urlscan.io logo urlscan.io
SecurityTrails logo

www.fraudfighters.net Open in urlscan Pro
141.193.213.20  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.fraudfighters.net/
Effective URL: https://www.fraudfighters.net/
Submission: On December 14 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 32 IPs in 3 countries across 21 domains to perform 114 HTTP transactions. The main IP is 141.193.213.20, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is www.fraudfighters.net.
TLS certificate: Issued by R3 on October 23rd 2022. Valid for: 3 months.
This is the only time www.fraudfighters.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 53 141.193.213.20 209242 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
1 142.250.186.34 15169 (GOOGLE)
2 13.32.27.84 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
1 2600:9000:206... 16509 (AMAZON-02)
2 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
1 3 2a00:1450:400... 15169 (GOOGLE)
1 99.86.4.16 16509 (AMAZON-02)
1 83.229.67.229 36007 (KAMATERA)
1 13.32.27.107 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2600:9000:206... 16509 (AMAZON-02)
3 3 2620:1ec:22::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
1 54.241.113.118 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 104.238.215.8 36007 (KAMATERA)
1 138.128.247.123 36007 (KAMATERA)
1 52.219.101.34 16509 (AMAZON-02)
114 32
53    141.193.213.20 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
www.fraudfighters.net
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2606:4700:20::ac43:467a (United States)

ASN13335 (CLOUDFLARENET, US)
www.apex.live
apex.live
1    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
www.googleadservices.com
2    13.32.27.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-84.fra56.r.cloudfront.net
cdn.callrail.com
js.callrail.com
2    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2600:9000:206f:9800:15:a0d3:77c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
www.clickcease.com
2    2a02:26f0:3500:16::215:149b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
1    2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
9    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
3    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    99.86.4.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-16.fra6.r.cloudfront.net
navi.lawmatics.com
1    83.229.67.229 (New York, United States)

ASN36007 (KAMATERA, US)
acsbapp.com
1    13.32.27.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-107.fra56.r.cloudfront.net
js.callrail.com
1    2a00:1450:4001:80e::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
4    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
jnn-pa.googleapis.com
3    2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
1    2a00:1450:4001:801::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
1    2a00:1450:400c:c1b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
4    2600:9000:206f:6e00:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.linkedin.oribi.io
3    2620:1ec:22::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
1    54.241.113.118 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-241-113-118.us-west-1.compute.amazonaws.com
api.lawmatics.com
2    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2606:4700:20::681a:848 (United States)

ASN13335 (CLOUDFLARENET, US)
apex.live
2    104.238.215.8 (New York, United States)

ASN36007 (KAMATERA, US)
PTR: mail.shweeng.com
cdn.acsbapp.com
1    138.128.247.123 (New York, United States)

ASN36007 (KAMATERA, US)
web1.acsbapp.com
1    52.219.101.34 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.us-east-2.amazonaws.com
agent-alias.s3.us-east-2.amazonaws.com
Apex Domain
Subdomains		 Transfer
53 fraudfighters.net
www.fraudfighters.net
1 MB
9 youtube.com
www.youtube.com — Cisco Umbrella Rank: 73
809 KB
8 gstatic.com
fonts.gstatic.com
www.gstatic.com
143 KB
7 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 37
ajax.googleapis.com — Cisco Umbrella Rank: 311
jnn-pa.googleapis.com — Cisco Umbrella Rank: 185
152 KB
5 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 34
static.doubleclick.net — Cisco Umbrella Rank: 199
stats.g.doubleclick.net — Cisco Umbrella Rank: 81
3 KB
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 372
www.linkedin.com — Cisco Umbrella Rank: 643
px4.ads.linkedin.com — Cisco Umbrella Rank: 6944
3 KB
4 oribi.io
cdn.linkedin.oribi.io — Cisco Umbrella Rank: 887
798 B
4 acsbapp.com
acsbapp.com — Cisco Umbrella Rank: 3673
cdn.acsbapp.com — Cisco Umbrella Rank: 4127
web1.acsbapp.com — Cisco Umbrella Rank: 5048
167 KB
4 apex.live
www.apex.live — Cisco Umbrella Rank: 104985
apex.live — Cisco Umbrella Rank: 96787
308 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 2
15 KB
3 callrail.com
cdn.callrail.com — Cisco Umbrella Rank: 8122
js.callrail.com — Cisco Umbrella Rank: 8924
36 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 7952
565 B
2 lawmatics.com
navi.lawmatics.com — Cisco Umbrella Rank: 480376
api.lawmatics.com — Cisco Umbrella Rank: 536396
3 KB
2 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 742
5 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 28
20 KB
1 amazonaws.com
agent-alias.s3.us-east-2.amazonaws.com — Cisco Umbrella Rank: 101150
51 KB
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 87
25 KB
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 212
2 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 47
38 KB
1 clickcease.com
www.clickcease.com — Cisco Umbrella Rank: 9452
54 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 171
17 KB
114 21
Domain Requested by
53 www.fraudfighters.net 1 redirects www.fraudfighters.net
9 www.youtube.com www.fraudfighters.net
www.youtube.com
6 fonts.gstatic.com fonts.googleapis.com
www.youtube.com
4 cdn.linkedin.oribi.io snap.licdn.com
4 jnn-pa.googleapis.com www.youtube.com
3 www.google.com www.youtube.com
www.fraudfighters.net
3 googleads.g.doubleclick.net 1 redirects www.googleadservices.com
www.youtube.com
2 cdn.acsbapp.com acsbapp.com
2 apex.live www.fraudfighters.net
www.apex.live
2 www.gstatic.com www.youtube.com
www.gstatic.com
2 www.google.de www.fraudfighters.net
2 px.ads.linkedin.com 2 redirects
2 js.callrail.com cdn.callrail.com
2 snap.licdn.com www.fraudfighters.net
snap.licdn.com
2 www.google-analytics.com www.fraudfighters.net
www.google-analytics.com
2 ajax.googleapis.com www.fraudfighters.net
www.apex.live
2 www.apex.live www.fraudfighters.net
www.apex.live
1 agent-alias.s3.us-east-2.amazonaws.com
1 web1.acsbapp.com
1 api.lawmatics.com navi.lawmatics.com
1 px4.ads.linkedin.com www.fraudfighters.net
1 www.linkedin.com 1 redirects
1 stats.g.doubleclick.net www.google-analytics.com
1 i.ytimg.com www.youtube.com
1 yt3.ggpht.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 acsbapp.com www.fraudfighters.net
1 navi.lawmatics.com www.fraudfighters.net
1 www.googletagmanager.com www.fraudfighters.net
1 www.clickcease.com www.fraudfighters.net
1 cdn.callrail.com www.fraudfighters.net
1 www.googleadservices.com www.fraudfighters.net
1 fonts.googleapis.com www.fraudfighters.net
114 33
Subject Issuer Validity Valid
www.fraudfighters.net
R3		 2022-10-23 -
2023-01-21		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-16 -
2023-05-16		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
swappy.callrail.com
Amazon		 2022-08-10 -
2023-09-08		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
clickcease.com
Amazon RSA 2048 M02		 2022-10-27 -
2023-11-25		 a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2022-03-01 -
2023-03-01		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.lawmatics.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
*.acsbapp.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2022-09-28 -
2023-10-05		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
linkedin.oribi.io
Amazon		 2022-07-07 -
2023-08-06		 a year crt.sh
www.google.de
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.s3.us-east-2.amazonaws.com
Amazon		 2022-09-21 -
2023-08-31		 a year crt.sh

This page contains 4 frames:

Primary Page: https://www.fraudfighters.net/
Frame ID: BFB99413D71987A04C430AB896198952
Requests: 88 HTTP requests in this frame

Frame: https://www.youtube.com/embed/0i9BGqcJWo4?feature=oembed
Frame ID: C204FF82F33FE92ECC511A3227CE46D5
Requests: 21 HTTP requests in this frame

Frame: https://apex.live//themes/skinnable/invitation/bubble.png
Frame ID: D6E36EE441BA49AFDD838F7B0FCC7CE7
Requests: 1 HTTP requests in this frame

Frame: https://agent-alias.s3.us-east-2.amazonaws.com/mg__7972.png
Frame ID: 1AFA31F548715196AC9D95285E59C0CE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Whistleblower Lawyers | Healthcare, Bank, and Securities Fraud | Fraud FightersGroup 7@2xTikTokyoutube@2x

Page URL History Show full URLs

  1. http://www.fraudfighters.net/ HTTP 301
    https://www.fraudfighters.net/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

114
Requests

97 %
HTTPS

66 %
IPv6

21
Domains

33
Subdomains

32
IPs

3
Countries

3126 kB
Transfer

7447 kB
Size

34
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.fraudfighters.net/ HTTP 301
    https://www.fraudfighters.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 55
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Request Chain 70
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3965985%2C1378274&time=1671002821774&url=https%3A%2F%2Fwww.fraudfighters.net%2F HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3965985%252C1378274%26time%3D1671002821774%26url%3Dhttps%253A%252F%252Fwww.fraudfighters.net%252F%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3965985%2C1378274&time=1671002821774&url=https%3A%2F%2Fwww.fraudfighters.net%2F&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3965985%2C1378274&time=1671002821774&url=https%3A%2F%2Fwww.fraudfighters.net%2F&liSync=true&e_ipv6=AQKl4eERPouFhwAAAYUPh5ZSvjoQfZNdyUnblKbwXHVH41eEsDl-P2wihyO69RsA2SH7UH6Hl3Q_g6MwTGZPeMUdudFAZg

114 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.fraudfighters.net/
Redirect Chain
  • http://www.fraudfighters.net/
  • https://www.fraudfighters.net/
176 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.fraudfighters.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / WP Engine
Resource Hash
8bf7044c50d9216f1ab29b2f65b9f0b17470d1b193a2b7b70d3dc674297ef0f1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=600, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
779536eaea2c697b-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 14 Dec 2022 07:27:00 GMT
link
<https://www.fraudfighters.net/wp-json/>; rel="https://api.w.org/" <https://www.fraudfighters.net/wp-json/wp/v2/pages/42>; rel="alternate"; type="application/json" <https://www.fraudfighters.net/>; rel=shortlink
server
cloudflare
surrogate-key
front post-42 post-user-10 single
vary
Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache
HIT: 11
x-cache-group
normal
x-cacheable
SHORT
x-powered-by
WP Engine

Redirect headers

CF-Cache-Status
DYNAMIC
CF-RAY
779536e97c3e9bef-FRA
Connection
keep-alive
Content-Type
text/html
Date
Wed, 14 Dec 2022 07:27:00 GMT
Location
https://www.fraudfighters.net/
Server
cloudflare
Transfer-Encoding
chunked
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
css2
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Red+Hat+Display:wght@400;500;700;900&family=Spectral:ital,wght@0,400;0,600;0,700;1,400&display=swap
Requested by
Host: www.fraudfighters.net
URL: https://www.fraudfighters.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f09aaa074e7fb50071ebca46693853fc79a54ce6f162e30b47b44563973b619e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fraudfighters.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 14 Dec 2022 07:27:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 14 Dec 2022 07:27:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 14 Dec 2022 07:27:00 GMT
style-noncritical.min.css
www.fraudfighters.net/wp-content/themes/tz-legal-theme/styles/css/ 		74 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.fraudfighters.net/wp-content/themes/tz-legal-theme/styles/css/style-noncritical.min.css?v=1666215705
Requested by
Host: www.fraudfighters.net
URL: https://www.fraudfighters.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfa0319a669e797a367f18a94fdcfa195a95840e3b3f8d1c2331b053279b514c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fraudfighters.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 07:27:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 19 Oct 2022 21:41:45 GMT
server
cloudflare
age
226307
etag
W/"63506f19-12708"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
779536ec7d26697b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
style-noncritical.min.css
www.fraudfighters.net/wp-content/themes/theme__tzlegal--child--ff/styles/css/ 		33 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.fraudfighters.net/wp-content/themes/theme__tzlegal--child--ff/styles/css/style-noncritical.min.css?v=1669872835
Requested by
Host: www.fraudfighters.net
URL: https://www.fraudfighters.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
142b541f178970764805cb07c21125a78cd9a5aa1513d8ca67a5a25148dddb23

