-us1.com E1	`2024-03-19` - `2024-06-17`	3 months	crt.sh
*.ojrq.net Sectigo RSA Domain Validation Secure Server CA	`2023-12-12` - `2025-01-07`	a year	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2024-03-19` - `2024-09-11`	6 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-08-26` - `2024-08-25`	a year	crt.sh
wisepops.net GTS CA 1P5	`2024-03-24` - `2024-06-22`	3 months	crt.sh
wisepops.com E1	`2024-02-25` - `2024-05-25`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://scan.identityguard.com/
Frame ID: A2CA7E2EB672ACD08DEA2F698144D62F
Requests: 43 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf_3tkZAAAAANCervlhspo2uRQf44FMVO9nTWEM&co=aHR0cHM6Ly9zY2FuLmlkZW50aXR5Z3VhcmQuY29tOjQ0Mw..&hl=de&v=rz4DvU-cY2JYCwHSTck0_qm-&size=invisible&cb=x4zni05lv2w6
Frame ID: B23E216E6CF9F3A750B3D11665C4E4D8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Identity Guard

Page URL History Show full URLs

http://scan.identityguard.com/ HTTP 307
https://scan.identityguard.com/ Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Impact (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

d\.impactradius-event\.com

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

45
Requests

93 %
HTTPS

65 %
IPv6

20
Domains

24
Subdomains

24
IPs

4
Countries

815 kB
Transfer

2374 kB
Size

27
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: http://identityguard.com/?utm_source=dws&utm_medium=scan-logo&utm_campaign=dws-quick

Search URL Search Domain Scan URL

URL: https://www.identityguard.com/legal/scan-terms
Title: Terms

Search URL Search Domain Scan URL

URL: https://aura.com/legal/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://scan.identityguard.com/ HTTP 307
https://scan.identityguard.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13

https://loader.wisepops.com/get-loader.js?v=1&site=smTHcXyqGH HTTP 301
https://wisepops.net/loader.js?v=1&site=smTHcXyqGH

45 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
scan.identityguard.com/
Redirect Chain

http://scan.identityguard.com/
https://scan.identityguard.com/

3 KB
2 KB

495ms
341ms

Document
text/html

143.204.98.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://scan.identityguard.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-12.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 37510e1da4273ba638b3292766c95bffb809eec0ffb0e03c65ce5db7dc18a4db

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

age: 1185
content-encoding: gzip
content-type: text/html
date: Thu, 18 Apr 2024 20:45:53 GMT
etag: W/"482f4e496a0fb190e967fe528f24da97"
last-modified: Fri, 18 Aug 2023 09:08:59 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
x-amz-cf-id: Y-wnH_ZOdoVTmqA7JRRf-TCWaOM0obs47WM3PNeewCJf87sZrfwGoA==
x-amz-cf-pop: FRA50-C1
x-amz-id-2: EuaE/wj0N8Vr+CHbR4hTeJC1+Npa+cPF48NfRkFR5/MZh9tsFr7UaQVU2wRhLiFc5mCD4kMivLc=
x-amz-request-id: ZTN2XPRVHJ7ZTF6C
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront

Redirect headers

Location: https://scan.identityguard.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
883 B 134ms
54ms Script
text/javascript 142.250.185.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6Lf_3tkZAAAAANCervlhspo2uRQf44FMVO9nTWEM

Requested by

Host: scan.identityguard.com
URL: https://scan.identityguard.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f4.1e100.net

Software

GSE /

Resource Hash

f60e7d02599d466e44fc82fb32700630b19b41a24fa946d1b8f17a71432b7c28

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://scan.identityguard.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 21:05:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Thu, 18 Apr 2024 21:05:38 GMT

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
953 B 134ms
48ms Stylesheet
text/css 2a00:1450:4001:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Hind:wght@400;500;600;700&display=swap

Requested by

Host: scan.identityguard.com
URL: https://scan.identityguard.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d06715d4139a3879961b0674d6ab713848cebe48df903b34f52e2b5a9461d249

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://scan.identityguard.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 18 Apr 2024 21:05:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 18 Apr 2024 21:02:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 18 Apr 2024 21:05:38 GMT

GET
H2 200 home.js Show response
scan.identityguard.com/ 308 KB
93 KB 70ms
70ms Script
text/javascript 143.204.98.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://scan.identityguard.com/home.js
Requested by: Host: scan.identityguard.com
URL: https://scan.identityguard.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-12.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 448d148959ef2e3aebecb0805ec53e7de9b57ad8aefe74c95090908a1c8f0e09

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://scan.identityguard.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 20:45:54 GMT
content-encoding: gzip
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
last-modified: Fri, 18 Aug 2023 09:08:59 GMT
server: AmazonS3
x-amz-request-id: X600TRRGBB9APQ6Z
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
etag: W/"3d9553d08a9c242d0d9c0348633a6987"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
age: 1185
x-amz-cf-id: q-jheokMf7TQ-QUOaFx7GtCFbsQ-ADDkPo3gmMKDOYhIab5ljNoFpw==
x-amz-id-2: v357PDbW5kQJmhATWfpXrC7OVcOuJ0FLQUa8+Sq3dOs+D+hgMFymM6PpdNjaLM39v1gYRaHmjp0=

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 433 KB
116 KB 199ms
97ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M92GS4M

