URL: https://blog.securedtouch.com/breaking-down-fraud-flows-credential-stuffing
Submission: On September 24 via api from US

Summary

This website contacted 25 IPs in 6 countries across 22 domains to perform 63 HTTP transactions. The main IP is 2606:4700::6811:88b4, located in United States and belongs to CLOUDFLARENET, US. The main domain is blog.securedtouch.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 17th 2020. Valid for: a year.
This is the only time blog.securedtouch.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
20 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:2800:233... 15133 (EDGECAST)
1 2 82.166.213.108 1680 (NV-ASN CE...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a03:2880:f01... 32934 (FACEBOOK)
4 93.184.220.66 15133 (EDGECAST)
4 2606:4700::68... 13335 (CLOUDFLAR...)
1 216.58.207.66 15169 (GOOGLE)
2 2a02:26f0:10c... 20940 (AKAMAI-ASN1)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2 2a05:f500:11:... 14413 (LINKEDIN)
1 1 2620:1ec:21::14 8068 (MICROSOFT...)
3 2a03:2880:f11... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 104.244.42.8 13414 (TWITTER)
1 2606:4700::68... 13335 (CLOUDFLAR...)
63 25
Domain Requested by
20 blog.securedtouch.com blog.securedtouch.com
6 fonts.gstatic.com blog.securedtouch.com
4 platform.twitter.com blog.securedtouch.com
platform.twitter.com
4 connect.facebook.net blog.securedtouch.com
connect.facebook.net
3 track.hubspot.com
3 www.facebook.com blog.securedtouch.com
connect.facebook.net
2 px.ads.linkedin.com 1 redirects blog.securedtouch.com
2 snap.licdn.com blog.securedtouch.com
snap.licdn.com
2 cdn2.hubspot.net blog.securedtouch.com
2 cdnjs.cloudflare.com blog.securedtouch.com
2 secured.devurl.net 1 redirects blog.securedtouch.com
1 forms.hubspot.com js.hsleadflows.net
1 syndication.twitter.com blog.securedtouch.com
1 www.google.de blog.securedtouch.com
1 www.google.com blog.securedtouch.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 www.linkedin.com 1 redirects
1 js.hs-banner.com blog.securedtouch.com
1 js.hs-analytics.net blog.securedtouch.com
1 js.hsleadflows.net blog.securedtouch.com
1 js.hsadspixel.net blog.securedtouch.com
1 www.googleadservices.com www.googletagmanager.com
1 app.hubspot.com blog.securedtouch.com
1 www.youtube.com blog.securedtouch.com
1 www.googletagmanager.com blog.securedtouch.com
1 lh3.googleusercontent.com blog.securedtouch.com
1 platform.linkedin.com blog.securedtouch.com
63 27
Subject Issuer Validity Valid
blog.securedtouch.com
Cloudflare Inc ECC CA-3
2020-07-17 -
2021-07-17
a year crt.sh
platform.linkedin.com
DigiCert SHA2 Secure Server CA
2019-10-10 -
2021-10-14
2 years crt.sh
secured.devurl.net
cPanel, Inc. Certification Authority
2020-02-18 -
2020-05-18
3 months crt.sh
*.googleusercontent.com
GTS CA 1O1
2020-09-03 -
2020-11-26
3 months crt.sh
cdnjs.cloudflare.com
DigiCert ECC Secure Server CA
2020-08-12 -
2022-08-17
2 years crt.sh
*.google-analytics.com
GTS CA 1O1
2020-08-26 -
2020-11-18
3 months crt.sh
*.gstatic.com
GTS CA 1O1
2020-08-26 -
2020-11-18
3 months crt.sh
hubspot.net
Cloudflare Inc ECC CA-3
2020-07-03 -
2021-07-03
a year crt.sh
*.google.com
GTS CA 1O1
2020-08-26 -
2020-11-18
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2020-09-11 -
2020-12-10
3 months crt.sh
*.twimg.com
DigiCert SHA2 High Assurance Server CA
2019-11-12 -
2020-11-18
a year crt.sh
hubspot.com
Cloudflare Inc ECC CA-3
2020-07-27 -
2021-07-27
a year crt.sh
www.googleadservices.com
GTS CA 1O1
2020-09-03 -
2020-11-26
3 months crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA
2019-04-01 -
2021-05-07
2 years crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-08-17 -
2021-08-17
a year crt.sh
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA
2020-08-05 -
2021-02-05
6 months crt.sh
*.g.doubleclick.net
GTS CA 1O1
2020-08-26 -
2020-11-18
3 months crt.sh
www.google.com
GTS CA 1O1
2020-09-03 -
2020-11-26
3 months crt.sh
www.google.de
GTS CA 1O1
2020-08-26 -
2020-11-18
3 months crt.sh
syndication.twitter.com
DigiCert SHA2 High Assurance Server CA
2020-03-05 -
2021-03-02
a year crt.sh

This page contains 5 frames:

Primary Page: https://blog.securedtouch.com/breaking-down-fraud-flows-credential-stuffing
Frame ID: 006ECB276676008379558A716F791E51
Requests: 59 HTTP requests in this frame

Frame: https://www.youtube.com/embed/T66Mi6UaQE0
Frame ID: BAA8EF0345A32160697A3D3F1B603FA5
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2d7d9a6d04538bf11c7b23641e75738c.html?origin=https%3A%2F%2Fblog.securedtouch.com
Frame ID: 85420BCB8A3B2256BE23153F1AECAA22
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2d7d9a6d04538bf11c7b23641e75738c.en.html
Frame ID: 269C4D8C09B49659FE60DF2BDD9255E4
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df28f462778adda%26domain%3Dblog.securedtouch.com%26origin%3Dhttps%253A%252F%252Fblog.securedtouch.com%252Ff1f3c63f7179504%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fblog.securedtouch.com%2Fbreaking-down-fraud-flows-credential-stuffing&layout=button_count&locale=en_US&sdk=joey&share=true&show_faces=false&width=120
Frame ID: 36862D73A6436BAFD7E9BD15168EAD42
Requests: 1 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Overall confidence: 100%
Detected patterns
  • html /<!-- (?:End )?Google Tag Manager -->/i

Overall confidence: 100%
Detected patterns
  • script /\/\/platform\.linkedin\.com\/in\.js/i

Overall confidence: 100%
Detected patterns
  • script /\/\/platform\.twitter\.com\/widgets\.js/i

Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

63
Requests

98 %
HTTPS

85 %
IPv6

22
Domains

27
Subdomains

25
IPs

6
Countries

5175 kB
Transfer

7114 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • https://secured.devurl.net/wp-content/themes/secured/images/close_icon.png HTTP 302
  • https://secured.devurl.net/cgi-sys/suspendedpage.cgi
Request Chain 45
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=120330&time=1600965025564&url=https%3A%2F%2Fblog.securedtouch.com%2Fbreaking-down-fraud-flows-credential-stuffing HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D120330%26time%3D1600965025564%26url%3Dhttps%253A%252F%252Fblog.securedtouch.com%252Fbreaking-down-fraud-flows-credential-stuffing%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=120330&time=1600965025564&url=https%3A%2F%2Fblog.securedtouch.com%2Fbreaking-down-fraud-flows-credential-stuffing&liSync=true

63 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request breaking-down-fraud-flows-credential-stuffing
blog.securedtouch.com/
71 KB
15 KB
Document
General
Full URL
https://blog.securedtouch.com/breaking-down-fraud-flows-credential-stuffing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:88b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / HubSpot
Resource Hash
00d2497bb3cb8e9c5e51fcd6c74ebc96aa86a6764b68ae1e04a302510fa44dd6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=0

Request headers

:method
GET
:authority
blog.securedtouch.com
:scheme
https
:path
/breaking-down-fraud-flows-credential-stuffing
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Thu, 24 Sep 2020 16:30:25 GMT
content-type
text/html;charset=utf-8
set-cookie
__cfduid=d93bc318909e48612cbb786a367a23a191600965025; expires=Sat, 24-Oct-20 16:30:25 GMT; path=/; domain=.blog.securedtouch.com; HttpOnly; SameSite=Lax __cfruid=0642cb9b5d61d4024bc521ebe065a80618c7aa74-1600965025; path=/; domain=.blog.securedtouch.com; HttpOnly; Secure; SameSite=None
cf-ray
5d7de3cedd511f39-FRA
age
3651
cache-control
s-maxage=7200,max-age=5
link
</hs/hsstatic/keyboard-accessible-menu-flyouts/static-1.17/bundles/project.js>; rel=preload; as=script, </hs-fs/hub/2758303/hub_generated/template_assets/1598311959808/combined-css-190d630d1ff443fa7eef7301cab09b15.css>; rel=preload; as=style, </_hcms/forms/v2.js>; rel=preload; as=script, </hs/hsstatic/HubspotToolsMenu/static-1.79/js/index.js>; rel=preload; as=script
strict-transport-security
max-age=0
vary
Accept-Encoding
cf-cache-status
HIT
access-control-allow-credentials
false
cf-request-id
05628cb54a00001f399f154200000001
content-security-policy
upgrade-insecure-requests
edge-cache-tag
CT-18417995736,CG-2758303,P-2758303,L-5008782881,L-5008972571,L-5008973921,E-5005979475,E-5008824861,E-5008987373,MENU-10745871832,PGS-ALL,SW-0,B-5008986045,GC-34666763485
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-hs-cache-config
BrowserCache-5s-EdgeCache-7200s
x-hs-content-campaign-id
2c6eff7f-e808-4a10-ac7f-aab8127c0020
x-hs-content-id
18417995736
x-hs-hub-id
2758303
x-powered-by
HubSpot
x-trace
2B58666D0DB096E7FE2A338C1B707B4868A15D60D1000000000000000000
server
cloudflare
content-encoding
br
cf-h2-pushed
</hs/hsstatic/keyboard-accessible-menu-flyouts/static-1.17/bundles/project.js>,</hs-fs/hub/2758303/hub_generated/template_assets/1598311959808/combined-css-190d630d1ff443fa7eef7301cab09b15.css>,</_hcms/forms/v2.js>,</hs/hsstatic/HubspotToolsMenu/static-1.79/js/index.js>
project.js
blog.securedtouch.com/hs/hsstatic/keyboard-accessible-menu-flyouts/static-1.17/bundles/
2 KB
631 B
Script
General
Full URL
https://blog.securedtouch.com/hs/hsstatic/keyboard-accessible-menu-flyouts/static-1.17/bundles/project.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:88b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb56af9f7623a55839dfb9cf019b05664a62e1b41671d925f3ed587c506443b5

Request headers

Referer
https://blog.securedtouch.com/breaking-down-fraud-flows-credential-stuffing
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 24 Sep 2020 16:30:25 GMT
via
1.1 e004b21574888e2383bc40e183527f93.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
24169
x-amz-server-side-encryption
AES256
cf-ray
5d7de3cfaf1e1f39-FRA
x-cache
Hit from cloudfront
status
200
x-amz-replication-status
COMPLETED
content-encoding
br
cf-request-id
05628cb5c400001f399f15a200000001
last-modified
Wed, 19 Aug 2020 22:24:11 GMT
server
cloudflare
etag
W/"ef84f26c310485299d6b75777414eddb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
gEenO44eZUewxnIWfgj9q6LB.g9OszNv
cache-control
s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
x-amz-cf-pop
IAD66-C2
content-type
application/javascript; charset=utf-8
x-amz-cf-id
rkeC4Fmw61dZAYa9bT2vdXu2az0SbbWcg56yABRdyQX4y_qDrNDD6A==
combined-css-190d630d1ff443fa7eef7301cab09b15.css
blog.securedtouch.com/hs-fs/hub/2758303/hub_generated/template_assets/1598311959808/
117 KB
23 KB
Stylesheet
General
Full URL
https://blog.securedtouch.com/hs-fs/hub/2758303/hub_generated/template_assets/1598311959808/combined-css-190d630d1ff443fa7eef7301cab09b15.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:88b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da450e99a80baf6e91b0f04fa6404926679aceda93618ced9bfbea554ad6a6cd