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fraudfighters.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 07:27:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 01 Dec 2022 05:33:55 GMT
server
cloudflare
age
301529
etag
W/"63883cc3-8396"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
779536ec7d28697b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
classic-themes.min.css
www.fraudfighters.net/wp-includes/css/ 		217 B
258 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.fraudfighters.net/wp-includes/css/classic-themes.min.css?ver=1
Requested by
Host: www.fraudfighters.net
URL: https://www.fraudfighters.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fraudfighters.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 07:27:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 25 Oct 2022 13:45:16 GMT
server
cloudflare
age
301529
etag
W/"6357e86c-d9"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
779536ec7d2c697b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
dashicons.min.css
www.fraudfighters.net/wp-includes/css/ 		58 KB
35 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.fraudfighters.net/wp-includes/css/dashicons.min.css?ver=6.1.1
Requested by
Host: www.fraudfighters.net
URL: https://www.fraudfighters.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fraudfighters.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 07:27:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 03 Mar 2021 21:16:22 GMT
server
cloudflare
age
226307
etag
W/"603ffca6-e688"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
779536ec7d2f697b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
front.min.css
www.fraudfighters.net/wp-content/plugins/cookie-notice/css/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.fraudfighters.net/wp-content/plugins/cookie-notice/css/front.min.css?ver=6.1.1
Requested by
Host: www.fraudfighters.net
URL: https://www.fraudfighters.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2c30641eed11d27cc45ab60849aaef8d0cef92b8c75b09648ffb764bd6017c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fraudfighters.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 07:27:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 30 Jun 2022 20:24:31 GMT
server
cloudflare
age
16384
etag
W/"62be067f-14ce"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
779536ec7d30697b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
TZ-LogoVariations_Dark-Horizontal.svg
www.fraudfighters.net/wp-content/uploads/2020/11/ 		15 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fraudfighters.net/wp-content/uploads/2020/11/TZ-LogoVariations_Dark-Horizontal.svg
Requested by
Host: www.fraudfighters.net
URL: https://www.fraudfighters.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e97ac44670c17ba4d13b4ac82f1c5345acc7f15ccf08acc9b6e842900fbbcc7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fraudfighters.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 07:27:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 21 Jan 2022 15:41:12 GMT
server
cloudflare
age
1221
etag
W/"61ead418-3bda"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
779536ecc851bb41-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
logo__tzlegalFF--mobile.svg
www.fraudfighters.net/wp-content/themes/theme__tzlegal--child--ff/images/ 		11 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fraudfighters.net/wp-content/themes/theme__tzlegal--child--ff/images/logo__tzlegalFF--mobile.svg
Requested by
Host: www.fraudfighters.net
URL: https://www.fraudfighters.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d03c79e2285db0657aa65f5c54b9561a92049d2086e6298d7b19e8a46e1836a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fraudfighters.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 07:27:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 29 Sep 2022 02:17:01 GMT
server
cloudflare
age
1221
etag
W/"6335001d-2d24"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
779536ecc853bb41-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
placeholder.gif
www.fraudfighters.net/wp-content/themes/tz-legal-theme/images/ 		38 B
302 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fraudfighters.net/wp-content/themes/tz-legal-theme/images/placeholder.gif
Requested by
Host: www.fraudfighters.net
URL: https://www.fraudfighters.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6cd8f8d309e3832279dc6284eb2ad048287d2ad1c8e1ecaeee0145a97929e55

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fraudfighters.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 07:27:00 GMT
cf-cache-status
HIT
age
1221
cf-polished
origFmt=gif, origSize=1093
content-disposition
inline; filename="placeholder.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38
cf-bgj
imgq:100,h2pri
last-modified
Thu, 29 Sep 2022 02:07:04 GMT
server
cloudflare
etag
"6334fdc8-445"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
779536ecc855bb41-FRA
Path-30650.svg
www.fraudfighters.net/wp-content/uploads/2021/01/ 		847 B
661 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fraudfighters.net/wp-content/uploads/2021/01/Path-30650.svg
Requested by
Host: www.fraudfighters.net
URL: https://www.fraudfighters.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
60887c43fc31ef1febaab0613718268004717fa19152e83f9530b168eb929f04

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fraudfighters.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 07:27:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 21 Jan 2022 15:41:10 GMT
server
cloudflare
age
1221
etag
W/"61ead416-34f"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
779536ecc857bb41-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Path-30651.svg
www.fraudfighters.net/wp-content/uploads/2021/01/ 		1 KB
760 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fraudfighters.net/wp-content/uploads/2021/01/Path-30651.svg
Requested by
Host: www.fraudfighters.net
URL: https://www.fraudfighters.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
184b9e38d0ac290f25beb618aab4e34ae8fd4e8624666e6d044bed41d6f9f8cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fraudfighters.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 07:27:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 21 Jan 2022 15:41:10 GMT
server
cloudflare
age
1221
etag
W/"61ead416-42e"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
779536ecc858bb41-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Path-30652.svg
www.fraudfighters.net/wp-content/uploads/2021/01/ 		980 B
784 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fraudfighters.net/wp-content/uploads/2021/01/Path-30652.svg
Requested by
Host: www.fraudfighters.net
URL: https://www.fraudfighters.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1ada2053af85b05950a3eca3be690c1f74edaf97f720d4d4bd3b9e9b5350214

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fraudfighters.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 07:27:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 21 Jan 2022 15:41:10 GMT
server
cloudflare
age
1221
etag
W/"61ead416-3d4"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
779536ecc85abb41-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Path-30653.svg
www.fraudfighters.net/wp-content/uploads/2021/01/ 		672 B
585 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fraudfighters.net/wp-content/uploads/2021/01/Path-30653.svg
Requested by
Host: www.fraudfighters.net
URL: https://www.fraudfighters.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
07589e57d51bd69549539e1a5eeea998c9b17f9fcd25948b4abf32ddfe38d805

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fraudfighters.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 07:27:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 21 Jan 2022 15:41:10 GMT
server
cloudflare
age
1221
etag
W/"61ead416-2a0"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
779536ecc85cbb41-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Path-30654.svg
www.fraudfighters.net/wp-content/uploads/2021/01/ 		1 KB
871 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fraudfighters.net/wp-content/uploads/2021/01/Path-30654.svg
Requested by
Host: www.fraudfighters.net
URL: https://www.fraudfighters.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0a0fad619b9c417b66ae838ab0d51c1b34915aeb617e335f6d0d485bd5b74a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fraudfighters.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 07:27:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 21 Jan 2022 15:41:10 GMT
server
cloudflare
age
1221
etag
W/"61ead416-541"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
779536ecc85dbb41-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Path-30655.svg
www.fraudfighters.net/wp-content/uploads/2021/01/ 		869 B
580 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fraudfighters.net/wp-content/uploads/2021/01/Path-30655.svg
Requested by
Host: www.fraudfighters.net
URL: https://www.fraudfighters.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3d4e4df1a279d406ceb4a315b794294bb0100bda346c132d6f3d74167b6fcd8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fraudfighters.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 07:27:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 21 Jan 2022 15:41:10 GMT
server
cloudflare
age
1221
etag
W/"61ead416-365"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
779536ecc860bb41-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
logo__tzlegal--footer.svg
www.fraudfighters.net/wp-content/themes/tz-legal-theme/images/ 		12 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fraudfighters.net/wp-content/themes/tz-legal-theme/images/logo__tzlegal--footer.svg
Requested by
Host: www.fraudfighters.net
URL: https://www.fraudfighters.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbf08af462cd3286630ca3b795439b9e8780eaf9fc599584a5004f3a103b8d0b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fraudfighters.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 07:27:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 29 Sep 2022 02:07:04 GMT
server
cloudflare
age
1221
etag
W/"6334fdc8-2f22"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
779536ecc862bb41-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
logo__publicJustice.jpeg
www.fraudfighters.net/wp-content/themes/tz-legal-theme/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fraudfighters.net/wp-content/themes/tz-legal-theme/images/logo__publicJustice.jpeg
Requested by
Host: www.fraudfighters.net
URL: https://www.fraudfighters.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f698167d3fe17ec510057f9bc1e560fc5287334dcb22fd5e3b9f3030d09e476

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fraudfighters.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 07:27:00 GMT
cf-cache-status
HIT
age
1221
cf-polished
origSize=7057, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6885
cf-bgj
imgq:100,h2pri
last-modified
Thu, 29 Sep 2022 02:07:04 GMT
server
cloudflare
etag
"6334fdc8-1b91"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
779536ecc864bb41-FRA
logo__whatsapp.svg
www.fraudfighters.net/wp-content/themes/tz-legal-theme/images/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fraudfighters.net/wp-content/themes/tz-legal-theme/images/logo__whatsapp.svg
Requested by
Host: www.fraudfighters.net
URL: https://www.fraudfighters.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c1ad45f74254d3a2a330644a962a74b1aa090b8e454f0b47bc737d684d63837

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fraudfighters.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 07:27:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 29 Sep 2022 02:07:09 GMT
server
cloudflare
age
1221
etag
W/"6334fdcd-c18"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
779536ecc866bb41-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
logo__signal.svg
www.fraudfighters.net/wp-content/themes/tz-legal-theme/images/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fraudfighters.net/wp-content/themes/tz-legal-theme/images/logo__signal.svg
Requested by
Host: www.fraudfighters.net
URL: https://www.fraudfighters.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4d2aff87094a5c1dde93cd8ca2fcea1eb91a53d0c62e79e0121431da531311d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fraudfighters.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 07:27:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 29 Sep 2022 02:07:05 GMT
server
cloudflare
age
1221
etag
W/"6334fdc9-120f"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
779536ecc869bb41-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
invitation.ashx
www.apex.live/scripts/ 		1 MB
306 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.apex.live/scripts/invitation.ashx?company=tyckozav
Requested by
Host: www.fraudfighters.net
URL: https://www.fraudfighters.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:467a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
33ea22a80e4a9c57a6cd53147bfee992e3bd6de7663afe15969f9e9e965fb969

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fraudfighters.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 07:27:01 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
p3p
policyref="/w3c/p3p.xml",CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml",CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
x-ua-compatible
IE=edge
request-context
appId=cid-v1:1063dcea-9f69-45d6-9f3e-65688f6e6a4f
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
POST,GET,OPTIONS,PUT,DELETE
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vt7svGA902a3IrXcEqZNwPjdd1p0lz6GDIcdP6AH2shW1Ciy2VmRWSA%2BvZrTrJ%2BTCU9NtJQqXFFMW%2Fsotnm3CVnf8fZ8%2B1Nk871D7SNNAFIANZVQXzYGyN8yQ533zTWG1LpP%2BAWGSto%2BfzE%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
Request-Context
cache-control
public, max-age=86400,no-transform
cf-ray
779536ed08799baa-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, referring-domain, apexchat-username, apexchat-password, apexchat-company, Authorization
conversion.js
www.googleadservices.com/pagead/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: www.fraudfighters.net
URL: https://www.fraudfighters.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ebcd43274f956ef6d5c0f690695cc56c35a3a77180c9d1b80791febe4e27f601
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fraudfighters.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 07:27:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16823
x-xss-protection
0
server
cafe
etag
6351308751113588399
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 14 Dec 2022 07:27:00 GMT
swap.js
cdn.callrail.com/companies/946844853/4b11b1c8dcaab040965d/12/ 		35 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.callrail.com/companies/946844853/4b11b1c8dcaab040965d/12/swap.js
Requested by
Host: www.fraudfighters.net
URL: https://www.fraudfighters.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-84.fra56.r.cloudfront.net
Software
/
Resource Hash
6ffde1acbfdb7044878bcf969f76aedd6223524da7053faf36dc613257477416

