blog.fraudfighter.com Open in urlscan Pro
2606:2c40::c73c:6702 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.fraudfightermail.net/?cid=30026110&sid=1386007&lid=4053889&o=0
Effective URL:
https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
Submission Tags: falconsandbox
Submission: On December 28 via api (December 28th 2021, 11:48:27 pm UTC) from US — Scanned from CA

Summary HTTP 124 Redirects Links 82 Behaviour Indicators

Summary

This website contacted 39 IPs in 2 countries across 31 domains to perform 124 HTTP transactions. The main IP is 2606:2c40::c73c:6702, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is blog.fraudfighter.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 16th 2021. Valid for: a year.

This is the only time blog.fraudfighter.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	148.59.128.71 148.59.128.71	33561 (LUNAVI-WY) (LUNAVI-WY)
1	148.59.128.120 148.59.128.120	33561 (LUNAVI-WY) (LUNAVI-WY)
1	2607:f8b0:400... 2607:f8b0:4006:80c::200a	15169 (GOOGLE) (GOOGLE)
32	2606:2c40::c7... 2606:2c40::c73c:6702	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
2	2607:f8b0:400... 2607:f8b0:4006:81d::200a	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:822::2008	15169 (GOOGLE) (GOOGLE)
2	40.78.102.238 40.78.102.238	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:2800:21f... 2606:2800:21f:edfc:49f9:c096:a5a7:75f2	15133 (EDGECAST) (EDGECAST)
2 10	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:f1cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a04:4e42:400... 2a04:4e42:400::622	54113 (FASTLY) (FASTLY)
3	142.250.80.66 142.250.80.66	15169 (GOOGLE) (GOOGLE)
10	2607:f8b0:400... 2607:f8b0:4006:823::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:47b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:74b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:15bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:eacc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2607:f8b0:400... 2607:f8b0:4006:80d::2002	15169 (GOOGLE) (GOOGLE)
1	151.101.0.65 151.101.0.65	54113 (FASTLY) (FASTLY)
2	2a03:2880:f01... 2a03:2880:f012:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
2	2606:2800:220... 2606:2800:220:de:468:2285:c1:4a3	15133 (EDGECAST) (EDGECAST)
1	2606:4700::68... 2606:4700::6811:cccc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6810:5905	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:ba72	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6 9	52.6.52.44 52.6.52.44	14618 (AMAZON-AES) (AMAZON-AES)
10	2607:f8b0:400... 2607:f8b0:4006:807::2004	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:81e::2003	15169 (GOOGLE) (GOOGLE)
9	2607:f8b0:400... 2607:f8b0:4006:80b::2003	15169 (GOOGLE) (GOOGLE)
1	104.244.42.200 104.244.42.200	13414 (TWITTER) (TWITTER)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
1 2	52.45.33.138 52.45.33.138	14618 (AMAZON-AES) (AMAZON-AES)
1 2	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1	8.43.72.98 8.43.72.98	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	142.250.65.226 142.250.65.226	15169 (GOOGLE) (GOOGLE)
1 2	68.67.181.202 68.67.181.202	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2607:f8b0:400... 2607:f8b0:4006:81f::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:c9cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.23.190.53 52.23.190.53	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:402... 2607:f8b0:4023:1404::9c	15169 (GOOGLE) (GOOGLE)
124	39

3 148.59.128.71 (Canada) 1 redirects

ASN33561 (LUNAVI-WY, US)
PTR: smtp71.dunhillmarketingmailer.com

www.fraudfightermail.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.59.128.120 (Canada)

ASN33561 (LUNAVI-WY, US)

software.clickback.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80c::200a (United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2606:2c40::c73c:6702 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

blog.fraudfighter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81d::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:822::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 40.78.102.238 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

secure.hall3hook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:21f:edfc:49f9:c096:a5a7:75f2 (United States)

ASN15133 (EDGECAST, US)

platform.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700::6813:9a53 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

app.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
no-cache.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cta-service-cms2.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:f1cc (United States)

ASN13335 (CLOUDFLARENET, US)

avatars.hubspot.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:400::622 (United States)

ASN54113 (FASTLY, US)

fast.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.80.66 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s35-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2607:f8b0:4006:823::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:47b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:74b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:15bf (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:eacc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80d::2002 (United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.0.65 (United States)