Request headers

Referer
https://blog.securedtouch.com/breaking-down-fraud-flows-credential-stuffing
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 24 Sep 2020 16:30:25 GMT
via
1.1 a251e31740a6e166e8fdccf296c41645.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
12
x-hs-alternate-content-type
text/plain
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
status
200
x-amz-replication-status
COMPLETED
x-amz-cf-pop
IAD89-C1
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 11
content-encoding
br
x-amz-request-id
0F1771A2B75C10F5
x-amz-id-2
Je5UtWGJgYRCyDiSxsVgJMvr6CieY25P/VsHZp9dBE991H1wTPLvWpDd3vBo7I0ZQ/jc+oNyEGU=
last-modified
Mon, 24 Aug 2020 23:32:40 GMT
server
cloudflare
etag
W/"190d630d1ff443fa7eef7301cab09b15"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-meta-created-unix-time-millis
1598311959809
content-type
text/css
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
x-amz-version-id
2DAUjDRxt8rxqh0dEJTf0jOMmvHSW5aY
cf-request-id
05628cb5c400001f399f15b200000001
cf-ray
5d7de3cfaf211f39-FRA
x-amz-cf-id
50kvgESvzuqbkcekmyahm117eiXOmMsfiAC3TsRNzrrqonaBjXVnPQ==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 11
v2.js
blog.securedtouch.com/_hcms/forms/
472 KB
118 KB
Script
General
Full URL
https://blog.securedtouch.com/_hcms/forms/v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:88b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c168c4c2b57ce0bd26874763d799bd446002204dac6f96ab81e12efdc7974242

Request headers

Referer
https://blog.securedtouch.com/breaking-down-fraud-flows-credential-stuffing
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 24 Sep 2020 16:30:25 GMT
via
1.1 077f711c23b8630fba0cd55c24dd3124.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
12
x-amz-server-side-encryption
AES256
cf-ray
5d7de3cfaf241f39-FRA
x-cache
Hit from cloudfront
status
200
x-amz-replication-status
COMPLETED
content-encoding
br
cf-request-id
05628cb5c400001f399f15c200000001
last-modified
Thu, 17 Sep 2020 03:08:01 UTC
server
cloudflare
etag
W/"cd6b67c54502c08c86d7650fd1fd770c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
4RPYMtP0cEaOXUe62hbvEkB4y3JYanbQ
cache-control
s-maxage=600, max-age=0
access-control-allow-credentials
false
x-amz-cf-pop
IAD66-C2
content-type
application/javascript; charset=utf-8
x-amz-cf-id
Tkck2wRtIPD8RLu7yx3OE0rmH6RrQ_THIqkY2h2xzWAV8Vyxf2B3Cg==
index.js
blog.securedtouch.com/hs/hsstatic/HubspotToolsMenu/static-1.79/js/
10 KB
4 KB
Script
General
Full URL
https://blog.securedtouch.com/hs/hsstatic/HubspotToolsMenu/static-1.79/js/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:88b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd3eb59038a5df086653388d9394fed2f2f1d72d9c01cfdc4920247a9d371e83

Request headers

Referer
https://blog.securedtouch.com/breaking-down-fraud-flows-credential-stuffing
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 24 Sep 2020 16:30:25 GMT
via
1.1 e93e34046c3a3d7fb416e8e0d71d2ff3.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
24169
x-amz-server-side-encryption
AES256
cf-ray
5d7de3cfaf251f39-FRA
x-cache
Hit from cloudfront
status
200
x-amz-replication-status
COMPLETED
content-encoding
br
cf-request-id
05628cb5c400001f399f15d200000001
last-modified
Mon, 14 Sep 2020 20:19:23 GMT
server
cloudflare
etag
W/"e669ca94e2fffafc96a88184dda30834"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
RcBG9DPSu_6ZVzKnktPJ4cTzKi_y_4VM
cache-control
s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
x-amz-cf-pop
IAD66-C2
content-type
application/javascript; charset=utf-8
x-amz-cf-id
CCr-T9sjQ5tS82SMeiRJWWnuk8Q_6Rz4DoTriLolOtYfnvnL27RwUg==
jquery-1.7.1.js
blog.securedtouch.com/hs/hsstatic/jquery-libs/static-1.1/jquery/
92 KB
32 KB
Script
General
Full URL
https://blog.securedtouch.com/hs/hsstatic/jquery-libs/static-1.1/jquery/jquery-1.7.1.js
Requested by
Host: blog.securedtouch.com
URL: https://blog.securedtouch.com/breaking-down-fraud-flows-credential-stuffing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:88b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd

Request headers

Referer
https://blog.securedtouch.com/breaking-down-fraud-flows-credential-stuffing
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 24 Sep 2020 16:30:25 GMT
via
1.1 7ff806af6d25cdaec01063add992fe27.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
3649
cf-ray
5d7de3cfbf581f39-FRA
x-cache
Hit from cloudfront
status
200
content-encoding
br
cf-request-id
05628cb5d500001f399f15f200000001
last-modified
Tue, 25 Nov 2014 17:03:30 GMT
server
cloudflare
etag
W/"ddb84c1587287b2df08966081ef063bf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
null
cache-control
s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
x-amz-cf-pop
IAD66-C2
content-type
application/javascript; charset=utf-8
x-amz-cf-id
YxhVqBUhOHJ33xSt05e2C2LYXhWjelw7TTWegrcZkBY96c6OENsl5A==
in.js
platform.linkedin.com/
181 KB
182 KB
Script
General
Full URL
https://platform.linkedin.com/in.js
Requested by
Host: blog.securedtouch.com
URL: https://blog.securedtouch.com/breaking-down-fraud-flows-credential-stuffing
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:66b5:799a:7cd3:f74d:7071 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F0A) /
Resource Hash
ca496980f053a2645d65d70105e801b4c84c81febf062416c2e25ddc7c5ad191

Request headers

Referer
https://blog.securedtouch.com/breaking-down-fraud-flows-credential-stuffing
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 24 Sep 2020 16:30:25 GMT
x-cdn-client-ip-version
IPV6
x-cdn
ECST
age
471
x-cache
HIT
status
200
x-cdn-proto
HTTP2
content-length
185763
x-li-uuid
UGPjxMfENxaQnBOgoisAAA==
server
ECAcc (frc/8F0A)
last-modified
Thu, 24 Sep 2020 16:22:34 GMT
x-li-pop
prod-edc2
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
accept-ranges
bytes
x-li-proto
http/1.1
x-li-fabric
prod-lva1
expires
Thu, 24 Sep 2020 17:22:34 GMT
Logo_270-1.png
blog.securedtouch.com/hs-fs/hubfs/Secured%20April2017/Images/
3 KB
4 KB
Image
General
Full URL
https://blog.securedtouch.com/hs-fs/hubfs/Secured%20April2017/Images/Logo_270-1.png?width=270&height=61&name=Logo_270-1.png
Requested by
Host: blog.securedtouch.com
URL: https://blog.securedtouch.com/breaking-down-fraud-flows-credential-stuffing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:88b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52e2cd2a0eeab4924cf7b417e6773b963f094ef26ae46e3f9c427ffa5c977311

Request headers

Referer
https://blog.securedtouch.com/breaking-down-fraud-flows-credential-stuffing
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 24 Sep 2020 16:30:25 GMT
via
1.1 7b32163caf7e91fe96df7bbeaa58c0f9.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
24165
cf-polished
origFmt=png, origSize=4439
edge-cache-tag
F-5006036165,P-2758303,FLS-ALL
status
200
content-disposition
inline; filename="Logo_270-1.webp"
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 11
content-length
3490
cf-request-id
05628cb61400001f399f16e200000001
x-cache
RefreshHit from cloudfront
last-modified
Sat, 07 Oct 2017 16:28:42 GMT
server
cloudflare
etag
"656556a34ec22cc9a4a8355a1eaae8b7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
content-type
image/webp
cf-bgj
imgq:85,h2pri
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials
false
x-amz-cf-pop
IAD89-C1
accept-ranges
bytes
cf-ray
5d7de3d0281d1f39-FRA
x-amz-cf-id
6f18bfjbzMtRkDYDXNusMMulbIGwMbl6WTjPJpm4Rep3nslESkOupQ==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 11
suspendedpage.cgi
secured.devurl.net/cgi-sys/
Redirect Chain
  • https://secured.devurl.net/wp-content/themes/secured/images/close_icon.png
  • https://secured.devurl.net/cgi-sys/suspendedpage.cgi
0
0
Image
General
Full URL
https://secured.devurl.net/cgi-sys/suspendedpage.cgi
Requested by
Host: blog.securedtouch.com
URL: https://blog.securedtouch.com/breaking-down-fraud-flows-credential-stuffing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
82.166.213.108 Nesher, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
82.166.213.108.fix.netvision.net.il
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://blog.securedtouch.com/breaking-down-fraud-flows-credential-stuffing
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

status
302
date
Thu, 24 Sep 2020 16:30:25 GMT
server
Apache
content-length
236
location
https://secured.devurl.net/cgi-sys/suspendedpage.cgi
content-type
text/html; charset=iso-8859-1
SecuredTouch_April_2017_Script.js
blog.securedtouch.com/hs-fs/hub/2758303/hub_generated/template_assets/5008824861/1569527884334/Custom/page/Secure_Touch_Blog_April_2017/
3 KB
1 KB
Script
General
Full URL
https://blog.securedtouch.com/hs-fs/hub/2758303/hub_generated/template_assets/5008824861/1569527884334/Custom/page/Secure_Touch_Blog_April_2017/SecuredTouch_April_2017_Script.js
Requested by
Host: blog.securedtouch.com
URL: https://blog.securedtouch.com/breaking-down-fraud-flows-credential-stuffing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:88b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9acb94cb1f1ac7f6cb4a3d7c8f5011162bed6aee59d3e14ff667284bd0c86ea3

Request headers

Referer
https://blog.securedtouch.com/breaking-down-fraud-flows-credential-stuffing
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 24 Sep 2020 16:30:25 GMT
via
1.1 2e50d9b1ee017f302768660f02b7418e.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
11
x-cache
RefreshHit from cloudfront
status
200
x-amz-cf-pop
IAD89-C1
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 11
content-encoding
br
x-amz-request-id
F11BC289AF93BE72
x-amz-id-2
f60AQhRLoMvS0BclfG2h7TpOv4qtW3921PhLB1jI5n5jFl+KiOKZBHNAeotgZSj835HuyG14tdw=
last-modified
Thu, 26 Sep 2019 19:58:05 GMT
server
cloudflare
etag
W/"1ea458c221a8b44f2aa439ca263b8c4f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
x-amz-version-id
idQx6kLRhxBXz3YTUta1HI.NBsAeIq8e
cf-request-id
05628cb5f600001f399f169200000001
cf-ray
5d7de3cfffd71f39-FRA
x-amz-cf-id
EOe2wITGs8pQJ0uiNZKWReKHilxC0-Qb8axD7upe8hTyXz3d3iqUqw==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 11
hands-coffee-smartphone-technology.jpg
blog.securedtouch.com/hubfs/Secured%20April2017/Images/
1 MB
1 MB
Image
General
Full URL
https://blog.securedtouch.com/hubfs/Secured%20April2017/Images/hands-coffee-smartphone-technology.jpg
Requested by
Host: blog.securedtouch.com
URL: https://blog.securedtouch.com/breaking-down-fraud-flows-credential-stuffing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:88b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
385ce7c2b89745788cd4d80d48a0a7b5ea057e25fc9e2a302e95332d924c5def