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fraudfighters.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-runtime
0.010443
date
Wed, 14 Dec 2022 07:27:00 GMT
via
1.1 103eb504d36d97c9f30550032223d996.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
etag
W/"6ffde1acbfdb7044878bcf969f76aedd"
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600, public
timing-allow-origin
*
x-amz-cf-id
ou2hW7XK1bFwvqLisG79xL4xYvJou3ODzpKsrNq_b_4jKuGeJWXMXQ==
x-request-id
703e16e1-73c4-47ed-a6fe-1ed19008025a
front.min.js
www.fraudfighters.net/wp-content/plugins/cookie-notice/js/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.fraudfighters.net/wp-content/plugins/cookie-notice/js/front.min.js?ver=2.3.1
Requested by
Host: www.fraudfighters.net
URL: https://www.fraudfighters.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c38bc4d28cb6dd5263a68b3efa74cd5b746f9083484871c54f4cd437c828b40e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fraudfighters.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 07:27:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 30 Jun 2022 20:24:31 GMT
server
cloudflare
age
1221
etag
W/"62be067f-20ec"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
779536ecc86bbb41-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 		87 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js?ver=3.5.1
Requested by
Host: www.fraudfighters.net
URL: https://www.fraudfighters.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fraudfighters.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 15:54:47 GMT
x-content-type-options
nosniff
age
401533
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
89476
x-xss-protection
0
last-modified
Fri, 08 May 2020 07:05:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Dec 2023 15:54:47 GMT
scripts.min.js
www.fraudfighters.net/wp-content/themes/tz-legal-theme/js/ 		78 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.fraudfighters.net/wp-content/themes/tz-legal-theme/js/scripts.min.js?ver=1664418376
Requested by
Host: www.fraudfighters.net
URL: https://www.fraudfighters.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c6f790cdfb30ee6ea13ff8325f0c17fb70f269e24ccf5152b3bc83c5bba1d2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fraudfighters.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 07:27:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 29 Sep 2022 02:26:16 GMT
server
cloudflare
age
1221
etag
W/"63350248-13744"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
779536ecc848bb41-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
scripts.min.js
www.fraudfighters.net/wp-content/themes/theme__tzlegal--child--ff/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.fraudfighters.net/wp-content/themes/theme__tzlegal--child--ff/js/scripts.min.js?ver=1667275907
Requested by
Host: www.fraudfighters.net
URL: https://www.fraudfighters.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
edefa770ab981098708e9dd63e7dbdd9ec025b1eab5520e43853789e13e3433e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fraudfighters.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 07:27:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 01 Nov 2022 04:11:47 GMT
server
cloudflare
age
1221
etag
W/"63609c83-21a4"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
779536ecc84cbb41-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.fraudfighters.net
URL: https://www.fraudfighters.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fraudfighters.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 14 Dec 2022 07:24:37 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
143
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Wed, 14 Dec 2022 09:24:37 GMT
stat.js
www.clickcease.com/monitor/ 		171 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clickcease.com/monitor/stat.js
Requested by
Host: www.fraudfighters.net
URL: https://www.fraudfighters.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:9800:15:a0d3:77c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4f9687af855e3702920c9feedcf07596807bf43bcd8de0b543ffee66f98e1a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fraudfighters.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
6Er2d0GJvgnFniPQXIH7h8kzG7dJBNJf
content-encoding
gzip
via
1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
date
Wed, 14 Dec 2022 07:26:51 GMT
last-modified
Tue, 22 Nov 2022 11:31:37 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
10
x-amz-server-side-encryption
AES256
etag
W/"1c27f449b067550681f23ad3e53988fa"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
7WeneTYDqbh0Pd598PQb00khs1qWrSCwXsxwyNzSEVxxbsxkyNBrHQ==
insight.min.js
snap.licdn.com/li.lms-analytics/ 		1017 B
657 B 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.fraudfighters.net
URL: https://www.fraudfighters.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
188df28d9a43df9305e789776e4eed7f4afdd7c1d391dc5706d816af46554ede

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fraudfighters.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 07:27:00 GMT
content-encoding
gzip
last-modified
Tue, 13 Dec 2022 16:28:43 GMT
x-cdn
AKAM
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=32571
accept-ranges
bytes
content-length
489
gtm.js
www.googletagmanager.com/ 		96 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WJHG9RZ
Requested by
Host: www.fraudfighters.net
URL: https://www.fraudfighters.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e0664341de6042c0eac81fbd58a704c7bca979489b22f0d5ab6cc944be4f98b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fraudfighters.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 07:27:00 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38872
x-xss-protection
0
last-modified
Wed, 14 Dec 2022 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 14 Dec 2022 07:27:00 GMT
icon__search--white.svg
www.fraudfighters.net/wp-content/themes/theme__tzlegal/images/ 		1 KB
779 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fraudfighters.net/wp-content/themes/theme__tzlegal/images/icon__search--white.svg
Requested by
Host: www.fraudfighters.net
URL: https://www.fraudfighters.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
812df9c32374111ebd59adab63623b3a43aaf6ea6d676b9d14f30d3420e44586

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fraudfighters.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 07:27:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 08 Mar 2022 02:01:46 GMT
server
cloudflare
age
1221
etag
W/"6226b90a-425"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
779536ecc86dbb41-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
icon__search--lightBlue.svg
www.fraudfighters.net/wp-content/themes/theme__tzlegal/images/ 		1 KB
777 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fraudfighters.net/wp-content/themes/theme__tzlegal/images/icon__search--lightBlue.svg
Requested by
Host: www.fraudfighters.net
URL: https://www.fraudfighters.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
260d3a8398bf730221c2857c3b56b3ce295accc3e5d1ebd971595e0b2757dfdb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fraudfighters.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 07:27:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 08 Mar 2022 02:01:49 GMT
server
cloudflare
age
1221
etag
W/"6226b90d-42b"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
779536ecc871bb41-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
icon__arrow--right.svg
www.fraudfighters.net/wp-content/themes/theme__tzlegal/images/ 		426 B
461 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fraudfighters.net/wp-content/themes/theme__tzlegal/images/icon__arrow--right.svg
Requested by
Host: www.fraudfighters.net
URL: https://www.fraudfighters.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e835ef011b2157493a184a95a4bb37337b558b342f1a3f87118f3be15f5ac50e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fraudfighters.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 07:27:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 08 Mar 2022 02:01:49 GMT
server
cloudflare
age
1221
etag
W/"6226b90d-1aa"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
779536ecc872bb41-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
8vIQ7wUr0m80wwYf0QCXZzYzUoTg_T6h.woff2
fonts.gstatic.com/s/redhatdisplay/v14/ 		28 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/redhatdisplay/v14/8vIQ7wUr0m80wwYf0QCXZzYzUoTg_T6h.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Red+Hat+Display:wght@400;500;700;900&family=Spectral:ital,wght@0,400;0,600;0,700;1,400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1dbe80d2c777c173f7f7b2fe368fbdd6b3de977c9e02548b03d15cc441a80a69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.fraudfighters.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 20:55:33 GMT
x-content-type-options
nosniff
age
124287
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28964
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 17:54:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Dec 2023 20:55:33 GMT
rnCr-xNNww_2s0amA9M5kng.woff2
fonts.gstatic.com/s/spectral/v13/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/spectral/v13/rnCr-xNNww_2s0amA9M5kng.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Red+Hat+Display:wght@400;500;700;900&family=Spectral:ital,wght@0,400;0,600;0,700;1,400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
51f3ebfe41d11eab7706afe65201434799048af4c2db78276f6194435c12d672
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.fraudfighters.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:51:11 GMT
x-content-type-options
nosniff
age
563749
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21816
x-xss-protection
0
last-modified
Tue, 30 Aug 2022 22:36:15 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 07 Dec 2023 18:51:11 GMT
0i9BGqcJWo4
www.youtube.com/embed/ Frame C204 		69 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/0i9BGqcJWo4?feature=oembed
Requested by
Host: www.fraudfighters.net
URL: https://www.fraudfighters.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9e23912df68188893223625c57f988f8e371b183fcf9f05d2fcfcff94a9422d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.fraudfighters.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Wed, 14 Dec 2022 07:27:00 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
icon__phone--white.svg
www.fraudfighters.net/wp-content/themes/theme__tzlegal--child--ff/images/ 		339 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fraudfighters.net/wp-content/themes/theme__tzlegal--child--ff/images/icon__phone--white.svg
Requested by
Host: www.fraudfighters.net
URL: https://www.fraudfighters.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a9574b903d2be44dec2888e2d94199e502b9d6db025584a37c0cc124746988d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fraudfighters.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 07:27:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 29 Sep 2022 02:16:54 GMT
server
cloudflare
age
1221
etag
W/"63350016-153"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
779536ed08d0bb41-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
bg-hero-default-5.jpg
www.fraudfighters.net/wp-content/themes/theme__tzlegal--child--ff/images/ 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fraudfighters.net/wp-content/themes/theme__tzlegal--child--ff/images/bg-hero-default-5.jpg
Requested by
Host: www.fraudfighters.net
URL: https://www.fraudfighters.net/wp-content/themes/theme__tzlegal--child--ff/styles/css/style-noncritical.min.css?v=1669872835
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
554b8325c9064b050d113d327df6699d54bf4adb591ba952fc32e0a292b1f74b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fraudfighters.net/wp-content/themes/theme__tzlegal--child--ff/styles/css/style-noncritical.min.css?v=1669872835
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 07:27:00 GMT
cf-cache-status
HIT
age
1221
cf-polished
origSize=69842, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
57016
cf-bgj
imgq:100,h2pri
last-modified
Thu, 29 Sep 2022 02:16:55 GMT
server
cloudflare
etag
"63350017-110d2"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
779536ed08d3bb41-FRA
bg-homeStats.jpg
www.fraudfighters.net/wp-content/themes/theme__tzlegal--child--ff/images/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fraudfighters.net/wp-content/themes/theme__tzlegal--child--ff/images/bg-homeStats.jpg
Requested by
Host: www.fraudfighters.net
URL: https://www.fraudfighters.net/wp-content/themes/theme__tzlegal--child--ff/styles/css/style-noncritical.min.css?v=1669872835
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
656571e322cfc16aec200a80b47fda26ea374f51e25f6b149d5814408aaf82ff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fraudfighters.net/wp-content/themes/theme__tzlegal--child--ff/styles/css/style-noncritical.min.css?v=1669872835
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 07:27:00 GMT
cf-cache-status
HIT
age
1221
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
40502
cf-bgj
imgq:100,h2pri
last-modified
Thu, 29 Sep 2022 02:16:54 GMT
server
cloudflare
etag
"63350016-9e36"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
779536ed08d5bb41-FRA
temp_cat-1080.jpg
www.fraudfighters.net/wp-content/themes/theme__tzlegal--child--ff/images/ 		108 KB
108 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fraudfighters.net/wp-content/themes/theme__tzlegal--child--ff/images/temp_cat-1080.jpg
Requested by
Host: www.fraudfighters.net
URL: https://www.fraudfighters.net/wp-content/themes/theme__tzlegal--child--ff/styles/css/style-noncritical.min.css?v=1669872835
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb3f11eece3220e58fa80ba30770bde0188050a4e27911da019396cd9c5bc859