ASN54113 (FASTLY, US)

tag.marinsm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:220:de:468:2285:c1:4a3 (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:cccc (United States)

ASN13335 (CLOUDFLARENET, US)

api-na1.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:5905 (United States)

ASN13335 (CLOUDFLARENET, US)

perf.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:ba72 (United States)

ASN13335 (CLOUDFLARENET, US)

f.hubspotusercontent20.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 52.6.52.44 (Ashburn, United States) 6 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-6-52-44.compute-1.amazonaws.com

pixel-geo.prfct.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2607:f8b0:4006:807::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:81e::2003 (United States)

ASN15169 (GOOGLE, US)

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4006:80b::2003 (United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.200 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.45.33.138 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-33-138.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.65.226 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.67.181.202 (Secaucus, United States) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 555.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81f::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:c9cc (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.23.190.53 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-23-190-53.compute-1.amazonaws.com

pipedream.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4023:1404::9c (Columbus, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	fraudfighter.com blog.fraudfighter.com	691 KB
19	gstatic.com fonts.gstatic.com www.gstatic.com	629 KB
11	hubspot.com 2 redirects app.hubspot.com no-cache.hubspot.com cta-service-cms2.hubspot.com track.hubspot.com forms.hubspot.com	26 KB
10	google.com www.google.com	69 KB
9	prfct.co 6 redirects pixel-geo.prfct.co	4 KB
5	doubleclick.net 1 redirects googleads.g.doubleclick.net cm.g.doubleclick.net stats.g.doubleclick.net	5 KB
4	google.ca www.google.ca	783 B
4	hsforms.com perf.hsforms.com	2 KB
4	twitter.com platform.twitter.com syndication.twitter.com analytics.twitter.com	133 KB
3	googleadservices.com www.googleadservices.com	46 KB
3	wistia.com fast.wistia.com pipedream.wistia.com	114 KB
3	googletagmanager.com www.googletagmanager.com	117 KB
3	googleapis.com ajax.googleapis.com fonts.googleapis.com	36 KB
3	fraudfightermail.net 1 redirects www.fraudfightermail.net	3 KB
2	google-analytics.com www.google-analytics.com	20 KB
2	adnxs.com 1 redirects secure.adnxs.com	2 KB
2	openx.net 1 redirects us-u.openx.net	384 B
2	yahoo.com 1 redirects ups.analytics.yahoo.com	575 B
2	hubapi.com api-na1.hubapi.com api.hubapi.com	2 KB
2	facebook.net connect.facebook.net	83 KB
2	hall3hook.com secure.hall3hook.com	5 KB
1	rubiconproject.com pixel.rubiconproject.com	767 B
1	hubspotusercontent20.net f.hubspotusercontent20.net	16 KB
1	marinsm.com tag.marinsm.com	4 KB
1	hsleadflows.net js.hsleadflows.net	87 KB
1	hs-banner.com js.hs-banner.com	16 KB
1	hsadspixel.net js.hsadspixel.net	3 KB
1	hs-analytics.net js.hs-analytics.net	20 KB
1	hubspot.net avatars.hubspot.net	1 KB
1	linkedin.com platform.linkedin.com	61 KB
1	clickback.com software.clickback.com	1 KB
124	31