Request headers

Referer
https://blog.securedtouch.com/breaking-down-fraud-flows-credential-stuffing
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 24 Sep 2020 16:30:25 GMT
via
1.1 c6702f5f3b6e77da6f394e67ef1a6aab.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-meta-cache-tag
F-5009003464,P-2758303,FLS-ALL
age
24063
cf-polished
qual=85, origFmt=jpeg, origSize=3464576
edge-cache-tag
F-5009003464,P-2758303,FLS-ALL
status
200
content-disposition
inline; filename="hands-coffee-smartphone-technology.webp"
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 11
x-amz-request-id
84C4C66A70ABF4EA
cf-request-id
05628cb61500001f399f16f200000001
x-cache
RefreshHit from cloudfront
accept-ranges
bytes
last-modified
Sat, 07 Oct 2017 16:28:46 GMT
server
cloudflare
etag
"0675a0a595e723a63529b2d2d0f91736"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
content-type
image/webp
x-amz-id-2
tLTDxmLn2s/m0U1TPi0Be6VW4Rc73Luh047ZPVytcomnTTxoc1mhRJQ3ceXW3WxsmXnM7y2Piao=
cf-bgj
imgq:85,h2pri
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id
FyacsJiUWvxszc6Tv9O52juXkOQ5g.pm
x-amz-cf-pop
FRA50-C1
content-length
1148736
cf-ray
5d7de3d0281f1f39-FRA
x-amz-cf-id
U7flMah02POx6_4wxZzClkmCkB4PzGAgWxo12n_OlTTE2liflUzvMA==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 11
A1tNxXzoZNjVA2JXipsQ47OGTyXZcKo0-R70hYYMeAya_vbNZyxNAQLOHyoLWmNkY5RgcCqt-OEC_A9WN5hTfALdSeRlna7K7WFqosNWvA3ZxW_6JcjXOnztchwQdo40fwAdeQwX
lh3.googleusercontent.com/
286 KB
287 KB
Image
General
Full URL
https://lh3.googleusercontent.com/A1tNxXzoZNjVA2JXipsQ47OGTyXZcKo0-R70hYYMeAya_vbNZyxNAQLOHyoLWmNkY5RgcCqt-OEC_A9WN5hTfALdSeRlna7K7WFqosNWvA3ZxW_6JcjXOnztchwQdo40fwAdeQwX
Requested by
Host: blog.securedtouch.com
URL: https://blog.securedtouch.com/breaking-down-fraud-flows-credential-stuffing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
73030f0146cf2c5736a8eae428e5f9a726b1a7715bea2db41bfb53913ac1fad3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://blog.securedtouch.com/breaking-down-fraud-flows-credential-stuffing
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 24 Sep 2020 15:29:41 GMT
x-content-type-options
nosniff
age
3644
status
200
content-disposition
inline;filename="Screen Shot 2019-08-18 at 14.47.36.png"
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
293232
x-xss-protection
0
server
fife
etag
"v2"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Fri, 25 Sep 2020 15:29:41 GMT
Gucci%20CONFIG%20file%20-%20Credential%20Stuffing.png
blog.securedtouch.com/hs-fs/hubfs/
36 KB
37 KB
Image
General
Full URL
https://blog.securedtouch.com/hs-fs/hubfs/Gucci%20CONFIG%20file%20-%20Credential%20Stuffing.png?width=591&name=Gucci%20CONFIG%20file%20-%20Credential%20Stuffing.png
Requested by
Host: blog.securedtouch.com
URL: https://blog.securedtouch.com/breaking-down-fraud-flows-credential-stuffing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:88b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e29f006ffe77965896bef47227cad8fea2c292333f64c2e35f402f21bec76945

Request headers

Referer
https://blog.securedtouch.com/breaking-down-fraud-flows-credential-stuffing
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 24 Sep 2020 16:30:25 GMT
via
1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-meta-cache-tag
F-18907577071,P-2758303,FLS-ALL
age
11
cf-polished
origFmt=png, origSize=134553
edge-cache-tag
F-18907577071,P-2758303,FLS-ALL
status
200
content-disposition
inline; filename="Gucci%20CONFIG%20file%20-%20Credential%20Stuffing.webp"
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 11
x-amz-request-id
7A8978C3FFADD851
cf-request-id
05628cb61500001f399f170200000001
x-cache
Miss from cloudfront
accept-ranges
bytes
last-modified
Tue, 22 Oct 2019 10:59:07 GMT
server
cloudflare
etag
"b9a2a08950c284578e5b3e9ddcc5f10e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
content-type
image/webp
x-amz-id-2
8ZHYmVHkczsgB3fAmIChIAaQ/LogdX7keK8uk5XCstIvTY8Ted65cDPDIhtwzwa19c7nltU7Jp8=
cf-bgj
imgq:85,h2pri
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id
gBQvc27gjy9rRweMNVI9lAtxwq3TZVpI
x-amz-cf-pop
FRA50-C1
content-length
36896
cf-ray
5d7de3d028211f39-FRA
x-amz-cf-id
KQO-ojtNG7loLjVPYpiayBl5u8xH0psPF9Hx5YP0pZOSrcsSDYbGHg==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 11
jquery.fancybox.min.js
cdnjs.cloudflare.com/ajax/libs/fancybox/3.0.47/
44 KB
13 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.0.47/jquery.fancybox.min.js
Requested by
Host: blog.securedtouch.com
URL: https://blog.securedtouch.com/breaking-down-fraud-flows-credential-stuffing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3174fe0090fc1dd5d0e272c46ea90ca96df05d77ef8da190b7f43f8919413525
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://blog.securedtouch.com/breaking-down-fraud-flows-credential-stuffing
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 24 Sep 2020 16:30:25 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
663738
x-via
cfworker/kv
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13149
cf-request-id
05628cb6240000c28b672aa200000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:00 GMT
server
cloudflare
etag
"5eb03e58-b1bc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
5d7de3d03bc3c28b-FRA
expires
Tue, 14 Sep 2021 16:30:25 GMT
%5Binfographic%5D%20The%20Fraud%20Flow%20OF%20Account%20Takeover.png
blog.securedtouch.com/hubfs/
133 KB
134 KB
Image
General
Full URL
https://blog.securedtouch.com/hubfs/%5Binfographic%5D%20The%20Fraud%20Flow%20OF%20Account%20Takeover.png
Requested by
Host: blog.securedtouch.com
URL: https://blog.securedtouch.com/breaking-down-fraud-flows-credential-stuffing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:88b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
294aa5b0a183c54d0b288ff8ff81b90eb4d19525fc207b176805b4a23621f5f1

Request headers

Referer
https://blog.securedtouch.com/breaking-down-fraud-flows-credential-stuffing
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-request-id
05628cb61500001f399f171200000001
x-amz-meta-cache-tag
F-34666459671,P-2758303,FLS-ALL
age
24165
x-amz-server-side-encryption
AES256
edge-cache-tag
F-34666459671,P-2758303,FLS-ALL
status
200
x-amz-replication-status
COMPLETED
content-disposition
inline; filename="[infographic]%20The%20Fraud%20Flow%20OF%20Account%20Takeover.webp"
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 11
x-amz-request-id
D4AC0D77E740CA31
cf-bgj
imgq:85,h2pri
etag
"044f3656fc6098630c431613f877eb3f"
vary
Accept, Accept-Encoding
x-amz-meta-created-unix-time-millis
1599466870053
content-type
image/webp
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 11
date
Thu, 24 Sep 2020 16:30:25 GMT
via
1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
FRA50-C1
x-hs-alternate-content-type
text/plain
cf-polished
origFmt=png, origSize=257349
x-cache
Miss from cloudfront
x-amz-meta-index-tag
all
content-length
136024
x-amz-id-2
jgT0LF9BoX8XYgdMZoEiJKgFECUoKQoVOZu8N+pE2fB4+Rq7O/cR/MkUGfXEAi0Vwl3bvGi/9Uw=
last-modified
Mon, 07 Sep 2020 08:21:11 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-amz-version-id
Dxw3Z1wCqfmhScifM0qeBumrWeH1Rgbh
accept-ranges
bytes
cf-ray
5d7de3d028231f39-FRA
x-amz-cf-id
IoaxcknAPWC7yB3wUj5UbF3JmdkHV6zzG8l42phiaVWCvaXXtNT4lg==
Emulator%20Fraud-as-a-Service.png
blog.securedtouch.com/hubfs/
1 MB
1 MB
Image
General
Full URL
https://blog.securedtouch.com/hubfs/Emulator%20Fraud-as-a-Service.png
Requested by
Host: blog.securedtouch.com
URL: https://blog.securedtouch.com/breaking-down-fraud-flows-credential-stuffing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:88b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef50a23dbb335d5770f64e27bf370f90d3a2cd4c5b3b27054f37406529d50f7b

Request headers

Referer
https://blog.securedtouch.com/breaking-down-fraud-flows-credential-stuffing
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-request-id
05628cb61500001f399f172200000001
x-amz-meta-cache-tag
F-34190815883,P-2758303,FLS-ALL
age
24166
x-amz-server-side-encryption
AES256
edge-cache-tag
F-34190815883,P-2758303,FLS-ALL
status
200
x-amz-replication-status
COMPLETED
content-disposition
inline; filename="Emulator%20Fraud-as-a-Service.webp"
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 11
x-amz-request-id
BV9V0RBS5X5X7Z3T
cf-bgj
imgq:85,h2pri
etag
"ac1eb61a86ecc818b856aa513e32a766"
vary
Accept, Accept-Encoding
x-amz-meta-created-unix-time-millis
1598538349420
content-type
image/webp
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 11
date
Thu, 24 Sep 2020 16:30:25 GMT
via
1.1 479d15a99f4dd073131fba1516541469.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
FRA50-C1
x-hs-alternate-content-type
text/plain
cf-polished
origFmt=png, origSize=1751542
x-cache
RefreshHit from cloudfront
x-amz-meta-index-tag
all
content-length
1050954
x-amz-id-2
/CJ908x29qrT64GJyckJKuTLUGP/z56GVSpybYB8cUwdIQSqRdyP2WFA9ztK5RIU7mjIiwW+W1w=
last-modified
Thu, 27 Aug 2020 14:25:50 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-amz-version-id
bEijcInLnmmDHH8tzjFn4CD95swZt_j7
accept-ranges
bytes
cf-ray
5d7de3d028251f39-FRA
x-amz-cf-id
03c2ivUXOISk-PxQjYTBueRCApuVnF5aXB1ric50NsroLkSp63VTAA==
reCAPTCHA.png
blog.securedtouch.com/hubfs/
77 KB
78 KB
Image
General
Full URL
https://blog.securedtouch.com/hubfs/reCAPTCHA.png
Requested by
Host: blog.securedtouch.com
URL: https://blog.securedtouch.com/breaking-down-fraud-flows-credential-stuffing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:88b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de84df68495b2bbb90d7c9d248b502e733b3d3eaa2ce1b11bf67d6dc78e67c5d

Request headers

Referer
https://blog.securedtouch.com/breaking-down-fraud-flows-credential-stuffing
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-request-id
05628cb61500001f399f173200000001
x-amz-meta-cache-tag
F-32007513687,P-2758303,FLS-ALL
age
24166
x-amz-server-side-encryption
AES256
edge-cache-tag
F-32007513687,P-2758303,FLS-ALL
status
200
content-disposition
inline; filename="reCAPTCHA.webp"
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 11
x-amz-request-id
AA4B9A763B04122F
cf-bgj
imgq:85,h2pri
etag
"fde34a5726c4a01f9536554af8b923e2"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 11
date
Thu, 24 Sep 2020 16:30:25 GMT
via
1.1 560d8d35213ac925f8d05c5730db1582.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
FRA6-C1
cf-polished
origFmt=png, origSize=139353
x-cache
RefreshHit from cloudfront
x-amz-meta-index-tag
all
content-length
78718
x-amz-id-2
pUmhANZt7bf5Emhn78bzfdSg1AKvgcpFc5uVZ17Vi+zey45JH3e223S7rR6oapMmBWcqInjrunE=
last-modified
Tue, 07 Jul 2020 12:23:17 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-amz-version-id
rPeuoyjpgHHgSDCmz1IbNaYPtt93_gNO
accept-ranges
bytes
cf-ray
5d7de3d028261f39-FRA
x-amz-cf-id
FPdT8HwW5fBvoaSNw9jyf3AtJ9VrKvLDw-oDBfqQ47UCqMfnvjafVw==
Untitled%20Design.png
blog.securedtouch.com/hubfs/Canva%20images/
1 MB
1 MB
Image
General
Full URL
https://blog.securedtouch.com/hubfs/Canva%20images/Untitled%20Design.png
Requested by
Host: blog.securedtouch.com
URL: https://blog.securedtouch.com/breaking-down-fraud-flows-credential-stuffing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:88b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3109abc61412d742bb9747d132e20dff50d4adfa42600a13e9453cd26c143a83

