network.channelbytes.com Open in urlscan Pro
2606:4700:3030::6812:2e0f Public Scan

Go To Rescan
Add Verdict Report

URL:
https://network.channelbytes.com/nexum/shape/credential-stuffing/
Submission: On August 24 via manual (August 24th 2020, 8:06:43 pm UTC) from US

Summary HTTP 91 Redirects Behaviour Indicators

Summary

This website contacted 38 IPs in 6 countries across 33 domains to perform 91 HTTP transactions. The main IP is 2606:4700:3030::6812:2e0f, located in United States and belongs to CLOUDFLARENET, US. The main domain is network.channelbytes.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on September 28th 2019. Valid for: a year.

This is the only time network.channelbytes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	2606:4700:303... 2606:4700:3030::6812:2e0f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	13.226.155.103 13.226.155.103	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:a823	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:821::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:5a6d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	13.226.155.84 13.226.155.84	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:820::2008	15169 (GOOGLE) (GOOGLE)
18	13.226.156.176 13.226.156.176	16509 (AMAZON-02) (AMAZON-02)
1	151.101.13.181 151.101.13.181	54113 (FASTLY) (FASTLY)
1	92.122.252.43 92.122.252.43	16625 (AKAMAI-AS) (AKAMAI-AS)
7	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
1	13.224.186.88 13.224.186.88	16509 (AMAZON-02) (AMAZON-02)
2	52.203.155.177 52.203.155.177	14618 (AMAZON-AES) (AMAZON-AES)
1	151.101.192.65 151.101.192.65	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:81d::200a	15169 (GOOGLE) (GOOGLE)
1	34.224.248.58 34.224.248.58	14618 (AMAZON-AES) (AMAZON-AES)
6	2a00:1450:400... 2a00:1450:4001:81a::2003	15169 (GOOGLE) (GOOGLE)
3	147.75.102.203 147.75.102.203	54825 (PACKET) (PACKET)
2	2620:116:800d... 2620:116:800d:21:36a9:ecb:e518:b308	16509 (AMAZON-02) (AMAZON-02)
2	199.232.53.140 199.232.53.140	54113 (FASTLY) (FASTLY)
1	2a02:26f0:10c... 2a02:26f0:10c:39e::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 3	2606:4700::68... 2606:4700::6811:915b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700::68... 2606:4700::6813:ff58	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	64.202.112.191 64.202.112.191	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	2600:9000:218... 2600:9000:2182:4800:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	2a05:f500:10:... 2a05:f500:10:101::b93f:9105	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
6 9	52.51.60.151 52.51.60.151	16509 (AMAZON-02) (AMAZON-02)
4	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	63.33.1.59 63.33.1.59	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
1 1	2a00:1288:f03... 2a00:1288:f03d:1fa::2000	10310 (YAHOO-1) (YAHOO-1)
1	52.7.90.251 52.7.90.251	14618 (AMAZON-AES) (AMAZON-AES)
1 2	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	172.217.16.162 172.217.16.162	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:81d::2002	15169 (GOOGLE) (GOOGLE)
1 2	37.252.172.249 37.252.172.249	29990 (ASN-APPNEX) (ASN-APPNEX)
91	38

3 2606:4700:3030::6812:2e0f (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

network.channelbytes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.226.155.103 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-155-103.dus51.r.cloudfront.net

builder-assets.unbounce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a823 (United States)

ASN13335 (CLOUDFLARENET, US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:821::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:5a6d (United States)

ASN13335 (CLOUDFLARENET, US)

reelaxis.activehosted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.226.155.84 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-155-84.dus51.r.cloudfront.net

assets.ub-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 13.226.156.176 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-156-176.dus51.r.cloudfront.net

d9hhrg4mnvzow.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.13.181 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

views.unsplash.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.122.252.43 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a92-122-252-43.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.186.88 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-186-88.fra2.r.cloudfront.net

d3rxaij56vjege.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.203.155.177 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-155-177.compute-1.amazonaws.com

trackcmp.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.192.65 (United States)

ASN54113 (FASTLY, US)

tag.marinsm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.224.248.58 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-224-248-58.compute-1.amazonaws.com

events.ub-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:81a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 147.75.102.203 (Central, Hong Kong)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress15

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:36a9:ecb:e518:b308 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.232.53.140 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:10c:39e::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:915b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

prism.app-us1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
diffuser-cdn.app-us1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6813:ff58 (United States)

ASN13335 (CLOUDFLARENET, US)

app.termly.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.202.112.191 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
amplifypixel.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2182:4800:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:f500:10:101::b93f:9105 (Ireland) 1 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 52.51.60.151 (Dublin, Ireland) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-60-151.eu-west-1.compute.amazonaws.com

pixel-geo.prfct.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.33.1.59 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-1-59.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:f03d:1fa::2000 (United Kingdom) 1 redirects

ASN10310 (YAHOO-1, US)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.7.90.251 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-90-251.compute-1.amazonaws.com

pixel.prfct.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.162 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.172.249 (Ascension Island) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	cloudfront.net d9hhrg4mnvzow.cloudfront.net d3rxaij56vjege.cloudfront.net	708 KB
10	prfct.co 6 redirects pixel-geo.prfct.co pixel.prfct.co	4 KB
7	google-analytics.com www.google-analytics.com	36 KB
6	gstatic.com fonts.gstatic.com	61 KB
5	termly.io app.termly.io	41 KB
4	facebook.com www.facebook.com	677 B
4	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com in.hotjar.com	72 KB
4	ub-analytics.com assets.ub-analytics.com events.ub-analytics.com	35 KB
3	linkedin.com 2 redirects px.ads.linkedin.com www.linkedin.com	3 KB
3	app-us1.com 1 redirects prism.app-us1.com diffuser-cdn.app-us1.com	6 KB
3	facebook.net connect.facebook.net	300 KB
3	outbrain.com amplify.outbrain.com tr.outbrain.com amplifypixel.outbrain.com	4 KB
3	googleapis.com ajax.googleapis.com fonts.googleapis.com	50 KB
3	unbounce.com builder-assets.unbounce.com	39 KB
3	channelbytes.com 1 redirects network.channelbytes.com	13 KB
2	adnxs.com 1 redirects secure.adnxs.com	2 KB
2	doubleclick.net 2 redirects cm.g.doubleclick.net	2 KB
2	openx.net 1 redirects us-u.openx.net	473 B
2	bing.com bat.bing.com	8 KB
2	quantserve.com secure.quantserve.com pixel.quantserve.com	8 KB
2	trackcmp.net trackcmp.net	670 B
2	googletagmanager.com www.googletagmanager.com	78 KB
1	rubiconproject.com pixel.rubiconproject.com	239 B
1	yahoo.com 1 redirects ads.yahoo.com	477 B
1	twitter.com analytics.twitter.com	574 B
1	reddit.com alb.reddit.com	212 B
1	quantcount.com rules.quantcount.com	358 B
1	licdn.com snap.licdn.com	2 KB
1	redditstatic.com www.redditstatic.com	6 KB
1	marinsm.com tag.marinsm.com	4 KB
1	unsplash.com views.unsplash.com
1	activehosted.com reelaxis.activehosted.com	6 KB
1	cloudflare.com ajax.cloudflare.com	4 KB
91	33

	Domain	Requested by
18	d9hhrg4mnvzow.cloudfront.net	network.channelbytes.com
9	pixel-geo.prfct.co	6 redirects
7	www.google-analytics.com	network.channelbytes.com www.googletagmanager.com
6	fonts.gstatic.com	fonts.googleapis.com
5	app.termly.io	network.channelbytes.com app.termly.io
4	www.facebook.com
3	connect.facebook.net	network.channelbytes.com connect.facebook.net
3	assets.ub-analytics.com	ajax.cloudflare.com assets.ub-analytics.com
3	builder-assets.unbounce.com	network.channelbytes.com ajax.cloudflare.com
3	network.channelbytes.com	1 redirects network.channelbytes.com
2	secure.adnxs.com	1 redirects
2	cm.g.doubleclick.net	2 redirects
2	us-u.openx.net	1 redirects
2	px.ads.linkedin.com	1 redirects
2	prism.app-us1.com	1 redirects prism.app-us1.com
2	bat.bing.com	network.channelbytes.com
2	trackcmp.net	network.channelbytes.com prism.app-us1.com
2	www.googletagmanager.com	ajax.cloudflare.com network.channelbytes.com
2	ajax.googleapis.com	ajax.cloudflare.com
1	pixel.quantserve.com
1	pixel.rubiconproject.com
1	pixel.prfct.co
1	ads.yahoo.com	1 redirects
1	analytics.twitter.com
1	in.hotjar.com	script.hotjar.com
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	alb.reddit.com
1	www.linkedin.com	1 redirects
1	rules.quantcount.com	secure.quantserve.com
1	amplifypixel.outbrain.com
1	tr.outbrain.com
1	diffuser-cdn.app-us1.com
1	snap.licdn.com	www.googletagmanager.com
1	www.redditstatic.com	www.googletagmanager.com
1	secure.quantserve.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	events.ub-analytics.com
1	fonts.googleapis.com	builder-assets.unbounce.com
1	tag.marinsm.com	network.channelbytes.com
1	d3rxaij56vjege.cloudfront.net	reelaxis.activehosted.com
1	amplify.outbrain.com	network.channelbytes.com
1	views.unsplash.com	network.channelbytes.com
1	reelaxis.activehosted.com	ajax.cloudflare.com
1	ajax.cloudflare.com	network.channelbytes.com
91	45

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-09-28` - `2020-09-27`	a year	crt.sh
*.unbounce.com Amazon	`2020-04-08` - `2021-05-08`	a year	crt.sh
ajax.cloudflare.com DigiCert ECC Secure Server CA	`2020-08-11` - `2022-08-16`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
ssl763678.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2020-05-20` - `2020-11-26`	6 months	crt.sh
*.ub-analytics.com Amazon	`2020-06-08` - `2021-07-08`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh
p.ssl.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-09-03` - `2021-02-22`	a year	crt.sh
*.outbrain.com DigiCert SHA2 Secure Server CA	`2020-03-09` - `2021-06-08`	a year	crt.sh
*.trackcmp.net Amazon	`2020-03-31` - `2021-04-30`	a year	crt.sh
g.ssl.fastly.net GlobalSign Organization Validation CA - SHA256 - G2	`2020-08-14` - `2021-07-11`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
static.hotjar.com Let's Encrypt Authority X3	`2020-08-16` - `2020-11-14`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2019-10-04` - `2020-10-07`	a year	crt.sh
www.redditstatic.com DigiCert SHA2 Secure Server CA	`2020-04-06` - `2020-10-03`	6 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-07-21` - `2020-10-12`	3 months	crt.sh
www.bing.com Microsoft IT TLS CA 2	`2019-04-30` - `2021-04-30`	2 years	crt.sh
app.termly.io Go Daddy Secure Certificate Authority - G2	`2020-03-13` - `2021-05-12`	a year	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2020-08-05` - `2021-02-05`	6 months	crt.sh
*.prfct.co DigiCert SHA2 Secure Server CA	`2019-09-03` - `2021-10-27`	2 years	crt.sh
*.reddit.com DigiCert SHA2 Secure Server CA	`2020-04-06` - `2020-10-03`	6 months	crt.sh
script.hotjar.com Let's Encrypt Authority X3	`2020-08-17` - `2020-11-15`	3 months	crt.sh
vars.hotjar.com Let's Encrypt Authority X3	`2020-08-15` - `2020-11-13`	3 months	crt.sh
*.hotjar.com Amazon	`2019-09-27` - `2020-10-27`	a year	crt.sh
*.twitter.com DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2021-03-02`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-01-10` - `2021-01-14`	2 years	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh

This page contains 2 frames:

Primary Page: https://network.channelbytes.com/nexum/shape/credential-stuffing/
Frame ID: 28081E69C8D076DEAA137409C1533377
Requests: 89 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: 5F38D3C3DE96FA13C1DC72513CB88EEF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://network.channelbytes.com/nexum/shape/credential-stuffing HTTP 301
https://network.channelbytes.com/nexum/shape/credential-stuffing/ Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

91
Requests

99 %
HTTPS

51 %
IPv6

33
Domains

45
Subdomains

38
IPs

6
Countries

1488 kB
Transfer

3411 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://network.channelbytes.com/nexum/shape/credential-stuffing HTTP 301
https://network.channelbytes.com/nexum/shape/credential-stuffing/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 55

https://prism.app-us1.com/prism.js HTTP 301
https://diffuser-cdn.app-us1.com/diffuser/diffuser.js

Request Chain 65

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1296329&url=https%3A%2F%2Fnetwork.channelbytes.com%2Fnexum%2Fshape%2Fcredential-stuffing%2F&time=1598299587075 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1296329%26url%3Dhttps%253A%252F%252Fnetwork.channelbytes.com%252Fnexum%252Fshape%252Fcredential-stuffing%252F%26time%3D1598299587075%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1296329&url=https%3A%2F%2Fnetwork.channelbytes.com%2Fnexum%2Fshape%2Fcredential-stuffing%2F&time=1598299587075&liSync=true

Request Chain 68

https://pixel-geo.prfct.co/tagjs?a_id=87427&source=js_tag HTTP 302
https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=87427&source=js_tag