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fraudfighters.net/wp-content/themes/theme__tzlegal--child--ff/styles/css/style-noncritical.min.css?v=1669872835
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 07:27:00 GMT
cf-cache-status
HIT
age
1221
cf-polished
origSize=123910, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
110523
cf-bgj
imgq:100,h2pri
last-modified
Thu, 29 Sep 2022 02:16:54 GMT
server
cloudflare
etag
"63350016-1e406"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
779536ed08d8bb41-FRA
rnCs-xNNww_2s0amA9uCt23BafY.woff2
fonts.gstatic.com/s/spectral/v13/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/spectral/v13/rnCs-xNNww_2s0amA9uCt23BafY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Red+Hat+Display:wght@400;500;700;900&family=Spectral:ital,wght@0,400;0,600;0,700;1,400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d58c060cf169838bef56141d45517cdb20a875d6ca86a3b96ad8a6fea2dbbfd7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.fraudfighters.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 08 Dec 2022 23:20:10 GMT
x-content-type-options
nosniff
age
461210
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23124
x-xss-protection
0
last-modified
Tue, 30 Aug 2022 23:19:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Dec 2023 23:20:10 GMT
rnCs-xNNww_2s0amA9vmtm3BafY.woff2
fonts.gstatic.com/s/spectral/v13/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/spectral/v13/rnCs-xNNww_2s0amA9vmtm3BafY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Red+Hat+Display:wght@400;500;700;900&family=Spectral:ital,wght@0,400;0,600;0,700;1,400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92f247497b41d3c4f28e263e41817f9c9a5c30433c2d322233654049831cc3c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.fraudfighters.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 03:08:00 GMT
x-content-type-options
nosniff
age
15540
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22716
x-xss-protection
0
last-modified
Tue, 30 Aug 2022 22:36:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Dec 2023 03:08:00 GMT
www-player.css
www.youtube.com/s/player/e96685ea/ Frame C204 		360 KB
49 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/e96685ea/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/0i9BGqcJWo4?feature=oembed
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b12df28928ae6402d9d672b356057877a9829fb5701e913e162c03774ab4cec7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/0i9BGqcJWo4?feature=oembed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 01:02:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
23097
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49901
x-xss-protection
0
last-modified
Mon, 12 Dec 2022 01:16:42 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 14 Dec 2023 01:02:03 GMT
www-embed-player.js
www.youtube.com/s/player/e96685ea/www-embed-player.vflset/ Frame C204 		315 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/e96685ea/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/0i9BGqcJWo4?feature=oembed
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a491c56726826ca847ad1bf4e52b42c9b45fc1892491b954f3d14eed4da49580
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/0i9BGqcJWo4?feature=oembed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 18:41:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
132352
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
99486
x-xss-protection
0
last-modified
Mon, 12 Dec 2022 01:16:42 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 12 Dec 2023 18:41:08 GMT
base.js
www.youtube.com/s/player/e96685ea/player_ias.vflset/de_DE/ Frame C204 		2 MB
586 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/e96685ea/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/0i9BGqcJWo4?feature=oembed
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba7eef81c1b81bfba6ae3137cd7c58c3f65dcce009fe916f24d7dfec23e77c9d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/0i9BGqcJWo4?feature=oembed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 18:41:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
132352
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
599544
x-xss-protection
0
last-modified
Mon, 12 Dec 2022 01:16:42 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 12 Dec 2023 18:41:08 GMT
fetch-polyfill.js
www.youtube.com/s/player/e96685ea/fetch-polyfill.vflset/ Frame C204 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/e96685ea/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/0i9BGqcJWo4?feature=oembed
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/0i9BGqcJWo4?feature=oembed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 18:41:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
132352
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2786
x-xss-protection
0
last-modified
Mon, 12 Dec 2022 01:16:42 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 12 Dec 2023 18:41:08 GMT
collect
www.google-analytics.com/j/ 		4 B
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=162060304&t=pageview&_s=1&dl=https%3A%2F%2Fwww.fraudfighters.net%2F&ul=en-us&de=UTF-8&dt=Whistleblower%20Lawyers%20%7C%20Healthcare%2C%20Bank%2C%20and%20Securities%20Fraud%20%7C%20Fraud%20Fighters&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1744461425&gjid=2048504360&cid=1446352117.1671002821&tid=UA-12475202-1&_gid=1483728786.1671002821&_r=1&_slc=1&z=95403335
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.fraudfighters.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 07:27:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.fraudfighters.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1018418463/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1018418463/?random=1671002820815&cv=9&fst=1671002820815&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.fraudfighters.net%2F&tiba=Whistleblower%20Lawyers%20%7C%20Healthcare%2C%20Bank%2C%20and%20Securities%20Fraud%20%7C%20Fraud%20Fighters&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09a4d772733a05a9611b5f5957b0b2af2b6c6b3937491e1a1f32092cd1f937b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fraudfighters.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 07:27:01 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
971
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame C204 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/0i9BGqcJWo4?feature=oembed
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 11:55:05 GMT
x-content-type-options
nosniff
age
415915
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Dec 2023 11:55:05 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame C204 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/0i9BGqcJWo4?feature=oembed
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 22:21:19 GMT
x-content-type-options
nosniff
age
119141
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Dec 2023 22:21:19 GMT
insight.old.min.js
snap.licdn.com/li.lms-analytics/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
641153b2ad78e5d095645419060a4ea0854b1b3ec5ff27e99644c9f8d461610c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fraudfighters.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 07:27:00 GMT
content-encoding
gzip
last-modified
Tue, 13 Dec 2022 16:10:50 GMT
x-cdn
AKAM
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=31685
accept-ranges
bytes
content-length
4581
navi.min.js
navi.lawmatics.com/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://navi.lawmatics.com/navi.min.js?t=1671062400000
Requested by
Host: www.fraudfighters.net
URL: https://www.fraudfighters.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-16.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
38cd9473808d867e421bb58518b2e7e5ff0c091a656340f8777dce4693f0543c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fraudfighters.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 18:20:11 GMT
x-amz-version-id
Vdzv1BEK6LbK0n0smGvUwDKw5okYVGT_
content-encoding
gzip
last-modified
Fri, 09 Jul 2021 19:37:46 GMT
server
AmazonS3
via
1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
etag
W/"785bbdc8399ba641f437586791fa0516"
age
31410411
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
ts8LRBwcyCeBYzcTEhmR79hyAacgPS5Y7FI9k0HON6Ao-vWIWIzJ-A==
app.js
acsbapp.com/apps/app/dist/js/ 		430 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acsbapp.com/apps/app/dist/js/app.js
Requested by
Host: www.fraudfighters.net
URL: https://www.fraudfighters.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
83.229.67.229 New York, United States, ASN36007 (KAMATERA, US),
Reverse DNS
Software
/
Resource Hash
5eee1bc0d03165ecdd380a9f7c30355b3b6ea1ce09276f84e90f2c6ec0d8f8d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fraudfighters.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 07:27:01 GMT
content-encoding
br
last-modified
Tue, 13 Dec 2022 15:26:43 GMT
etag
"6b70b-639899b3-d1b56a530dd18ff6;br"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=432000 public
accept-ranges
bytes
access-control-allow-headers
*
content-length
142937
expires
Thu, 15 Dec 2022 07:27:01 GMT
swap_session.json
js.callrail.com/group/0/4b11b1c8dcaab040965d/12/ 		297 B
797 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://js.callrail.com/group/0/4b11b1c8dcaab040965d/12/swap_session.json
Requested by
Host: cdn.callrail.com
URL: https://cdn.callrail.com/companies/946844853/4b11b1c8dcaab040965d/12/swap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-107.fra56.r.cloudfront.net
Software
/
Resource Hash
aad82bcd03479151132811a61c6d33c40aaae5f11ee9652e463656069327ea93

Request headers

Accept
application/json
Referer
https://www.fraudfighters.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

x-runtime
0.062313
date
Wed, 14 Dec 2022 07:27:01 GMT
via
1.1 8e83c42d247a31c5b365c08a0352d8f8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
etag
W/"aad82bcd03479151132811a61c6d33c4"
access-control-max-age
7200
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-cache
Miss from cloudfront
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
vary
Origin
x-amz-cf-id
3wCDlQFusY-aBE3FjsIxtMVktqgNDUuAZBNKXZ1GEv0lS47_17A_9w==
x-request-id
fbd1ba7c-77d5-479f-bc86-95cd4b19432a
FF-Video-Preview.png
www.fraudfighters.net/wp-content/uploads/2021/01/ 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fraudfighters.net/wp-content/uploads/2021/01/FF-Video-Preview.png
Requested by
Host: www.fraudfighters.net
URL: https://www.fraudfighters.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3fdeefcd0da4d42c80f0470737bd7a04798773dffbb32f48cdfe82f68c4bb25

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fraudfighters.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 07:27:00 GMT
cf-cache-status
HIT
age
1221
cf-polished
origFmt=png, origSize=115264
content-disposition
inline; filename="FF-Video-Preview.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
58570
cf-bgj
imgq:100,h2pri
last-modified
Fri, 21 Jan 2022 15:41:10 GMT
server
cloudflare
etag
"61ead416-1c240"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
779536eebc66bb41-FRA
id
googleads.g.doubleclick.net/pagead/ Frame C204
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
146 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/0i9BGqcJWo4?feature=oembed
Protocol
H3
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
31fe4febeb4cc639f91f57ad50008a02cc15d99ddc7599a92b63b280bccd4b85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 07:27:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 14 Dec 2022 07:27:01 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame C204 		29 B
587 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/e96685ea/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 07:18:31 GMT
x-content-type-options
nosniff
age
510
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 14 Dec 2022 07:33:31 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame C204 		66 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/e96685ea/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c2fe6cc4a7b81af35f8e54142b46360a0aaa6045db769504b4a706a8bb9692d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Wed, 14 Dec 2022 07:27:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30858
x-xss-protection
0
remote.js
www.youtube.com/s/player/e96685ea/player_ias.vflset/de_DE/ Frame C204 		119 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/e96685ea/player_ias.vflset/de_DE/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/e96685ea/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2715d7400fc9d49eca775ec3a8814267b28be978f14edc9f4458ae9789605a38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/0i9BGqcJWo4?feature=oembed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 18:41:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
132341
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37377
x-xss-protection
0
last-modified
Mon, 12 Dec 2022 01:16:42 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 12 Dec 2023 18:41:20 GMT
G-wi0KRrIjmTWIDOn44AFVMvZ_aKLO1c96DfwAE3d4M.js
www.google.com/js/th/ Frame C204 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/G-wi0KRrIjmTWIDOn44AFVMvZ_aKLO1c96DfwAE3d4M.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/e96685ea/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1bec22d0a46b2239935880ce9f8e0015532f67f68a2ced5cf7a0dfc001377783
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 16:31:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
140112
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14211
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 10:00:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 12 Dec 2023 16:31:49 GMT
embed.js
www.youtube.com/s/player/e96685ea/player_ias.vflset/de_DE/ Frame C204 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/e96685ea/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/e96685ea/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f19f656dbb9200aa6cae2b6ae01fcb162c03c0738be116c35d9549c93b7398b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/0i9BGqcJWo4?feature=oembed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 18:41:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
132352
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8307
x-xss-protection
0
last-modified
Mon, 12 Dec 2022 01:16:42 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 12 Dec 2023 18:41:09 GMT
truncated
/ Frame C204 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/png
x9Dd8AKS7qMWmcgT67IyhoTEpFFWGlUHIonEy9iw7CHqfpXB3GP8JQnhJ_En9sYgfO9WGbyw=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame C204 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/x9Dd8AKS7qMWmcgT67IyhoTEpFFWGlUHIonEy9iw7CHqfpXB3GP8JQnhJ_En9sYgfO9WGbyw=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/0i9BGqcJWo4?feature=oembed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
cb7a8ab565840ac35e4e199fb2e3de7eac157cf613d7f7603b6acffd3a414da2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 07:27:01 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="channels4_profile.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1710
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 15 Dec 2022 03:25:17 GMT
maxresdefault.webp
i.ytimg.com/vi_webp/0i9BGqcJWo4/ Frame C204 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/0i9BGqcJWo4/maxresdefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/0i9BGqcJWo4?feature=oembed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
758518799295d2081d50b64b0a0ee10bf80382f5b636b0c69fe3d59c8f9a7ea3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 05:32:52 GMT
x-content-type-options
nosniff
age
6849
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25234
x-xss-protection
0
server
sffe
etag
"0"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 14 Dec 2022 07:32:52 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.7.1/ 		92 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
Requested by
Host: www.apex.live
URL: https://www.apex.live/scripts/invitation.ashx?company=tyckozav
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fraudfighters.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 17:53:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
308008
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33333
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 10 Dec 2023 17:53:33 GMT
pinghandler.ashx
www.apex.live/handlers/slim/ 		48 B
471 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.apex.live/handlers/slim/pinghandler.ashx?company=tyckozav&ecid=GRvvPJFxN8q2FKo2CVOm1KYV3ymK/QyuEhX6XAZKRqhlofe0fLZn/fA=&visitorId=undefined&agentAliasId=7972&operatorId=undefined&profileId=449623&gclid=&gs=&gm=&gc=&chatId=null&invitationVersion=2&chatMode=2&originalReferrer=
Requested by
Host: www.apex.live
URL: https://www.apex.live/scripts/invitation.ashx?company=tyckozav
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:467a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
107d31aa9296b14aa7b187f9fdba6cb2803ff6610fb176c3a3dd424168d6a0f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fraudfighters.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 07:27:01 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-length
165
x-ua-compatible
IE=edge
request-context
appId=cid-v1:1063dcea-9f69-45d6-9f3e-65688f6e6a4f
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
POST,GET,OPTIONS,PUT,DELETE
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kZbs6RHWlP2NbuhBnoHDweiYAgq2Dw0BPw0rlDwyN8UrgI3xZ9h8bAPC5LnQxiDj5QxzkNZ4gcUp%2FVW3LP%2FegRNB0%2B4YzbotLY2%2FxJNF1pmvzWQpTF96JSLBiLQdT8P2HDq8c0Zl5aLmsuk%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
Request-Context
cache-control
private,no-transform
cf-ray
779536f09f269baa-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, referring-domain, apexchat-username, apexchat-password, apexchat-company, Authorization
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Wed, 14 Dec 2022 07:27:01 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
collect
stats.g.doubleclick.net/j/ 		4 B
446 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-12475202-1&cid=1446352117.1671002821&jid=1744461425&gjid=2048504360&_gid=1483728786.1671002821&_u=IEBAAEAAAAAAACAAI~&z=1058393413
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.fraudfighters.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 14 Dec 2022 07:27:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.fraudfighters.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
token
cdn.linkedin.oribi.io/partner/1378274,3965985/domain/fraudfighters.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cdn.linkedin.oribi.io/partner/1378274,3965985/domain/fraudfighters.net/token
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:6e00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.fraudfighters.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
1800
age
10632
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Wed, 14 Dec 2022 04:29:49 GMT
via
1.1 28ccbefb54459137bb0b0d946fd75e48.cloudfront.net (CloudFront)
x-amz-cf-id
LpEEphNyKwDaUOjlEXlVKNuEbMK3qWcXYg-bYRdzcwmy4ZpttK8kYA==
x-amz-cf-pop
FRA56-C1
x-cache
Hit from cloudfront
token
cdn.linkedin.oribi.io/partner/1378274,3965985/domain/fraudfighters.net/ 		36 B
399 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.linkedin.oribi.io/partner/1378274,3965985/domain/fraudfighters.net/token
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:6e00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept
*
Referer
https://www.fraudfighters.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 14 Dec 2022 07:07:37 GMT
content-encoding
gzip
via
1.1 28ccbefb54459137bb0b0d946fd75e48.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
age
1164
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=3600
x-amz-cf-id
GHaG-muoGt0sMfTTRsfcpS5QAMUbv4cJiM4BFLzw9ud8XYoVr6FI_w==
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3965985%2C1378274&time=1671002821774&url=https%3A%2F%2Fwww.fraudfighters.net%2F
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3965985%252C1378274%26time%3D1671002821774%26url%3Dhttps%253A%252F%252Fwww.fraudf...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3965985%2C1378274&time=1671002821774&url=https%3A%2F%2Fwww.fraudfighters.net%2F&liSync=true
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3965985%2C1378274&time=1671002821774&url=https%3A%2F%2Fwww.fraudfighters.net%2F&liSync=true&e_ipv6=AQKl4eERPouFhwAAAYUPh5ZSvjoQfZNdyUnblKbwXHVH41...
0
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3965985%2C1378274&time=1671002821774&url=https%3A%2F%2Fwww.fraudfighters.net%2F&liSync=true&e_ipv6=AQKl4eERPouFhwAAAYUPh5ZSvjoQfZNdyUnblKbwXHVH41eEsDl-P2wihyO69RsA2SH7UH6Hl3Q_g6MwTGZPeMUdudFAZg
Requested by
Host: www.fraudfighters.net
URL: https://www.fraudfighters.net/
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fraudfighters.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 07:27:02 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: A3EB082797074AA9A3706BD5BF0F7958 Ref B: FRAEDGE1105 Ref C: 2022-12-14T07:27:02Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXvxKmlLD4D9PCN0orlTQ==