Requested by

Host: scan.identityguard.com
URL: https://scan.identityguard.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3876a2311f61c46b5cc2189ecfd647d3cb81b24a99b87997b2d1bd2bf0dc3144

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://scan.identityguard.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 21:05:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 118213
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 18 Apr 2024 21:05:38 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/ 501 KB
201 KB 126ms
40ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Lf_3tkZAAAAANCervlhspo2uRQf44FMVO9nTWEM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3958a93184f498eaa140c746fa8b3ce7e540d38898f2b1c1acf9c7e8f6c5f429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://scan.identityguard.com/
Origin: https://scan.identityguard.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 11:29:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34588
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205471
x-xss-protection: 0
last-modified: Fri, 29 Mar 2024 04:30:36 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 18 Apr 2025 11:29:10 GMT

GET
H2 200 5aU19_a8oxmIfLZcERySjQ.woff2
fonts.gstatic.com/s/hind/v16/ 16 KB
16 KB 137ms
51ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/hind/v16/5aU19_a8oxmIfLZcERySjQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Hind:wght@400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

078751117ee4d17e09b4d4ac5d9f7358bc4487cb94561df738c6ee000eeffb4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://scan.identityguard.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 13:42:02 GMT
x-content-type-options: nosniff
age: 458616
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16612
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:46:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 13 Apr 2025 13:42:02 GMT

GET
H2 200 5aU69_a8oxmIdGl4BA.woff2
fonts.gstatic.com/s/hind/v16/ 16 KB
16 KB 126ms
40ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/hind/v16/5aU69_a8oxmIdGl4BA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Hind:wght@400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aca5dec430a7470ff1d8a16f9e7bb3ca30f2ff58f3bd60432cf1dddfa30c9d71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://scan.identityguard.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 21:33:58 GMT
x-content-type-options: nosniff
age: 257500
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16216
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:45:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Apr 2025 21:33:58 GMT

GET
H2 200 5aU19_a8oxmIfJpbERySjQ.woff2
fonts.gstatic.com/s/hind/v16/ 16 KB
17 KB 175ms
90ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/hind/v16/5aU19_a8oxmIfJpbERySjQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Hind:wght@400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16ab274f0ede84be01a0361263faeb3ff18d2d95d155d6b9d654ef37f87db1f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://scan.identityguard.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 20:24:05 GMT
x-content-type-options: nosniff
age: 520893
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16788
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:08:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 Apr 2025 20:24:05 GMT

GET
H2 200 service Show response
api.figleaf.online/ 1 KB
1014 B 527ms
408ms Fetch
application/json 18.66.122.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.figleaf.online/service

Requested by

Host: scan.identityguard.com
URL: https://scan.identityguard.com/home.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.54 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-54.fra60.r.cloudfront.net

Software

Resource Hash

9515557035c3d4af20ed848ee45e7f8815f206954d0bdc994e46f757e82b5a19

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://scan.identityguard.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 21:05:38 GMT
strict-transport-security: max-age=315360000; includeSubdomains
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
content-encoding: gzip
via: 1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
x-download-options: noopen
vary: Accept-Encoding, Origin
x-frame-options: DENY
content-type: application/json; charset=utf-8
access-control-allow-origin: https://scan.identityguard.com
x-cache: Miss from cloudfront
x-amz-cf-id: UQFaHTMhri3YvAVOkPBq7P7pX107BOGjC8pGf4EAWgzHq_saZdQVOg==
x-xss-protection: 1; mode=block

POST event
events.figleafapp.com/ 0
0

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame B23E 0
0 159ms
67ms Document
text/html 142.250.185.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf_3tkZAAAAANCervlhspo2uRQf44FMVO9nTWEM&co=aHR0cHM6Ly9zY2FuLmlkZW50aXR5Z3VhcmQuY29tOjQ0Mw..&hl=de&v=rz4DvU-cY2JYCwHSTck0_qm-&size=invisible&cb=x4zni05lv2w6

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-kuJkKxMDoCtgabnNnmk3UQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://scan.identityguard.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-kuJkKxMDoCtgabnNnmk3UQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 18 Apr 2024 21:05:38 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 300 KB
99 KB 76ms
76ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-N4N2SSKFKB&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M92GS4M

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f4b63a898b7c8d679d9fbb3a036c0e9be2fbd36047f48955b5d640effbe8697f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://scan.identityguard.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 21:05:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 101688
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 18 Apr 2024 21:05:38 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 127ms
39ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M92GS4M

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://scan.identityguard.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 18 Apr 2024 19:48:08 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 4650
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 18 Apr 2024 21:48:08 GMT

GET
H2

200

loader.js Show response
wisepops.net/
Redirect Chain

https://loader.wisepops.com/get-loader.js?v=1&site=smTHcXyqGH
https://wisepops.net/loader.js?v=1&site=smTHcXyqGH

83 KB
28 KB

719ms
626ms

Script
text/javascript

2606:4700:20::ac43:4b99
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wisepops.net/loader.js?v=1&site=smTHcXyqGH
Requested by: Host: scan.identityguard.com
URL: https://scan.identityguard.com/
Protocol: H2
Server: 2606:4700:20::ac43:4b99 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 017cbf20f4de51f004321733c34fc52fd8106a2048e07499f15ee4bc27d0d63c