Request headers

Referer
https://blog.securedtouch.com/breaking-down-fraud-flows-credential-stuffing
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-request-id
05628cb61500001f399f174200000001
x-amz-meta-cache-tag
F-31467389850,FD-27465854818,P-2758303,FLS-ALL
age
24165
x-amz-server-side-encryption
AES256
edge-cache-tag
F-31467389850,FD-27465854818,P-2758303,FLS-ALL
status
200
content-disposition
inline; filename="Untitled%20Design.webp"
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 11
x-amz-request-id
7Z1MBP6S4MCG5J9T
cf-bgj
imgq:85,h2pri
etag
"b358cd47561c83a374d735184e1711d1"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 11
date
Thu, 24 Sep 2020 16:30:25 GMT
via
1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
FRA50-C1
cf-polished
origFmt=png, origSize=2189103
x-cache
RefreshHit from cloudfront
x-amz-meta-index-tag
all
content-length
1304878
x-amz-id-2
1aEzXAR7ci7VC/pGedDX1a+G7ikIj8kAReY9l9uJ32qMbpKjhtMRYl291VTSJl92H7UioBSe+hA=
last-modified
Tue, 30 Jun 2020 08:15:43 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-amz-version-id
0ZFaq7vdeXdmpbpXQaVDYF8QzNFwYjHy
accept-ranges
bytes
cf-ray
5d7de3d028271f39-FRA
x-amz-cf-id
6l6AnGBPNlrgXUcLiCRjTPA-a5xlu_CAF1-UTXx4L1ti06d5pW3uUw==
LTV%20of%20ATO.png
blog.securedtouch.com/hubfs/
74 KB
75 KB
Image
General
Full URL
https://blog.securedtouch.com/hubfs/LTV%20of%20ATO.png
Requested by
Host: blog.securedtouch.com
URL: https://blog.securedtouch.com/breaking-down-fraud-flows-credential-stuffing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:88b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f1a582a4b1f9ae3755fdee2e8130a1da928087e004a4a6ba47483044d804e95

Request headers

Referer
https://blog.securedtouch.com/breaking-down-fraud-flows-credential-stuffing
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 24 Sep 2020 16:30:25 GMT
via
1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-meta-cache-tag
F-27875984299,P-2758303,FLS-ALL
age
24165
cf-polished
origFmt=png, origSize=150770
edge-cache-tag
F-27875984299,P-2758303,FLS-ALL
status
200
content-disposition
inline; filename="LTV%20of%20ATO.webp"
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 11
x-amz-request-id
9C0BE0795CCEEEC5
cf-request-id
05628cb61500001f399f175200000001
x-amz-server-side-encryption
AES256
accept-ranges
bytes
last-modified
Wed, 01 Apr 2020 18:19:16 GMT
server
cloudflare
x-cache
RefreshHit from cloudfront
etag
"90e8b7f88084ea24459c57ea72239f72"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
content-type
image/webp
x-amz-id-2
3+iUZoq8MO791YCSMokofQeJ8ipmSIJelxaFFp914Xad4wUWPajyW6LruLzjt4pmlpHiQDVv804=
cf-bgj
imgq:85,h2pri
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id
aUnl7X3E8BeM8xM3rPlLU02ntoctqZJd
x-amz-cf-pop
FRA50-C1
content-length
76250
cf-ray
5d7de3d028291f39-FRA
x-amz-cf-id
flcANPeHP9Juilo-5rOR4P9vl5fEK2UoBl1JGw-2wCXum4D_1-m_oA==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 11
2758303.js
blog.securedtouch.com/hs/scriptloader/
2 KB
772 B
Script
General
Full URL
https://blog.securedtouch.com/hs/scriptloader/2758303.js
Requested by
Host: blog.securedtouch.com
URL: https://blog.securedtouch.com/breaking-down-fraud-flows-credential-stuffing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:88b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfa096f232e92b3d217707e88d92489ec5199f9ad4dfcc80e030fa025265f4c4

Request headers

Referer
https://blog.securedtouch.com/breaking-down-fraud-flows-credential-stuffing
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 24 Sep 2020 16:30:25 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
11
x-trace
2B438AA6A987FD8702091768F960AF8BB13B7E0056000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
status
200
cache-control
public, max-age=60
access-control-allow-credentials
false
cf-ray
5d7de3d0282b1f39-FRA
cf-request-id
05628cb61500001f399f176200000001
expires
Thu, 24 Sep 2020 16:31:14 GMT
gtm.js
www.googletagmanager.com/
74 KB
28 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-K9Q79PV
Requested by
Host: blog.securedtouch.com
URL: https://blog.securedtouch.com/breaking-down-fraud-flows-credential-stuffing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1c81c60d1365b2d83bd18f5a9d843f607f8e35527a8c849acfb3bdb6f9f79a19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://blog.securedtouch.com/breaking-down-fraud-flows-credential-stuffing
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 24 Sep 2020 16:30:25 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29075
x-xss-protection
0
last-modified
Thu, 24 Sep 2020 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 24 Sep 2020 16:30:25 GMT
S6u9w4BMUTPHh50XSwiPHA.ttf
fonts.gstatic.com/s/lato/v16/
54 KB
28 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh50XSwiPHA.ttf
Requested by
Host: blog.securedtouch.com
URL: https://blog.securedtouch.com/hs-fs/hub/2758303/hub_generated/template_assets/1598311959808/combined-css-190d630d1ff443fa7eef7301cab09b15.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0faf89b39cb8924a206a6b7cf2cc56d2e03a25788f3b6adb45529650b581d780
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://blog.securedtouch.com
Referer
https://blog.securedtouch.com/hs-fs/hub/2758303/hub_generated/template_assets/1598311959808/combined-css-190d630d1ff443fa7eef7301cab09b15.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 17 Sep 2020 16:56:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
603259
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28847
x-xss-protection
0
last-modified
Tue, 23 Jul 2019 03:45:38 GMT
server
sffe
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Sep 2021 16:56:06 GMT
icomoon.woff2
cdn2.hubspot.net/hubfs/2758303/Secured%20April2017/Fonts/
1 KB
2 KB
Font
General
Full URL
https://cdn2.hubspot.net/hubfs/2758303/Secured%20April2017/Fonts/icomoon.woff2
Requested by
Host: blog.securedtouch.com
URL: https://blog.securedtouch.com/hs-fs/hub/2758303/hub_generated/template_assets/1598311959808/combined-css-190d630d1ff443fa7eef7301cab09b15.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f4cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9907847887e45125b33ea43ae2ee06b0e2e6b7040b4c65413abe99c0612b9b2

Request headers

Origin
https://blog.securedtouch.com
Referer
https://blog.securedtouch.com/hs-fs/hub/2758303/hub_generated/template_assets/1598311959808/combined-css-190d630d1ff443fa7eef7301cab09b15.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 24 Sep 2020 16:30:25 GMT
via
1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-meta-cache-tag
F-5006494464,P-2758303,FLS-ALL
age
24163
edge-cache-tag
F-5006494464,P-2758303,FLS-ALL
status
200
x-cache
RefreshHit from cloudfront
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 11
x-amz-request-id
9G7R7PAVFW3TCY0W
cf-request-id
05628cb62a00001f3dc311f200000001
x-amz-id-2
ZbcXQseDU0A8l84geytCgwKNU2nSMxZXdVWWP7BkfzOst5m8x+uBGCK9E12ze7WGE0p6LpHvDM8=
accept-ranges
bytes
last-modified
Sat, 07 Oct 2017 16:28:42 GMT
server
cloudflare
etag
"4cd95468df4157a60eefed8c1c14f173"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id
obXxo0NdRGzd8BNARfmJgbCiHOiQY1EX
x-amz-cf-pop
FRA50-C1
content-length
1308
cf-ray
5d7de3d04c401f3d-FRA
x-amz-cf-id
JM3rFJcL3zhY-eyhhUQ2nTBgirVGucVbkIyXFUSc_YTVjPbWEhbkvw==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 11
S6u9w4BMUTPHh6UVSwiPHA.ttf
fonts.gstatic.com/s/lato/v16/
58 KB
29 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh6UVSwiPHA.ttf
Requested by
Host: blog.securedtouch.com
URL: https://blog.securedtouch.com/hs-fs/hub/2758303/hub_generated/template_assets/1598311959808/combined-css-190d630d1ff443fa7eef7301cab09b15.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6b44938bc5bcb4c2a08ca8a762ec10566c66026f40704f13cb47e370b5c8e2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://blog.securedtouch.com
Referer
https://blog.securedtouch.com/hs-fs/hub/2758303/hub_generated/template_assets/1598311959808/combined-css-190d630d1ff443fa7eef7301cab09b15.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 22 Sep 2020 18:04:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
167177
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29795
x-xss-protection
0
last-modified
Tue, 23 Jul 2019 03:45:49 GMT
server
sffe
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Sep 2021 18:04:08 GMT
S6uyw4BMUTPHjx4wWw.ttf
fonts.gstatic.com/s/lato/v16/
59 KB
30 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v16/S6uyw4BMUTPHjx4wWw.ttf
Requested by
Host: blog.securedtouch.com
URL: https://blog.securedtouch.com/hs-fs/hub/2758303/hub_generated/template_assets/1598311959808/combined-css-190d630d1ff443fa7eef7301cab09b15.css
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
acb428bb824a7f7d865446caa0fe1f6885aa0723e43848042f51db37f0926f1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://blog.securedtouch.com
Referer
https://blog.securedtouch.com/hs-fs/hub/2758303/hub_generated/template_assets/1598311959808/combined-css-190d630d1ff443fa7eef7301cab09b15.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 23 Sep 2020 16:26:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
86606
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30307
x-xss-protection
0
last-modified
Tue, 23 Jul 2019 03:45:47 GMT
server
sffe
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Sep 2021 16:26:59 GMT
T66Mi6UaQE0
www.youtube.com/embed/ Frame BAA8
0
0
Document
General
Full URL
https://www.youtube.com/embed/T66Mi6UaQE0
Requested by
Host: blog.securedtouch.com
URL: https://blog.securedtouch.com/breaking-down-fraud-flows-credential-stuffing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/T66Mi6UaQE0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://blog.securedtouch.com/breaking-down-fraud-flows-credential-stuffing
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://blog.securedtouch.com/breaking-down-fraud-flows-credential-stuffing

Response headers

status
200
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
strict-transport-security
max-age=31536000
content-encoding
br
cache-control
no-cache
expires
Tue, 27 Apr 1971 19:44:06 GMT
content-type
text/html; charset=utf-8
content-length
10998
x-content-type-options
nosniff
date
Thu, 24 Sep 2020 16:30:25 GMT
server
YouTube Frontend Proxy
x-xss-protection
0
set-cookie
VISITOR_INFO1_LIVE=KYEFqWhAT1Q; path=/; domain=.youtube.com; secure; expires=Tue, 23-Mar-2021 16:30:25 GMT; httponly; samesite=None YSC=q2oFj6kLPvo; path=/; domain=.youtube.com; secure; httponly; samesite=None VISITOR_INFO1_LIVE=KYEFqWhAT1Q; path=/; domain=.youtube.com; secure; expires=Tue, 23-Mar-2021 16:30:25 GMT; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Thu, 24-Sep-2020 17:00:25 GMT
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
image%20%2818%29.png
blog.securedtouch.com/hubfs/
85 KB
86 KB
Image
General
Full URL
https://blog.securedtouch.com/hubfs/image%20%2818%29.png
Requested by
Host: blog.securedtouch.com
URL: https://blog.securedtouch.com/breaking-down-fraud-flows-credential-stuffing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:88b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf9854be5077cffe32546157a79e4eabfa0ff67aaeba8c427686d7e7fceb2265