Redirect headers

date
Wed, 14 Dec 2022 07:27:01 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 6AF88BC2E2E64482897259B7AAB0F1AE Ref B: VIEEDGE1308 Ref C: 2022-12-14T07:27:02Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3965985%2C1378274&time=1671002821774&url=https%3A%2F%2Fwww.fraudfighters.net%2F&liSync=true&e_ipv6=AQKl4eERPouFhwAAAYUPh5ZSvjoQfZNdyUnblKbwXHVH41eEsDl-P2wihyO69RsA2SH7UH6Hl3Q_g6MwTGZPeMUdudFAZg
x-li-proto
http/2
content-length
0
x-li-uuid
AAXvxKmjAY29sR+KDBkzhA==
token
cdn.linkedin.oribi.io/partner/1378274,3965985/domain/fraudfighters.net/ 		36 B
399 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.linkedin.oribi.io/partner/1378274,3965985/domain/fraudfighters.net/token
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:6e00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept
*
Referer
https://www.fraudfighters.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 14 Dec 2022 07:07:37 GMT
content-encoding
gzip
via
1.1 28ccbefb54459137bb0b0d946fd75e48.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
age
1164
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=3600
x-amz-cf-id
HAamgwshxXWLpa6J3UX_jz1H9ynW2lJ0cP5_DC3exfDJ2yyYmSzk4w==
token
cdn.linkedin.oribi.io/partner/1378274,3965985/domain/fraudfighters.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cdn.linkedin.oribi.io/partner/1378274,3965985/domain/fraudfighters.net/token
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:6e00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.fraudfighters.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
1800
age
10632
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Wed, 14 Dec 2022 04:29:49 GMT
via
1.1 28ccbefb54459137bb0b0d946fd75e48.cloudfront.net (CloudFront)
x-amz-cf-id
7aEHkjAeJOWnJjVA_QBUlJErIGX__gvudhnhj7VhfIfpbV2_syHhGw==
x-amz-cf-pop
FRA56-C1
x-cache
Hit from cloudfront
pixel
api.lawmatics.com/v1/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://api.lawmatics.com/v1/pixel?id=a510da6c-7866-4063-9d91-143bf2f70b2c&uid=2-r83fnn9c-lbnbxp7t&ev=pageload&ed=&v=2&dl=https%253A%252F%252Fwww.fraudfighters.net%252F&rl=&ts=1671002820863&de=UTF-8&sr=1600x1200&vp=1600x1200&cd=24&dt=Whistleblower%2520Lawyers%2520%257C%2520Healthcare%252C%2520Bank%252C%2520and%2520Securities%2520Fraud%2520%257C%2520Fraud%2520Fighters&bn=Chrome%2520108&md=false&ua=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F108.0.5359.98%2520Safari%252F537.36&utm_source=&utm_medium=&utm_term=&utm_content=&utm_campaign=
Requested by
Host: navi.lawmatics.com
URL: https://navi.lawmatics.com/navi.min.js?t=1671062400000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.241.113.118 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-241-113-118.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fraudfighters.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame C204 		90 B
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/e96685ea/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a74918f8cd6250072580617b40ddeaaa01e43a94cc278900a063cba0648498a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Wed, 14 Dec 2022 07:27:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
110
x-xss-protection
0
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-12475202-1&cid=1446352117.1671002821&jid=1744461425&_u=IEBAAEAAAAAAACAAI~&z=1003319805
Requested by
Host: www.fraudfighters.net
URL: https://www.fraudfighters.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fraudfighters.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 07:27:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-12475202-1&cid=1446352117.1671002821&jid=1744461425&_u=IEBAAEAAAAAAACAAI~&z=1003319805
Requested by
Host: www.fraudfighters.net
URL: https://www.fraudfighters.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fraudfighters.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 07:27:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Wed, 14 Dec 2022 07:27:01 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame C204 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/e96685ea/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 07:27:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 14 Dec 2022 07:27:01 GMT
bubble.png
apex.live//themes/skinnable/invitation/ Frame D6E3 		606 B
999 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apex.live//themes/skinnable/invitation/bubble.png
Requested by
Host: www.fraudfighters.net
URL: https://www.fraudfighters.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:467a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
3ac6eaebf7ae9ca22e3de595088bcc4cf380922ca912cac6c22d83494dd89604

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fraudfighters.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 07:27:02 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4778
x-powered-by
ASP.NET
content-length
606
x-ua-compatible
IE=edge
request-context
appId=cid-v1:1063dcea-9f69-45d6-9f3e-65688f6e6a4f
last-modified
Tue, 06 Dec 2022 08:35:38 GMT
server
cloudflare
etag
"0a981b74d9d91:0"
vary
Accept-Encoding
access-control-allow-methods
POST,GET,OPTIONS,PUT,DELETE
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E0Bx3HM7SYkI7gr9vqUGORQV71ue9CCpXoU%2B%2BXj%2Bg4f6rG4q9UmB9hdtv%2BYkQhqofSG23qJESasC4Ngz4aeWts5nbtUqFWmgm%2BpMHGsb6jfwk3GPcz42l55uKXwa18BElmet4WcTGA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
Request-Context
cache-control
max-age=14400, no-transform
accept-ranges
bytes
cf-ray
779536f5993c9baa-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, referring-domain, apexchat-username, apexchat-password, apexchat-company, Authorization
icap.js
js.callrail.com/group/0/4b11b1c8dcaab040965d/12/ 		22 B
379 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.callrail.com/group/0/4b11b1c8dcaab040965d/12/icap.js?t=1671002822001&GoogleAnalytics__ga=GA1.2.1446352117.1671002821&ga=GA1.2.1446352117.1671002821&uuid=d157ce22-bf00-40b1-bcc2-f2765ab8a251&ids%5B%5D=946844853
Requested by
Host: cdn.callrail.com
URL: https://cdn.callrail.com/companies/946844853/4b11b1c8dcaab040965d/12/swap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-84.fra56.r.cloudfront.net
Software
/
Resource Hash
1643b5cec44cc597bc2cce3448ce5434241eec9b92db8af268ee3ee1f198441d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fraudfighters.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-runtime
0.018575
date
Wed, 14 Dec 2022 07:27:02 GMT
via
1.1 103eb504d36d97c9f30550032223d996.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
etag
W/"1643b5cec44cc597bc2cce3448ce5434"
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=0, private, must-revalidate
x-amz-cf-id
OWfKEJ7_oTZKf4z9f0HsQAa4jc865U-31OCWgvQCSHbnDBzEcfgrHA==
x-request-id
d72330f8-f9cc-4ca0-b76d-80f383c1b58b
pinghandler.ashx
apex.live/handlers/slim/ 		24 B
911 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.live/handlers/slim/pinghandler.ashx?logType=shown&visitorId=1269310340&company=tyckozav
Requested by
Host: www.apex.live
URL: https://www.apex.live/scripts/invitation.ashx?company=tyckozav
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:848 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
3f350cf5d0700159b35356a392b66810a0051503b8221a091b68bc50732f7232

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fraudfighters.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 07:27:02 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-length
140
x-ua-compatible
IE=edge
request-context
appId=cid-v1:1063dcea-9f69-45d6-9f3e-65688f6e6a4f
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
POST,GET,OPTIONS,PUT,DELETE
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bom4zo%2FN%2BIkCaZLzjSS%2BeRYB1ZE9bnig4psjbPwF16e5IS1%2FgnRy2V4cwOJdXiHMBi46gEmL0JoHDuCIu8JWp0X5%2BqZ1K8SPz3mTUBwJ00L%2Br79OOQZZpYj5eiBmbz3blPQreMt7Ww%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
Request-Context
cache-control
private,no-transform
cf-ray
779536f5f8babbd1-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, referring-domain, apexchat-username, apexchat-password, apexchat-company, Authorization
/
www.google.com/pagead/1p-user-list/1018418463/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1018418463/?random=1671002820815&cv=9&fst=1671001200000&num=1&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.fraudfighters.net%2F&tiba=Whistleblower%20Lawyers%20%7C%20Healthcare%2C%20Bank%2C%20and%20Securities%20Fraud%20%7C%20Fraud%20Fighters&fmt=3&is_vtc=1&random=4098991792&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.fraudfighters.net
URL: https://www.fraudfighters.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fraudfighters.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 07:27:02 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1018418463/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/1018418463/?random=1671002820815&cv=9&fst=1671001200000&num=1&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.fraudfighters.net%2F&tiba=Whistleblower%20Lawyers%20%7C%20Healthcare%2C%20Bank%2C%20and%20Securities%20Fraud%20%7C%20Fraud%20Fighters&fmt=3&is_vtc=1&random=4098991792&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.fraudfighters.net
URL: https://www.fraudfighters.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fraudfighters.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 07:27:02 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
www.youtube.com/ Frame C204 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?uqp5TA
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/0i9BGqcJWo4?feature=oembed
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/0i9BGqcJWo4?feature=oembed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 07:27:02 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
cast_sender.js
www.gstatic.com/eureka/clank/108/ Frame C204 		52 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/108/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a174ce3d0e66cfea95ba4288c928291b37bd679f3044ac1a7f4dc3958036be11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 19:50:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41787
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15164
x-xss-protection
0
last-modified
Tue, 08 Nov 2022 00:45:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Wed, 14 Dec 2022 19:50:35 GMT
config.json
cdn.acsbapp.com/cache/app/fraudfighters.net/ 		159 B
346 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.acsbapp.com/cache/app/fraudfighters.net/config.json
Requested by
Host: acsbapp.com
URL: https://acsbapp.com/apps/app/dist/js/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.238.215.8 New York, United States, ASN36007 (KAMATERA, US),
Reverse DNS
mail.shweeng.com
Software
/
Resource Hash
b7980d9b05401770d606d88e2e3018d2e87b055240222eb024f292109d6a5705