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://scan.identityguard.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Thu, 18 Apr 2024 21:05:39 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Thu, 18 Apr 2024 19:39:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sx0ao8w2YWBCwqmuPGNhXYu2e%2Beev%2FgmqXdUb9gTM9RFe9WgwpsOfrjR5z52ZDu1DbDE5G74ySCofz1veiY%2FWK7kGEK4lhctpkfCYqGiexk9z6XFEBz1F5NImDV2j24KHZhP7091bvNvQw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: public, max-age=1800, s-maxage=3600
cf-ray: 87679d3a8e399732-FRA

Redirect headers

date: Thu, 18 Apr 2024 21:05:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a1oIToKIqcD1ZkPZMk42yslwkOFLg1gz%2BreexYz9GJqTdHhTddJ7QflQWrwy5bYJjc%2BBEmxKAB0vWGFuqp7yMbqw%2Fg%2Bvg4ttjM8puU3kBT1Qy17CzL7jQhhavTSvXgXy5qz9HnyhqPAuxTLcNv%2B7fbY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://wisepops.net/loader.js?v=1&site=smTHcXyqGH
cache-control: max-age=3600
cf-ray: 87679d39ac9571c1-FRA
content-length: 167
expires: Thu, 18 Apr 2024 22:05:38 GMT

GET
H2 200 A1259850-b83c-48e4-9387-c8d14c7597681.js Show response
d.impactradius-event.com/ 41 KB
16 KB 137ms
40ms Script
text/javascript 35.186.249.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.impactradius-event.com/A1259850-b83c-48e4-9387-c8d14c7597681.js
Requested by: Host: scan.identityguard.com
URL: https://scan.identityguard.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.249.72 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 72.249.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: d6e89de11762fe59e3839888bff2cf214a3196f0fbb681c7c41c32087774100e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://scan.identityguard.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 21:01:39 GMT
content-encoding: gzip
age: 239
x-guploader-uploadid: ABPtcPrwcMzYg2c3YwqulQflsFxaGw_G9JGGEzDt0reRWISERsTm340TZp_fbRq0IfKe6HT8_Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16058
last-modified: Fri, 22 Mar 2024 16:12:41 GMT
server: UploadServer
etag: "f94f5d10f8e8ded3b731159a93f122b9"
vary: Accept-Encoding
x-goog-generation: 1711123961134298
x-goog-hash: crc32c=M6nBcg==, md5=+U9dEPjo3tO3MRWak/EiuQ==
access-control-allow-origin: *
content-type: text/javascript; charset=utf-8
cache-control: public,max-age=900,s-maxage=300
x-goog-stored-content-length: 16058
accept-ranges: bytes
expires: Thu, 18 Apr 2024 21:06:39 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 218 KB
59 KB 126ms
40ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: scan.identityguard.com
URL: https://scan.identityguard.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

85f407912384186334577f65bf6bb88045bd96f5222d7c696cc71303d65c826a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://scan.identityguard.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 18 Apr 2024 21:05:38 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57850
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=12, mss=1294, tbw=2774, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: jToBDEEl0y0ZNfQbMrjoGnWPM23oSyk8U8sVR61TLb05kpMEpImMlJiN5kjOhKkSPBVauOhmdX56NzuZ+UIyTQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 diffuser.js Show response
diffuser-cdn.app-us1.com/diffuser/ 31 KB
7 KB 149ms
52ms Script
application/javascript 2606:4700::6811:1fae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://diffuser-cdn.app-us1.com/diffuser/diffuser.js

Requested by

Host: scan.identityguard.com
URL: https://scan.identityguard.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:1fae , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c86a9ff9675183d36f664b6adefba7c72e7e15170e0f40eed96324f552c3ac82

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://scan.identityguard.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 21:05:38 GMT
content-encoding: gzip
via: 1.1 6a5eda21ba47fc7b4d3ca7ac7a9ac958.cloudfront.net (CloudFront)
cf-cache-status: HIT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: FRA60-P10
age: 109
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 04 Apr 2023 18:58:37 GMT
server: cloudflare
etag: W/"613257bb316d347d9417023321c6d62f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300
cf-ray: 87679d39aae23a74-FRA
x-amz-cf-id: paTN7byaYU5yStFQSofQiKU6S2w3BbROvO_h9TWbm4GO40ti7S-C_A==

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 219 KB
79 KB 85ms
85ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-1069369214&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M92GS4M

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

470cad41bb8c2b8ae27f8b1abf81a28f775a8f4772ca82f32efdba734acf7138

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://scan.identityguard.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 21:05:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80365
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 18 Apr 2024 21:05:38 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 182ms
70ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: scan.identityguard.com
URL: https://scan.identityguard.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://scan.identityguard.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Thu, 18 Apr 2024 21:05:38 GMT
last-modified: Thu, 29 Feb 2024 19:58:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1EB2E3CCDC2F4DB58991A2DA8B7EE4B0 Ref B: FRA31EDGE0708 Ref C: 2024-04-18T21:05:38Z
etag: "01b4e9c496bda1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13261

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 18 KB
7 KB 130ms
43ms Script
application/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: scan.identityguard.com
URL: https://scan.identityguard.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://scan.identityguard.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

ats-carp-promotion: 1, 1
date: Thu, 18 Apr 2024 20:10:34 GMT
x-amz-version-id: xC6OTTJGIjCqkMTkbrZpmtbXHK5oaZhW
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: HGKE81JB2KS9ZFH0
age: 3305
x-amz-server-side-encryption: AES256
content-length: 6262
x-amz-id-2: uls7GWI6O8cevedJOhgDvSoit7w2BBobjkXTYhwR9roSvy6Z0njk4KUHPkPBIgUIlmGvz2d724cH0xZDSGnIiMvEsxnzW3moM9bhbh3nu7A=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Wed, 31 Jul 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Mon, 26 Jun 2023 09:26:35 GMT
server: ATS
etag: "5c6ed25dce803fd84288922b8928409e-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=3600
accept-ranges: bytes