	Domain	Requested by
32	blog.fraudfighter.com	www.fraudfightermail.net blog.fraudfighter.com
10	www.google.com	blog.fraudfighter.com www.gstatic.com www.google.com
10	fonts.gstatic.com	fonts.googleapis.com www.google.com
9	www.gstatic.com	www.google.com www.gstatic.com
9	pixel-geo.prfct.co	6 redirects blog.fraudfighter.com
4	track.hubspot.com
4	www.google.ca	blog.fraudfighter.com
4	perf.hsforms.com	blog.fraudfighter.com
3	googleads.g.doubleclick.net	www.googleadservices.com
3	www.googleadservices.com	blog.fraudfighter.com www.googletagmanager.com
3	app.hubspot.com	2 redirects blog.fraudfighter.com
3	www.googletagmanager.com	blog.fraudfighter.com js.hsadspixel.net www.googletagmanager.com
3	www.fraudfightermail.net	1 redirects ajax.googleapis.com
2	www.google-analytics.com	blog.fraudfighter.com www.google-analytics.com
2	secure.adnxs.com	1 redirects blog.fraudfighter.com
2	us-u.openx.net	1 redirects blog.fraudfighter.com
2	ups.analytics.yahoo.com	1 redirects blog.fraudfighter.com
2	platform.twitter.com	blog.fraudfighter.com platform.twitter.com
2	connect.facebook.net	blog.fraudfighter.com connect.facebook.net
2	fast.wistia.com	blog.fraudfighter.com fast.wistia.com
2	no-cache.hubspot.com	blog.fraudfighter.com
2	secure.hall3hook.com	blog.fraudfighter.com secure.hall3hook.com
2	fonts.googleapis.com	blog.fraudfighter.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	forms.hubspot.com	js.hsleadflows.net
1	pipedream.wistia.com	fast.wistia.com
1	api.hubapi.com	js.hsadspixel.net
1	cm.g.doubleclick.net	1 redirects
1	pixel.rubiconproject.com	blog.fraudfighter.com
1	analytics.twitter.com	blog.fraudfighter.com
1	syndication.twitter.com	platform.twitter.com
1	f.hubspotusercontent20.net	blog.fraudfighter.com
1	api-na1.hubapi.com	blog.fraudfighter.com
1	cta-service-cms2.hubspot.com	blog.fraudfighter.com
1	tag.marinsm.com	blog.fraudfighter.com
1	js.hsleadflows.net	blog.fraudfighter.com
1	js.hs-banner.com	blog.fraudfighter.com
1	js.hsadspixel.net	blog.fraudfighter.com
1	js.hs-analytics.net	blog.fraudfighter.com
1	avatars.hubspot.net	blog.fraudfighter.com
1	platform.linkedin.com	blog.fraudfighter.com
1	ajax.googleapis.com	www.fraudfightermail.net
1	software.clickback.com	www.fraudfightermail.net
124	43

This site contains links to these domains. Also see Links.

Domain
www.fraudfighter.com
twitter.com
www.facebook.com
www.linkedin.com

Subject Issuer	Validity	Valid
www.fraudfightermail.net R3	`2021-07-21` - `2021-10-19`	3 months	crt.sh
software.clickback.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-06-17` - `2022-06-17`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
blog.fraudfighter.com Cloudflare Inc ECC CA-3	`2021-07-16` - `2022-07-15`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
secure.norm0care.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-20` - `2022-06-19`	a year	crt.sh
platform.linkedin.com DigiCert SHA2 Secure Server CA	`2021-09-10` - `2022-09-10`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2021-06-26` - `2022-06-25`	a year	crt.sh
fast.wistia.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-12-24` - `2023-01-25`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-14` - `2022-07-13`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
tag.marinsm.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-12-24` - `2023-01-25`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-10-07` - `2022-01-05`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
hubapi.com Cloudflare Inc ECC CA-3	`2021-06-07` - `2022-06-06`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-24` - `2022-03-23`	a year	crt.sh
*.prfct.co Sectigo RSA Domain Validation Secure Server CA	`2021-11-02` - `2022-11-02`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.wistia.com Amazon	`2021-04-01` - `2022-04-30`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
Frame ID: A799514C970A30C0FDC96780A51EE176
Requests: 104 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.21f942bb866c2823339b839747a0c50c.html?origin=https%3A%2F%2Fblog.fraudfighter.com
Frame ID: 7E92A329A8B1D173F0241912FFAA17B3
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9ibG9nLmZyYXVkZmlnaHRlci5jb206NDQz&hl=en&v=VZKEDW9wslPbEc9RmzMqaOAP&size=invisible&badge=inline&cb=9n953v5cdue4
Frame ID: C81AA2DE4FEFDC98FC6BA67B8EF2A41B
Requests: 7 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=VZKEDW9wslPbEc9RmzMqaOAP&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Frame ID: BAF4C71D5AED5049A055310DFA3C29EF
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

When do we return to the bad-old-days of normal fraud?Follow us on FacebookFollow us on TwitterFollow us on LinkedIn

Page URL History Show full URLs

https://www.fraudfightermail.net/?cid=30026110&sid=1386007&lid=4053889&o=0 HTTP 302
https://www.fraudfightermail.net/external_pages/clickTracker.aspx?cid=30026110&sid=1386007&lid=4053889&o=0 Page URL
https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110 Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Linkedin (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.linkedin\.com/in\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

124
Requests

92 %
HTTPS

65 %
IPv6

31
Domains

43
Subdomains

39
IPs

2
Countries

2193 kB
Transfer

5581 kB
Size

28
Cookies

82 Outgoing links

These are links going to different origins than the main page.