Request headers

Referer
https://blog.securedtouch.com/breaking-down-fraud-flows-credential-stuffing
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 24 Sep 2020 16:30:25 GMT
via
1.1 6e432daa93321d42e8840614082fcdc3.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-meta-cache-tag
F-18454031068,P-2758303,FLS-ALL
age
10
cf-polished
origFmt=png, origSize=160987
edge-cache-tag
F-18454031068,P-2758303,FLS-ALL
status
200
content-disposition
inline; filename="image%20(18).webp"
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 11
x-amz-request-id
41BB819621F40630
cf-request-id
05628cb65400001f399f179200000001
x-cache
RefreshHit from cloudfront
accept-ranges
bytes
last-modified
Thu, 17 Oct 2019 13:02:41 GMT
server
cloudflare
etag
"b760ed48b940b8bef85ee6615d4f1b1f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
content-type
image/webp
x-amz-id-2
WwGCzCzIoeXuh+z1yMN/f4l4qbqxy9eO3KZtTA/9HIy078+2MuqaC5hxvm+8zd/zLpN4bkqYv1A=
cf-bgj
imgq:85,h2pri
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id
2vypugkeXhIOWfsrt2eLuiBcOWMl1Mjq
x-amz-cf-pop
FRA6-C1
content-length
87120
cf-ray
5d7de3d089281f39-FRA
x-amz-cf-id
SsyQor7gj75z5rq7z1JMP_O7PeO6ryc-TP7OCRae1JOu9b6X8s-LCQ==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 11
LDI2apCSOBg7S-QT7pb0EPOreeI.ttf
fonts.gstatic.com/s/rajdhani/v9/
37 KB
37 KB
Font
General
Full URL
https://fonts.gstatic.com/s/rajdhani/v9/LDI2apCSOBg7S-QT7pb0EPOreeI.ttf
Requested by
Host: blog.securedtouch.com
URL: https://blog.securedtouch.com/hs-fs/hub/2758303/hub_generated/template_assets/1598311959808/combined-css-190d630d1ff443fa7eef7301cab09b15.css
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c00a5040a65ae295390e4a523aa084a0858deb2e00c74cdfdb1728e7179b0509
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://blog.securedtouch.com
Referer
https://blog.securedtouch.com/hs-fs/hub/2758303/hub_generated/template_assets/1598311959808/combined-css-190d630d1ff443fa7eef7301cab09b15.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 22 Sep 2020 11:33:17 GMT
x-content-type-options
nosniff
age
190628
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37424
x-xss-protection
0
last-modified
Tue, 16 Jul 2019 23:56:22 GMT
server
sffe
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Sep 2021 11:33:17 GMT
fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/fonts/
65 KB
66 KB
Font
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0
Requested by
Host: blog.securedtouch.com
URL: https://blog.securedtouch.com/hs-fs/hub/2758303/hub_generated/template_assets/1598311959808/combined-css-190d630d1ff443fa7eef7301cab09b15.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f2721fcaed5436f55432318b274d1542e96753b56c6ec6cdbd1c0fdd46bc66d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Origin
https://blog.securedtouch.com
Referer
https://blog.securedtouch.com/hs-fs/hub/2758303/hub_generated/template_assets/1598311959808/combined-css-190d630d1ff443fa7eef7301cab09b15.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 24 Sep 2020 16:30:25 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
667870
x-via
cfworker/kv
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
66624
cf-request-id
05628cb66600002bad68bb9200000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
etag
"5eb03e5f-10440"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
5d7de3d0adc52bad-FRA
expires
Tue, 14 Sep 2021 16:30:25 GMT
S6u8w4BMUTPHjxsAXC-v.ttf
fonts.gstatic.com/s/lato/v16/
60 KB
31 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v16/S6u8w4BMUTPHjxsAXC-v.ttf
Requested by
Host: blog.securedtouch.com
URL: https://blog.securedtouch.com/hs-fs/hub/2758303/hub_generated/template_assets/1598311959808/combined-css-190d630d1ff443fa7eef7301cab09b15.css
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0031c86655fbbfd005f64922604b2dd644b4b8ecdd3029a2ef20f3a2b43c38b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://blog.securedtouch.com
Referer
https://blog.securedtouch.com/hs-fs/hub/2758303/hub_generated/template_assets/1598311959808/combined-css-190d630d1ff443fa7eef7301cab09b15.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 22 Sep 2020 02:26:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
223442
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31578
x-xss-protection
0
last-modified
Tue, 23 Jul 2019 03:45:49 GMT
server
sffe
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Sep 2021 02:26:23 GMT
LDI2apCSOBg7S-QT7pa8FvOreeI.ttf
fonts.gstatic.com/s/rajdhani/v9/
39 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/rajdhani/v9/LDI2apCSOBg7S-QT7pa8FvOreeI.ttf
Requested by
Host: blog.securedtouch.com
URL: https://blog.securedtouch.com/hs-fs/hub/2758303/hub_generated/template_assets/1598311959808/combined-css-190d630d1ff443fa7eef7301cab09b15.css
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7445aedcb4b792eda0144e58b386a2b97555f0e773a2944fdf8eb53bedb5fd7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://blog.securedtouch.com
Referer
https://blog.securedtouch.com/hs-fs/hub/2758303/hub_generated/template_assets/1598311959808/combined-css-190d630d1ff443fa7eef7301cab09b15.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 21 Sep 2020 20:06:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
246245
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19746
x-xss-protection
0
last-modified
Tue, 16 Jul 2019 23:49:21 GMT
server
sffe
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 21 Sep 2021 20:06:20 GMT
69072baf-fa99-467e-b1d0-57ecd2a55b9a
blog.securedtouch.com/_hcms/forms/embed/v3/form/2758303/
21 KB
4 KB
Script
General
Full URL
https://blog.securedtouch.com/_hcms/forms/embed/v3/form/2758303/69072baf-fa99-467e-b1d0-57ecd2a55b9a?callback=hs_reqwest_0&hutk=
Requested by
Host: blog.securedtouch.com
URL: https://blog.securedtouch.com/_hcms/forms/v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:88b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55932e89864014b16f49377202f0a0a6a91d78aa9ff097796c8c237412769b3b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.securedtouch.com/breaking-down-fraud-flows-credential-stuffing
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 24 Sep 2020 16:30:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
server
cloudflare
x-trace
2B2063082BC5DB3E16B2B7719D51E7531E76F22F4E000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
status
200
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
content-disposition
attachment; filename=no-rfd.txt
cf-ray
5d7de3d11a6c1f39-FRA
cf-request-id
05628cb6ae00001f399f17b200000001
d2f18c3d-7542-49e4-a77e-5385851b7670
blog.securedtouch.com/_hcms/forms/embed/v3/form/2758303/
19 KB
4 KB
Script
General
Full URL
https://blog.securedtouch.com/_hcms/forms/embed/v3/form/2758303/d2f18c3d-7542-49e4-a77e-5385851b7670?callback=hs_reqwest_1&hutk=
Requested by
Host: blog.securedtouch.com
URL: https://blog.securedtouch.com/_hcms/forms/v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:88b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
496a3eb7e6b235e191b91d0d37c9b7c74cbb0fe0fa42270a49c62aa76f07dbc7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.securedtouch.com/breaking-down-fraud-flows-credential-stuffing
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 24 Sep 2020 16:30:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
server
cloudflare
x-trace
2BF034FED02A73DE9F4C2A152A41592F31678142ED000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
status
200
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
content-disposition
attachment; filename=no-rfd.txt
cf-ray
5d7de3d11a701f39-FRA
cf-request-id
05628cb6ae00001f399f17c200000001
all.js
connect.facebook.net/en_US/
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/en_US/all.js
Requested by
Host: blog.securedtouch.com
URL: https://blog.securedtouch.com/breaking-down-fraud-flows-credential-stuffing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
bd55bf5946faa410637532589b34cfd2cd0c87bea1720d23977b1a29ef6c04a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://blog.securedtouch.com/breaking-down-fraud-flows-credential-stuffing
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
f+BdAj3Y6amPegrDGN/pwg==
status
200
cross-origin-resource-policy
cross-origin
expires
Thu, 24 Sep 2020 16:36:44 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1778
etag
"0e82e5d243090ee1231bb5332e04c7b8"
x-fb-debug
b/1O6ASO+ZkqkExtdgj+PSczSCaSfXCMfEp1t2B5Lwoep99L5RFSoHCpCmbMBpVlpc/GuSqnipHEDXBsfx5WaQ==
x-fb-trip-id
664085054
x-fb-content-md5
649b1ec4043107b480bc28fa07147436
date
Thu, 24 Sep 2020 16:30:25 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
widgets.js
platform.twitter.com/
95 KB
29 KB
Script
General
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: blog.securedtouch.com
URL: https://blog.securedtouch.com/breaking-down-fraud-flows-credential-stuffing
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (pab/6FA9) /
Resource Hash
a761b426004caba495cdac2c93ce7dd306c47bc4d7bdc63c4840c3d8182396a9

Request headers

Referer
https://blog.securedtouch.com/breaking-down-fraud-flows-credential-stuffing
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 24 Sep 2020 16:30:25 GMT
Content-Encoding
gzip
Last-Modified
Tue, 01 Sep 2020 20:40:54 GMT
Server
ECS (pab/6FA9)
Age
570
Etag
"a58136137a93f33c1d165df7d4d973f8+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
28881
has-permission
app.hubspot.com/content-tools-menu/api/v1/tools-menu/
0
426 B
Script
General
Full URL
https://app.hubspot.com/content-tools-menu/api/v1/tools-menu/has-permission?portalId=2758303&callback=jsonpHandler
Requested by
Host: blog.securedtouch.com
URL: https://blog.securedtouch.com/hs/hsstatic/HubspotToolsMenu/static-1.79/js/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://blog.securedtouch.com/breaking-down-fraud-flows-credential-stuffing
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 24 Sep 2020 16:30:25 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-trace
2B535F9E263696E6B4F31CD1E363761BAEF9ACBCB0000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
status
204
cache-control
max-age=0
access-control-allow-credentials
false
cf-ray
5d7de3d149350eb3-FRA
cf-request-id
05628cb6cb00000eb3eea97200000001
conversion_async.js
www.googleadservices.com/pagead/
29 KB
12 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K9Q79PV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
cafe /
Resource Hash
6c9459a6400a8cf7ef815379f9316dc26aeec43bcc48da1d1bd58d99a6109f7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://blog.securedtouch.com/breaking-down-fraud-flows-credential-stuffing
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 24 Sep 2020 16:30:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
11311
x-xss-protection
0
server
cafe
etag
12833363978352728442
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 24 Sep 2020 16:30:25 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/
965 B
761 B
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: blog.securedtouch.com
URL: https://blog.securedtouch.com/breaking-down-fraud-flows-credential-stuffing
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10c:582::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
f10b9b0c4107ca5a40a5c69b1ac91a8948d84f39893dee6b429cdbdb05887093