POST
H2 204 collect
region1.google-analytics.com/g/ 0
249 B 139ms
50ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-N4N2SSKFKB&gtm=45je44f0v9101509996z8811179683za200&_p=1713474338246&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=448513940.1713474339&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1713474338&sct=1&seg=0&dl=https%3A%2F%2Fscan.identityguard.com%2F&dt=Identity%20Guard&en=page_view&_fv=1&_nsi=1&_ss=1&ep.clickid=empty&ep.trial_length=d2p&epn.enrollment_loaded=958&tfd=1109
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N4N2SSKFKB&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://scan.identityguard.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 18 Apr 2024 21:05:38 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://scan.identityguard.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 10146987.json Show response
s.yimg.com/wi/config/ 2 B
484 B 228ms
142ms XHR
application/json 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10146987.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://scan.identityguard.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 21:05:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: D3W35A1WHKHS0X2V
age: 3
content-length: 22
x-amz-id-2: kA+d8QZ3MDykIDsZcpF1zIx1erenflZp1Gpmrl61g1DSZ3QtqeBwNHCFpO0OmYHgjAsRyo47Djo=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: public,max-age=3600

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
150 B 47ms
46ms XHR
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1785619242&t=pageview&_s=1&dl=https%3A%2F%2Fscan.identityguard.com%2F&dp=%2F&ul=de-de&de=UTF-8&dt=Identity%20Guard&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACgEK~&jid=320156139&gjid=1167912629&cid=448513940.1713474339&tid=UA-84624907-1&_gid=1701689301.1713474339&_r=1&_slc=1&gtm=45He44f0n81M92GS4Mv811179683za200&cd17=23%3A05%3A38&cd18=empty&cd24=1713474338703&cd25=(not%20set)&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&cd15=448513940.1713474339&cd16=20240418%7C00942016&npa=1&z=2082845562

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://scan.identityguard.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 18 Apr 2024 21:05:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://scan.identityguard.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 39ms
39ms Image
image/gif 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1785619242&t=pageview&_s=1&dl=https%3A%2F%2Fscan.identityguard.com%2F&dp=%2F&ul=de-de&de=UTF-8&dt=Identity%20Guard&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACgEKAC~&jid=&gjid=&cid=448513940.1713474339&tid=UA-84624907-1&_gid=1701689301.1713474339&gtm=45He44f0n81M92GS4Mv811179683za200&cd17=23%3A05%3A38&cd18=empty&cd24=1713474338708&cd25=(not%20set)&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&cd15=448513940.1713474339&cd16=20240418%7C00942016&npa=1&z=713389852

Requested by

Host: scan.identityguard.com
URL: https://scan.identityguard.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://scan.identityguard.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 17 Apr 2024 21:34:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 84690
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 8563 Show response
identityguard.y8uw.net/xur/ 119 B
1010 B 193ms
55ms XHR
application/json 54.194.110.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://identityguard.y8uw.net/xur/8563
Requested by: Host: d.impactradius-event.com
URL: https://d.impactradius-event.com/A1259850-b83c-48e4-9387-c8d14c7597681.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.110.229 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-110-229.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: d089645b31870f36166955acb33e8b316621fbc135832298e1fda8ca381dcd1f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://scan.identityguard.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 18 Apr 2024 21:05:39 GMT
p3p: policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
access-control-allow-origin: https://scan.identityguard.com
content-type: application/json; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Thu, 18 Apr 2024 21:04:21 GMT

GET
H2 200 / Show response
prism.app-us1.com/ 248 B
496 B 312ms
220ms Script
application/javascript 2606:4700::6812:80d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prism.app-us1.com/?a=252689739&u=https%3A%2F%2Fscan.identityguard.com%2F

Requested by

Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:80d8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.1.27

Resource Hash

a156eefb029ece8a073b05605ec0d2cca00c9e43939eb33c7e30264575155ade

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://scan.identityguard.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 21:05:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/8.1.27
content-type: application/javascript
cache-control: no-cache, private
x-envoy-upstream-service-time: 74
cf-ray: 87679d3ab9419118-FRA

GET
H2 204 4030206.js Show response
bat.bing.com/p/action/ 0
117 B 66ms
66ms Script
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/4030206.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://scan.identityguard.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Thu, 18 Apr 2024 21:05:38 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5B9B9C6467A9424F962EF639A1716A39 Ref B: FRA31EDGE0708 Ref C: 2024-04-18T21:05:38Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
287 B 146ms
146ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=4030206&Ver=2&mid=83c4c841-fdbd-47b0-8039-2e2a963bc249&sid=68858e60fdc711ee881b8d0b266f8c65&vid=6885a2f0fdc711ee83e3c154de735068&vids=1&msclkid=N&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=Identity%20Guard&p=https%3A%2F%2Fscan.identityguard.com%2F&r=&lt=665&evt=pageLoad&sv=1&rn=872068