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fraudfighters.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 07:27:02 GMT
last-modified
Wed, 14 Dec 2022 07:26:15 GMT
etag
"9f-63997a97-d2484a9bf8568c93;;;"
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=432000 public
accept-ranges
bytes
access-control-allow-headers
*
content-length
159
expires
Thu, 15 Dec 2022 07:27:02 GMT
ajax-loader.gif
www.fraudfighters.net/wp-content/themes/tz-legal-theme/styles/css/ 		548 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fraudfighters.net/wp-content/themes/tz-legal-theme/styles/css/ajax-loader.gif
Requested by
Host: www.fraudfighters.net
URL: https://www.fraudfighters.net/wp-content/themes/tz-legal-theme/styles/css/style-noncritical.min.css?v=1666215705
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fraudfighters.net/wp-content/themes/tz-legal-theme/styles/css/style-noncritical.min.css?v=1666215705
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 07:27:02 GMT
content-encoding
br
cf-cache-status
EXPIRED
server
cloudflare
vary
Accept-Encoding, Accept-Encoding
content-type
text/html
cf-ray
779536fa3a74bb41-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
placeholder.gif
www.fraudfighters.net/wp-content/themes/tz-legal-theme/images/ 		0
0
FF-Attorneys-Composite-2022.png
www.fraudfighters.net/wp-content/uploads/2022/04/ 		150 KB
150 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fraudfighters.net/wp-content/uploads/2022/04/FF-Attorneys-Composite-2022.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a147ef2aea5ea0484e80d1ab75f19478cd68292b4c3eab38388df5a30df646e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fraudfighters.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 07:27:02 GMT
cf-cache-status
HIT
age
1222
cf-polished
origFmt=png, origSize=244510
content-disposition
inline; filename="FF-Attorneys-Composite-2022.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
153436
cf-bgj
imgq:100,h2pri
last-modified
Thu, 28 Apr 2022 18:41:00 GMT
server
cloudflare
etag
"626adfbc-3bb1e"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
779536fa8b19bb41-FRA
us-supreme-court-building-g6afdb2079_1920-368x155.jpg
www.fraudfighters.net/wp-content/uploads/2022/12/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fraudfighters.net/wp-content/uploads/2022/12/us-supreme-court-building-g6afdb2079_1920-368x155.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
230246d9db25ba863e09b1b31278d78c6c2139d0a6752fdeb50ab56d9e09af12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fraudfighters.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 07:27:02 GMT
cf-cache-status
HIT
age
1221
cf-polished
origSize=14915, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14450
cf-bgj
imgq:100,h2pri
last-modified
Fri, 09 Dec 2022 14:26:27 GMT
server
cloudflare
etag
"63934593-3a43"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
779536fb5ce0bb41-FRA
en.build.json
cdn.acsbapp.com/cache/app/ 		238 KB
25 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.acsbapp.com/cache/app/en.build.json
Requested by
Host: acsbapp.com
URL: https://acsbapp.com/apps/app/dist/js/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.238.215.8 New York, United States, ASN36007 (KAMATERA, US),
Reverse DNS
mail.shweeng.com
Software
/
Resource Hash
6181a9f3734287cd58b4fecf0b7e1199f34f8531f099f9ba28ab8fa31fdb737d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fraudfighters.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 07:27:03 GMT
content-encoding
br
last-modified
Tue, 13 Dec 2022 15:28:04 GMT
etag
"3b8a8-63989a04-f776a7c36c953f51;br"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=432000 public
accept-ranges
bytes
access-control-allow-headers
*
content-length
25890
expires
Thu, 15 Dec 2022 07:27:03 GMT
Screen-Shot-2022-12-05-at-2.27.48-PM-368x155.png
www.fraudfighters.net/wp-content/uploads/2022/12/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fraudfighters.net/wp-content/uploads/2022/12/Screen-Shot-2022-12-05-at-2.27.48-PM-368x155.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
47703f1466f050b1e24522fc42094c829aad94b663af9c03db5d5784835461bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fraudfighters.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 07:27:03 GMT
cf-cache-status
HIT
age
1222
cf-polished
origFmt=png, origSize=73130
content-disposition
inline; filename="Screen-Shot-2022-12-05-at-2.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
48164
cf-bgj
imgq:100,h2pri
last-modified
Mon, 05 Dec 2022 19:28:55 GMT
server
cloudflare
etag
"638e4677-11daa"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
779536fc2eccbb41-FRA
Screen-Shot-2022-12-05-at-1.30.01-PM-368x155.png
www.fraudfighters.net/wp-content/uploads/2022/12/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fraudfighters.net/wp-content/uploads/2022/12/Screen-Shot-2022-12-05-at-1.30.01-PM-368x155.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
680af9dcfe01e1988835b9d113d41956ea536b30ed257e405e546bda6b9d4206

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fraudfighters.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 07:27:03 GMT
cf-cache-status
HIT
age
1222
cf-polished
origFmt=png, origSize=97850
content-disposition
inline; filename="Screen-Shot-2022-12-05-at-1.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
58906
cf-bgj
imgq:100,h2pri
last-modified
Mon, 05 Dec 2022 18:31:00 GMT
server
cloudflare
etag
"638e38e4-17e3a"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
779536fcf876bb41-FRA
logomono.svg
web1.acsbapp.com/apps/app/dist/media/ 		4 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web1.acsbapp.com/apps/app/dist/media/logomono.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
138.128.247.123 New York, United States, ASN36007 (KAMATERA, US),
Reverse DNS
Software
/
Resource Hash
eded00575f65de726a63f811022d119ed582721233e74343735cad53930c2a76

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fraudfighters.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 07:27:03 GMT
content-encoding
br
last-modified
Mon, 26 Sep 2022 21:02:04 GMT
etag
"1034-6332134c-7705bf7dfc5e498d;br"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=432000 public
accept-ranges
bytes
access-control-allow-headers
*
content-length
1210
expires
Thu, 14 Dec 2023 07:27:03 GMT
pexels-burak-the-weekender-186461-368x155.jpg
www.fraudfighters.net/wp-content/uploads/2022/10/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fraudfighters.net/wp-content/uploads/2022/10/pexels-burak-the-weekender-186461-368x155.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e622cc24908e66b3e0d061260c3227154e05c8c2ca8d44f5cc3b8c930a531dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fraudfighters.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 07:27:03 GMT
cf-cache-status
HIT
age
1222
cf-polished
origSize=11905, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8678
cf-bgj
imgq:100,h2pri
last-modified
Tue, 04 Oct 2022 20:13:35 GMT
server
cloudflare
etag
"633c93ef-2e81"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
779536fdda1fbb41-FRA
Whistleblower-Laws-368x155.webp
www.fraudfighters.net/wp-content/uploads/2022/11/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fraudfighters.net/wp-content/uploads/2022/11/Whistleblower-Laws-368x155.webp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
55f20064287013b19f6c5d0131714e6c7e4baf1758056207f9d0214643cffff6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fraudfighters.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 07:27:03 GMT
cf-cache-status
HIT
last-modified
Wed, 16 Nov 2022 16:33:44 GMT
server
cloudflare
age
1222
etag
"637510e8-1d6e"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
779536feabbfbb41-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7534
tim-bechervaise-vxxI0jBmkJM-unsplash780-368x155.png
www.fraudfighters.net/wp-content/uploads/2022/11/ 		59 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fraudfighters.net/wp-content/uploads/2022/11/tim-bechervaise-vxxI0jBmkJM-unsplash780-368x155.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f913ebbd1ce279e8c5415bdd340888b3c8b9b7f93a7b51c458d672bc5b157ac2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fraudfighters.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 07:27:03 GMT
cf-cache-status
HIT
age
1221
cf-polished
origFmt=png, origSize=73757
content-disposition
inline; filename="tim-bechervaise-vxxI0jBmkJM-unsplash780-368x155.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
60924
cf-bgj
imgq:100,h2pri
last-modified
Thu, 10 Nov 2022 14:46:53 GMT
server
cloudflare
etag
"636d0edd-1201d"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
779536ff7d90bb41-FRA
matt-bero-Psb3lhbiyac-unsplash780-368x155.png
www.fraudfighters.net/wp-content/uploads/2022/11/ 		79 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fraudfighters.net/wp-content/uploads/2022/11/matt-bero-Psb3lhbiyac-unsplash780-368x155.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
eaf9c7672edd0b8944d206a57ee5f082c53fc5940fb31e4d309ec3cc128e0fd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fraudfighters.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 07:27:03 GMT
cf-cache-status
HIT
age
1221
cf-polished
origFmt=png, origSize=112681
content-disposition
inline; filename="matt-bero-Psb3lhbiyac-unsplash780-368x155.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
81324
cf-bgj
imgq:100,h2pri
last-modified
Tue, 08 Nov 2022 14:17:13 GMT
server
cloudflare
etag
"636a64e9-1b829"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
779537005f3dbb41-FRA
word-writing-text-government-contract-business-concept-agreement-process-to-sell-services-administration-130134302-368x155.jpeg
www.fraudfighters.net/wp-content/uploads/2022/10/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fraudfighters.net/wp-content/uploads/2022/10/word-writing-text-government-contract-business-concept-agreement-process-to-sell-services-administration-130134302-368x155.jpeg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3133652ae2cf0f1294e53fc638d0f8f52ff53e4bf3b562d9311c9684449bb578

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fraudfighters.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 07:27:03 GMT
cf-cache-status
HIT
age
1221
cf-polished
origSize=13305, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12952
cf-bgj
imgq:100,h2pri
last-modified
Wed, 26 Oct 2022 20:55:46 GMT
server
cloudflare
etag
"63599ed2-33f9"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7795370128d7bb41-FRA
robert-stemler-VtMdZFGCWuI-unsplash780-368x155.png
www.fraudfighters.net/wp-content/uploads/2022/10/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fraudfighters.net/wp-content/uploads/2022/10/robert-stemler-VtMdZFGCWuI-unsplash780-368x155.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6df69852ba7afceae5b46085fec8dae38d18422f04102becd80c8be1e16a136

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fraudfighters.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 07:27:04 GMT
cf-cache-status
HIT
age
1222
cf-polished
origFmt=png, origSize=51276
content-disposition
inline; filename="robert-stemler-VtMdZFGCWuI-unsplash780-368x155.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
29236
cf-bgj
imgq:100,h2pri
last-modified
Tue, 25 Oct 2022 12:50:28 GMT
server
cloudflare
etag
"6357db94-c84c"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
779537020a9ebb41-FRA
mockup-graphics-i1iqQRLULlg-unsplash780-368x155.png
www.fraudfighters.net/wp-content/uploads/2022/10/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fraudfighters.net/wp-content/uploads/2022/10/mockup-graphics-i1iqQRLULlg-unsplash780-368x155.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
631e06ba4d16dc09aa8f85c3cc291aaeb19fbc7366bd82e277e4d7a745785e96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fraudfighters.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 07:27:04 GMT
cf-cache-status
HIT
age
1221
cf-polished
origFmt=png, origSize=68402
content-disposition
inline; filename="mockup-graphics-i1iqQRLULlg-unsplash780-368x155.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
45320
cf-bgj
imgq:100,h2pri
last-modified
Thu, 20 Oct 2022 13:40:53 GMT
server
cloudflare
etag
"63514fe5-10b32"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
77953702dc56bb41-FRA
log_event
www.youtube.com/youtubei/v1/ Frame C204 		28 B
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/e96685ea/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
X-Goog-Request-Time
1671002824223
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/0i9BGqcJWo4?feature=oembed
X-YouTube-Client-Version
1.20221211.00.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtkcWZyVkU2U1hxZyjE9eWcBg%3D%3D
X-YouTube-Ad-Signals
dt=1671002820905&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C671%2C377&vis=1&wgl=true&ca_type=image

Response headers

date
Wed, 14 Dec 2022 07:27:04 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Wed, 14 Dec 2022 07:27:04 GMT
us-supreme-court-building-g6afdb2079_1920-368x155.jpg
www.fraudfighters.net/wp-content/uploads/2022/12/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fraudfighters.net/wp-content/uploads/2022/12/us-supreme-court-building-g6afdb2079_1920-368x155.jpg
Requested by
Host: www.fraudfighters.net
URL: https://www.fraudfighters.net/wp-content/themes/tz-legal-theme/js/scripts.min.js?ver=1664418376
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
230246d9db25ba863e09b1b31278d78c6c2139d0a6752fdeb50ab56d9e09af12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fraudfighters.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 07:27:04 GMT
cf-cache-status
HIT
age
1223
cf-polished
origSize=14915, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14450
cf-bgj
imgq:100,h2pri
last-modified
Fri, 09 Dec 2022 14:26:27 GMT
server
cloudflare
etag
"63934593-3a43"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
77953703addfbb41-FRA
Screen-Shot-2022-12-05-at-2.27.48-PM-368x155.png
www.fraudfighters.net/wp-content/uploads/2022/12/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fraudfighters.net/wp-content/uploads/2022/12/Screen-Shot-2022-12-05-at-2.27.48-PM-368x155.png
Requested by
Host: www.fraudfighters.net
URL: https://www.fraudfighters.net/wp-content/themes/tz-legal-theme/js/scripts.min.js?ver=1664418376
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
47703f1466f050b1e24522fc42094c829aad94b663af9c03db5d5784835461bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fraudfighters.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 07:27:04 GMT
cf-cache-status
HIT
age
1223
cf-polished
origFmt=png, origSize=73130
content-disposition
inline; filename="Screen-Shot-2022-12-05-at-2.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
48164
cf-bgj
imgq:100,h2pri
last-modified
Mon, 05 Dec 2022 19:28:55 GMT
server
cloudflare
etag
"638e4677-11daa"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
779537047fcebb41-FRA
Screen-Shot-2022-12-05-at-1.30.01-PM-368x155.png
www.fraudfighters.net/wp-content/uploads/2022/12/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fraudfighters.net/wp-content/uploads/2022/12/Screen-Shot-2022-12-05-at-1.30.01-PM-368x155.png
Requested by
Host: www.fraudfighters.net
URL: https://www.fraudfighters.net/wp-content/themes/tz-legal-theme/js/scripts.min.js?ver=1664418376
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
680af9dcfe01e1988835b9d113d41956ea536b30ed257e405e546bda6b9d4206