Request Chain 81

https://pixel-geo.prfct.co/cs/?partnerId=twtr HTTP 302
https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_uqUjhZhRXEva3e3TT

Request Chain 82

https://pixel-geo.prfct.co/cs/?partnerId=yah HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10001073209&eid=pa_uqUjhZhRXEva3e3TT&sigv=1&esig=2~48a3861595e4888992534a50af394b7823a5123b HTTP 302
https://pixel.prfct.co/cb?partnerId=yah&xid=E0&eid=pa_uqUjhZhRXEva3e3TT

Request Chain 83

https://pixel-geo.prfct.co/cs/?partnerId=opx HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537114372&val=pa_uqUjhZhRXEva3e3TT HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537114372&val=pa_uqUjhZhRXEva3e3TT

Request Chain 84

https://pixel-geo.prfct.co/cs/?partnerId=rbcn HTTP 302
https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_uqUjhZhRXEva3e3TT

Request Chain 85

https://pixel-geo.prfct.co/cs/?partnerId=goo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=nowspots_bidder&google_hm=cGFfdXFVamhaaFJYRXZhM2UzVFQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=nowspots_bidder&google_hm=cGFfdXFVamhaaFJYRXZhM2UzVFQ&google_tc= HTTP 302
https://pixel-geo.prfct.co/cb?partnerId=goo

Request Chain 87

https://secure.adnxs.com/seg?t=2&add=15617219 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D15617219

91 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
network.channelbytes.com/nexum/shape/credential-stuffing/
Redirect Chain

https://network.channelbytes.com/nexum/shape/credential-stuffing
https://network.channelbytes.com/nexum/shape/credential-stuffing/

97 KB
12 KB

34ms
33ms

Document
text/html

2606:4700:3030::6812:2e0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://network.channelbytes.com/nexum/shape/credential-stuffing/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6812:2e0f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc62193b5bbc429377f351574e2d1b0d62cb3e896affb803ac50fccd543a79bf

Request headers

:method: GET
:authority: network.channelbytes.com
:scheme: https
:path: /nexum/shape/credential-stuffing/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=de839f18f8ce1ef581aea063b99ee929e1598299586
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Mon, 24 Aug 2020 20:06:26 GMT
content-type: text/html; charset=UTF-8
p3p: CP="This is not a privacy policy."
x-unbounce-pageid: 4dd3491d-9a7b-4037-9945-7564794c63f6
content-location: https://network.channelbytes.com/nexum/shape/credential-stuffing/
x-unbounce-visitorid: 162.158.91.2281598738005282819
last-modified: Wed, 19 Aug 2020 00:11:07 GMT
x-unbounce-variant: b
link: <https://network.channelbytes.com/nexum/shape/credential-stuffing/>; rel="canonical"
set-cookie: ubpv=b%2C4dd3491d-9a7b-4037-9945-7564794c63f6; Max-Age=15897600; Expires=Wed, 24 Feb 2021 20:06:26 GMT; Path=/nexum/shape/credential-stuffing/ ubrs=weighted; Path=/nexum/shape/credential-stuffing/ ubvs=162.158.91.2281598738005282819; Max-Age=15552000; Expires=Sat, 20 Feb 2021 20:06:26 GMT; Path=/ ubvt=162.158.91.2281598738005282819; Max-Age=259200; Expires=Thu, 27 Aug 2020 20:06:26 GMT; Path=/; Domain=channelbytes.com
x-proxy-backend: page-server
cf-cache-status: DYNAMIC
cf-request-id: 04c3ad56170000c28151837200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5c7fb19cfc20c281-FRA
content-encoding: br

Redirect headers

status: 301
date: Mon, 24 Aug 2020 20:06:26 GMT
content-length: 0
set-cookie: __cfduid=de839f18f8ce1ef581aea063b99ee929e1598299586; expires=Wed, 23-Sep-20 20:06:26 GMT; path=/; domain=.channelbytes.com; HttpOnly; SameSite=Lax; Secure
p3p: CP="This is not a privacy policy."
location: https://network.channelbytes.com/nexum/shape/credential-stuffing/
x-proxy-backend: page-server
cf-cache-status: DYNAMIC
cf-request-id: 04c3ad55dc0000c28151831200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5c7fb19c9b38c281-FRA

GET
H2 200 main-7b78720.z.css
builder-assets.unbounce.com/published-css/ 15 KB
3 KB 172ms
57ms Stylesheet
text/css 13.226.155.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/published-css/main-7b78720.z.css
Requested by: Host: network.channelbytes.com
URL: https://network.channelbytes.com/nexum/shape/credential-stuffing/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.103 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-103.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863

Request headers

Referer: https://network.channelbytes.com/nexum/shape/credential-stuffing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 14 Jul 2020 02:16:13 GMT
content-encoding: gzip
age: 3606614
x-cache: Hit from cloudfront
status: 200
content-length: 2902
last-modified: Tue, 30 Jun 2020 22:29:58 GMT
server: AmazonS3
etag: "470c7d8905ed465c552f0361fd5de76d"
x-amz-version-id: KDnUy4xU7kdqjpL5piAcFBu46aobu9N8
via: 1.1 0ee6aea018b9489b266252370f1e002e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: text/css
x-amz-cf-id: 2tMYfz2mL5kOGN-bsb1yIH6azLmX8Z4l6ORhw1hxCUKZrcfOnf1uyw==

GET
H2 200 email-decode.min.js Show response
network.channelbytes.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
870 B 9ms
8ms Script
application/javascript 2606:4700:3030::6812:2e0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://network.channelbytes.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: network.channelbytes.com
URL: https://network.channelbytes.com/nexum/shape/credential-stuffing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:2e0f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://network.channelbytes.com/nexum/shape/credential-stuffing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 20:06:26 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Mon, 17 Aug 2020 17:01:45 GMT
server: cloudflare
etag: W/"5f3ab7f9-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/javascript
status: 200
cache-control: max-age=172800, public
cf-ray: 5c7fb19d3cd7c281-FRA
cf-request-id: 04c3ad56430000c2815183c200000001
expires: Wed, 26 Aug 2020 20:06:26 GMT

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ 12 KB
4 KB 21ms
20ms Script
application/javascript 2606:4700::6810:a823
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Requested by

Host: network.channelbytes.com
URL: https://network.channelbytes.com/nexum/shape/credential-stuffing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a823 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://network.channelbytes.com/nexum/shape/credential-stuffing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 20:06:26 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Mon, 17 Aug 2020 17:01:45 GMT
server: cloudflare
etag: W/"5f3ab7f9-3016"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/javascript
status: 200
cache-control: max-age=172800, public
strict-transport-security: max-age=15780000; includeSubDomains
cf-ray: 5c7fb19d3b67c2a4-FRA
cf-request-id: 04c3ad56470000c2a454003200000001
expires: Wed, 26 Aug 2020 20:06:26 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 main.bundle-5c6e41c.z.js Show response
builder-assets.unbounce.com/published-js/ 104 KB
33 KB 69ms
66ms Script
application/javascript 13.226.155.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/published-js/main.bundle-5c6e41c.z.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.103 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-103.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5c6e41cab44d3fc8958df6b852e4e728360a81d7a5fc3079b36e677cc07f8edb

Request headers

Referer: https://network.channelbytes.com/nexum/shape/credential-stuffing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 16 Jul 2020 02:35:24 GMT
content-encoding: gzip
age: 3432662
x-cache: Hit from cloudfront
status: 200
content-length: 33645
last-modified: Tue, 30 Jun 2020 22:29:52 GMT
server: AmazonS3
etag: "9dc8d28a27df65c315929b66c95d2899"
x-amz-version-id: 4zHh0ApgwVuCoJPlJAskimjqGXMeeR4f
via: 1.1 0ee6aea018b9489b266252370f1e002e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: HF_2WQfUb8WbcAm_AyFGkoay-3sC8fdaKsVZiUGVCmT98Gu5KAu0_A==

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.4.2/ 70 KB
25 KB 26ms
5ms Script
text/javascript 2a00:1450:4001:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://network.channelbytes.com/nexum/shape/credential-stuffing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 09:07:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39519
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24715
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Aug 2021 09:07:47 GMT

GET
H2 200 embed.php Show response
reelaxis.activehosted.com/f/ 23 KB
6 KB 230ms
203ms Script
text/javascript 2606:4700::6811:5a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://reelaxis.activehosted.com/f/embed.php?id=381
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:5a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 682771e18246aec081438e0c0428b3db4275c649f095be2ed03a3a5c285fb843

Request headers

Referer: https://network.channelbytes.com/nexum/shape/credential-stuffing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Aug 2020 20:06:26 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/javascript;charset=UTF-8
status: 200
cache-control: no-store, no-cache, must-revalidate
cf-ray: 5c7fb19e7abd1f19-FRA
cf-request-id: 04c3ad570c00001f192387b200000001
x-request-id: 813de593d04cf0d8267a6c377c1203f4
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 ub.js Show response
assets.ub-analytics.com/ 6 KB
2 KB 165ms
52ms Script
application/javascript 13.226.155.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.ub-analytics.com/ub.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.84 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-84.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 33182948e9715ac7fd11c9366c04f76f2f6efa3f3c4ae01da2886fa97b95db1e

Request headers

Referer: https://network.channelbytes.com/nexum/shape/credential-stuffing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 22 Aug 2020 23:31:33 GMT
content-encoding: gzip
age: 160494
x-cache: Hit from cloudfront
status: 200
content-length: 2067
last-modified: Mon, 10 Aug 2020 22:15:06 GMT
server: AmazonS3
etag: "73cfb60ef10d55ee9b32acd75c524a10"
x-amz-version-id: xNPsSRnrUwU0fTCse5b3wlFYgUhneBOQ
via: 1.1 e542677c3bd2d6c30a5ed3dab78f8476.cloudfront.net (CloudFront)
cache-control: max-age=31536000; must-revalidate
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: N_bPrhvk_3NnjJOuOPrcz97BfaUHwMAaaOTrfFU_QvakepKScHqtFg==

GET
H2 200 ub.js Show response
assets.ub-analytics.com/ 6 KB
2 KB 165ms
52ms Script
application/javascript 13.226.155.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.ub-analytics.com/ub.js?1597177540
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.84 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-84.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 33182948e9715ac7fd11c9366c04f76f2f6efa3f3c4ae01da2886fa97b95db1e

Request headers

Referer: https://network.channelbytes.com/nexum/shape/credential-stuffing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 17 Aug 2020 00:24:50 GMT
content-encoding: gzip
age: 675697
x-cache: Hit from cloudfront
status: 200
content-length: 2067
last-modified: Mon, 10 Aug 2020 22:15:06 GMT
server: AmazonS3
etag: "73cfb60ef10d55ee9b32acd75c524a10"
x-amz-version-id: xNPsSRnrUwU0fTCse5b3wlFYgUhneBOQ
via: 1.1 e542677c3bd2d6c30a5ed3dab78f8476.cloudfront.net (CloudFront)
cache-control: max-age=31536000; must-revalidate
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: 8wtkMdqRMZZ5dDHUK72sdjwPsnHo5bOEXYESjLHjd3OUoWODiQ_j9A==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 89 KB
35 KB 32ms
30ms Script
application/javascript 2a00:1450:4001:820::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-124418712-56

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

73de9659a327b26997032050c73b196859b3fa4bac10e894ce659ed0eb615765

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://network.channelbytes.com/nexum/shape/credential-stuffing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 20:06:26 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35808
x-xss-protection: 0
last-modified: Mon, 24 Aug 2020 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 24 Aug 2020 20:06:26 GMT

GET
H2 200 jquery-shims.bundle-0983003.z.js Show response
builder-assets.unbounce.com/published-js/ 6 KB
2 KB 68ms
66ms Script
application/javascript 13.226.155.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/published-js/jquery-shims.bundle-0983003.z.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.103 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-103.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0983003c2827bd0b24985d096cb40456780a70afc96c5913bf1217529c18254b

Request headers

Referer: https://network.channelbytes.com/nexum/shape/credential-stuffing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 02:03:35 GMT
content-encoding: gzip
age: 1015372
x-cache: Hit from cloudfront
status: 200
content-length: 1993
last-modified: Tue, 30 Jun 2020 22:29:52 GMT
server: AmazonS3
etag: "ccdd40cac1be8f93db3910b69d708a4f"
x-amz-version-id: uV0Nf9jsdUuL2abthavd_N_exvT.UwJD
via: 1.1 0ee6aea018b9489b266252370f1e002e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: Kbg584N7Ji_dt94D3HIdgQdb4jAQRxQpAbAXkGi6x3HaQE0tK3s70A==

GET
H2 200 tuv4dy-1140-gride_1000000000000000000028.png
d9hhrg4mnvzow.cloudfront.net/network.channelbytes.com/nexum/shape/credential-stuffing/ 1 KB
2 KB 166ms
54ms Image
image/png 13.226.156.176
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/network.channelbytes.com/nexum/shape/credential-stuffing/tuv4dy-1140-gride_1000000000000000000028.png
Requested by: Host: network.channelbytes.com
URL: https://network.channelbytes.com/nexum/shape/credential-stuffing/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.156.176 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-156-176.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f62a727a558bad16bd82f19211814907cff1c63041e952cb0e04bbc794d63c90