URL: https://www.fraudfighter.com/

Search URL Search Domain Scan URL

URL: https://www.fraudfighter.com/products
Title: Products

Search URL Search Domain Scan URL

URL: https://www.fraudfighter.com/products/counterfeit-detectors
Title: Counterfeit Money Detection

Search URL Search Domain Scan URL

URL: https://www.fraudfighter.com/products/counterfeit-detectors#automatic
Title: Automated Detection

Search URL Search Domain Scan URL

URL: https://www.fraudfighter.com/products/ct250
Title: CT-250

Search URL Search Domain Scan URL

URL: https://www.fraudfighter.com/products/ct600
Title: CT-600

Search URL Search Domain Scan URL

URL: https://www.fraudfighter.com/products/counterfeit-detectors#manual
Title: Ultraviolet (UV) Detection

Search URL Search Domain Scan URL

URL: https://www.fraudfighter.com/products/uv16
Title: UV-16

Search URL Search Domain Scan URL

URL: https://www.fraudfighter.com/products/uled-2000
Title: NEW! UV-LED Tabletop Lamp ULED2000

Search URL Search Domain Scan URL

URL: https://www.fraudfighter.com/products/uv16p
Title: UV-16P

Search URL Search Domain Scan URL

URL: https://www.fraudfighter.com/products/pos15
Title: POS-15

Search URL Search Domain Scan URL

URL: https://www.fraudfighter.com/products/penlight
Title: UV Pro Penlight

Search URL Search Domain Scan URL

URL: https://www.fraudfighter.com/products/hh4
Title: HH-4

Search URL Search Domain Scan URL

URL: https://www.fraudfighter.com/products/uv4
Title: UV-4

Search URL Search Domain Scan URL

URL: https://www.fraudfighter.com/products/britestik
Title: Brite Stick

Search URL Search Domain Scan URL

URL: https://www.fraudfighter.com/products/replacement-bulbs
Title: Bulbs

Search URL Search Domain Scan URL

URL: https://www.fraudfighter.com/products/money-counters
Title: Currency Counters and Storage

Search URL Search Domain Scan URL

URL: https://www.fraudfighter.com/products/money-counters#countbyweight
Title: Count-by-Weight Scales

Search URL Search Domain Scan URL

URL: https://www.fraudfighter.com/products/counteasy
Title: CountEasy

Search URL Search Domain Scan URL

URL: https://www.fraudfighter.com/products/counteasy-ts
Title: CountEasy TS

Search URL Search Domain Scan URL

URL: https://www.fraudfighter.com/products/money-counters#hispeedcounters
Title: Hi-Speed Counters

Search URL Search Domain Scan URL

URL: https://www.fraudfighter.com/products/ff3000
Title: FF-3000

Search URL Search Domain Scan URL

URL: https://www.fraudfighter.com/products/money-counters#cashdropbox
Title: Smart Cash Drop-Box

Search URL Search Domain Scan URL

URL: https://www.fraudfighter.com/products/countercache
Title: CounterCache Intelligent

Search URL Search Domain Scan URL

URL: https://www.fraudfighter.com/products/identity-authentication
Title: Identity Authentication

Search URL Search Domain Scan URL

URL: https://www.fraudfighter.com/products/identity-authentication#autoid
Title: PALIDIN Automated Authentication

Search URL Search Domain Scan URL

URL: https://www.fraudfighter.com/palidin-identity-authentication
Title: WHAT IS PALIDIN?