Requested by

Host: scan.identityguard.com
URL: https://scan.identityguard.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://scan.identityguard.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 18 Apr 2024 21:05:38 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8650CEA47B984E95B011C7DE5A079FD6 Ref B: FRA31EDGE0708 Ref C: 2024-04-18T21:05:38Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 0
bat.bing.com/actionp/ 0
230 B 146ms
146ms Ping
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/actionp/0?ti=4030206&Ver=2&mid=83c4c841-fdbd-47b0-8039-2e2a963bc249&sid=68858e60fdc711ee881b8d0b266f8c65&vid=6885a2f0fdc711ee83e3c154de735068&vids=1&msclkid=N&evt=dedup

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://scan.identityguard.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 18 Apr 2024 21:05:38 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 71C8F36B935C48399C05D6FA950F3D3B Ref B: FRA31EDGE0708 Ref C: 2024-04-18T21:05:38Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 2547517725517342 Show response
connect.facebook.net/signals/config/ 65 KB
13 KB 180ms
180ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2547517725517342?v=2.9.154&r=stable&domain=scan.identityguard.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

66374c6e5e7bae30fe168dfa7eeedc8bdde2fa3d7c5c5ccaf01ef8e2732859ac

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://scan.identityguard.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 18 Apr 2024 21:05:39 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=46, rtx=0, c=64, mss=1294, tbw=63213, tp=-1, tpl=-1, uplat=140, ullat=0
pragma: public
x-fb-debug: FTX5oCFaPJTB/lDCIoPXBHgCaDFA/7v1/3iWvFG0/ZzbWb/XjlYJ2qZpUQ6FtlHHkMa81oTjbnApKRdqF9QlVQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.ojrq.net/p/ 50 B
457 B 140ms
51ms Image
image/gif 34.95.127.121
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ojrq.net/p/?return=&cid=8563&tpsync=no&auth=
Requested by: Host: scan.identityguard.com
URL: https://scan.identityguard.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.127.121 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 121.127.95.34.bc.googleusercontent.com
Software: /
Resource Hash: ec34cd386427fe6deacf99f4fdbeea4b1d1ed25f505411650d7ceaa843a7fc63

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://scan.identityguard.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 18 Apr 2024 21:05:39 GMT
via: 1.1 google
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50
expires: Thu, 18 Apr 2024 21:05:39 GMT

POST
H2 204 8563
identityguard.y8uw.net/cur/ 0
681 B 54ms
53ms Ping
text/plain 54.194.110.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://identityguard.y8uw.net/cur/8563
Requested by: Host: d.impactradius-event.com
URL: https://d.impactradius-event.com/A1259850-b83c-48e4-9387-c8d14c7597681.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.110.229 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-110-229.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://scan.identityguard.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

expires: Thu, 18 Apr 2024 21:04:22 GMT
pragma: no-cache
date: Thu, 18 Apr 2024 21:05:39 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
timing-allow-origin: *
p3p: policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
464 B 252ms
57ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Thu%2C%2018%20Apr%202024%2021%3A05%3A39%20GMT&n=-2d&b=Identity%20Guard&.yp=10146987&f=https%3A%2F%2Fscan.identityguard.com%2F&enc=UTF-8&yv=1.15.1&tagmgr=gtm

Requested by

Host: scan.identityguard.com
URL: https://scan.identityguard.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://scan.identityguard.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 18 Apr 2024 21:05:39 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Thu, 18 Apr 2024 21:05:39 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
77 B 253ms
58ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&b=Identity%20Guard&.yp=10146987&f=https%3A%2F%2Fscan.identityguard.com%2F&enc=UTF-8&yv=1.15.1&tagmgr=gtm

Requested by

Host: scan.identityguard.com
URL: https://scan.identityguard.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://scan.identityguard.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 18 Apr 2024 21:05:39 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Thu, 18 Apr 2024 21:05:39 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 200ms
40ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2547517725517342&ev=PageView&dl=https%3A%2F%2Fscan.identityguard.com%2F&rl=&if=false&ts=1713474339122&sw=1600&sh=1200&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1713474339121.1249583383&cs_est=true&ler=empty&cdl=API_unavailable&it=1713474338930&coo=false&rqm=GET

Requested by

Host: scan.identityguard.com
URL: https://scan.identityguard.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://scan.identityguard.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1294, tbw=2765, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 18 Apr 2024 21:05:39 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 t_prism_sitemessages.php Show response
trackcmp.net/ 0
315 B 252ms
158ms Script
text/javascript 2606:4700:4400::6812:22d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trackcmp.net/t_prism_sitemessages.php?trackid=252689739&prismid=83d34a81-2974-4d9e-a1b5-9e2c2e0baaca&url=https%3A%2F%2Fscan.identityguard.com%2F
Requested by: Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:22d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.1.27
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://scan.identityguard.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 21:05:39 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/8.1.27
p3p: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
content-type: text/javascript;charset=UTF-8
cache-control: no-cache, private
x-envoy-upstream-service-time: 11
x-privacy-policy: You can find our privacy policy here: https://www.activecampaign.com/help/privacy-policy/
cf-ray: 87679d3cbf27bbdd-FRA
content-length: 0