Request headers

Referer: https://network.channelbytes.com/nexum/shape/credential-stuffing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 18:50:49 GMT
via: 1.1 821feb380ab4aeca6ae9157aa1190ff2.cloudfront.net (CloudFront)
last-modified: Wed, 19 Aug 2020 00:11:07 GMT
server: AmazonS3
age: 4538
etag: "4d223083c4f852d90ff245c57a093eb8"
x-cache: Hit from cloudfront
x-amz-version-id: UQukMYKkri5zPRWnyq8lp_yTuoZ7KTi6
status: 200
cache-control: max-age=31557600
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: image/png
content-length: 1526
x-amz-cf-id: r0QXhTgodezISwzTl_mEkst4715dx-yiQlu8qPhdnCTDWUhWcjkbdg==

GET
H2 200 fdf8e5ca-header-red_11hc0xh00000000000001o.jpg
d9hhrg4mnvzow.cloudfront.net/network.channelbytes.com/nexum/shape/credential-stuffing/ 35 KB
35 KB 181ms
70ms Image
image/jpeg 13.226.156.176
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/network.channelbytes.com/nexum/shape/credential-stuffing/fdf8e5ca-header-red_11hc0xh00000000000001o.jpg
Requested by: Host: network.channelbytes.com
URL: https://network.channelbytes.com/nexum/shape/credential-stuffing/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.156.176 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-156-176.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9681906d328f778d4364e650104471024fca37c8932d298f620cf85696f9ac69

Request headers

Referer: https://network.channelbytes.com/nexum/shape/credential-stuffing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 18:50:49 GMT
via: 1.1 821feb380ab4aeca6ae9157aa1190ff2.cloudfront.net (CloudFront)
last-modified: Wed, 19 Aug 2020 00:11:07 GMT
server: AmazonS3
age: 4538
etag: "3c81b92b6f947f8d79947a928b7c96ef"
x-cache: Hit from cloudfront
x-amz-version-id: SW9iaapdsHHE3JYx1gaIOeIEFPEtOHiL
status: 200
cache-control: max-age=31557600
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 35592
x-amz-cf-id: XpFWutkCuqziM4APOoNiexBdJCUDzvNvyOFNNphfcuwy-DDKV66TEA==

GET
H2 200 c3b1e3fc-noisebackground_100000015o08s0000gg028.png
d9hhrg4mnvzow.cloudfront.net/network.channelbytes.com/nexum/shape/credential-stuffing/ 132 KB
133 KB 254ms
144ms Image
image/png 13.226.156.176
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/network.channelbytes.com/nexum/shape/credential-stuffing/c3b1e3fc-noisebackground_100000015o08s0000gg028.png
Requested by: Host: network.channelbytes.com
URL: https://network.channelbytes.com/nexum/shape/credential-stuffing/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.156.176 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-156-176.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 78e7ba05e12e02d85f77b162e7552e9ad357f44ff70c097e6f2aa77f771d86ea

Request headers

Referer: https://network.channelbytes.com/nexum/shape/credential-stuffing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 18:50:49 GMT
via: 1.1 821feb380ab4aeca6ae9157aa1190ff2.cloudfront.net (CloudFront)
last-modified: Wed, 19 Aug 2020 00:11:07 GMT
server: AmazonS3
age: 4538
etag: "2994950826b02b6b93613b0f175d6077"
x-cache: Hit from cloudfront
x-amz-version-id: FdXpSMiNbXjKEPLzy0ESlsiWm.UOuw0h
status: 200
cache-control: max-age=31557600
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: image/png
content-length: 135403
x-amz-cf-id: QvnanDeqciS88fU7NnwUJ6JlKd1-fdhHGBfQq7qT6LxED_FzFkM3-A==

GET
H2 200 c3b1e3fc-noisebackground_100000015o0ro00006z028.png
d9hhrg4mnvzow.cloudfront.net/network.channelbytes.com/nexum/shape/credential-stuffing/ 413 KB
414 KB 203ms
93ms Image
image/png 13.226.156.176
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/network.channelbytes.com/nexum/shape/credential-stuffing/c3b1e3fc-noisebackground_100000015o0ro00006z028.png
Requested by: Host: network.channelbytes.com
URL: https://network.channelbytes.com/nexum/shape/credential-stuffing/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.156.176 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-156-176.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 380b6e0187acc7bdbb355fc42dd22cd8e187965053d14fc99a4126d52b23bbe4

Request headers

Referer: https://network.channelbytes.com/nexum/shape/credential-stuffing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 18:50:49 GMT
via: 1.1 821feb380ab4aeca6ae9157aa1190ff2.cloudfront.net (CloudFront)
last-modified: Wed, 19 Aug 2020 00:11:07 GMT
server: AmazonS3
age: 4538
etag: "719fe7d8420f3d620e1a5cdbe077030f"
x-cache: Hit from cloudfront
x-amz-version-id: 11904S30kibe5wSMLB8QQxJjlW8vyLF3
status: 200
cache-control: max-age=31557600
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: image/png
content-length: 422549
x-amz-cf-id: n2q4CTMInpE16X0AxozRLJKwzWjyFQF59RXDVIQsQYWYWDfWKFdz7Q==

GET
H2 200 3c89111a-unsplash-5qgiuubxkwm-gaining-a-deep-understanding-the-problems-that-cus_11hc0zk1hc0n600006701o.jpg
d9hhrg4mnvzow.cloudfront.net/network.channelbytes.com/nexum/shape/credential-stuffing/ 97 KB
97 KB 237ms
127ms Image
image/jpeg 13.226.156.176
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/network.channelbytes.com/nexum/shape/credential-stuffing/3c89111a-unsplash-5qgiuubxkwm-gaining-a-deep-understanding-the-problems-that-cus_11hc0zk1hc0n600006701o.jpg
Requested by: Host: network.channelbytes.com
URL: https://network.channelbytes.com/nexum/shape/credential-stuffing/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.156.176 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-156-176.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ce17defa1168d9e848302fefe1cac1f4c5c7714f8c95b770b335784a5ebe8bb4

Request headers

Referer: https://network.channelbytes.com/nexum/shape/credential-stuffing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 18:50:49 GMT
via: 1.1 821feb380ab4aeca6ae9157aa1190ff2.cloudfront.net (CloudFront)
last-modified: Wed, 19 Aug 2020 00:11:07 GMT
server: AmazonS3
age: 4538
etag: "181f16a0a99c7b4d441066e37793842b"
x-cache: Hit from cloudfront
x-amz-version-id: M7gDg0jct_MOG7_Tl_sambwZ94R62YKC
status: 200
cache-control: max-age=31557600
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 98894
x-amz-cf-id: B4gcq2tM3qz6mTnMFznECWOnSLusmJVspbHm5sw_Afc1DVUz6pN8KQ==

GET
H2 200 v
views.unsplash.com/ 0
0 124ms
40ms Image
application/json 151.101.13.181
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://views.unsplash.com/v?app_id=27955&photo_id=5qgiuubxkwm
Requested by: Host: network.channelbytes.com
URL: https://network.channelbytes.com/nexum/shape/credential-stuffing/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.181 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://network.channelbytes.com/nexum/shape/credential-stuffing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 6 KB
3 KB 265ms
99ms Script
application/x-javascript 92.122.252.43
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: network.channelbytes.com
URL: https://network.channelbytes.com/nexum/shape/credential-stuffing/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.122.252.43 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-252-43.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: ce4d3d4c8613f72679c0acc5e9bf7d968d8028272ffa7a67089f82b09e30f2f6

Request headers

Referer: https://network.channelbytes.com/nexum/shape/credential-stuffing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 24 Aug 2020 20:06:26 GMT
Content-Encoding: gzip
Last-Modified: Mon, 24 Aug 2020 14:22:13 GMT
Server: AkamaiNetStorage
ETag: "b00f427e3a9569aad2b73bf96a32dce4:1598278933.821616"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2693
Expires: Mon, 24 Aug 2020 20:26:26 GMT

GET
H/2+Q/46 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: network.channelbytes.com
URL: https://network.channelbytes.com/nexum/shape/credential-stuffing/

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://network.channelbytes.com/nexum/shape/credential-stuffing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Jun 2020 23:38:14 GMT
server: Golfe2
age: 5565
date: Mon, 24 Aug 2020 18:33:41 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18469
expires: Mon, 24 Aug 2020 20:33:41 GMT

GET
H/2+Q/46 200 gtm.js Show response
www.googletagmanager.com/ 123 KB
43 KB 93ms
78ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TTSVRK6

Requested by

Host: network.channelbytes.com
URL: https://network.channelbytes.com/nexum/shape/credential-stuffing/

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d8f55c9956bef0bc13cad72da8afeded91a945a5f9da98a082b46eccc45700dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://network.channelbytes.com/nexum/shape/credential-stuffing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 20:06:26 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43688
x-xss-protection: 0
last-modified: Mon, 24 Aug 2020 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 24 Aug 2020 20:06:26 GMT

GET
H2 200 sp-2.14.0.js Show response
assets.ub-analytics.com/ 98 KB
30 KB 64ms
64ms Script
application/javascript 13.226.155.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.ub-analytics.com/sp-2.14.0.js
Requested by: Host: assets.ub-analytics.com
URL: https://assets.ub-analytics.com/ub.js?1597177540
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.84 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-84.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb

Request headers

Referer: https://network.channelbytes.com/nexum/shape/credential-stuffing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 18 Aug 2020 23:58:16 GMT
content-encoding: gzip
age: 504490
x-cache: Hit from cloudfront
status: 200
content-length: 30399
last-modified: Mon, 10 Aug 2020 16:38:07 GMT
server: AmazonS3
etag: "8ba0854cfc77fc805dad68834d087ceb"
x-amz-version-id: 1cJ_KgGUMQKF.rOFFJhj7mtqvBAcV9IH
via: 1.1 e542677c3bd2d6c30a5ed3dab78f8476.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: UjqZBaDsoQt2sRhsvrgSZ3xlsJjaW4PRZq6k89pMiMKmcKKypTT9Ww==

GET
H/1.1 200
OK serialize.min.js Show response
d3rxaij56vjege.cloudfront.net/form-serialize/0.3/ 1 KB
2 KB 255ms
98ms Script
application/javascript 13.224.186.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rxaij56vjege.cloudfront.net/form-serialize/0.3/serialize.min.js
Requested by: Host: reelaxis.activehosted.com
URL: https://reelaxis.activehosted.com/f/embed.php?id=381
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.186.88 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-186-88.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bd5127d88d20bfc74fb94869e2026ddfbb9119934c6b441b12ed7762a948a702

Request headers

Referer: https://network.channelbytes.com/nexum/shape/credential-stuffing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 24 Aug 2020 00:38:06 GMT
Via: 1.1 69f13f852a135432abb1b7bfc5a8b421.cloudfront.net (CloudFront)
Last-Modified: Mon, 02 Nov 2015 22:04:54 GMT
Server: AmazonS3
Age: 70101
ETag: "7d3e5f83849d8d66381fd41ac97eb5a1"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Content-Length: 1197
X-Amz-Cf-Id: iOVUGq2579ZxcmyauS1Cmmi0s5tHqTFDMZaq1jsu0HYFf6KbJnAF9w==

GET
H/2+Q/46 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.4.2/ 70 KB
25 KB 57ms
44ms Script
text/javascript 2a00:1450:4001:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://network.channelbytes.com/nexum/shape/credential-stuffing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 09:07:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39519
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24715
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Aug 2021 09:07:47 GMT

GET
H/2+Q/46 200 collect
www.google-analytics.com/r/ 35 B
56 B 15ms
14ms Image
image/gif 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=474291712&t=pageview&_s=1&dl=https%3A%2F%2Fnetwork.channelbytes.com%2Fnexum%2Fshape%2Fcredential-stuffing%2F&dp=%2Fnexum%2Fshape%2Fcredential-stuffing%2Fb&ul=en-us&de=UTF-8&dt=Nexum%20-%20Shape%20Defense&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1843290980&gjid=292024514&cid=677374692.1598299587&tid=UA-124418712-1&_gid=1273860261.1598299587&_r=1&z=1419447350

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://network.channelbytes.com/nexum/shape/credential-stuffing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Aug 2020 20:06:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/2+Q/46 200 collect
www.google-analytics.com/r/ 35 B
79 B 14ms
13ms Image
image/gif 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=474291712&t=pageview&_s=1&dl=https%3A%2F%2Fnetwork.channelbytes.com%2Fnexum%2Fshape%2Fcredential-stuffing%2F&ul=en-us&de=UTF-8&dt=Nexum%20-%20Shape%20Defense&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAUAB~&jid=171181549&gjid=980625218&cid=677374692.1598299587&tid=UA-124418712-56&_gid=1273860261.1598299587&_r=1&gtm=2ou8c0&z=1335484566