Request headers

Referer
https://blog.securedtouch.com/breaking-down-fraud-flows-credential-stuffing
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 24 Sep 2020 16:30:25 GMT
Content-Encoding
gzip
Last-Modified
Tue, 22 Sep 2020 22:01:48 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=11306
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
448
fbevents.js
connect.facebook.net/en_US/
135 KB
34 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: blog.securedtouch.com
URL: https://blog.securedtouch.com/breaking-down-fraud-flows-credential-stuffing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
097afea517679d2e0b986d77cb3fe7808026882b52ca074a050e03e7a4a6996b
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://blog.securedtouch.com/breaking-down-fraud-flows-credential-stuffing
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
34302
x-xss-protection
0
pragma
public
x-fb-debug
DJzsUrNY/AolM3nvDN/z5CBkC29MCtaR0gajz3HAODyRn6wlaWBsDZV4WWKzBlGqVghxDRVLh0vYe89AHkwI1g==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Thu, 24 Sep 2020 16:30:25 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
fb.js
js.hsadspixel.net/
6 KB
3 KB
Script
General
Full URL
https://js.hsadspixel.net/fb.js
Requested by
Host: blog.securedtouch.com
URL: https://blog.securedtouch.com/hs/scriptloader/2758303.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:73b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5a8f002a9a8717596c63bc67fb90e34fe2273d480e8a5e59fa807e7f74d615a

Request headers

Referer
https://blog.securedtouch.com/breaking-down-fraud-flows-credential-stuffing
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 24 Sep 2020 16:30:25 GMT
via
1.1 c974a69619205281e0e6b8e73f95e4b5.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
244
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
x-amz-replication-status
COMPLETED
content-encoding
br
content-type
application/javascript; charset=utf-8
cf-request-id
05628cb6fc0000177af8b5b200000001
last-modified
Tue, 08 Sep 2020 03:54:36 UTC
server
cloudflare
etag
W/"5ece4efe27d3c9e898d737f56f5dfbb5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
AGrJk1b8OS4VYnkrFU7ROm2e0Nb6MfLl
cache-control
max-age=600
x-amz-cf-pop
IAD89-C3
cf-ray
5d7de3d19af0177a-FRA
x-amz-cf-id
lOnM9N_qepeF7Fv8QnTJnxn7QJWM2N13GsWC35W4pidFGWwbiBDxbA==
leadflows.js
js.hsleadflows.net/
411 KB
68 KB
Script
General
Full URL
https://js.hsleadflows.net/leadflows.js
Requested by
Host: blog.securedtouch.com
URL: https://blog.securedtouch.com/hs/scriptloader/2758303.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:e7cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0df7e73cbc0768c0bedff98c883e3d5d1423e9805646c094670e9366a129d14

Request headers

Origin
https://blog.securedtouch.com
Referer
https://blog.securedtouch.com/breaking-down-fraud-flows-credential-stuffing
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 24 Sep 2020 16:30:25 GMT
via
1.1 cef2b4d24f9bca7ece48f6be33efd62c.cloudfront.net (CloudFront)
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status
HIT
age
24163
x-amz-server-side-encryption
AES256
cf-ray
5d7de3d19f5a2b41-FRA
x-cache
Miss from cloudfront
status
200
x-amz-replication-status
COMPLETED
content-encoding
br
cf-request-id
05628cb6fc00002b41a69bd200000001
last-modified
Thu, 03 Sep 2020 09:11:52 UTC
server
cloudflare
etag
W/"d6d87f6b69c9c3436cb524ac7790e207"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
P1C37XS8PnAD4aj9b8nHaKJeVCmooB.3
access-control-allow-origin
*
cache-control
s-maxage=86400, max-age=0
x-amz-cf-pop
IAD66-C2
content-type
application/javascript; charset=utf-8
x-amz-cf-id
-Cxz8M8k_0iSosBujBRuJb_CqCRPUgaGmVfWzTpFgckXhkf-gY_-1Q==
2758303.js
js.hs-analytics.net/analytics/1600965000000/
60 KB
18 KB
Script
General
Full URL
https://js.hs-analytics.net/analytics/1600965000000/2758303.js
Requested by
Host: blog.securedtouch.com
URL: https://blog.securedtouch.com/hs/scriptloader/2758303.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:45b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90a60fe2b2d40278e42e6bf4479df9e99a4cc4f2dfe32bdf69f1d4b773b3a067

Request headers

Referer
https://blog.securedtouch.com/breaking-down-fraud-flows-credential-stuffing
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 24 Sep 2020 16:30:25 GMT
content-encoding
br
cf-cache-status
HIT
age
10
x-amz-server-side-encryption
AES256
status
200
x-amz-request-id
BB053D355BCE94AB
x-amz-id-2
5nbAe7JGdyA+7a0ULM/KBIjfC2MV21rdp4IyzTJ0dYmd1ZpsYoUkNsiFEJ0FB328qTjpMEAo1Ww=
last-modified
Tue, 25 Aug 2020 16:20:34 GMT
server
cloudflare
etag
W/"1206b86c40eb40a472fe39c09abe650b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=300, public
access-control-allow-credentials
false
x-amz-version-id
null
cf-request-id
05628cb6f90000d7090235f200000001
cf-ray
5d7de3d18e54d709-FRA
expires
Thu, 24 Sep 2020 16:35:14 GMT
2758303.js
js.hs-banner.com/
46 KB
12 KB
Script
General
Full URL
https://js.hs-banner.com/2758303.js
Requested by
Host: blog.securedtouch.com
URL: https://blog.securedtouch.com/hs/scriptloader/2758303.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf1d48ebac8418d3066d8f97ffdd6481ab5e7e075c6c138e243e0f4cf8bc80f0

Request headers

Referer
https://blog.securedtouch.com/breaking-down-fraud-flows-credential-stuffing
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash
crc32c=jUIgcA==, md5=3lY1VdXyrsp7+p4BG18ADA==
date
Thu, 24 Sep 2020 16:30:25 GMT
content-encoding
br
cf-cache-status
HIT
age
11
x-guploader-uploadid
ABg5-UyycVPt4o_av7u1I6YnHJ8IL7bYW9JbRctfXLOtGSD8jCWa18Dp9PGMPIh0tZjC0_gYFFfTYm4Aa9hOB_088D6BIWSHrQ
x-goog-storage-class
STANDARD
status
200
access-control-max-age
604800
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
text/javascript
cf-request-id
05628cb6fb000097a87c371200000001
timing-allow-origin
*
last-modified
Wed, 09 Sep 2020 14:58:12 GMT
server
cloudflare
etag
W/"de563555d5f2aeca7bfa9e011b5f000c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-goog-generation
1599663492561884
access-control-allow-origin
https://www.securedtouch.com
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300, public
access-control-allow-credentials
true
x-goog-stored-content-length
47284
cf-ray
5d7de3d1986c97a8-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires
Thu, 24 Sep 2020 16:35:14 GMT
all.js
connect.facebook.net/en_US/
194 KB
59 KB
Script
General
Full URL
https://connect.facebook.net/en_US/all.js?hash=665b5638afb902a1dd8fec83cb7b5320&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
14f708d15bf0108c4ee0d325f3b8a865456493e72175b660bcfdf03e9f3f22f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://blog.securedtouch.com
Referer
https://blog.securedtouch.com/breaking-down-fraud-flows-credential-stuffing
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
UBF2TbW6/rmupBeUSC4bbQ==
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
59857
etag
"1f2ec6881b738be7cf71922e9c42f5a9"
x-fb-debug
Gqj1gwQuOtUM/XZNbxFltesfz3+xVsrMg2Rynul4zWP1fLCmO0HUqWxmIK+3oikRDyFoDTz27sTMFy8o0CkG9w==
x-fb-trip-id
664085054
x-fb-content-md5
21c35c92817288ea0210e8f60f3e4c0d
x-frame-options
DENY
date
Thu, 24 Sep 2020 16:30:25 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
expires
Fri, 24 Sep 2021 15:05:28 GMT
insight.beta.min.js
snap.licdn.com/li.lms-analytics/
4 KB
2 KB
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.beta.min.js
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10c:582::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
a8431bfe4316cdc20de936e824f735c9478bbc9ce3d3a51c774eca45faff637f

Request headers

Referer
https://blog.securedtouch.com/breaking-down-fraud-flows-credential-stuffing
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 24 Sep 2020 16:30:25 GMT
Content-Encoding
gzip
Last-Modified
Tue, 22 Sep 2020 22:01:48 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=19897
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1799
2279523112282083
connect.facebook.net/signals/config/
524 KB
132 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/2279523112282083?v=2.9.24&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f23675b96701ae34edd1292c95ffd12da3e573095823c3a5f56a43b19dac71d9
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://blog.securedtouch.com/breaking-down-fraud-flows-credential-stuffing
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
134814
x-xss-protection
0
pragma
public
x-fb-debug
1mZphOOoWqoNlPKuLa06Qd7M+55e7IngfFKy/AdNDlMCPms+RMxee1FmZldxN8+HZ9mMT/ucel4eNco5QmmILQ==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Thu, 24 Sep 2020 16:30:25 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
px.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=120330&time=1600965025564&url=https%3A%2F%2Fblog.securedtouch.com%2Fbreaking-down-fraud-flows-credential-stuffing
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D120330%26time%3D1600965025564%26url%3Dhttps%253A%252F%252Fblog.securedtouch.com%2...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=120330&time=1600965025564&url=https%3A%2F%2Fblog.securedtouch.com%2Fbreaking-down-fraud-flows-credential-stuffing&liSync=true
0
64 B
Image
General
Full URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=120330&time=1600965025564&url=https%3A%2F%2Fblog.securedtouch.com%2Fbreaking-down-fraud-flows-credential-stuffing&liSync=true
Requested by
Host: blog.securedtouch.com
URL: https://blog.securedtouch.com/breaking-down-fraud-flows-credential-stuffing
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:f500:11:101::b93f:9005 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://blog.securedtouch.com/breaking-down-fraud-flows-credential-stuffing
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 24 Sep 2020 16:30:26 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-lor1
status
200
x-li-proto
http/2
x-li-pop
prod-tln1
content-type
application/javascript
content-length
0
x-li-uuid
wCOldzXFNxYw5mlskisAAA==

Redirect headers

content-security-policy
default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-content-type-options
nosniff
linkedin-action
1
status
302
content-length
0
x-li-uuid
MFKZbzXFNxagipKPvCoAAA==
pragma
no-cache
x-li-pop
afd-prod-esv5
x-msedge-ref
Ref A: 94646A82DBE24FA5A55F366F6AE56B7A Ref B: FRAEDGE1511 Ref C: 2020-09-24T16:30:25Z
x-frame-options
sameorigin
date
Thu, 24 Sep 2020 16:30:25 GMT
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security
max-age=2592000
x-li-fabric
prod-lor1
location
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=120330&time=1600965025564&url=https%3A%2F%2Fblog.securedtouch.com%2Fbreaking-down-fraud-flows-credential-stuffing&liSync=true
x-xss-protection
1; mode=block
cache-control
no-cache, no-store
x-li-proto
http/2
expires
Thu, 01 Jan 1970 00:00:00 GMT
widget_iframe.2d7d9a6d04538bf11c7b23641e75738c.html
platform.twitter.com/widgets/ Frame 8542
0
0
Document
General
Full URL
https://platform.twitter.com/widgets/widget_iframe.2d7d9a6d04538bf11c7b23641e75738c.html?origin=https%3A%2F%2Fblog.securedtouch.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (pab/6F8A) /
Resource Hash

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://blog.securedtouch.com/breaking-down-fraud-flows-credential-stuffing
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://blog.securedtouch.com/breaking-down-fraud-flows-credential-stuffing

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
757809
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Thu, 24 Sep 2020 16:30:25 GMT
Etag
"9fa476ae827f556d5b037fe43632370d+gzip"
Last-Modified
Tue, 01 Sep 2020 17:58:17 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (pab/6F8A)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
5825
button.e24f3bcdec527b80b9c80e88b62047c3.js
platform.twitter.com/js/
7 KB
3 KB
Script
General
Full URL
https://platform.twitter.com/js/button.e24f3bcdec527b80b9c80e88b62047c3.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (pab/6FA9) /
Resource Hash
da3e524928bcca821af2551eb6f9e9ae2449ceb48642cce4f2dae23383098537