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fraudfighters.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 07:27:04 GMT
cf-cache-status
HIT
age
1223
cf-polished
origFmt=png, origSize=97850
content-disposition
inline; filename="Screen-Shot-2022-12-05-at-1.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
58906
cf-bgj
imgq:100,h2pri
last-modified
Mon, 05 Dec 2022 18:31:00 GMT
server
cloudflare
etag
"638e38e4-17e3a"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7795370559cfbb41-FRA
pexels-burak-the-weekender-186461-368x155.jpg
www.fraudfighters.net/wp-content/uploads/2022/10/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fraudfighters.net/wp-content/uploads/2022/10/pexels-burak-the-weekender-186461-368x155.jpg
Requested by
Host: www.fraudfighters.net
URL: https://www.fraudfighters.net/wp-content/themes/tz-legal-theme/js/scripts.min.js?ver=1664418376
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e622cc24908e66b3e0d061260c3227154e05c8c2ca8d44f5cc3b8c930a531dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fraudfighters.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 07:27:04 GMT
cf-cache-status
HIT
age
1223
cf-polished
origSize=11905, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8678
cf-bgj
imgq:100,h2pri
last-modified
Tue, 04 Oct 2022 20:13:35 GMT
server
cloudflare
etag
"633c93ef-2e81"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
779537062b6ebb41-FRA
Whistleblower-Laws-368x155.webp
www.fraudfighters.net/wp-content/uploads/2022/11/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fraudfighters.net/wp-content/uploads/2022/11/Whistleblower-Laws-368x155.webp
Requested by
Host: www.fraudfighters.net
URL: https://www.fraudfighters.net/wp-content/themes/tz-legal-theme/js/scripts.min.js?ver=1664418376
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
55f20064287013b19f6c5d0131714e6c7e4baf1758056207f9d0214643cffff6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fraudfighters.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 07:27:04 GMT
cf-cache-status
HIT
last-modified
Wed, 16 Nov 2022 16:33:44 GMT
server
cloudflare
age
1223
etag
"637510e8-1d6e"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
77953706fd4cbb41-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7534
mg__7972.png
agent-alias.s3.us-east-2.amazonaws.com/ Frame 1AFA 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://agent-alias.s3.us-east-2.amazonaws.com/mg__7972.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.101.34 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.us-east-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
26437bd7545457a94a6be2ba29e2079c688b4aa140468867ae47f4d235279f78

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fraudfighters.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Wed, 14 Dec 2022 07:27:06 GMT
Last-Modified
Mon, 11 Apr 2022 22:37:58 GMT
Server
AmazonS3
x-amz-request-id
B8WJ03F0YGT418G3
ETag
"2f0478aba536dddb686a3e365566f7bb"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
51469
x-amz-id-2
TQuhRwNnt1Reds5rMXFrPKoAyi1MYEm3vtI0CN07369+1rYMIfosraZaiYfG7Tr/+bc1XEvHU54=
tim-bechervaise-vxxI0jBmkJM-unsplash780-368x155.png
www.fraudfighters.net/wp-content/uploads/2022/11/ 		59 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fraudfighters.net/wp-content/uploads/2022/11/tim-bechervaise-vxxI0jBmkJM-unsplash780-368x155.png
Requested by
Host: www.fraudfighters.net
URL: https://www.fraudfighters.net/wp-content/themes/tz-legal-theme/js/scripts.min.js?ver=1664418376
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f913ebbd1ce279e8c5415bdd340888b3c8b9b7f93a7b51c458d672bc5b157ac2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fraudfighters.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 07:27:04 GMT
cf-cache-status
HIT
age
1222
cf-polished
origFmt=png, origSize=73757
content-disposition
inline; filename="tim-bechervaise-vxxI0jBmkJM-unsplash780-368x155.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
60924
cf-bgj
imgq:100,h2pri
last-modified
Thu, 10 Nov 2022 14:46:53 GMT
server
cloudflare
etag
"636d0edd-1201d"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
77953707df18bb41-FRA
matt-bero-Psb3lhbiyac-unsplash780-368x155.png
www.fraudfighters.net/wp-content/uploads/2022/11/ 		79 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fraudfighters.net/wp-content/uploads/2022/11/matt-bero-Psb3lhbiyac-unsplash780-368x155.png
Requested by
Host: www.fraudfighters.net
URL: https://www.fraudfighters.net/wp-content/themes/tz-legal-theme/js/scripts.min.js?ver=1664418376
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
eaf9c7672edd0b8944d206a57ee5f082c53fc5940fb31e4d309ec3cc128e0fd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fraudfighters.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 07:27:05 GMT
cf-cache-status
HIT
age
1223
cf-polished
origFmt=png, origSize=112681
content-disposition
inline; filename="matt-bero-Psb3lhbiyac-unsplash780-368x155.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
81324
cf-bgj
imgq:100,h2pri
last-modified
Tue, 08 Nov 2022 14:17:13 GMT
server
cloudflare
etag
"636a64e9-1b829"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
77953708a8e1bb41-FRA
word-writing-text-government-contract-business-concept-agreement-process-to-sell-services-administration-130134302-368x155.jpeg
www.fraudfighters.net/wp-content/uploads/2022/10/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fraudfighters.net/wp-content/uploads/2022/10/word-writing-text-government-contract-business-concept-agreement-process-to-sell-services-administration-130134302-368x155.jpeg
Requested by
Host: www.fraudfighters.net
URL: https://www.fraudfighters.net/wp-content/themes/tz-legal-theme/js/scripts.min.js?ver=1664418376
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3133652ae2cf0f1294e53fc638d0f8f52ff53e4bf3b562d9311c9684449bb578

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fraudfighters.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 07:27:05 GMT
cf-cache-status
HIT
age
1223
cf-polished
origSize=13305, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12952
cf-bgj
imgq:100,h2pri
last-modified
Wed, 26 Oct 2022 20:55:46 GMT
server
cloudflare
etag
"63599ed2-33f9"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
779537097a82bb41-FRA
robert-stemler-VtMdZFGCWuI-unsplash780-368x155.png
www.fraudfighters.net/wp-content/uploads/2022/10/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fraudfighters.net/wp-content/uploads/2022/10/robert-stemler-VtMdZFGCWuI-unsplash780-368x155.png
Requested by
Host: www.fraudfighters.net
URL: https://www.fraudfighters.net/wp-content/themes/tz-legal-theme/js/scripts.min.js?ver=1664418376
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6df69852ba7afceae5b46085fec8dae38d18422f04102becd80c8be1e16a136

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fraudfighters.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 07:27:05 GMT
cf-cache-status
HIT
age
1223
cf-polished
origFmt=png, origSize=51276
content-disposition
inline; filename="robert-stemler-VtMdZFGCWuI-unsplash780-368x155.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
29236
cf-bgj
imgq:100,h2pri
last-modified
Tue, 25 Oct 2022 12:50:28 GMT
server
cloudflare
etag
"6357db94-c84c"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7795370a5c38bb41-FRA
mockup-graphics-i1iqQRLULlg-unsplash780-368x155.png
www.fraudfighters.net/wp-content/uploads/2022/10/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fraudfighters.net/wp-content/uploads/2022/10/mockup-graphics-i1iqQRLULlg-unsplash780-368x155.png
Requested by
Host: www.fraudfighters.net
URL: https://www.fraudfighters.net/wp-content/themes/tz-legal-theme/js/scripts.min.js?ver=1664418376
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
631e06ba4d16dc09aa8f85c3cc291aaeb19fbc7366bd82e277e4d7a745785e96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fraudfighters.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 07:27:05 GMT
cf-cache-status
HIT
age
1222
cf-polished
origFmt=png, origSize=68402
content-disposition
inline; filename="mockup-graphics-i1iqQRLULlg-unsplash780-368x155.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
45320
cf-bgj
imgq:100,h2pri
last-modified
Thu, 20 Oct 2022 13:40:53 GMT
server
cloudflare
etag
"63514fe5-10b32"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7795370b2de3bb41-FRA

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.fraudfighters.net
URL
https://www.fraudfighters.net/wp-content/themes/tz-legal-theme/images/placeholder.gif

Verdicts & Comments Add Verdict or Comment

177 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| oncontentvisibilityautostatechange string| GoogleAnalyticsObject function| ga object| script string| target object| elem string| _linkedin_partner_id object| _linkedin_data_partner_ids function| lintrk object| dataLayer object| google_conversion_id object| google_custom_params object| google_remarketing_only object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| GooglemKTybQhCsO object| google_conversion_date object| google_conversion_time number| google_conversion_snippets number| google_conversion_first_time object| google_conversion_js_version object| google_conversion_format object| google_enable_display_cookie_match object| google_conversion_type object| google_conversion_order_id object| google_conversion_language object| google_conversion_value object| google_conversion_currency object| google_conversion_domain object| google_conversion_label object| google_conversion_color object| google_disable_viewthrough object| google_gtag_event_data object| google_conversion_linker object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_allow_ad_personalization_signals object| google_restricted_data_processing object| google_conversion_items object| google_conversion_merchant_id object| google_user_id object| onload_callback object| opt_image_generator object| google_gtm_url_processor object| google_conversion_page_url object| google_conversion_referrer_url object| google_gtm object| google_gcl_cookie_prefix object| google_gcl_cookie_path object| google_gcl_cookie_flags object| google_gcl_cookie_domain object| google_gcl_cookie_max_age_seconds object| google_read_gcl_cookie_opt_out object| google_basket_feed_country object| google_basket_feed_language object| google_basket_discount object| google_basket_transaction_type object| google_additional_conversion_params object| google_additional_params object| google_transport_url object| google_gtm_experiments object| google_tag_manager object| regeneratorRuntime object| ccConsole boolean| ccinstalled function| CallTrkSwap object| CallTrk function| lm_navi object| cnArgs function| $ function| jQuery function| _typeof number| activeScreenPercentage object| sections function| jp_checkInView boolean| switched function| updateTables function| splitTable function| unsplitTable function| setCellHeights object| jp_jump_links function| jp_jump_link_cb number| $breakpoint__navHamburger function| stickyHeader function| adjustMobileMenuHeight function| closeMobileMenu function| taoti_set_header_height_css boolean| taoti_header_height_timeout function| taoti_parents function| taoti_fonts_active_cb object| accordionExpandAll number| _i3 function| onClick_accordionExpandAll object| fieldGroupToggles number| _i6 function| taoti_fieldGroupToggles_cb object| checkAllCheckboxes number| _i7 function| taoti_checkAllCheckboxes_cb object| clearFilterButtons number| _i9 function| taoti_clearFilterButtons_cb object| homeCtaSections number| _i11 function| homeCtaSection_onClick object| videoPlayButton function| onClick_videoPlayButton object| lazySizesConfig function| hoverintent number| jp_lastScrollTop string| jp_scrollDirection object| lazySizes object| WebFont object| theme function| onClick_homeVideoPlayButton function| onClick_jumpSection function| kp_get_section_positions_cb function| kp_determine_active_menu_item object| _this function| printStackTrace function| printStackTraceLimited number| _scriptId string| ApexChatBetaUrl string| ApexChatBaseUrl number| ApexChatDefaultLogLevel object| CompanyLevelBlockedPages object| CompanyLevelSettings object| CompanyContextRequest string| ApexChatCompanyKey object| jQQ object| ApexChat function| ApexLogger object| AnalyticsCategories object| AnalyticsEvents object| ApexChatTimeTracker object| NS function| ApexChatClass function| qs function| qsa function| $on function| $delegate function| $parent boolean| _already_called_lintrk function| ApexChatJquery function| apexchat_tab_invitation_client object| apexchat_event_cache string| ref_domain string| ref_path string| ref_search function| apexchat_prechat_invitation_client function| apexchat_dompopup_chatwindow_client object| jQuery171019170736079213735 boolean| isDraggable function| apexchat_exitpopup2_chatwindow_client function| _toConsumableArray function| _nonIterableSpread function| _iterableToArray function| _arrayWithoutHoles function| _0x3d16 function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray function| _0x5e69 object| AJS object| AccessiBe object| acsb object| acsbJS object| EJSEventListeners function| EJSCustomEvent function| getCountryCode