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://network.channelbytes.com/nexum/shape/credential-stuffing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Aug 2020 20:06:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 visit Show response
trackcmp.net/ 0
391 B 489ms
214ms Script
text/javascript 52.203.155.177
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trackcmp.net/visit?actid=25613800&e=&r=&u=https%3A%2F%2Fnetwork.channelbytes.com%2Fnexum%2Fshape%2Fcredential-stuffing%2F
Requested by: Host: network.channelbytes.com
URL: https://network.channelbytes.com/nexum/shape/credential-stuffing/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.203.155.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-203-155-177.compute-1.amazonaws.com
Software: Apache/2.4.43 (Amazon) / PHP/7.1.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://network.channelbytes.com/nexum/shape/credential-stuffing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 20:06:27 GMT
server: Apache/2.4.43 (Amazon)
x-powered-by: PHP/7.1.33
p3p: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
status: 200
cache-control: no-cache, private
x-privacy-policy: You can find our privacy policy here: https://www.activecampaign.com/help/privacy-policy/
content-type: text/javascript;charset=UTF-8
content-length: 0

GET
H/1.1 200
OK 5beca577d81959ea810000af.js Show response
tag.marinsm.com/serve/ 11 KB
4 KB 414ms
245ms Script
text/javascript 151.101.192.65
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.marinsm.com/serve/5beca577d81959ea810000af.js

Requested by

Host: network.channelbytes.com
URL: https://network.channelbytes.com/nexum/shape/credential-stuffing/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.192.65 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

eeb5917a143c49dfc0ded22029e640b3bad6f5703bf400c3979333b0571251bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://network.channelbytes.com/nexum/shape/credential-stuffing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 24 Aug 2020 20:06:27 GMT
Via: 1.1 vegur, 1.1 varnish
X-Content-Type-Options: nosniff
Age: 0
X-Cache: MISS
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 3695
X-Served-By: cache-hhn4063-HHN
Server: Cowboy
X-Timer: S1598299587.878867,VS0,VE206
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=1800
Accept-Ranges: bytes
X-Cache-Hits: 0

GET
BLOB 200
OK 82ef974f-07ba-4ff4-9c8c-af352c38525c
https://network.channelbytes.com/ 5 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://network.channelbytes.com/82ef974f-07ba-4ff4-9c8c-af352c38525c
Requested by: Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-5c6e41c.z.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9c29517d31f5827419cfb4f4ff8cd13b478ec5345cfbb24e4f02072c723a87e7

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 5603
Content-Type: text/css

GET
H/2+Q/46 200 css
fonts.googleapis.com/ 14 KB
1 KB 16ms
15ms Stylesheet
text/css 2a00:1450:4001:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,300,regular,500%7COpen+Sans:300,regular

Requested by

Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-5c6e41c.z.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1a10871f6cc0f37eb9af0c779c813ca20908e2307c721d0a2b3fd2104f4498d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://network.channelbytes.com/nexum/shape/credential-stuffing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 24 Aug 2020 20:06:26 GMT
server: ESF
date: Mon, 24 Aug 2020 20:06:26 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 24 Aug 2020 20:06:26 GMT

GET
H/2+Q/46 200 collect
www.google-analytics.com/ 35 B
63 B 6ms
6ms Image
image/gif 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j83&a=474291712&t=timing&_s=2&dl=https%3A%2F%2Fnetwork.channelbytes.com%2Fnexum%2Fshape%2Fcredential-stuffing%2F&ul=en-us&de=UTF-8&dt=Nexum%20-%20Shape%20Defense&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=604&pdt=1&dns=0&rrt=91&srt=33&tcp=0&dit=307&clt=311&_gst=611&_gbt=690&_cst=610&_cbt=615&_u=IEDAAUAB~&jid=&gjid=&cid=677374692.1598299587&tid=UA-124418712-1&_gid=1273860261.1598299587&z=1229576211

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://network.channelbytes.com/nexum/shape/credential-stuffing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Aug 2020 05:18:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 1522085
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 i
events.ub-analytics.com/ 43 B
326 B 416ms
134ms Image
image/gif 34.224.248.58
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.ub-analytics.com/i?stm=1598299586792&e=pv&url=https%3A%2F%2Fnetwork.channelbytes.com%2Fnexum%2Fshape%2Fcredential-stuffing%2F&page=Nexum%20-%20Shape%20Defense&tv=js-2.14.0&tna=sp-ub&aid=landing_page&p=web&tz=Europe%2FBerlin&lang=en-US&cs=UTF-8&res=1600x1200&cd=24&cookie=1&eid=c18c4f68-232d-4da0-8b04-d1087acaaa6c&dtm=1598299586790&vp=1600x1200&ds=1600x2277&vid=1&sid=09cc4bb7-fcc1-4201-89ce-6912aa7d8313&duid=faea9276-f836-4126-b958-f342d474bbcb&uid=162.158.91.2281598738005282819&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiNGRkMzQ5MWQtOWE3Yi00MDM3LTk5NDUtNzU2NDc5NGM2M2Y2IiwidmFyaWFudElkIjoiYiIsImV2ZW50VHlwZSI6InZpc2l0IiwiZXZlbnRNZXRhZGF0YSI6W10sInJvdXRpbmdTdHJhdGVneSI6IndlaWdodGVkIn19XX0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.224.248.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-224-248-58.compute-1.amazonaws.com
Software: akka-http/10.0.9 /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Referer: https://network.channelbytes.com/nexum/shape/credential-stuffing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 20:06:27 GMT
server: akka-http/10.0.9
status: 200
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: *
access-control-allow-credentials: true
content-type: image/gif
content-length: 43

GET
H2 200 902cb46b-demoicon_101y01y000000000000028.png
d9hhrg4mnvzow.cloudfront.net/network.channelbytes.com/nexum/shape/credential-stuffing/ 1 KB
1 KB 160ms
93ms Image
image/png 13.226.156.176
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/network.channelbytes.com/nexum/shape/credential-stuffing/902cb46b-demoicon_101y01y000000000000028.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.156.176 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-156-176.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8a2113db6f7a3d8443f2e19af3ece7fedf1a392689b5e5c01cfb27623208bfd7

Request headers

Referer: https://network.channelbytes.com/nexum/shape/credential-stuffing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 18:50:51 GMT
via: 1.1 821feb380ab4aeca6ae9157aa1190ff2.cloudfront.net (CloudFront)
last-modified: Wed, 19 Aug 2020 00:11:07 GMT
server: AmazonS3
age: 4536
etag: "9fe637e6d2ebb6b8725219e9199140cf"
x-cache: Hit from cloudfront
x-amz-version-id: omf44KObul0c_1pJ._N1pHd5r.igk5Vt
status: 200
cache-control: max-age=31557600
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: image/png
content-length: 1122
x-amz-cf-id: Wra7XNKTUEWxBF4XkL17OPoTnBLuEjER9zwToF5hgpOvbmPPG0NbvQ==

GET
H2 200 68e5086d-transactionssecured_1028028000000000000028.png
d9hhrg4mnvzow.cloudfront.net/network.channelbytes.com/nexum/shape/credential-stuffing/ 1 KB
2 KB 160ms
93ms Image
image/png 13.226.156.176
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/network.channelbytes.com/nexum/shape/credential-stuffing/68e5086d-transactionssecured_1028028000000000000028.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.156.176 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-156-176.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: acec304f2522b5d4b5afdc6fc1ddf4f1d87ce2f63879e1a063108b84403e8cb8

Request headers

Referer: https://network.channelbytes.com/nexum/shape/credential-stuffing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 18:50:51 GMT
via: 1.1 821feb380ab4aeca6ae9157aa1190ff2.cloudfront.net (CloudFront)
last-modified: Wed, 19 Aug 2020 00:11:07 GMT
server: AmazonS3
age: 4536
etag: "5c6ace7a94690d7d8b5e6ce32e830a32"
x-cache: Hit from cloudfront
x-amz-version-id: UvZDAe0WuLhLhrxssqtbsf4_43i7HaUU
status: 200
cache-control: max-age=31557600
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: image/png
content-length: 1147
x-amz-cf-id: YlHHsXAGknzzH0PRLztVHmvXjX553Mt2bLiXYVdthHyDda3np1O5jQ==

GET
H2 200 f5921de2-accountsprotected_1028028000000000000028.png
d9hhrg4mnvzow.cloudfront.net/network.channelbytes.com/nexum/shape/credential-stuffing/ 1 KB
1 KB 160ms
93ms Image
image/png 13.226.156.176
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/network.channelbytes.com/nexum/shape/credential-stuffing/f5921de2-accountsprotected_1028028000000000000028.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.156.176 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-156-176.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4400b1df81fbd90238d2a702e2637f2882b2a27b00521e8a677c4e568561b20f

Request headers

Referer: https://network.channelbytes.com/nexum/shape/credential-stuffing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 18:50:51 GMT
via: 1.1 821feb380ab4aeca6ae9157aa1190ff2.cloudfront.net (CloudFront)
last-modified: Wed, 19 Aug 2020 00:11:07 GMT
server: AmazonS3
age: 4536
etag: "4cfd1ddf7f717d018eda50e6e5b89181"
x-cache: Hit from cloudfront
x-amz-version-id: 5rNzwaWhLrp_P.wkI3kBXBIXZ.qkuq3h
status: 200
cache-control: max-age=31557600
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: image/png
content-length: 1140
x-amz-cf-id: GiW-521RH23JD-ICufIuRR-DmkR_VTRuvfx0SCdKd5YkSRgN7zx0FQ==

GET
H2 200 2a7317e1-fraudprevented_1028028000000000000028.png
d9hhrg4mnvzow.cloudfront.net/network.channelbytes.com/nexum/shape/credential-stuffing/ 1 KB
2 KB 160ms
94ms Image
image/png 13.226.156.176
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/network.channelbytes.com/nexum/shape/credential-stuffing/2a7317e1-fraudprevented_1028028000000000000028.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.156.176 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-156-176.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b4edbe8f1fa57e30588ae75939d0fc35828636c33820f218a43e9f52acde8ea3

Request headers

Referer: https://network.channelbytes.com/nexum/shape/credential-stuffing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 18:50:51 GMT
via: 1.1 821feb380ab4aeca6ae9157aa1190ff2.cloudfront.net (CloudFront)
last-modified: Wed, 19 Aug 2020 00:11:07 GMT
server: AmazonS3
age: 4536
etag: "7277683b718c0c7a00f5d575c243b98e"
x-cache: Hit from cloudfront
x-amz-version-id: 4t02HRo.HKSfFdoxpQN4GofMw.AME7Lh
status: 200
cache-control: max-age=31557600
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: image/png
content-length: 1474
x-amz-cf-id: BNvXcF8HVSZeEjg7tWLcnwwWMZlnVhXqn_rN4HMkxIacOxxDFNLy6w==

GET
H2 200 dc8cc6e0-shapesecuritylogo_108r02a000000000000028.png
d9hhrg4mnvzow.cloudfront.net/network.channelbytes.com/nexum/shape/credential-stuffing/ 2 KB
2 KB 160ms
94ms Image
image/png 13.226.156.176
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/network.channelbytes.com/nexum/shape/credential-stuffing/dc8cc6e0-shapesecuritylogo_108r02a000000000000028.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.156.176 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-156-176.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 15c79a8bc14839ea46d14be7b27081c8b5e6e8d9d5b9b4fc6fc4c22448d18864

Request headers

Referer: https://network.channelbytes.com/nexum/shape/credential-stuffing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 18:50:51 GMT
via: 1.1 821feb380ab4aeca6ae9157aa1190ff2.cloudfront.net (CloudFront)
last-modified: Wed, 19 Aug 2020 00:11:07 GMT
server: AmazonS3
age: 4535
etag: "4d2608acec7f10cf84f81a7b7c87f1da"
x-cache: Hit from cloudfront
x-amz-version-id: p..1de9c49yQS1IUZu6l3CgIO8jZCxRY
status: 200
cache-control: max-age=31557600
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: image/png
content-length: 1975
x-amz-cf-id: GgBVfSmfvX6lKFsAW2ybPaWqcDJLOsoAodPF5aFLJ4_xn3nklGt5pA==

GET
H2 200 42c5b922-nexum-hires-no-text-white_103d03b000000000000028.png
d9hhrg4mnvzow.cloudfront.net/network.channelbytes.com/nexum/shape/credential-stuffing/ 3 KB
3 KB 160ms
94ms Image
image/png 13.226.156.176
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/network.channelbytes.com/nexum/shape/credential-stuffing/42c5b922-nexum-hires-no-text-white_103d03b000000000000028.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.156.176 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-156-176.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0519449c609865e25570c1f803eb127aa6ca7c9f5783c3331dbd9fd155eb74b7

Request headers

Referer: https://network.channelbytes.com/nexum/shape/credential-stuffing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 18:50:51 GMT
via: 1.1 821feb380ab4aeca6ae9157aa1190ff2.cloudfront.net (CloudFront)
last-modified: Wed, 19 Aug 2020 00:11:07 GMT
server: AmazonS3
age: 4535
etag: "401390b343adcd5d91430a7e324c7f1c"
x-cache: Hit from cloudfront
x-amz-version-id: U77FvSGT0P3s7uyhodrgHLuOVkYl9jBs
status: 200
cache-control: max-age=31557600
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: image/png
content-length: 2591
x-amz-cf-id: r3enfZv4Lfjy9vaNetHzcLjB-WVeEVq2BxTo82ZVoz5nBH4o9khz1Q==