Search URL Search Domain Scan URL

URL: https://www.fraudfighter.com/products/id150
Title: ID-150

Search URL Search Domain Scan URL

URL: https://www.fraudfighter.com/products/at10k
Title: AT10K

Search URL Search Domain Scan URL

URL: https://www.fraudfighter.com/products/penta_1
Title: Penta Scanner

Search URL Search Domain Scan URL

URL: https://www.fraudfighter.com/products/identity-authentication#manualid
Title: Ultraviolet (UV) Authentication

Search URL Search Domain Scan URL

URL: https://www.fraudfighter.com/product/driver-license-guide
Title: UV DL Guide

Search URL Search Domain Scan URL

URL: https://www.fraudfighter.com/products/by-item
Title: All Products (Alphabetical)

Search URL Search Domain Scan URL

URL: https://www.fraudfighter.com/industry
Title: Industries

Search URL Search Domain Scan URL

URL: https://www.fraudfighter.com/industry/automotive
Title: Automotive

Search URL Search Domain Scan URL

URL: https://www.fraudfighter.com/industry/entertainment
Title: Entertainment

Search URL Search Domain Scan URL

URL: https://www.fraudfighter.com/industry/financial
Title: Financial

Search URL Search Domain Scan URL

URL: https://www.fraudfighter.com/industry/government
Title: Government

Search URL Search Domain Scan URL

URL: https://www.fraudfighter.com/industry/healthcare
Title: Healthcare

Search URL Search Domain Scan URL

URL: https://www.fraudfighter.com/industry/hospitality
Title: Hospitality

Search URL Search Domain Scan URL

URL: https://www.fraudfighter.com/industry/retail
Title: Retail

Search URL Search Domain Scan URL

URL: https://www.fraudfighter.com/resources
Title: Resources

Search URL Search Domain Scan URL

URL: https://www.fraudfighter.com/education/compliance-management
Title: Compliance Management

Search URL Search Domain Scan URL

URL: https://www.fraudfighter.com/education/compliance/bank-secrecy-act
Title: Bank Secrecy Act

Search URL Search Domain Scan URL

URL: https://www.fraudfighter.com/education/compliance/cmea-combat-methamphetamine-epidemic-act
Title: CMEA

Search URL Search Domain Scan URL

URL: https://www.fraudfighter.com/education/compliance/customer-identification-program
Title: CIP

Search URL Search Domain Scan URL

URL: https://www.fraudfighter.com/education/compliance/facta-red-flag-rules
Title: FACTA - Red Flag Rules

Search URL Search Domain Scan URL

URL: https://www.fraudfighter.com/education/compliance/ftc-privacy-act
Title: FTC Privacy

Search URL Search Domain Scan URL

URL: https://www.fraudfighter.com/education/compliance/glba-gramm-leach-bliley-act
Title: GLBA

Search URL Search Domain Scan URL

URL: https://www.fraudfighter.com/education/compliance/hipaa
Title: HIPAA

Search URL Search Domain Scan URL

URL: https://www.fraudfighter.com/education/compliance/i-9-employee-verification
Title: I-9 (Employee Verification)

Search URL Search Domain Scan URL

URL: https://www.fraudfighter.com/education/compliance/pci-payment-card-industry
Title: PCI

Search URL Search Domain Scan URL

URL: https://www.fraudfighter.com/education/compliance/title-31-casino-compliance
Title: Title 31

Search URL Search Domain Scan URL

URL: https://www.fraudfighter.com/education
Title: What You Need to Know About Fraud

Search URL Search Domain Scan URL

URL: https://www.fraudfighter.com/education/types-of-fraud/counterfeit-money
Title: Counterfeit Money

Search URL Search Domain Scan URL

URL: https://www.fraudfighter.com/education/types-of-fraud/stolen-fraudulent-credit-cards
Title: Credit Cards Fraud

Search URL Search Domain Scan URL

URL: https://www.fraudfighter.com/education/types-of-fraud/fake-ids
Title: Fake IDs

Search URL Search Domain Scan URL

URL: https://www.fraudfighter.com/education/types-of-fraud/identity-theft
Title: Identity Theft

Search URL Search Domain Scan URL

URL: https://www.fraudfighter.com/education/types-of-fraud/orc-organized-retail-crime
Title: Organized Retail Crime (ORC)

Search URL Search Domain Scan URL

URL: https://www.fraudfighter.com/education/case-studies
Title: Whitepapers & Case Studies

Search URL Search Domain Scan URL

URL: https://www.fraudfighter.com/resources/support/webinars-powerpoints
Title: Demos & Webinars

Search URL Search Domain Scan URL

URL: https://www.fraudfighter.com/resources/benchmark-survey
Title: Benchmark Survey