Request headers

Referer
https://blog.securedtouch.com/breaking-down-fraud-flows-credential-stuffing
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 24 Sep 2020 16:30:25 GMT
Content-Encoding
gzip
Last-Modified
Tue, 01 Sep 2020 17:58:08 GMT
Server
ECS (pab/6FA9)
Age
757808
Etag
"2288bbd5e30b6dba457d3d615de9e136+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
2295
/
www.facebook.com/tr/
44 B
259 B
Image
General
Full URL
https://www.facebook.com/tr/?id=2279523112282083&ev=PageView&dl=https%3A%2F%2Fblog.securedtouch.com%2Fbreaking-down-fraud-flows-credential-stuffing&rl=&if=false&ts=1600965025756&sw=1600&sh=1200&v=2.9.24&r=stable&ec=0&o=30&fbp=fb.1.1600965025755.1934897522&it=1600965025556&coo=false&rqm=GET
Requested by
Host: blog.securedtouch.com
URL: https://blog.securedtouch.com/breaking-down-fraud-flows-credential-stuffing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://blog.securedtouch.com/breaking-down-fraud-flows-credential-stuffing
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 24 Sep 2020 16:30:25 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Thu, 24 Sep 2020 16:30:25 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/839074925/
2 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/839074925/?random=1600965025761&cv=9&fst=1600965025761&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg9g1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fblog.securedtouch.com%2Fbreaking-down-fraud-flows-credential-stuffing&tiba=Breaking%20Down%20Fraud%20Flows%3A%20Credential%20Stuffing&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aa7298d43be97fe8c9f7654ec6bc40efcbb076ec0272f2284983461c6fc0507b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://blog.securedtouch.com/breaking-down-fraud-flows-credential-stuffing
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Sep 2020 16:30:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
1042
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
btn_arrow.png
cdn2.hubspot.net/hubfs/2758303/Secured%20April2017/Images/
96 B
1 KB
Image
General
Full URL
https://cdn2.hubspot.net/hubfs/2758303/Secured%20April2017/Images/btn_arrow.png
Requested by
Host: blog.securedtouch.com
URL: https://blog.securedtouch.com/hs-fs/hub/2758303/hub_generated/template_assets/1598311959808/combined-css-190d630d1ff443fa7eef7301cab09b15.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f4cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e72389c735102d81ac86f811d823f51e0f2cd711b62ddf3a100a5280f4166b5

Request headers

Referer
https://blog.securedtouch.com/hs-fs/hub/2758303/hub_generated/template_assets/1598311959808/combined-css-190d630d1ff443fa7eef7301cab09b15.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 24 Sep 2020 16:30:25 GMT
via
1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-meta-cache-tag
F-5006784504,P-2758303,FLS-ALL
age
24163
cf-polished
origFmt=png, origSize=161
edge-cache-tag
F-5006784504,P-2758303,FLS-ALL
status
200
content-disposition
inline; filename="btn_arrow.webp"
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 11
x-amz-request-id
0A5A047E1F3C0424
cf-request-id
05628cb8090000c2d11292e200000001
x-cache
RefreshHit from cloudfront
accept-ranges
bytes
last-modified
Sat, 07 Oct 2017 16:28:43 GMT
server
cloudflare
etag
"21cba079adc3f720427087476213c02a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
content-type
image/webp
x-amz-id-2
eR19lpIoInNlyfT0UtaUzu1kzy/MswC4oqeRR7bS72t3SEXXyXCje+q+yUuTidpuypb8yglXYAE=
cf-bgj
imgq:85,h2pri
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id
wkkQ2iGQqOuMY8_b2BQO9qeDBrElgxcN
x-amz-cf-pop
FRA50-C1
content-length
96
cf-ray
5d7de3d34e01c2d1-FRA
x-amz-cf-id
hzoDeDzXI-qskbSddrBtd0Eg79Rq4VWhf6IDjspvqfgs4Ujl2L3Jfg==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 11
tweet_button.2d7d9a6d04538bf11c7b23641e75738c.en.html
platform.twitter.com/widgets/ Frame 269C
0
0
Document
General
Full URL
https://platform.twitter.com/widgets/tweet_button.2d7d9a6d04538bf11c7b23641e75738c.en.html
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (pab/6FA9) /
Resource Hash

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://blog.securedtouch.com/breaking-down-fraud-flows-credential-stuffing
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://blog.securedtouch.com/breaking-down-fraud-flows-credential-stuffing

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
757808
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Thu, 24 Sep 2020 16:30:25 GMT
Etag
"287ee8422006a852a093d257a3e63161+gzip"
Last-Modified
Tue, 01 Sep 2020 17:58:14 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (pab/6FA9)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
12279
/
www.google.com/pagead/1p-user-list/839074925/
42 B
107 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/839074925/?random=1600965025761&cv=9&fst=1600963200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg9g1&sendb=1&frm=0&url=https%3A%2F%2Fblog.securedtouch.com%2Fbreaking-down-fraud-flows-credential-stuffing&tiba=Breaking%20Down%20Fraud%20Flows%3A%20Credential%20Stuffing&async=1&fmt=3&is_vtc=1&random=142796676&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: blog.securedtouch.com
URL: https://blog.securedtouch.com/breaking-down-fraud-flows-credential-stuffing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://blog.securedtouch.com/breaking-down-fraud-flows-credential-stuffing
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Sep 2020 16:30:25 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/839074925/
42 B
107 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/839074925/?random=1600965025761&cv=9&fst=1600963200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg9g1&sendb=1&frm=0&url=https%3A%2F%2Fblog.securedtouch.com%2Fbreaking-down-fraud-flows-credential-stuffing&tiba=Breaking%20Down%20Fraud%20Flows%3A%20Credential%20Stuffing&async=1&fmt=3&is_vtc=1&random=142796676&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: blog.securedtouch.com
URL: https://blog.securedtouch.com/breaking-down-fraud-flows-credential-stuffing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://blog.securedtouch.com/breaking-down-fraud-flows-credential-stuffing
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Sep 2020 16:30:25 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
jot
syndication.twitter.com/i/
43 B
383 B
Image
General
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fblog.securedtouch.com%2Fbreaking-down-fraud-flows-credential-stuffing%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1600965025983%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22219d021%3A1598982042171%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D
Requested by
Host: blog.securedtouch.com
URL: https://blog.securedtouch.com/breaking-down-fraud-flows-credential-stuffing
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.8 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://blog.securedtouch.com/breaking-down-fraud-flows-credential-stuffing
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 24 Sep 2020 16:30:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200, 200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
128
pragma
no-cache
last-modified
Thu, 24 Sep 2020 16:30:26 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
7fd3b847b309d321646b0eea68daf50a
x-transaction
00e62c7e00e9d874
expires
Tue, 31 Mar 1981 05:00:00 GMT
__ptq.gif
track.hubspot.com/
45 B
129 B
Image
General
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2017058934&v=1.1&a=2758303&pi=18417995736&ct=blog-post&ccu=https%3A%2F%2Fblog.securedtouch.com%2Fbreaking-down-fraud-flows-credential-stuffing&cpi=18417995736&cgi=5008986045&lpi=18417995736&lvi=18417995736&lvc=en-us&pu=https%3A%2F%2Fblog.securedtouch.com%2Fbreaking-down-fraud-flows-credential-stuffing&t=Breaking+Down+Fraud+Flows%3A+Credential+Stuffing&cts=1600965026168&vi=f5ccce27c50164cf0e53824c15d3b5ca&nc=true&ce=false&pt=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://blog.securedtouch.com/breaking-down-fraud-flows-credential-stuffing
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-ray
5d7de3d5ac450eb3-FRA
date
Thu, 24 Sep 2020 16:30:26 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI CUR ADM OUR NOR STA NID"
status
200
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/gif
content-length
45
cf-request-id
05628cb98500000eb3eeacd200000001
x-robots-tag
none
__ptq.gif
track.hubspot.com/
45 B
351 B
Image
General
Full URL
https://track.hubspot.com/__ptq.gif?k=15&fi=d2f18c3d-7542-49e4-a77e-5385851b7670&fci=195bdcf0-9c00-4d77-b01d-eca5dbfa8b88&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2017058934&v=1.1&a=2758303&pi=18417995736&ct=blog-post&ccu=https%3A%2F%2Fblog.securedtouch.com%2Fbreaking-down-fraud-flows-credential-stuffing&cpi=18417995736&cgi=5008986045&lpi=18417995736&lvi=18417995736&lvc=en-us&pu=https%3A%2F%2Fblog.securedtouch.com%2Fbreaking-down-fraud-flows-credential-stuffing&t=Breaking+Down+Fraud+Flows%3A+Credential+Stuffing&cts=1600965026173&vi=f5ccce27c50164cf0e53824c15d3b5ca&nc=true&ce=false&pt=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://blog.securedtouch.com/breaking-down-fraud-flows-credential-stuffing
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-ray
5d7de3d5ac460eb3-FRA
date
Thu, 24 Sep 2020 16:30:26 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI CUR ADM OUR NOR STA NID"
status
200
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/gif
content-length
45
cf-request-id
05628cb98500000eb3eeace200000001
x-robots-tag
none
__ptq.gif
track.hubspot.com/
45 B
129 B
Image
General
Full URL
https://track.hubspot.com/__ptq.gif?k=15&fi=69072baf-fa99-467e-b1d0-57ecd2a55b9a&fci=6fee8c09-0b8f-415d-8396-90f2a1c7a311&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2017058934&v=1.1&a=2758303&pi=18417995736&ct=blog-post&ccu=https%3A%2F%2Fblog.securedtouch.com%2Fbreaking-down-fraud-flows-credential-stuffing&cpi=18417995736&cgi=5008986045&lpi=18417995736&lvi=18417995736&lvc=en-us&pu=https%3A%2F%2Fblog.securedtouch.com%2Fbreaking-down-fraud-flows-credential-stuffing&t=Breaking+Down+Fraud+Flows%3A+Credential+Stuffing&cts=1600965026176&vi=f5ccce27c50164cf0e53824c15d3b5ca&nc=true&ce=false&pt=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://blog.securedtouch.com/breaking-down-fraud-flows-credential-stuffing
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-ray
5d7de3d5ac440eb3-FRA
date
Thu, 24 Sep 2020 16:30:26 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI CUR ADM OUR NOR STA NID"
status
200
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/gif
content-length
45
cf-request-id
05628cb98500000eb3eeacc200000001
x-robots-tag
none
like.php
www.facebook.com/plugins/ Frame 3686
0
0
Document
General
Full URL
https://www.facebook.com/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df28f462778adda%26domain%3Dblog.securedtouch.com%26origin%3Dhttps%253A%252F%252Fblog.securedtouch.com%252Ff1f3c63f7179504%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fblog.securedtouch.com%2Fbreaking-down-fraud-flows-credential-stuffing&layout=button_count&locale=en_US&sdk=joey&share=true&show_faces=false&width=120
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=665b5638afb902a1dd8fec83cb7b5320&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df28f462778adda%26domain%3Dblog.securedtouch.com%26origin%3Dhttps%253A%252F%252Fblog.securedtouch.com%252Ff1f3c63f7179504%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fblog.securedtouch.com%2Fbreaking-down-fraud-flows-credential-stuffing&layout=button_count&locale=en_US&sdk=joey&share=true&show_faces=false&width=120
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://blog.securedtouch.com/breaking-down-fraud-flows-credential-stuffing
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
fr=0pAdwOLdKqqdtTEDl..BfbMmh...1.0.BfbMmh.
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://blog.securedtouch.com/breaking-down-fraud-flows-credential-stuffing