GET
H2 200 e75b601b-chase-logo_104v00x000000000000028.png
d9hhrg4mnvzow.cloudfront.net/network.channelbytes.com/nexum/shape/credential-stuffing/ 1 KB
2 KB 163ms
96ms Image
image/png 13.226.156.176
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/network.channelbytes.com/nexum/shape/credential-stuffing/e75b601b-chase-logo_104v00x000000000000028.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.156.176 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-156-176.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d0f5b31705825ed1354c26181a1ea2865d50fe56c03114e99606c3f76744dd5a

Request headers

Referer: https://network.channelbytes.com/nexum/shape/credential-stuffing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 18:50:51 GMT
via: 1.1 821feb380ab4aeca6ae9157aa1190ff2.cloudfront.net (CloudFront)
last-modified: Wed, 19 Aug 2020 00:11:07 GMT
server: AmazonS3
age: 4535
etag: "a61d3e80b6a8115cb393024c3c2ff146"
x-cache: Hit from cloudfront
x-amz-version-id: bR7H8XhEfvcAP7jGBMiKIvrVYzietwFr
status: 200
cache-control: max-age=31557600
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: image/png
content-length: 1167
x-amz-cf-id: -I08Ew8ifDBfbV1J9RADda2-0sN6VQaPBXBjXEZ7porGnqYjrdmKYQ==

GET
H2 200 f4975ab6-jetblue_104601f000000000000028.png
d9hhrg4mnvzow.cloudfront.net/network.channelbytes.com/nexum/shape/credential-stuffing/ 1 KB
2 KB 160ms
94ms Image
image/png 13.226.156.176
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/network.channelbytes.com/nexum/shape/credential-stuffing/f4975ab6-jetblue_104601f000000000000028.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.156.176 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-156-176.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8d49f2012ce9c7e4c72900654abce705b7a9cd8b44099e11d8703aa004db7513

Request headers

Referer: https://network.channelbytes.com/nexum/shape/credential-stuffing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 18:50:51 GMT
via: 1.1 821feb380ab4aeca6ae9157aa1190ff2.cloudfront.net (CloudFront)
last-modified: Wed, 19 Aug 2020 00:11:07 GMT
server: AmazonS3
age: 4535
etag: "033e753f02a8ce85bf62702a9a7629f9"
x-cache: Hit from cloudfront
x-amz-version-id: mQkU1Px7gc7gDMgMG3xqqe0UvPP8KXfc
status: 200
cache-control: max-age=31557600
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: image/png
content-length: 1510
x-amz-cf-id: WVKj_iBK-gtEym1Zp38Tx9gAcZQYu8kvsc9NkeTJFWgc2PtJqOeydg==

GET
H2 200 7dd92ade-starbucks-logo_103h03j000000000000028.png
d9hhrg4mnvzow.cloudfront.net/network.channelbytes.com/nexum/shape/credential-stuffing/ 4 KB
5 KB 160ms
94ms Image
image/png 13.226.156.176
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/network.channelbytes.com/nexum/shape/credential-stuffing/7dd92ade-starbucks-logo_103h03j000000000000028.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.156.176 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-156-176.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 501b27e901711429d1fd7e54134933ef228d6ce9dc25b023a5ff9d1f77848706

Request headers

Referer: https://network.channelbytes.com/nexum/shape/credential-stuffing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 18:50:51 GMT
via: 1.1 821feb380ab4aeca6ae9157aa1190ff2.cloudfront.net (CloudFront)
last-modified: Wed, 19 Aug 2020 00:11:07 GMT
server: AmazonS3
age: 4535
etag: "b93c139db08016593b4ada2ae154aa23"
x-cache: Hit from cloudfront
x-amz-version-id: ZLOdkJ12e8icBJN3emoCU1IQLQox7mZr
status: 200
cache-control: max-age=31557600
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: image/png
content-length: 4343
x-amz-cf-id: KfVtpLEp8xLqlSQKZZLLNHneuM38G38A7jvsZ1TeTeXTX_S7ETPCtQ==

GET
H2 200 b341d118-swa_104v00q000000000000028.png
d9hhrg4mnvzow.cloudfront.net/network.channelbytes.com/nexum/shape/credential-stuffing/ 1 KB
2 KB 161ms
95ms Image
image/png 13.226.156.176
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/network.channelbytes.com/nexum/shape/credential-stuffing/b341d118-swa_104v00q000000000000028.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.156.176 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-156-176.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0e7017c7d7491ba4a55d5721fa25c9ef77d14acdd8686b2f18a4ccee03cccd92

Request headers

Referer: https://network.channelbytes.com/nexum/shape/credential-stuffing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 18:50:52 GMT
via: 1.1 821feb380ab4aeca6ae9157aa1190ff2.cloudfront.net (CloudFront)
last-modified: Wed, 19 Aug 2020 00:11:07 GMT
server: AmazonS3
age: 4535
etag: "92ba8e288fb41d1b58adf043949ced69"
x-cache: Hit from cloudfront
x-amz-version-id: xMe6avUra369N8tDcWD_3kJ2yzIrBP94
status: 200
cache-control: max-age=31557600
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: image/png
content-length: 1447
x-amz-cf-id: bXIoTabfZNmxjVBpd1hTFTf00UuoZG8p-FkOt7sFhNRjoJ_si0ZsjQ==

GET
H2 200 cbe9d538-target_103m03o000000000000028.png
d9hhrg4mnvzow.cloudfront.net/network.channelbytes.com/nexum/shape/credential-stuffing/ 2 KB
2 KB 161ms
96ms Image
image/png 13.226.156.176
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/network.channelbytes.com/nexum/shape/credential-stuffing/cbe9d538-target_103m03o000000000000028.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.156.176 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-156-176.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 574d25730b3e016a6d78e7456a10076560b7c750df937516ad832de2579677b9

Request headers

Referer: https://network.channelbytes.com/nexum/shape/credential-stuffing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 18:50:52 GMT
via: 1.1 821feb380ab4aeca6ae9157aa1190ff2.cloudfront.net (CloudFront)
last-modified: Wed, 19 Aug 2020 00:11:07 GMT
server: AmazonS3
age: 4535
etag: "997c90513207c3a9d877876cbbe9997e"
x-cache: Hit from cloudfront
x-amz-version-id: Js5CSbF.Z0Gh3DIXHqIbYRTSOmVxCjlS
status: 200
cache-control: max-age=31557600
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: image/png
content-length: 1825
x-amz-cf-id: N6JK1OScK3HpQfn7-s6tdP9_ORqHvIjwYaVJLMqCDmceEAQpoDHx8g==

GET
H2 200 dc8cc6e0-shapesecuritylogo_103e00w000000000000028.png
d9hhrg4mnvzow.cloudfront.net/network.channelbytes.com/nexum/shape/credential-stuffing/ 919 B
1 KB 160ms
95ms Image
image/png 13.226.156.176
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/network.channelbytes.com/nexum/shape/credential-stuffing/dc8cc6e0-shapesecuritylogo_103e00w000000000000028.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.156.176 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-156-176.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c592706e3f8cde1ff136734ea3e9952545dcd0ab8a64a318c73ddf8a0c1c76b1

Request headers

Referer: https://network.channelbytes.com/nexum/shape/credential-stuffing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 18:50:52 GMT
via: 1.1 821feb380ab4aeca6ae9157aa1190ff2.cloudfront.net (CloudFront)
last-modified: Wed, 19 Aug 2020 00:11:07 GMT
server: AmazonS3
age: 4535
etag: "84176fb5e9ba0fdeddddd63abb779dac"
x-cache: Hit from cloudfront
x-amz-version-id: 3mCotwdzN97HbzdqpBDITvLwoSJUQmQO
status: 200
cache-control: max-age=31557600
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: image/png
content-length: 919
x-amz-cf-id: ZwnMzBiZGbEntMYQMEvhPqykmoIDI1sQYSKh5XaBFNEp5Fw_rA1PAQ==

GET
H2 200 42c5b922-nexum-hires-no-text-white_101i01i000000000000028.png
d9hhrg4mnvzow.cloudfront.net/network.channelbytes.com/nexum/shape/credential-stuffing/ 1016 B
1 KB 161ms
95ms Image
image/png 13.226.156.176
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/network.channelbytes.com/nexum/shape/credential-stuffing/42c5b922-nexum-hires-no-text-white_101i01i000000000000028.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.156.176 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-156-176.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d77b709d9a0fd0ae0e86511ca44d25c48dfeefc1ccacb95f448a18e64ddf7a67

Request headers

Referer: https://network.channelbytes.com/nexum/shape/credential-stuffing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 18:50:52 GMT
via: 1.1 821feb380ab4aeca6ae9157aa1190ff2.cloudfront.net (CloudFront)
last-modified: Wed, 19 Aug 2020 00:11:07 GMT
server: AmazonS3
age: 4535
etag: "7922fa42a80be57f29b6ff5f4d36e738"
x-cache: Hit from cloudfront
x-amz-version-id: I0jAdHQfgERwg_f9wCPC4s.GBmoGluc7
status: 200
cache-control: max-age=31557600
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: image/png
content-length: 1016
x-amz-cf-id: WM49BL7Kk1Doe62aqhvfzoKBLsp6XfMncHEWbq2jkYcuIxBU5finng==

GET
H/2+Q/46 200 KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:81a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,300,regular,500%7COpen+Sans:300,regular

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://network.channelbytes.com
Referer: https://fonts.googleapis.com/css?family=Roboto:700,300,regular,500%7COpen+Sans:300,regular
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 09:06:11 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:52 GMT
server: sffe
age: 39615
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11180
x-xss-protection: 0
expires: Tue, 24 Aug 2021 09:06:11 GMT

GET
H/2+Q/46 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,300,regular,500%7COpen+Sans:300,regular

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://network.channelbytes.com
Referer: https://fonts.googleapis.com/css?family=Roboto:700,300,regular,500%7COpen+Sans:300,regular
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 09:03:56 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 39750
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
expires: Tue, 24 Aug 2021 09:03:56 GMT

GET
H/2+Q/46 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:81a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,300,regular,500%7COpen+Sans:300,regular

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://network.channelbytes.com
Referer: https://fonts.googleapis.com/css?family=Roboto:700,300,regular,500%7COpen+Sans:300,regular
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 09:03:54 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 39752
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Tue, 24 Aug 2021 09:03:54 GMT

GET
H/2+Q/46 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 8ms
5ms Font
font/woff2 2a00:1450:4001:81a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,300,regular,500%7COpen+Sans:300,regular

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://network.channelbytes.com
Referer: https://fonts.googleapis.com/css?family=Roboto:700,300,regular,500%7COpen+Sans:300,regular
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 09:03:54 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 39752
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11056
x-xss-protection: 0
expires: Tue, 24 Aug 2021 09:03:54 GMT

GET
H/2+Q/46 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TTSVRK6

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://network.channelbytes.com/nexum/shape/credential-stuffing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Jun 2020 23:38:14 GMT
server: Golfe2
age: 5565
date: Mon, 24 Aug 2020 18:33:41 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18469
expires: Mon, 24 Aug 2020 20:33:41 GMT

GET
H2 200 hotjar-1414103.js Show response
static.hotjar.com/c/ 4 KB
2 KB 188ms
77ms Script
application/javascript 147.75.102.203
PACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1414103.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TTSVRK6

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.75.102.203 Central, Hong Kong, ASN54825 (PACKET, US),

Reverse DNS

pkt-ams-k2-shared-ingress15

Software

Resource Hash

caab9d38538b3ca4fbb40b155684fab97d4ede9adadea1fe057b4caa6261a4c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://network.channelbytes.com/nexum/shape/credential-stuffing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 20:06:27 GMT
content-encoding: br
x-content-type-options: nosniff
section-io-tag: hotjarjs
age: 0
status: 200
section-io-cache: Miss
vary: Accept-Encoding
cache-control: max-age=60
etag: W/fd690b6128e93229a2d3ac75ede28738
access-control-max-age: 600
section-io-origin-status: 200
access-control-allow-origin: *
x-cache-hit: 1
section-io-origin-time-seconds: 0.021
section-io-id: 5b2ae3bf7061944d67c436d67c258f8c
accept-ranges: bytes
content-type: application/javascript
section-origin-responded: true

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
8 KB 27ms
9ms Script
application/x-javascript 2620:116:800d:21:36a9:ecb:e518:b308
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.quantserve.com/quant.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TTSVRK6

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

8130c2c72afad9d94581ef93aaa00524093103c47c71fce52f606d5ff693c3ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://network.channelbytes.com/nexum/shape/credential-stuffing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 20:06:26 GMT
content-encoding: gzip
last-modified: Mon, 24-Aug-2020 20:06:26 GMT
etag: M0-2a172724
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: private, no-transform, max-age=604800
strict-transport-security: max-age=86400
content-length: 8060
expires: Mon, 31 Aug 2020 20:06:26 GMT

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 17 KB
6 KB 166ms
55ms Script
application/javascript 199.232.53.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TTSVRK6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.53.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: e88e0ed354170d8b73435fadf714ab8fff7c00b985295495d146b5eb92dc3e50