POST
H2 200 id Show response
wisepops.net/ 111 B
595 B 242ms
156ms Fetch
application/json 2606:4700:20::ac43:4b99
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wisepops.net/id?h=smTHcXyqGH&vid=&eid=
Requested by: Host: loader.wisepops.com
URL: https://loader.wisepops.com/get-loader.js?v=1&site=smTHcXyqGH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b99 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c85d29b5cda981b97f416b01ee20b769884a95cee7676b1d29732559b7492a3

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://scan.identityguard.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 18 Apr 2024 21:05:39 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-max-age: 86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lIzkXkJMRwp4L%2BqebNMOkB72sWWDl9%2BnVT3TeTq%2F6ZTNn6aSEtcPSNAFXvd74C4U%2BJBjT%2F8DiemJs1BErIxj%2Bvx70pSQrlCWLiOZwwl7gPo0l0xayyokfiINOMcmZKA4WXU9wgDnmqLGLg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: OPTIONS, POST, GET
access-control-allow-origin: *
content-type: application/json
cf-ray: 87679d3f1c416943-FRA
access-control-allow-headers: *

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 49ms
48ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-N4N2SSKFKB&gtm=45je44f0v9101509996za200&_p=1713474338246&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=448513940.1713474339&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=AEA&_s=2&sid=1713474338&sct=1&seg=0&dl=https%3A%2F%2Fscan.identityguard.com%2F&dt=Identity%20Guard&en=scroll&ep.clickid=empty&ep.trial_length=d2p&epn.enrollment_loaded=958&epn.percent_scrolled=90&_et=7&tfd=1858
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N4N2SSKFKB&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://scan.identityguard.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 18 Apr 2024 21:05:39 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://scan.identityguard.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 41ms
41ms Image
image/gif 142.250.74.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1785619242&t=event&ni=1&_s=1&dl=https%3A%2F%2Fscan.identityguard.com%2F&dp=%2F&ul=de-de&de=UTF-8&dt=Identity%20Guard&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=loading&ea=window_loaded&el=896&_u=aADAAEABAAAAACgEKAC~&jid=&gjid=&cid=448513940.1713474339&tid=UA-84624907-1&_gid=1701689301.1713474339&gtm=45He44f0n81M92GS4Mv811179683za200&cd17=23%3A05%3A39&cd18=empty&cd22=1713474338693&cd23=896&cd24=1713474339590&cd25=(not%20set)&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&cd15=448513940.1713474339&cd16=20240418%7C00942016&npa=1&z=434545170

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.206 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://scan.identityguard.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 18 Apr 2024 01:28:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 70615
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 favicon-32x32.png
scan.identityguard.com/images/favicons/ 1 KB
2 KB 70ms
70ms Other
image/png 143.204.98.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://scan.identityguard.com/images/favicons/favicon-32x32.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-12.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 30214cc0edaef2f6968133b640aaf766ec95d744b11ecb1fea7ff2657e55e861

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://scan.identityguard.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 20:45:56 GMT
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
x-amz-request-id: Z7MWWDWJMXRXSC9K
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
age: 1184
x-cache: Hit from cloudfront
content-length: 1159
x-amz-id-2: 6E39S/7fkOi8ij0nSD6VUVUcxz5tpMNsYFTN55zsgMeKsqI0lR1ezH3+I9vvrhmtxDH74b7OAaE=
last-modified: Fri, 18 Aug 2023 09:08:59 GMT
server: AmazonS3
etag: "e0a202a3e492fa9717dfe0250886fedb"
vary: Accept-Encoding
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: l-NctrIXRJfD6imYhJFz0-kWUhKOhdWziHU9MxxnqR9s8f5WjTIl5A==

POST my-wisepop
wisepops.net/ 0
0

POST
H2 200 my-wisepop Show response
wisepops.net/ 245 B
542 B 243ms
243ms XHR
application/json 2606:4700:20::ac43:4b99
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wisepops.net/my-wisepop
Requested by: Host: loader.wisepops.com
URL: https://loader.wisepops.com/get-loader.js?v=1&site=smTHcXyqGH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b99 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e1c8e7ce2aebe70369f0d8f3a25a37273ec5af0857221d9e7321eee8246a9ed

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Accept: application/json
Referer: https://scan.identityguard.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 21:05:40 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
access-control-max-age: 86400
access-control-allow-methods: OPTIONS, POST, GET
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hfoLi%2BPOaGp0Mwi40qu95Icg9jzrcSpMBkLKUFzK9vuN8T9a36ChuhMb1iOPmAWUFLl9HRtSXTG3J%2BH39miUIQ46kmtf5aJGQlucOuxt6nPpU4uo8qmxL%2F2JH32MBMnarasyUg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cache-control: no-store
x-cloud-trace-context: 8838070402db267cec769641aa5d03ef
cf-ray: 87679d402d186943-FRA
access-control-allow-headers: *

POST
H2 200 /
activity.wisepops.com/ 0
0 164ms
164ms Fetch 2606:4700:20::681a:b13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://activity.wisepops.com/?v=2.1.23&site=smTHcXyqGH
Requested by: Host: loader.wisepops.com
URL: https://loader.wisepops.com/get-loader.js?v=1&site=smTHcXyqGH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://scan.identityguard.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 18 Apr 2024 21:05:41 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n7Sgd8TN3shKwBp4SPCCZIxDqDLMz7zTxMdTiw9BTHCPYyAqbSHgrSmQkPUveHHYXvzShxRFp%2BN5bu8dFgNuuhsMryQEbtUFTxaRnfGCXPD0v%2Bh9LmkYyUqbHB7%2FRGs2nvihJjM9KbxroPyrN0VxG3c%2Bxg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 87679d490c9e718b-FRA
content-length: 0