34 Cookies

Domain/Path Name / Value
.youtube.com/ Name: YSC
Value: 4Ve_eFsYG9A
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: dqfrVE6SXqg
.fraudfighters.net/ Name: _ga
Value: GA1.2.1446352117.1671002821
.fraudfighters.net/ Name: _gid
Value: GA1.2.1483728786.1671002821
.fraudfighters.net/ Name: _gat
Value: 1
.fraudfighters.net/ Name: calltrk_referrer
Value: direct
.fraudfighters.net/ Name: calltrk_landing
Value: https%3A//www.fraudfighters.net/
.fraudfighters.net/ Name: calltrk_session_id
Value: d157ce22-bf00-40b1-bcc2-f2765ab8a251
www.fraudfighters.net/ Name: apexchat_dropdown_invitation
Value: _max
www.fraudfighters.net/ Name: livechat_v3_invitation_shown
Value: true
www.fraudfighters.net/ Name: livechat_is_page_refreshed
Value: false
www.fraudfighters.net/ Name: livechat_original_referrer
Value:
www.fraudfighters.net/ Name: livechat_agent_alias_id
Value: 7972
www.fraudfighters.net/ Name: livechat_operator_id
Value: undefined
www.fraudfighters.net/ Name: livechat_profile_id
Value: 449623
www.fraudfighters.net/ Name: livechat_visitor_id
Value: 1269310340
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
www.fraudfighters.net/ Name: livechat_invitation_traffic_sources
Value: source%3Ddirect%26medium%3Dnone%26campaign%3Ddirect%26term%3D%26content%3D%26campaignId%3D%26overwritetrafficsource%3Dtrue%26date%3D20221214
www.fraudfighters.net/ Name: apexchat_dompopup_chatwindow
Value: _rendered
www.fraudfighters.net/ Name: __lm_navi_uid
Value: 2-r83fnn9c-lbnbxp7t
www.fraudfighters.net/ Name: apexchat_tab_invitation
Value: _max
.linkedin.com/ Name: UserMatchHistory
Value: AQK3wdlpiwap6gAAAYUPh5UK3B4IaJZBUqv3F_l94sLi4stUPPmrF05ZONT-SKv2AreTxjUbKajcPw
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQKdHeq72TQ0KAAAAYUPh5UK7F2a16ynqaMWQQv1kFRW2kHUFt5jNlozU902JbTALJKOUIGPlJcS8xxADsp4cg
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&6e7f9161-e6bf-46e4-8007-e47d4dddb2b3"
.linkedin.com/ Name: lidc
Value: "b=VGST04:s=V:r=V:a=V:p=V:g=2803:u=1:x=1:i=1671002821:t=1671089221:v=2:sig=AQGsu1E0Yi3WwEGobc7EITZfl1YNnWlj"
.www.fraudfighters.net/ Name: ln_or
Value: d
www.fraudfighters.net/ Name: livechat_visitLogged
Value: true
.linkedin.com/ Name: lang
Value: v=2&lang=de-de
.www.linkedin.com/ Name: bscookie
Value: "v=1&20221214072702f31dc41c-ac8b-4364-8dfd-c387492e26b7AQEQ-cfUXeWbvR5NgFVpq5pOwSigiqYs"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NzEwMDI4MjI7MjswMjGH452PrBgzWUpo5h9QgsEWmXAjKP6w4Ybu5dK6uCke8g==
api.lawmatics.com/ Name: AWSALBCORS
Value: +8OYcInQ6LfHVnPFV0dPnrIY2Qv983vrOmfwuGVnCC1Uoj8Fhqxd0I/NiNzXflWsp7fWCmac3Zq9ckmOBTX7yJd4/LF3odGpq1ciDVC9+c5Sk4zTv7qWQRrwc6hn
www.fraudfighters.net/ Name: livechat_prechat_lastmessage
Value: %7B%22index%22%3A0%2C%22duration%22%3A3000%7D
www.fraudfighters.net/ Name: apexchat_prechat_invitation
Value: _max

1 Console Messages

Source Level URL
Text
network error URL: https://www.fraudfighters.net/wp-content/themes/tz-legal-theme/styles/css/ajax-loader.gif
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acsbapp.com
agent-alias.s3.us-east-2.amazonaws.com
ajax.googleapis.com
apex.live
api.lawmatics.com
cdn.acsbapp.com
cdn.callrail.com
cdn.linkedin.oribi.io
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
js.callrail.com
navi.lawmatics.com
px.ads.linkedin.com
px4.ads.linkedin.com
snap.licdn.com
static.doubleclick.net
stats.g.doubleclick.net
web1.acsbapp.com
www.apex.live
www.clickcease.com
www.fraudfighters.net
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
www.youtube.com
yt3.ggpht.com
www.fraudfighters.net
104.238.215.8
13.107.42.14
13.32.27.107
13.32.27.84
138.128.247.123
141.193.213.20
142.250.186.34
2001:4860:4802:38::178
2600:9000:206f:6e00:2:53b2:240:93a1
2600:9000:206f:9800:15:a0d3:77c0:93a1
2606:4700:20::681a:848
2606:4700:20::ac43:467a
2620:1ec:22::14
2a00:1450:4001:801::2016
2a00:1450:4001:806::2008
2a00:1450:4001:808::200e
2a00:1450:4001:80e::2006
2a00:1450:4001:80f::2003
2a00:1450:4001:812::2001
2a00:1450:4001:827::2004
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::200a
2a00:1450:4001:831::2003
2a00:1450:4001:831::200a
2a00:1450:400c:c1b::9c
2a02:26f0:3500:16::215:149b
52.219.101.34
54.241.113.118
83.229.67.229
99.86.4.16
07589e57d51bd69549539e1a5eeea998c9b17f9fcd25948b4abf32ddfe38d805
09a4d772733a05a9611b5f5957b0b2af2b6c6b3937491e1a1f32092cd1f937b8
0c1ad45f74254d3a2a330644a962a74b1aa090b8e454f0b47bc737d684d63837
0c6f790cdfb30ee6ea13ff8325f0c17fb70f269e24ccf5152b3bc83c5bba1d2a
0e97ac44670c17ba4d13b4ac82f1c5345acc7f15ccf08acc9b6e842900fbbcc7
107d31aa9296b14aa7b187f9fdba6cb2803ff6610fb176c3a3dd424168d6a0f3
142b541f178970764805cb07c21125a78cd9a5aa1513d8ca67a5a25148dddb23
1643b5cec44cc597bc2cce3448ce5434241eec9b92db8af268ee3ee1f198441d
184b9e38d0ac290f25beb618aab4e34ae8fd4e8624666e6d044bed41d6f9f8cf
188df28d9a43df9305e789776e4eed7f4afdd7c1d391dc5706d816af46554ede
1a9574b903d2be44dec2888e2d94199e502b9d6db025584a37c0cc124746988d
1bec22d0a46b2239935880ce9f8e0015532f67f68a2ced5cf7a0dfc001377783
1dbe80d2c777c173f7f7b2fe368fbdd6b3de977c9e02548b03d15cc441a80a69
230246d9db25ba863e09b1b31278d78c6c2139d0a6752fdeb50ab56d9e09af12
260d3a8398bf730221c2857c3b56b3ce295accc3e5d1ebd971595e0b2757dfdb
26437bd7545457a94a6be2ba29e2079c688b4aa140468867ae47f4d235279f78
2715d7400fc9d49eca775ec3a8814267b28be978f14edc9f4458ae9789605a38
2f698167d3fe17ec510057f9bc1e560fc5287334dcb22fd5e3b9f3030d09e476
3133652ae2cf0f1294e53fc638d0f8f52ff53e4bf3b562d9311c9684449bb578
31fe4febeb4cc639f91f57ad50008a02cc15d99ddc7599a92b63b280bccd4b85
33ea22a80e4a9c57a6cd53147bfee992e3bd6de7663afe15969f9e9e965fb969
38cd9473808d867e421bb58518b2e7e5ff0c091a656340f8777dce4693f0543c
3ac6eaebf7ae9ca22e3de595088bcc4cf380922ca912cac6c22d83494dd89604
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e622cc24908e66b3e0d061260c3227154e05c8c2ca8d44f5cc3b8c930a531dc
3f350cf5d0700159b35356a392b66810a0051503b8221a091b68bc50732f7232
47703f1466f050b1e24522fc42094c829aad94b663af9c03db5d5784835461bc
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4f9687af855e3702920c9feedcf07596807bf43bcd8de0b543ffee66f98e1a22
51f3ebfe41d11eab7706afe65201434799048af4c2db78276f6194435c12d672
554b8325c9064b050d113d327df6699d54bf4adb591ba952fc32e0a292b1f74b
55f20064287013b19f6c5d0131714e6c7e4baf1758056207f9d0214643cffff6
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5eee1bc0d03165ecdd380a9f7c30355b3b6ea1ce09276f84e90f2c6ec0d8f8d2
60887c43fc31ef1febaab0613718268004717fa19152e83f9530b168eb929f04
6181a9f3734287cd58b4fecf0b7e1199f34f8531f099f9ba28ab8fa31fdb737d
631e06ba4d16dc09aa8f85c3cc291aaeb19fbc7366bd82e277e4d7a745785e96
641153b2ad78e5d095645419060a4ea0854b1b3ec5ff27e99644c9f8d461610c
656571e322cfc16aec200a80b47fda26ea374f51e25f6b149d5814408aaf82ff
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
680af9dcfe01e1988835b9d113d41956ea536b30ed257e405e546bda6b9d4206
6ffde1acbfdb7044878bcf969f76aedd6223524da7053faf36dc613257477416
758518799295d2081d50b64b0a0ee10bf80382f5b636b0c69fe3d59c8f9a7ea3
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7d03c79e2285db0657aa65f5c54b9561a92049d2086e6298d7b19e8a46e1836a
812df9c32374111ebd59adab63623b3a43aaf6ea6d676b9d14f30d3420e44586
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
8bf7044c50d9216f1ab29b2f65b9f0b17470d1b193a2b7b70d3dc674297ef0f1
92f247497b41d3c4f28e263e41817f9c9a5c30433c2d322233654049831cc3c8
9e23912df68188893223625c57f988f8e371b183fcf9f05d2fcfcff94a9422d6
a147ef2aea5ea0484e80d1ab75f19478cd68292b4c3eab38388df5a30df646e4
a174ce3d0e66cfea95ba4288c928291b37bd679f3044ac1a7f4dc3958036be11
a3d4e4df1a279d406ceb4a315b794294bb0100bda346c132d6f3d74167b6fcd8
a3fdeefcd0da4d42c80f0470737bd7a04798773dffbb32f48cdfe82f68c4bb25
a491c56726826ca847ad1bf4e52b42c9b45fc1892491b954f3d14eed4da49580
a4d2aff87094a5c1dde93cd8ca2fcea1eb91a53d0c62e79e0121431da531311d
a74918f8cd6250072580617b40ddeaaa01e43a94cc278900a063cba0648498a4
aad82bcd03479151132811a61c6d33c40aaae5f11ee9652e463656069327ea93
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b12df28928ae6402d9d672b356057877a9829fb5701e913e162c03774ab4cec7
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b6cd8f8d309e3832279dc6284eb2ad048287d2ad1c8e1ecaeee0145a97929e55
b7980d9b05401770d606d88e2e3018d2e87b055240222eb024f292109d6a5705
ba7eef81c1b81bfba6ae3137cd7c58c3f65dcce009fe916f24d7dfec23e77c9d
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c2fe6cc4a7b81af35f8e54142b46360a0aaa6045db769504b4a706a8bb9692d2
c38bc4d28cb6dd5263a68b3efa74cd5b746f9083484871c54f4cd437c828b40e
c6df69852ba7afceae5b46085fec8dae38d18422f04102becd80c8be1e16a136
cb7a8ab565840ac35e4e199fb2e3de7eac157cf613d7f7603b6acffd3a414da2
cbf08af462cd3286630ca3b795439b9e8780eaf9fc599584a5004f3a103b8d0b
cfa0319a669e797a367f18a94fdcfa195a95840e3b3f8d1c2331b053279b514c
d2c30641eed11d27cc45ab60849aaef8d0cef92b8c75b09648ffb764bd6017c0
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
d58c060cf169838bef56141d45517cdb20a875d6ca86a3b96ad8a6fea2dbbfd7
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
e0664341de6042c0eac81fbd58a704c7bca979489b22f0d5ab6cc944be4f98b3
e0a0fad619b9c417b66ae838ab0d51c1b34915aeb617e335f6d0d485bd5b74a5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e835ef011b2157493a184a95a4bb37337b558b342f1a3f87118f3be15f5ac50e
eaf9c7672edd0b8944d206a57ee5f082c53fc5940fb31e4d309ec3cc128e0fd5
ebcd43274f956ef6d5c0f690695cc56c35a3a77180c9d1b80791febe4e27f601
eded00575f65de726a63f811022d119ed582721233e74343735cad53930c2a76
edefa770ab981098708e9dd63e7dbdd9ec025b1eab5520e43853789e13e3433e
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f09aaa074e7fb50071ebca46693853fc79a54ce6f162e30b47b44563973b619e
f19f656dbb9200aa6cae2b6ae01fcb162c03c0738be116c35d9549c93b7398b6
f1ada2053af85b05950a3eca3be690c1f74edaf97f720d4d4bd3b9e9b5350214
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f913ebbd1ce279e8c5415bdd340888b3c8b9b7f93a7b51c458d672bc5b157ac2
fb3f11eece3220e58fa80ba30770bde0188050a4e27911da019396cd9c5bc859