Request headers

Referer: https://network.channelbytes.com/nexum/shape/credential-stuffing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 20:06:27 GMT
content-encoding: gzip
last-modified: Tue, 30 Jun 2020 17:04:46 GMT
server: snooserv
etag: "85ee817cda81317b49d1d3056f6bdf95"
vary: Accept-Encoding,Origin
content-type: application/javascript
status: 200
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 5809
via: 1.1 varnish, 1.1 varnish

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 3 KB
2 KB 35ms
9ms Script
application/x-javascript 2a02:26f0:10c:39e::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TTSVRK6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:39e::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: 41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0

Request headers

Referer: https://network.channelbytes.com/nexum/shape/credential-stuffing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 24 Aug 2020 20:06:26 GMT
Content-Encoding: gzip
Last-Modified: Mon, 07 Oct 2019 16:41:31 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=13104
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1576

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 134 KB
34 KB 20ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: network.channelbytes.com
URL: https://network.channelbytes.com/nexum/shape/credential-stuffing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

893df2b9ceb653f94333139d561d363bf4c365e651a0a3ade839d96200942e37

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://network.channelbytes.com/nexum/shape/credential-stuffing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 34269
x-xss-protection: 0
pragma: public
x-fb-debug: zfYx7zEOzKsAFRRV4aLrNOLPUSq9+pZGajLVSQUrhkSfyOhjK3My2jPWbt+XpXt5qLc7N3QCx2i1jOqzgHYgGw==
x-fb-trip-id: 1460883810
x-frame-options: DENY
date: Mon, 24 Aug 2020 20:06:26 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 26 KB
8 KB 83ms
60ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: network.channelbytes.com
URL: https://network.channelbytes.com/nexum/shape/credential-stuffing/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5c622f5433cbb6ea1df5c0dd8671e55ef7d1464366074730473c453de50a579b

Request headers

Referer: https://network.channelbytes.com/nexum/shape/credential-stuffing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 20:06:26 GMT
content-encoding: gzip
last-modified: Thu, 16 Jul 2020 20:00:00 GMT
x-msedge-ref: Ref A: F753377375E5406292A73C88FD184ADE Ref B: FRAEDGE1309 Ref C: 2020-08-24T20:06:26Z
status: 200
etag: "0e0bdafab5bd61:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 8022

GET
H2

200

diffuser.js Show response
diffuser-cdn.app-us1.com/diffuser/
Redirect Chain

https://prism.app-us1.com/prism.js
https://diffuser-cdn.app-us1.com/diffuser/diffuser.js

23 KB
5 KB

15ms
13ms

Script
application/javascript

2606:4700::6811:915b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:915b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d68f66298bf1764d0ee8ee213f7e7abdb40d52a730d6be26172a5dcc574595da

Request headers

Referer: https://network.channelbytes.com/nexum/shape/credential-stuffing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 20:06:27 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 272
x-cache: Hit from cloudfront
status: 200
cf-request-id: 04c3ad59ff0000d6d1deb80200000001
last-modified: Wed, 22 Jul 2020 22:06:11 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 560d8d35213ac925f8d05c5730db1582.cloudfront.net (CloudFront)
cache-control: public, max-age=300
x-amz-cf-pop: FRA6-C1
cf-ray: 5c7fb1a33bf3d6d1-FRA
x-amz-cf-id: T4EuGbh11p6wchsMP70_bIHO1P5vtnVOF7KQz3nRAU3y8lK9QUGf1Q==

Redirect headers

date: Mon, 24 Aug 2020 20:06:27 GMT
cf-cache-status: HIT
server: cloudflare
age: 1765
status: 301
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
location: https://diffuser-cdn.app-us1.com:443/diffuser/diffuser.js
cache-control: public, max-age=14400
cf-ray: 5c7fb1a2bac9d6d1-FRA
cf-request-id: 04c3ad59b50000d6d1deb7a200000001
expires: Tue, 25 Aug 2020 00:06:27 GMT

GET
H2 200 embed.min.js Show response
app.termly.io/ 167 KB
41 KB 97ms
23ms Script
application/javascript 2606:4700::6813:ff58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.termly.io/embed.min.js
Requested by: Host: network.channelbytes.com
URL: https://network.channelbytes.com/nexum/shape/credential-stuffing/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:ff58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a8fef92c80485e1bc29ffccadb554b7384383e643be18045b37a881bccb9925

Request headers

Referer: https://network.channelbytes.com/nexum/shape/credential-stuffing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 20:06:27 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 20 Aug 2020 06:36:41 GMT
server: cloudflare
age: 290
etag: W/"5f3e19f9-29c9d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=7200, s-maxage=600
cf-ray: 5c7fb1a33b91979c-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 04c3ad59fe0000979c200af200000001

GET
H/2+Q/46 200 collect
www.google-analytics.com/r/ 35 B
56 B 16ms
15ms Image
image/gif 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=474291712&t=pageview&_s=1&dl=https%3A%2F%2Fnetwork.channelbytes.com%2Fnexum%2Fshape%2Fcredential-stuffing%2F&ul=en-us&de=UTF-8&dt=Nexum%20-%20Shape%20Defense&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUAB~&jid=1948203561&gjid=1281161366&cid=677374692.1598299587&tid=UA-124418712-1&_gid=1273860261.1598299587&_r=1&gtm=2wg8c0TTSVRK6&z=429839498

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://network.channelbytes.com/nexum/shape/credential-stuffing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Aug 2020 20:06:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/2+Q/46 200 collect
www.google-analytics.com/r/ 35 B
56 B 17ms
16ms Image
image/gif 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=474291712&t=event&ni=1&_s=1&dl=https%3A%2F%2Fnetwork.channelbytes.com%2Fnexum%2Fshape%2Fcredential-stuffing%2F&ul=en-us&de=UTF-8&dt=Nexum%20-%20Shape%20Defense&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=form&ea=submit&el=notSet&_u=aEDAAUAB~&jid=693388834&gjid=110592199&cid=677374692.1598299587&tid=notSet&_gid=1273860261.1598299587&_r=1&gtm=2wg8c0TTSVRK6&z=869486998

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://network.channelbytes.com/nexum/shape/credential-stuffing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Aug 2020 20:06:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/2+Q/46 200 mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:81a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,300,regular,500%7COpen+Sans:300,regular

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://network.channelbytes.com
Referer: https://fonts.googleapis.com/css?family=Roboto:700,300,regular,500%7COpen+Sans:300,regular
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 09:03:52 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:37 GMT
server: sffe
age: 39754
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9016
x-xss-protection: 0
expires: Tue, 24 Aug 2021 09:03:52 GMT

GET
H/2+Q/46 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:81a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,300,regular,500%7COpen+Sans:300,regular

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://network.channelbytes.com
Referer: https://fonts.googleapis.com/css?family=Roboto:700,300,regular,500%7COpen+Sans:300,regular
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 09:03:54 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:49 GMT
server: sffe
age: 39752
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Tue, 24 Aug 2021 09:03:54 GMT

GET
H/1.1 200
OK pixel
tr.outbrain.com/ 43 B
275 B 476ms
121ms Image
image/gif 64.202.112.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/pixel?marketerId=008207a09d91ff7203e56b680cfdcf4567&obApiVersion=1.1&obtpVersion=1.3.0&name=PAGE_VIEW&dl=https%3A%2F%2Fnetwork.channelbytes.com%2Fnexum%2Fshape%2Fcredential-stuffing%2F&optOut=false&bust=07295705009104074
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

Referer: https://network.channelbytes.com/nexum/shape/credential-stuffing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 24 Aug 2020 20:06:27 GMT
Cache-Control: no-cache
Connection: close
X-TraceId: 56fa5a6cad8ff0ebd1f7d24f06751d08
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

GET
H/1.1 200
OK pixel
amplifypixel.outbrain.com/ 43 B
256 B 525ms
118ms Image
image/gif 64.202.112.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amplifypixel.outbrain.com/pixel?mid=008207a09d91ff7203e56b680cfdcf4567&dl=https%3A%2F%2Fnetwork.channelbytes.com%2Fnexum%2Fshape%2Fcredential-stuffing%2F&bust=06803583296714468
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

Referer: https://network.channelbytes.com/nexum/shape/credential-stuffing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 24 Aug 2020 20:06:27 GMT
Cache-Control: no-cache
X-TraceId: 177e08ce5fb723d359883058b6a587be
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

GET
H2 200 rules-p-cnRmjj7FZbj7E.js Show response
rules.quantcount.com/ 3 B
358 B 401ms
375ms Script
application/x-javascript 2600:9000:2182:4800:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-cnRmjj7FZbj7E.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2182:4800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://network.channelbytes.com/nexum/shape/credential-stuffing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 20:02:40 GMT
via: 1.1 9e627a2e7bf673974b02e3bf374bb843.cloudfront.net (CloudFront)
last-modified: Fri, 03 Mar 2017 23:52:35 GMT
server: AmazonS3
age: 228
etag: "8a80554c91d9fca8acb82f023de02f11"
x-cache: Error from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=300
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 3
x-amz-cf-id: lQ6BjiYR_KmIdHGGYs_y5evzy-N4OL4PMqVCZH7ZGEJ0bbfOMkdZdQ==

GET
H2 200 2084908925115702 Show response
connect.facebook.net/signals/config/ 524 KB
133 KB 69ms
69ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2084908925115702?v=2.9.23&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

44ff46c221af1fd9e789118c61ab2cc36c4201ae3deabfb52a0a7c211a1596fd

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://network.channelbytes.com/nexum/shape/credential-stuffing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: bd9AYMo2a6MHjxX40C72eJETrwd6W3v8FgquPVKxs7oVd7USjam4aLzHW9X15T6VEirpifko4Tmy6nOCom4Z5A==
x-fb-trip-id: 1460883810
x-frame-options: DENY
date: Mon, 24 Aug 2020 20:06:27 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1296329&url=https%3A%2F%2Fnetwork.channelbytes.com%2Fnexum%2Fshape%2Fcredential-stuffing%2F&time=1598299587075
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1296329%26url%3Dhttps%253A%252F%252Fnetwork.channelbytes.com%252Fnexum%252Fshape%...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1296329&url=https%3A%2F%2Fnetwork.channelbytes.com%2Fnexum%2Fshape%2Fcredential-stuffing%2F&time=1598299587075&liSync=true

0
57 B

107ms
106ms

Image
application/javascript

2a05:f500:10:101::b93f:9105
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1296329&url=https%3A%2F%2Fnetwork.channelbytes.com%2Fnexum%2Fshape%2Fcredential-stuffing%2F&time=1598299587075&liSync=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:f500:10:101::b93f:9105 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://network.channelbytes.com/nexum/shape/credential-stuffing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 20:06:27 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lva1
status: 200
x-li-proto: http/2
x-li-pop: prod-efr5
content-type: application/javascript
content-length: 0
x-li-uuid: gK3orQFNLhYgJdmCpCsAAA==

Redirect headers

content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/insight.min.js platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=l
x-content-type-options: nosniff
linkedin-action: 1
status: 302
content-length: 0
x-li-uuid: jXhmqAFNLhZgiMLr/SoAAA==
pragma: no-cache
x-li-pop: afd-prod-lva1
x-msedge-ref: Ref A: 929E3191A5F045F5800D84AB865FE30C Ref B: FRAEDGE1220 Ref C: 2020-08-24T20:06:27Z
x-frame-options: sameorigin
date: Mon, 24 Aug 2020 20:06:26 GMT
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security: max-age=2592000
x-li-fabric: prod-lva1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1296329&url=https%3A%2F%2Fnetwork.channelbytes.com%2Fnexum%2Fshape%2Fcredential-stuffing%2F&time=1598299587075&liSync=true
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
148 B 29ms
28ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=25031370&Ver=2&mid=766f933a-1e0f-1137-1755-996018331a55&sid=4c5e0e35560763ff1f3fe1a5c185cd53&vid=7bcd71b34541ff9641372f73405662e5&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Nexum%20-%20Shape%20Defense&p=https%3A%2F%2Fnetwork.channelbytes.com%2Fnexum%2Fshape%2Fcredential-stuffing%2F&r=&lt=604&evt=pageLoad&msclkid=N&sv=1&rn=28624
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://network.channelbytes.com/nexum/shape/credential-stuffing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Mon, 24 Aug 2020 20:06:26 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 26F774F2EEB74B54A8772B2BCBA5A9C5 Ref B: FRAEDGE1309 Ref C: 2020-08-24T20:06:27Z
access-control-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
prism.app-us1.com/ 246 B
393 B 202ms
202ms Script
application/javascript 2606:4700::6811:915b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prism.app-us1.com/?a=25613800&u=https%3A%2F%2Fnetwork.channelbytes.com%2Fnexum%2Fshape%2Fcredential-stuffing%2F
Requested by: Host: prism.app-us1.com
URL: https://prism.app-us1.com/prism.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:915b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.25
Resource Hash: b0cc6e3b784d506ac31cfcece8be10625ae4fa497c402cb2ff17c743a2b766ed

Request headers

Referer: https://network.channelbytes.com/nexum/shape/credential-stuffing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 20:06:27 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/7.2.25
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript
status: 200
cache-control: no-cache, private
cf-ray: 5c7fb1a34c36d6d1-FRA
cf-request-id: 04c3ad5a110000d6d1deb83200000001