OPTIONS
H2 200 /
activity.wisepops.com/ Frame 0
0 426ms
166ms Preflight 2606:4700:20::681a:b13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://activity.wisepops.com/?v=2.1.23&site=smTHcXyqGH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://scan.identityguard.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
cf-cache-status: DYNAMIC
cf-ray: 87679d480b54718b-FRA
content-length: 0
date: Thu, 18 Apr 2024 21:05:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HV%2FMz9PKJZjhPmS4unDOaLvnQ%2BtH1ekD4kKuu2nlXhOAJRiBNDgcFbLKCFfA8pgElqWMZSQfd8fvUTeQs0tY9YZoqYTGh1EDQQAENqr%2F9Vw77K7FWWoPJ86sbQL5JnJwi5z8tGdVFBGtQxzu2Y2OMAbQWg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: events.figleafapp.com
URL: https://events.figleafapp.com/event

Domain: wisepops.net
URL: https://wisepops.net/my-wisepop

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.scan.identityguard.com/	1969-12-31 23:59:59	Name: pageviewCount Value: 1
.identityguard.com/	1970-01-20 22:07:30	Name: _gcl_au Value: 1.1.1431549314.1713474339
.scan.identityguard.com/	1969-12-31 23:59:59	Name: originalLocation Value: https://scan.identityguard.com/
.identityguard.com/	1970-01-21 05:33:54	Name: _ga Value: GA1.2.448513940.1713474339
.identityguard.com/	1970-01-20 19:59:20	Name: _gid Value: GA1.2.1701689301.1713474339
.scan.identityguard.com/	1970-01-20 19:57:56	Name: _gaclientid Value: 448513940.1713474339
.scan.identityguard.com/	1970-01-20 19:57:56	Name: _gasessionid Value: 20240418\|00942016
.identityguard.com/	1970-01-20 19:57:54	Name: _gat_UA-84624907-1 Value: 1
.identityguard.com/	1969-12-31 23:59:59	Name: IR_gbd Value: identityguard.com
.identityguard.com/	1969-12-31 23:59:59	Name: IR_8563 Value: 1713474338874%7C0%7C1713474338874%7C%7C
.identityguard.com/	1970-01-20 19:59:20	Name: _uetsid Value: 68858e60fdc711ee881b8d0b266f8c65
.identityguard.com/	1970-01-21 05:19:30	Name: _uetvid Value: 6885a2f0fdc711ee83e3c154de735068
.bing.com/	1970-01-21 05:19:30	Name: MUID Value: 29B5A1419F896D770EF5B5249E256C2D
.y8uw.net/	1970-01-21 05:33:54	Name: brwsr Value: 3aac8d5f-fdc7-11ee-94a5-79ff8148c1f1
.y8uw.net/	1970-01-20 19:59:20	Name: irtps Value: 1
.identityguard.com/	1970-01-21 05:33:54	Name: IR_PI Value: 3aac8d5f-fdc7-11ee-94a5-79ff8148c1f1%7C1713474338874
.identityguard.com/	1970-01-20 22:07:30	Name: _fbp Value: fb.1.1713474339121.1249583383
identityguard.y8uw.net/	1970-01-20 20:07:59	Name: AWSALBCORS Value: KMxEVmcZmXu1IvyQaRSRUxfGFoM8s6SZ9jGBUIJTIrwmWTN77Dxoy2tR2+D8QGpGwdMYlgWfEO3o8+MLva+sxtIvCt/KGXw9zG97UVNsWCNxfg1v7Kl3QO9W8J1W
prism.app-us1.com/	1970-01-20 20:41:06	Name: prism_252689739 Value: 83d34a81-2974-4d9e-a1b5-9e2c2e0baaca
.identityguard.com/	1970-01-20 20:41:06	Name: prism_252689739 Value: 83d34a81-2974-4d9e-a1b5-9e2c2e0baaca
.ojrq.net/	1970-01-21 05:33:54	Name: brwsr Value: 68b31599-fdc7-11ee-a284-7bd3fe07d428
.identityguard.com/	1970-01-21 05:33:54	Name: wisepops Value: %7B%22popups%22%3A%7B%7D%2C%22sub%22%3A0%2C%22ucrn%22%3A43%2C%22cid%22%3A%2248157%22%2C%22v%22%3A4%2C%22bandit%22%3A%7B%22recos%22%3A%7B%7D%7D%7D
.scan.identityguard.com/	1970-01-20 19:57:56	Name: _gahitid Value: 23:05:39
.identityguard.com/	1970-01-21 05:33:54	Name: _ga_N4N2SSKFKB Value: GS1.1.1713474338.1.0.1713474339.0.0.0
.identityguard.com/	1970-01-21 05:33:54	Name: wisepops_visitor Value: %7B%22smTHcXyqGH%22%3A%22f9a4122d-cdac-4449-948e-5c875a079e77%22%7D
.identityguard.com/	1970-01-21 05:33:54	Name: wisepops_visits Value: %5B%222024-04-18T21%3A05%3A38.705Z%22%5D
.identityguard.com/	1969-12-31 23:59:59	Name: wisepops_session Value: %7B%22arrivalOnSite%22%3A%222024-04-18T21%3A05%3A38.705Z%22%2C%22mtime%22%3A1713474339839%2C%22pageviews%22%3A2%2C%22popups%22%3A%7B%7D%2C%22bars%22%3A%7B%7D%2C%22sticky%22%3A%7B%7D%2C%22countdowns%22%3A%7B%7D%2C%22src%22%3Anull%2C%22utm%22%3A%7B%7D%2C%22testIp%22%3Anull%7D