Search URL Search Domain Scan URL

URL: https://www.fraudfighter.com/resources/support
Title: Support

Search URL Search Domain Scan URL

URL: https://www.fraudfighter.com/resources/support/replacement-parts
Title: Replacement Parts

Search URL Search Domain Scan URL

URL: https://www.fraudfighter.com/resources/support/returns-warranty-policy
Title: Returns & Warranty Policy

Search URL Search Domain Scan URL

URL: https://www.fraudfighter.com/resources/support/software-update-downloads
Title: Software Downloads

Search URL Search Domain Scan URL

URL: https://www.fraudfighter.com/resources/user-guides
Title: User Guides

Search URL Search Domain Scan URL

URL: https://www.fraudfighter.com/about
Title: About Us

Search URL Search Domain Scan URL

URL: https://www.fraudfighter.com/why-fraudfighter
Title: Why FraudFighter

Search URL Search Domain Scan URL

URL: https://www.fraudfighter.com/what-we-do
Title: What We Do

Search URL Search Domain Scan URL

URL: https://www.fraudfighter.com/counterfeit-detection
Title: Counterfeit Detection

Search URL Search Domain Scan URL

URL: https://www.fraudfighter.com/identity-authentication
Title: Identity Authentication

Search URL Search Domain Scan URL

URL: https://www.fraudfighter.com/message-from-ceo
Title: Message from CEO

Search URL Search Domain Scan URL

URL: https://www.fraudfighter.com/partner
Title: Become a Partner

Search URL Search Domain Scan URL

URL: https://www.fraudfighter.com/contact
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=I+found+this+interesting+blog+post&url=https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud

Search URL Search Domain Scan URL

URL: http://www.facebook.com/share.php?u=https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/shareArticle?mini=true&url=https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud

Search URL Search Domain Scan URL

URL: https://www.fraudfighter.com/palidin-for-financial-institutions-multi-channel-id-authentication
Title: Check out how Fraudfighter is working on document-free authentication to enable FrictionFree transactions

Search URL Search Domain Scan URL

URL: https://www.fraudfighter.com/contact-2
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.fraudfighter.com/privacy
Title: Privacy

Search URL Search Domain Scan URL

URL: https://www.fraudfighter.com/sitemap.xml
Title: Sitemap

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.fraudfightermail.net/?cid=30026110&sid=1386007&lid=4053889&o=0 HTTP 302
https://www.fraudfightermail.net/external_pages/clickTracker.aspx?cid=30026110&sid=1386007&lid=4053889&o=0 Page URL
https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://www.fraudfightermail.net/?cid=30026110&sid=1386007&lid=4053889&o=0 HTTP 302
https://www.fraudfightermail.net/external_pages/clickTracker.aspx?cid=30026110&sid=1386007&lid=4053889&o=0

Request Chain 24

https://app.hubspot.com/settings/avatar/241f08e6d94402150d9c586c84a5dc05 HTTP 302
https://app.hubspot.com/userpreferences/v1/avatar/241f08e6d94402150d9c586c84a5dc05 HTTP 307
https://avatars.hubspot.net/default-80

Request Chain 67

https://pixel-geo.prfct.co/tagjs?a_id=55519&source=js_tag HTTP 302
https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=55519&source=js_tag

Request Chain 77

https://pixel-geo.prfct.co/cs/?partnerId=twtr HTTP 302
https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_NgTofLDTBPNADhD8w

Request Chain 78

https://pixel-geo.prfct.co/cs/?partnerId=yah HTTP 302
https://ups.analytics.yahoo.com/ups/58288/sync?uid=pa_NgTofLDTBPNADhD8w&_origin=1 HTTP 302
https://ups.analytics.yahoo.com/ups/58288/sync?uid=pa_NgTofLDTBPNADhD8w&_origin=1&verify=true

Request Chain 79

https://pixel-geo.prfct.co/cs/?partnerId=opx HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537114372&val=pa_NgTofLDTBPNADhD8w HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537114372&val=pa_NgTofLDTBPNADhD8w

Request Chain 80

https://pixel-geo.prfct.co/cs/?partnerId=rbcn HTTP 302
https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_NgTofLDTBPNADhD8w

Request Chain 81

https://pixel-geo.prfct.co/cs/?partnerId=goo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=nowspots_bidder&google_hm=cGFfTmdUb2ZMRFRCUE5BRGhEOHc HTTP 302
https://pixel-geo.prfct.co/cb?partnerId=goo