GET
H/1.1

200
OK

tagjs Show response
pixel-geo.prfct.co/
Redirect Chain

https://pixel-geo.prfct.co/tagjs?a_id=87427&source=js_tag
https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=87427&source=js_tag

125 B
454 B

68ms
68ms

Script
text/javascript

52.51.60.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=87427&source=js_tag
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.60.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-60-151.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e43f7336acbcb42e06e2717a19fd8a50ab5b7e7e9ace791c817b8dd97f8e8a67

Request headers

Referer: https://network.channelbytes.com/nexum/shape/credential-stuffing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, private
Connection: keep-alive
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length: 125
Content-Type: text/javascript

Redirect headers

Location: https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=87427&source=js_tag
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
212 B 278ms
151ms Image
image/gif 199.232.53.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1598299587144&id=t2_39sb7cgs&event=PageVisit&uuid=d8a6bcb7-27a2-4666-baf9-1a83110b48ab&s=Zjl7hp1pIeBqsJb5CZiAnjux1BwPZvWlFz2qHLdEjmY%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.53.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://network.channelbytes.com/nexum/shape/credential-stuffing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 20:06:27 GMT
via: 1.1 varnish
server: Varnish
content-type: image/gif
status: 200
accept-ranges: bytes
content-length: 42
retry-after: 0

GET
H2 200 modules.0bbdc1f554b52cb852ad.js Show response
script.hotjar.com/ 357 KB
70 KB 181ms
61ms Script
application/javascript 147.75.102.203
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.hotjar.com/modules.0bbdc1f554b52cb852ad.js
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1414103.js?sv=7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.102.203 Central, Hong Kong, ASN54825 (PACKET, US),
Reverse DNS: pkt-ams-k2-shared-ingress15
Software: /
Resource Hash: c8a78225734a6353e1d817d85f4650995f9a9a450ede979cf6463ceffe554280

Request headers

Referer: https://network.channelbytes.com/nexum/shape/credential-stuffing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 20:06:27 GMT
content-encoding: br
age: 47643
status: 200
section-io-cache: Hit
content-length: 71205
last-modified: Fri, 21 Aug 2020 14:04:29 GMT
etag: "0fa181bbb317a8f3e8469cd6a80d0c30"
vary: Accept-Encoding
section-io-origin-status: 200
access-control-allow-origin: *
cache-control: max-age=31536000
section-io-origin-time-seconds: 0.100
section-io-id: 157085475595eae05da0fea0e07b6a02
accept-ranges: bytes
content-type: application/javascript
section-origin-responded: true

GET
H2 200 1995275560728075 Show response
connect.facebook.net/signals/config/ 524 KB
133 KB 72ms
72ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1995275560728075?v=2.9.23&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ac2647495bd73a77a7547dc13dba6e485331b4f15c848a1e946ae7d2314b2b6c

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://network.channelbytes.com/nexum/shape/credential-stuffing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: CTIQ5q6WPLBwRAPQ84WPVDd0FcmebjgcnNqxJfCa8PjOhFFs5L9WKwUVzltrtOnzMXCa+4blSBEAgR6ZFaRr1Q==
x-fb-trip-id: 1460883810
x-frame-options: DENY
date: Mon, 24 Aug 2020 20:06:27 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
377 B 17ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2084908925115702&ev=PageView&dl=https%3A%2F%2Fnetwork.channelbytes.com%2Fnexum%2Fshape%2Fcredential-stuffing%2F&rl=&if=false&ts=1598299587204&sw=1600&sh=1200&v=2.9.23&r=stable&ec=0&o=30&fbp=fb.1.1598299587203.1066070863&it=1598299587068&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://network.channelbytes.com/nexum/shape/credential-stuffing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 20:06:27 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 24 Aug 2020 20:06:27 GMT

GET
H2 200 box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame 5F38 0
0 167ms
57ms Document
text/html 147.75.102.203
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1414103.js?sv=7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.102.203 Central, Hong Kong, ASN54825 (PACKET, US),
Reverse DNS: pkt-ams-k2-shared-ingress15
Software: /
Resource Hash

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://network.channelbytes.com/nexum/shape/credential-stuffing/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://network.channelbytes.com/nexum/shape/credential-stuffing/

Response headers

status: 200
date: Mon, 24 Aug 2020 20:06:27 GMT
content-type: text/html
content-length: 851
last-modified: Tue, 18 Aug 2020 07:00:06 GMT
etag: "d594f1d4c3e5dbd6b556c60d34e0daea"
cache-control: max-age=31536000
content-encoding: br
section-io-origin-status: 200
section-io-origin-time-seconds: 0.086
section-origin-responded: true
age: 565424
vary: Accept-Encoding
section-io-cache: Hit
accept-ranges: bytes
section-io-id: 294cb5df2bbc8e0b24fbc2530fb5db23

OPTIONS
H2 200 4108baff-da8a-463b-b8ba-f577dc773e7b
app.termly.io/api/v1/snippets/websites/ Frame 0
0 215ms
188ms Other 2606:4700::6813:ff58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.termly.io/api/v1/snippets/websites/4108baff-da8a-463b-b8ba-f577dc773e7b

Protocol

Server

2606:4700::6813:ff58 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://network.channelbytes.com
Sec-Fetch-Mode: cors

Response headers

status: 200 200 OK
date: Mon, 24 Aug 2020 20:06:27 GMT
content-length: 0
access-control-allow-origin: *
access-control-max-age: 600
access-control-allow-headers: content-type
access-control-allow-methods: GET
x-frame-options: SAMEORIGIN
accept-ranges: bytes
cf-cache-status: DYNAMIC
cf-request-id: 04c3ad5aaa0000175edb182200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5c7fb1a4495b175e-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 410 4108baff-da8a-463b-b8ba-f577dc773e7b Show response
app.termly.io/api/v1/snippets/websites/ 36 B
366 B 164ms
163ms XHR
application/json 2606:4700::6813:ff58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.termly.io/api/v1/snippets/websites/4108baff-da8a-463b-b8ba-f577dc773e7b
Requested by: Host: app.termly.io
URL: https://app.termly.io/embed.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:ff58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e5927fae7ff42edbc7c94e4e24ed5d7028f618c86c2f98f1a420dd6056cab0c

Request headers

Referer: https://network.channelbytes.com/nexum/shape/credential-stuffing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

x-rack-cors: hit
date: Mon, 24 Aug 2020 20:06:27 GMT
vary: Origin, Accept-Encoding
cf-cache-status: EXPIRED
status: 410, 410 Gone
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36
cf-request-id: 04c3ad5b680000175edb1a3200000001
x-request-id: 95f77265-a826-4908-9785-d4d0fcbb42ba
x-runtime: 0.008883
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 600
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=60
cf-ray: 5c7fb1a57c7d175e-FRA

GET
H2 200 ip Show response
app.termly.io/api/v1/snippets/websites/4108baff-da8a-463b-b8ba-f577dc773e7b/ 120 B
273 B 549ms
548ms XHR
application/json 2606:4700::6813:ff58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.termly.io/api/v1/snippets/websites/4108baff-da8a-463b-b8ba-f577dc773e7b/ip

Requested by

Host: app.termly.io
URL: https://app.termly.io/embed.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:ff58 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf6d01ec98c7803b37e801273c65f6764911bd79a88b983196ac76dea0561ecb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://network.channelbytes.com/nexum/shape/credential-stuffing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

x-rack-cors: hit
date: Mon, 24 Aug 2020 20:06:27 GMT
content-encoding: br
vary: Origin
cf-cache-status: DYNAMIC
status: 200, 200 OK
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 04c3ad5b680000175edb1a2200000001
x-request-id: 971beb88-155f-4b80-bdcc-d19147a4fa31
x-runtime: 0.004708
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"cf6d01ec98c7803b37e801273c65f676"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 600
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
cf-ray: 5c7fb1a57c7a175e-FRA

OPTIONS
H2 200 ip
app.termly.io/api/v1/snippets/websites/4108baff-da8a-463b-b8ba-f577dc773e7b/ Frame 0
0 214ms
187ms Other 2606:4700::6813:ff58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.termly.io/api/v1/snippets/websites/4108baff-da8a-463b-b8ba-f577dc773e7b/ip

Protocol

Server

2606:4700::6813:ff58 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://network.channelbytes.com
Sec-Fetch-Mode: cors

Response headers

status: 200 200 OK
date: Mon, 24 Aug 2020 20:06:27 GMT
content-length: 0
access-control-allow-origin: *
access-control-max-age: 600
access-control-allow-headers: content-type
access-control-allow-methods: GET
x-frame-options: SAMEORIGIN
accept-ranges: bytes
cf-cache-status: DYNAMIC
cf-request-id: 04c3ad5aaa0000175edb183200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5c7fb1a4495f175e-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 t_prism_sitemessages.php Show response
trackcmp.net/ 0
279 B 238ms
237ms Script
text/javascript 52.203.155.177
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trackcmp.net/t_prism_sitemessages.php?trackid=25613800&prismid=c6a4f685-37b8-4929-96fa-1a97c863b6c6&url=https%3A%2F%2Fnetwork.channelbytes.com%2Fnexum%2Fshape%2Fcredential-stuffing%2F
Requested by: Host: prism.app-us1.com
URL: https://prism.app-us1.com/prism.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.203.155.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-203-155-177.compute-1.amazonaws.com
Software: Apache/2.4.43 (Amazon) / PHP/7.1.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://network.channelbytes.com/nexum/shape/credential-stuffing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 20:06:27 GMT
server: Apache/2.4.43 (Amazon)
x-powered-by: PHP/7.1.33
p3p: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
status: 200
cache-control: no-cache, private
x-privacy-policy: You can find our privacy policy here: https://www.activecampaign.com/help/privacy-policy/
content-type: text/javascript;charset=UTF-8
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 44 B
100 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1995275560728075&ev=PageView&dl=https%3A%2F%2Fnetwork.channelbytes.com%2Fnexum%2Fshape%2Fcredential-stuffing%2F&rl=&if=false&ts=1598299587313&sw=1600&sh=1200&v=2.9.23&r=stable&ec=0&o=30&fbp=fb.1.1598299587203.1066070863&it=1598299587068&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://network.channelbytes.com/nexum/shape/credential-stuffing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 20:06:27 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 24 Aug 2020 20:06:27 GMT

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/1414103/ 178 B
320 B 190ms
66ms XHR
application/json 63.33.1.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/1414103/visit-data?sv=7
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.0bbdc1f554b52cb852ad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.1.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-1-59.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6154d5f7f6961e042d013bab33fd02b691970d873f44f3c32d8fcc6e79ef5bcd

Request headers

Referer: https://network.channelbytes.com/nexum/shape/credential-stuffing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Mon, 24 Aug 2020 20:06:27 GMT
content-encoding: br
status: 200
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-credentials: true

GET
H2

200

adsct
analytics.twitter.com/i/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=twtr
https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_uqUjhZhRXEva3e3TT

43 B
574 B

253ms
161ms

Image
image/gif

104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_uqUjhZhRXEva3e3TT

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://network.channelbytes.com/nexum/shape/credential-stuffing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 20:06:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 115
pragma: no-cache
last-modified: Mon, 24 Aug 2020 20:06:27 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 7bba5f309e985a8d9822bf49acebf426
x-transaction: 00631f1e00be8df1
expires: Tue, 31 Mar 1981 05:00:00 GMT

Redirect headers

Location: https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_uqUjhZhRXEva3e3TT
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H/1.1

200
OK

cb
pixel.prfct.co/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=yah
https://ads.yahoo.com/cms/v1?nwid=10001073209&eid=pa_uqUjhZhRXEva3e3TT&sigv=1&esig=2~48a3861595e4888992534a50af394b7823a5123b
https://pixel.prfct.co/cb?partnerId=yah&xid=E0&eid=pa_uqUjhZhRXEva3e3TT

43 B
460 B

528ms
129ms

Image
image/gif

52.7.90.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.prfct.co/cb?partnerId=yah&xid=E0&eid=pa_uqUjhZhRXEva3e3TT
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.7.90.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-7-90-251.compute-1.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://network.channelbytes.com/nexum/shape/credential-stuffing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, private
Connection: keep-alive
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length: 43
Content-Type: image/gif

Redirect headers

date: Mon, 24 Aug 2020 20:06:27 GMT
referrer-policy: no-referrer-when-downgrade
server: ATS
age: 0
status: 302
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
location: https://pixel.prfct.co/cb?partnerId=yah&xid=E0&eid=pa_uqUjhZhRXEva3e3TT
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=opx
https://us-u.openx.net/w/1.0/sd?id=537114372&val=pa_uqUjhZhRXEva3e3TT
https://us-u.openx.net/w/1.0/sd?cc=1&id=537114372&val=pa_uqUjhZhRXEva3e3TT

43 B
180 B

51ms
51ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537114372&val=pa_uqUjhZhRXEva3e3TT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.192.1 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://network.channelbytes.com/nexum/shape/credential-stuffing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Aug 2020 20:06:27 GMT
via: 1.1 google
server: OXGW/16.192.1
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Mon, 24 Aug 2020 20:06:27 GMT
via: 1.1 google
server: OXGW/16.192.1
status: 302
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537114372&val=pa_uqUjhZhRXEva3e3TT
alt-svc: clear
content-length: 0