15 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://scan.identityguard.com/ Message: Access to fetch at 'https://events.figleafapp.com/event' from origin 'https://scan.identityguard.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://events.figleafapp.com/event Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: https://scan.identityguard.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://scan.identityguard.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://scan.identityguard.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://scan.identityguard.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://scan.identityguard.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.facebook.net/signals/config/2547517725517342?v=2.9.154&r=stable&domain=scan.identityguard.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105(Line 107) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://scan.identityguard.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://scan.identityguard.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://scan.identityguard.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://scan.identityguard.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://scan.identityguard.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://scan.identityguard.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://scan.identityguard.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

activity.wisepops.com
api.figleaf.online
bat.bing.com
connect.facebook.net
d.impactradius-event.com
diffuser-cdn.app-us1.com
events.figleafapp.com
fonts.googleapis.com
fonts.gstatic.com
identityguard.y8uw.net
loader.wisepops.com
prism.app-us1.com
region1.google-analytics.com
s.yimg.com
scan.identityguard.com
sp.analytics.yahoo.com
trackcmp.net
wisepops.net
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.ojrq.net
events.figleafapp.com
wisepops.net
142.250.185.196
142.250.74.206
143.204.98.12
18.66.122.54
2001:4860:4802:32::36
212.82.100.181
2606:4700:20::681a:b13
2606:4700:20::ac43:4b99
2606:4700:4400::6812:22d6
2606:4700::6811:1fae
2606:4700::6812:80d8
2620:1ec:c11::237
2a00:1288:80:807::2
2a00:1450:4001:800::2003
2a00:1450:4001:803::200e
2a00:1450:4001:813::2008
2a00:1450:4001:81d::200a
2a00:1450:4001:830::2003
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
34.95.127.121
35.186.249.72
54.194.110.229
017cbf20f4de51f004321733c34fc52fd8106a2048e07499f15ee4bc27d0d63c
078751117ee4d17e09b4d4ac5d9f7358bc4487cb94561df738c6ee000eeffb4d
0e1c8e7ce2aebe70369f0d8f3a25a37273ec5af0857221d9e7321eee8246a9ed
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
16ab274f0ede84be01a0361263faeb3ff18d2d95d155d6b9d654ef37f87db1f5
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
30214cc0edaef2f6968133b640aaf766ec95d744b11ecb1fea7ff2657e55e861
37510e1da4273ba638b3292766c95bffb809eec0ffb0e03c65ce5db7dc18a4db
3876a2311f61c46b5cc2189ecfd647d3cb81b24a99b87997b2d1bd2bf0dc3144
3958a93184f498eaa140c746fa8b3ce7e540d38898f2b1c1acf9c7e8f6c5f429
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
448d148959ef2e3aebecb0805ec53e7de9b57ad8aefe74c95090908a1c8f0e09
470cad41bb8c2b8ae27f8b1abf81a28f775a8f4772ca82f32efdba734acf7138
480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91
66374c6e5e7bae30fe168dfa7eeedc8bdde2fa3d7c5c5ccaf01ef8e2732859ac
7c85d29b5cda981b97f416b01ee20b769884a95cee7676b1d29732559b7492a3
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85f407912384186334577f65bf6bb88045bd96f5222d7c696cc71303d65c826a
9515557035c3d4af20ed848ee45e7f8815f206954d0bdc994e46f757e82b5a19
a156eefb029ece8a073b05605ec0d2cca00c9e43939eb33c7e30264575155ade
aca5dec430a7470ff1d8a16f9e7bb3ca30f2ff58f3bd60432cf1dddfa30c9d71
c86a9ff9675183d36f664b6adefba7c72e7e15170e0f40eed96324f552c3ac82
d06715d4139a3879961b0674d6ab713848cebe48df903b34f52e2b5a9461d249
d089645b31870f36166955acb33e8b316621fbc135832298e1fda8ca381dcd1f
d6e89de11762fe59e3839888bff2cf214a3196f0fbb681c7c41c32087774100e
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec34cd386427fe6deacf99f4fdbeea4b1d1ed25f505411650d7ceaa843a7fc63
f4b63a898b7c8d679d9fbb3a036c0e9be2fbd36047f48955b5d640effbe8697f
f60e7d02599d466e44fc82fb32700630b19b41a24fa946d1b8f17a71432b7c28

scan.identityguard.com Open in urlscan Pro 143.204.98.12 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

45 Requests

93 %HTTPS

65 %IPv6

20 Domains

24 Subdomains

24 IPs

4 Countries

815 kBTransfer

2374 kBSize

27 Cookies

3 Outgoing links

Page URL History

Redirected requests

45 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

scan.identityguard.com Open in urlscan Pro
143.204.98.12 Public Scan

Screenshot
Live screenshot

Full Image

45
Requests

93 %
HTTPS

65 %
IPv6

20
Domains

24
Subdomains

24
IPs

4
Countries

815 kB
Transfer

2374 kB
Size

27
Cookies

45 HTTP transactions
0 data transactions