Response headers

status
200
vary
Accept-Encoding
pragma
no-cache
expires
Sat, 01 Jan 2000 00:00:00 GMT
content-encoding
br
strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
timing-allow-origin
*
x-xss-protection
0
cache-control
private, no-cache, no-store, must-revalidate
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
x-fb-debug
J5K23shHrryDFqavX6DJeDynbVOf1AA+NmVlUF8UXGCIuajA2H/lRxRDT/92mrIHyFxMUn3u/ptZxgioDc9tiw==
date
Thu, 24 Sep 2020 16:30:26 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
/
www.facebook.com/tr/
44 B
146 B
Image
General
Full URL
https://www.facebook.com/tr/?id=2279523112282083&ev=Microdata&dl=https%3A%2F%2Fblog.securedtouch.com%2Fbreaking-down-fraud-flows-credential-stuffing&rl=&if=false&ts=1600965026259&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Breaking%20Down%20Fraud%20Flows%3A%20Credential%20Stuffing%22%2C%22meta%3Adescription%22%3A%22Credential%20stuffing%20attacks%20are%20the%20first%20step%20in%20Account%20Takeovers%20(ATOs).%20These%20attacks%20are%20on%20the%20rise%20and%20cost%20eCommerce%20companies%20%246%20billion%20annually.%20How%20does%20credential%20stuffing%20work%20and%20what%20tools%20do%20fraudsters%20use%3F%20Read%20on.%22%7D&cd[OpenGraph]=%7B%22og%3Adescription%22%3A%22Credential%20stuffing%20attacks%20are%20the%20first%20step%20in%20Account%20Takeovers%20(ATOs).%20These%20attacks%20are%20on%20the%20rise%20and%20cost%20eCommerce%20companies%20%246%20billion%20annually.%20How%20does%20credential%20stuffing%20work%20and%20what%20tools%20do%20fraudsters%20use%3F%20Read%20on.%22%2C%22og%3Atitle%22%3A%22Breaking%20Down%20Fraud%20Flows%3A%20Credential%20Stuffing%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fblog.securedtouch.com%2Fhubfs%2Fimage%2520%252818%2529.png%23keepProtocol%22%2C%22og%3Aimage%3Aalt%22%3A%22image%20(18)%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fblog.securedtouch.com%2Fbreaking-down-fraud-flows-credential-stuffing%22%2C%22og%3Atype%22%3A%22article%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.24&r=stable&ec=1&o=30&fbp=fb.1.1600965025755.1934897522&it=1600965025556&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://blog.securedtouch.com/breaking-down-fraud-flows-credential-stuffing
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 24 Sep 2020 16:30:26 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Thu, 24 Sep 2020 16:30:26 GMT
perf
blog.securedtouch.com/_hcms/
2 B
202 B
XHR
General
Full URL
https://blog.securedtouch.com/_hcms/perf
Requested by
Host: blog.securedtouch.com
URL: https://blog.securedtouch.com/breaking-down-fraud-flows-credential-stuffing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:88b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://blog.securedtouch.com/breaking-down-fraud-flows-credential-stuffing
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
application/json

Response headers

cf-ray
5d7de3e83f421f39-FRA
date
Thu, 24 Sep 2020 16:30:29 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-trace
2B4C06D1236F03CC69C44434189CC14F2049292164000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
status
200
access-control-allow-credentials
false
x-robots-tag
none
content-length
2
cf-request-id
05628cc52500001f399f2c8200000001
json
forms.hubspot.com/lead-flows-config/v1/config/
167 B
801 B
XHR
General
Full URL
https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=2758303&contentId=18417995736&currentUrl=https%3A%2F%2Fblog.securedtouch.com%2Fbreaking-down-fraud-flows-credential-stuffing
Requested by
Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5abbecdabfbb90a3d2e2f950d357fff3acd82b5d1421d53d6184170cf0b4298
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://blog.securedtouch.com/breaking-down-fraud-flows-credential-stuffing
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 24 Sep 2020 16:30:35 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-request-id
05628cded300000629812b1200000001
x-robots-tag
none
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
180
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://blog.securedtouch.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
cf-ray
5d7de4115db20629-FRA
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent

Verdicts & Comments Add Verdict or Comment

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes function| $ function| jQuery function| hsjQuery object| _hsp object| dataLayer object| __core-js_shared__ object| Sslac object| IN object| google_tag_manager function| bindToWindowOnError object| globalRoot function| hns object| hubspot object| hbspt object| __hsRoot object| hspreserve undefined| React undefined| reqwest function| OutpostErrorReporter function| hmerge undefined| ReactDOM undefined| require undefined| requirejs undefined| module undefined| bootstrap object| options object| HSFR object| _hsq function| hs_reqwest_0 function| hs_reqwest_1 object| hsVars function| jsonpHandler object| google_tag_data string| _linkedin_data_partner_id function| fbq function| _fbq object| jQuery17103367758299381818 object| FB boolean| PIXELS_RAN function| lintrk boolean| _already_called_lintrk boolean| _hspb_loaded object| __twttrll object| twttr object| __twttr object| _paq boolean| _hstc_loaded function| defineProperties object| leadflows boolean| popupPoliceActive function| hns2 undefined| jade undefined| I18n undefined| hubspot_mailcheck undefined| Pikaday undefined| exports undefined| define boolean| LEAD_FLOWS_RAN boolean| COMMON_SETUP_RAN function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO boolean| _hspb_ran boolean| _hstc_ran string| __hsUserToken number| expireDateTime boolean| LEAD_FLOW_DOCUMENT_READY_RAN

6 Cookies

Domain/Path Name / Value
.youtube.com/ Name: YSC
Value: q2oFj6kLPvo
.blog.securedtouch.com/ Name: __cfduid
Value: d93bc318909e48612cbb786a367a23a191600965025
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: KYEFqWhAT1Q
.securedtouch.com/ Name: _fbp
Value: fb.1.1600965025755.1934897522
.blog.securedtouch.com/ Name: __cfruid
Value: 0642cb9b5d61d4024bc521ebe065a80618c7aa74-1600965025
.securedtouch.com/ Name: _gcl_au
Value: 1.1.922478532.1600965025

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.hubspot.com
blog.securedtouch.com
cdn2.hubspot.net
cdnjs.cloudflare.com
connect.facebook.net
fonts.gstatic.com
forms.hubspot.com
googleads.g.doubleclick.net
js.hs-analytics.net
js.hs-banner.com
js.hsadspixel.net
js.hsleadflows.net
lh3.googleusercontent.com
platform.linkedin.com
platform.twitter.com
px.ads.linkedin.com
secured.devurl.net
snap.licdn.com
syndication.twitter.com
track.hubspot.com
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
www.youtube.com
104.244.42.8
216.58.207.66
2606:2800:233:66b5:799a:7cd3:f74d:7071
2606:4700::6811:45b0
2606:4700::6811:4e6b
2606:4700::6811:73b0
2606:4700::6811:88b4
2606:4700::6811:e7cc
2606:4700::6811:f4cc
2606:4700::6812:15bf
2606:4700::6813:9a53
2606:4700::6813:9b53
2620:1ec:21::14
2a00:1450:4001:808::2003
2a00:1450:4001:809::2008
2a00:1450:4001:816::2001
2a00:1450:4001:819::2002
2a00:1450:4001:819::2004
2a00:1450:4001:81b::2003
2a00:1450:4001:820::200e
2a02:26f0:10c:582::25ea
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:f500:11:101::b93f:9005
82.166.213.108
93.184.220.66
0031c86655fbbfd005f64922604b2dd644b4b8ecdd3029a2ef20f3a2b43c38b9
00d2497bb3cb8e9c5e51fcd6c74ebc96aa86a6764b68ae1e04a302510fa44dd6
097afea517679d2e0b986d77cb3fe7808026882b52ca074a050e03e7a4a6996b
0f1a582a4b1f9ae3755fdee2e8130a1da928087e004a4a6ba47483044d804e95
0faf89b39cb8924a206a6b7cf2cc56d2e03a25788f3b6adb45529650b581d780
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
14f708d15bf0108c4ee0d325f3b8a865456493e72175b660bcfdf03e9f3f22f6
1c81c60d1365b2d83bd18f5a9d843f607f8e35527a8c849acfb3bdb6f9f79a19
294aa5b0a183c54d0b288ff8ff81b90eb4d19525fc207b176805b4a23621f5f1
2e72389c735102d81ac86f811d823f51e0f2cd711b62ddf3a100a5280f4166b5
3109abc61412d742bb9747d132e20dff50d4adfa42600a13e9453cd26c143a83
3174fe0090fc1dd5d0e272c46ea90ca96df05d77ef8da190b7f43f8919413525
385ce7c2b89745788cd4d80d48a0a7b5ea057e25fc9e2a302e95332d924c5def
496a3eb7e6b235e191b91d0d37c9b7c74cbb0fe0fa42270a49c62aa76f07dbc7
4f2721fcaed5436f55432318b274d1542e96753b56c6ec6cdbd1c0fdd46bc66d
52e2cd2a0eeab4924cf7b417e6773b963f094ef26ae46e3f9c427ffa5c977311
55932e89864014b16f49377202f0a0a6a91d78aa9ff097796c8c237412769b3b
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
6c9459a6400a8cf7ef815379f9316dc26aeec43bcc48da1d1bd58d99a6109f7b
73030f0146cf2c5736a8eae428e5f9a726b1a7715bea2db41bfb53913ac1fad3
7445aedcb4b792eda0144e58b386a2b97555f0e773a2944fdf8eb53bedb5fd7f
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
90a60fe2b2d40278e42e6bf4479df9e99a4cc4f2dfe32bdf69f1d4b773b3a067
9acb94cb1f1ac7f6cb4a3d7c8f5011162bed6aee59d3e14ff667284bd0c86ea3
a6b44938bc5bcb4c2a08ca8a762ec10566c66026f40704f13cb47e370b5c8e2c
a761b426004caba495cdac2c93ce7dd306c47bc4d7bdc63c4840c3d8182396a9
a8431bfe4316cdc20de936e824f735c9478bbc9ce3d3a51c774eca45faff637f
aa7298d43be97fe8c9f7654ec6bc40efcbb076ec0272f2284983461c6fc0507b
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acb428bb824a7f7d865446caa0fe1f6885aa0723e43848042f51db37f0926f1f
bd55bf5946faa410637532589b34cfd2cd0c87bea1720d23977b1a29ef6c04a2
bf9854be5077cffe32546157a79e4eabfa0ff67aaeba8c427686d7e7fceb2265
c00a5040a65ae295390e4a523aa084a0858deb2e00c74cdfdb1728e7179b0509
c168c4c2b57ce0bd26874763d799bd446002204dac6f96ab81e12efdc7974242
c9907847887e45125b33ea43ae2ee06b0e2e6b7040b4c65413abe99c0612b9b2
ca496980f053a2645d65d70105e801b4c84c81febf062416c2e25ddc7c5ad191
cf1d48ebac8418d3066d8f97ffdd6481ab5e7e075c6c138e243e0f4cf8bc80f0
d0df7e73cbc0768c0bedff98c883e3d5d1423e9805646c094670e9366a129d14
d5a8f002a9a8717596c63bc67fb90e34fe2273d480e8a5e59fa807e7f74d615a
da3e524928bcca821af2551eb6f9e9ae2449ceb48642cce4f2dae23383098537
da450e99a80baf6e91b0f04fa6404926679aceda93618ced9bfbea554ad6a6cd
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dd3eb59038a5df086653388d9394fed2f2f1d72d9c01cfdc4920247a9d371e83
de84df68495b2bbb90d7c9d248b502e733b3d3eaa2ce1b11bf67d6dc78e67c5d
dfa096f232e92b3d217707e88d92489ec5199f9ad4dfcc80e030fa025265f4c4
e29f006ffe77965896bef47227cad8fea2c292333f64c2e35f402f21bec76945
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5abbecdabfbb90a3d2e2f950d357fff3acd82b5d1421d53d6184170cf0b4298
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef50a23dbb335d5770f64e27bf370f90d3a2cd4c5b3b27054f37406529d50f7b
f10b9b0c4107ca5a40a5c69b1ac91a8948d84f39893dee6b429cdbdb05887093
f23675b96701ae34edd1292c95ffd12da3e573095823c3a5f56a43b19dac71d9
fb56af9f7623a55839dfb9cf019b05664a62e1b41671d925f3ed587c506443b5