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=rbcn
https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_uqUjhZhRXEva3e3TT

0
239 B

172ms
43ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_uqUjhZhRXEva3e3TT
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://network.channelbytes.com/nexum/shape/credential-stuffing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 611afce88997db6fdd35eb213e662871
Content-Type: image/gif

Redirect headers

Location: https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_uqUjhZhRXEva3e3TT
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H/1.1

200
OK

cb
pixel-geo.prfct.co/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=goo
https://cm.g.doubleclick.net/pixel?google_nid=nowspots_bidder&google_hm=cGFfdXFVamhaaFJYRXZhM2UzVFQ
https://cm.g.doubleclick.net/pixel?google_nid=nowspots_bidder&google_hm=cGFfdXFVamhaaFJYRXZhM2UzVFQ&google_tc=
https://pixel-geo.prfct.co/cb?partnerId=goo

43 B
365 B

63ms
62ms

Image
image/gif

52.51.60.151
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-geo.prfct.co/cb?partnerId=goo
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.60.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-60-151.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://network.channelbytes.com/nexum/shape/credential-stuffing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, private
Connection: keep-alive
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 24 Aug 2020 20:06:27 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel-geo.prfct.co/cb?partnerId=goo
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 240
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK /
pixel-geo.prfct.co/seg/ 43 B
365 B 270ms
144ms Image
image/gif 52.51.60.151
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-geo.prfct.co/seg/?add=15617219&source=js_tag&a_id=87427
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.60.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-60-151.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://network.channelbytes.com/nexum/shape/credential-stuffing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, private
Connection: keep-alive
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length: 43
Content-Type: image/gif

GET
H/1.1

200
OK

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/seg?t=2&add=15617219
https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D15617219

43 B
1 KB

44ms
44ms

Image
image/gif

37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D15617219

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://network.channelbytes.com/nexum/shape/credential-stuffing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 24 Aug 2020 20:06:27 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.43:80
AN-X-Request-Uuid: dcb3ef56-2cd4-4814-8b3a-a21eb831b7dc
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 24 Aug 2020 20:06:27 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.165:80
AN-X-Request-Uuid: 2671960c-dd4c-433c-ba46-f75f28c6238c
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D15617219
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 pixel;r=1399553407;source=gtm;rf=0;a=p-cnRmjj7FZbj7E;url=https%3A%2F%2Fnetwork.channelbytes.com%2Fnexum%2Fshape%2Fcredential-stuffing%2F;fpan=1;fpa=P0-1242771443-1598299587466;ns=0;ce=1;qjs=1;qv=35...
pixel.quantserve.com/ 35 B
371 B 9ms
8ms Image
image/gif 2620:116:800d:21:36a9:ecb:e518:b308
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1399553407;source=gtm;rf=0;a=p-cnRmjj7FZbj7E;url=https%3A%2F%2Fnetwork.channelbytes.com%2Fnexum%2Fshape%2Fcredential-stuffing%2F;fpan=1;fpa=P0-1242771443-1598299587466;ns=0;ce=1;qjs=1;qv=35f667c6-20200713111428;cm=;gdpr=0;ref=;d=channelbytes.com;je=0;sr=1600x1200x24;enc=n;dst=1;et=1598299587466;tzo=-120;ogl=title.Nexum%20-%20Shape%20Defense

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://network.channelbytes.com/nexum/shape/credential-stuffing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Aug 2020 20:06:27 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
status: 200
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
100 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2084908925115702&ev=Microdata&dl=https%3A%2F%2Fnetwork.channelbytes.com%2Fnexum%2Fshape%2Fcredential-stuffing%2F&rl=&if=false&ts=1598299587707&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Nexum%20-%20Shape%20Defense%22%2C%22meta%3Akeywords%22%3A%22%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Nexum%20-%20Shape%20Defense%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.23&r=stable&ec=1&o=30&fbp=fb.1.1598299587203.1066070863&it=1598299587068&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://network.channelbytes.com/nexum/shape/credential-stuffing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 20:06:27 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 24 Aug 2020 20:06:27 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
100 B 7ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1995275560728075&ev=Microdata&dl=https%3A%2F%2Fnetwork.channelbytes.com%2Fnexum%2Fshape%2Fcredential-stuffing%2F&rl=&if=false&ts=1598299587814&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Nexum%20-%20Shape%20Defense%22%2C%22meta%3Akeywords%22%3A%22%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Nexum%20-%20Shape%20Defense%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.23&r=stable&ec=1&o=30&fbp=fb.1.1598299587203.1066070863&it=1598299587068&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://network.channelbytes.com/nexum/shape/credential-stuffing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 20:06:27 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 24 Aug 2020 20:06:27 GMT

Verdicts & Comments Add Verdict or Comment

66 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.channelbytes.com/	1970-01-19 12:02:38	Name: ubvt Value: 162.158.91.2281598738005282819
network.channelbytes.com/	1970-01-19 16:17:31	Name: ubvs Value: 162.158.91.2281598738005282819
.channelbytes.com/	1970-01-19 12:41:31	Name: __cfduid Value: de839f18f8ce1ef581aea063b99ee929e1598299586
network.channelbytes.com/nexum/shape/credential-stuffing/	1969-12-31 23:59:59	Name: ubrs Value: weighted
network.channelbytes.com/nexum/shape/credential-stuffing/	1970-01-19 16:23:17	Name: ubpv Value: b%2C4dd3491d-9a7b-4037-9945-7564794c63f6

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://assets.ub-analytics.com/ub.js(Line 183) Message: Tracker already initialized.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.yahoo.com
ajax.cloudflare.com
ajax.googleapis.com
alb.reddit.com
amplify.outbrain.com
amplifypixel.outbrain.com
analytics.twitter.com
app.termly.io
assets.ub-analytics.com
bat.bing.com
builder-assets.unbounce.com
cm.g.doubleclick.net
connect.facebook.net
d3rxaij56vjege.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
diffuser-cdn.app-us1.com
events.ub-analytics.com
fonts.googleapis.com
fonts.gstatic.com
in.hotjar.com
network.channelbytes.com
pixel-geo.prfct.co
pixel.prfct.co
pixel.quantserve.com
pixel.rubiconproject.com
prism.app-us1.com
px.ads.linkedin.com
reelaxis.activehosted.com
rules.quantcount.com
script.hotjar.com
secure.adnxs.com
secure.quantserve.com
snap.licdn.com
static.hotjar.com
tag.marinsm.com
tr.outbrain.com
trackcmp.net
us-u.openx.net
vars.hotjar.com
views.unsplash.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.linkedin.com
www.redditstatic.com
104.244.42.131
13.224.186.88
13.226.155.103
13.226.155.84
13.226.156.176
147.75.102.203
151.101.13.181
151.101.192.65
172.217.16.162
199.232.53.140
2600:9000:2182:4800:6:44e3:f8c0:93a1
2606:4700:3030::6812:2e0f
2606:4700::6810:a823
2606:4700::6811:5a6d
2606:4700::6811:915b
2606:4700::6813:ff58
2620:116:800d:21:36a9:ecb:e518:b308
2620:1ec:21::14
2620:1ec:c11::200
2a00:1288:f03d:1fa::2000
2a00:1450:4001:801::2008
2a00:1450:4001:802::200e
2a00:1450:4001:81a::2003
2a00:1450:4001:81d::2002
2a00:1450:4001:81d::200a
2a00:1450:4001:820::2008
2a00:1450:4001:821::200a
2a02:26f0:10c:39e::25ea
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a05:f500:10:101::b93f:9105
34.224.248.58
34.98.64.218
37.252.172.249
52.203.155.177
52.51.60.151
52.7.90.251
63.33.1.59
64.202.112.191
69.173.144.165
92.122.252.43
0519449c609865e25570c1f803eb127aa6ca7c9f5783c3331dbd9fd155eb74b7
0983003c2827bd0b24985d096cb40456780a70afc96c5913bf1217529c18254b
0e7017c7d7491ba4a55d5721fa25c9ef77d14acdd8686b2f18a4ccee03cccd92
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
15c79a8bc14839ea46d14be7b27081c8b5e6e8d9d5b9b4fc6fc4c22448d18864
1a10871f6cc0f37eb9af0c779c813ca20908e2307c721d0a2b3fd2104f4498d9
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb
33182948e9715ac7fd11c9366c04f76f2f6efa3f3c4ae01da2886fa97b95db1e
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
380b6e0187acc7bdbb355fc42dd22cd8e187965053d14fc99a4126d52b23bbe4
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0
4400b1df81fbd90238d2a702e2637f2882b2a27b00521e8a677c4e568561b20f
44ff46c221af1fd9e789118c61ab2cc36c4201ae3deabfb52a0a7c211a1596fd
4a8fef92c80485e1bc29ffccadb554b7384383e643be18045b37a881bccb9925
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
501b27e901711429d1fd7e54134933ef228d6ce9dc25b023a5ff9d1f77848706
574d25730b3e016a6d78e7456a10076560b7c750df937516ad832de2579677b9
5c622f5433cbb6ea1df5c0dd8671e55ef7d1464366074730473c453de50a579b
5c6e41cab44d3fc8958df6b852e4e728360a81d7a5fc3079b36e677cc07f8edb
6154d5f7f6961e042d013bab33fd02b691970d873f44f3c32d8fcc6e79ef5bcd
682771e18246aec081438e0c0428b3db4275c649f095be2ed03a3a5c285fb843
73de9659a327b26997032050c73b196859b3fa4bac10e894ce659ed0eb615765
78e7ba05e12e02d85f77b162e7552e9ad357f44ff70c097e6f2aa77f771d86ea
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863
7e5927fae7ff42edbc7c94e4e24ed5d7028f618c86c2f98f1a420dd6056cab0c
8130c2c72afad9d94581ef93aaa00524093103c47c71fce52f606d5ff693c3ce
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
893df2b9ceb653f94333139d561d363bf4c365e651a0a3ade839d96200942e37
8a2113db6f7a3d8443f2e19af3ece7fedf1a392689b5e5c01cfb27623208bfd7
8d49f2012ce9c7e4c72900654abce705b7a9cd8b44099e11d8703aa004db7513
9681906d328f778d4364e650104471024fca37c8932d298f620cf85696f9ac69
9c29517d31f5827419cfb4f4ff8cd13b478ec5345cfbb24e4f02072c723a87e7
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
ac2647495bd73a77a7547dc13dba6e485331b4f15c848a1e946ae7d2314b2b6c
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acec304f2522b5d4b5afdc6fc1ddf4f1d87ce2f63879e1a063108b84403e8cb8
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
b0cc6e3b784d506ac31cfcece8be10625ae4fa497c402cb2ff17c743a2b766ed
b4edbe8f1fa57e30588ae75939d0fc35828636c33820f218a43e9f52acde8ea3
bc62193b5bbc429377f351574e2d1b0d62cb3e896affb803ac50fccd543a79bf
bd5127d88d20bfc74fb94869e2026ddfbb9119934c6b441b12ed7762a948a702
c592706e3f8cde1ff136734ea3e9952545dcd0ab8a64a318c73ddf8a0c1c76b1
c8a78225734a6353e1d817d85f4650995f9a9a450ede979cf6463ceffe554280
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
caab9d38538b3ca4fbb40b155684fab97d4ede9adadea1fe057b4caa6261a4c6
ce17defa1168d9e848302fefe1cac1f4c5c7714f8c95b770b335784a5ebe8bb4
ce4d3d4c8613f72679c0acc5e9bf7d968d8028272ffa7a67089f82b09e30f2f6
cf6d01ec98c7803b37e801273c65f6764911bd79a88b983196ac76dea0561ecb
d0f5b31705825ed1354c26181a1ea2865d50fe56c03114e99606c3f76744dd5a
d68f66298bf1764d0ee8ee213f7e7abdb40d52a730d6be26172a5dcc574595da
d77b709d9a0fd0ae0e86511ca44d25c48dfeefc1ccacb95f448a18e64ddf7a67
d8f55c9956bef0bc13cad72da8afeded91a945a5f9da98a082b46eccc45700dc
e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e43f7336acbcb42e06e2717a19fd8a50ab5b7e7e9ace791c817b8dd97f8e8a67
e88e0ed354170d8b73435fadf714ab8fff7c00b985295495d146b5eb92dc3e50
eeb5917a143c49dfc0ded22029e640b3bad6f5703bf400c3979333b0571251bb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f62a727a558bad16bd82f19211814907cff1c63041e952cb0e04bbc794d63c90
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

network.channelbytes.com Open in urlscan Pro 2606:4700:3030::6812:2e0f Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

91 Requests

99 %HTTPS

51 %IPv6

33 Domains

45 Subdomains

38 IPs

6 Countries

1488 kBTransfer

3411 kBSize

5 Cookies

0 Outgoing links

Page URL History

Redirected requests

91 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

network.channelbytes.com Open in urlscan Pro
2606:4700:3030::6812:2e0f Public Scan

Screenshot
Live screenshot

Full Image

91
Requests

99 %
HTTPS

51 %
IPv6

33
Domains

45
Subdomains

38
IPs

6
Countries

1488 kB
Transfer

3411 kB
Size

5
Cookies

91 HTTP transactions
1 data transactions