Request Chain 83

https://secure.adnxs.com/seg?t=2&add=4362616 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D4362616

124 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

clickTracker.aspx Show response
www.fraudfightermail.net/external_pages/
Redirect Chain

https://www.fraudfightermail.net/?cid=30026110&sid=1386007&lid=4053889&o=0
https://www.fraudfightermail.net/external_pages/clickTracker.aspx?cid=30026110&sid=1386007&lid=4053889&o=0

7 KB
3 KB

325ms
325ms

Document
text/html

148.59.128.71
LUNAVI-WY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fraudfightermail.net/external_pages/clickTracker.aspx?cid=30026110&sid=1386007&lid=4053889&o=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.59.128.71 , Canada, ASN33561 (LUNAVI-WY, US),
Reverse DNS: smtp71.dunhillmarketingmailer.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 7190acb07092f880526b33b21717f8516019973e6bb1d615c1e026f1c5a4a7e1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-CA,en;q=0.9

Response headers

cache-control: private
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE
access-control-allow-headers: Authorization
date: Tue, 28 Dec 2021 23:48:18 GMT
content-length: 2679

Redirect headers

cache-control: private
content-type: text/html
location: /external_pages/clickTracker.aspx?cid=30026110&sid=1386007&lid=4053889&o=0
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE
access-control-allow-headers: Authorization
date: Tue, 28 Dec 2021 23:48:18 GMT
content-length: 207

GET
H2 200 CookieWriteJS.js Show response
software.clickback.com/Cookie/ 2 KB
1 KB 262ms
82ms Script
application/x-javascript 148.59.128.120
LUNAVI-WY

General

Check archive.org

Show headers Download Go to

Full URL: https://software.clickback.com/Cookie/CookieWriteJS.js
Requested by: Host: www.fraudfightermail.net
URL: https://www.fraudfightermail.net/external_pages/clickTracker.aspx?cid=30026110&sid=1386007&lid=4053889&o=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.59.128.120 , Canada, ASN33561 (LUNAVI-WY, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f78b58df5ef0e99f170c595a2356eca920adba3a904963d4b1642be7aa3c9cca

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.fraudfightermail.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 23:48:19 GMT
content-encoding: gzip
last-modified: Thu, 09 Sep 2021 19:25:06 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "a5393165b0a5d71:0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/x-javascript
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Authorization
content-length: 861

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 95 KB
34 KB 73ms
22ms Script
text/javascript 2607:f8b0:4006:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: www.fraudfightermail.net
URL: https://www.fraudfightermail.net/external_pages/clickTracker.aspx?cid=30026110&sid=1386007&lid=4053889&o=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.fraudfightermail.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 06:45:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 234162
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 26 Dec 2022 06:45:37 GMT

POST
H2 200 UpdateGRT
www.fraudfightermail.net/external_pages/clicker.aspx/ 10 B
133 B 59ms
59ms XHR
application/json 148.59.128.71
LUNAVI-WY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fraudfightermail.net/external_pages/clicker.aspx/UpdateGRT
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.59.128.71 , Canada, ASN33561 (LUNAVI-WY, US),
Reverse DNS: smtp71.dunhillmarketingmailer.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.fraudfightermail.net/external_pages/clickTracker.aspx?cid=30026110&sid=1386007&lid=4053889&o=0
X-Requested-With: XMLHttpRequest
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Tue, 28 Dec 2021 23:48:19 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Authorization
content-length: 30

GET
H2 200 Primary Request when-do-we-return-to-the-bad-old-days-of-normal-fraud Show response
blog.fraudfighter.com/ 82 KB
19 KB 949ms
853ms Document
text/html 2606:2c40::c73c:6702
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110

Requested by

Host: www.fraudfightermail.net
URL: https://www.fraudfightermail.net/external_pages/clickTracker.aspx?cid=30026110&sid=1386007&lid=4053889&o=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / HubSpot

Resource Hash

210492ea6311d6d2000507d5a4d4847c45033aa269e2fe7fae4e9cbd21502ccf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.fraudfightermail.net/

Response headers

date: Tue, 28 Dec 2021 23:48:21 GMT
content-type: text/html;charset=utf-8
cf-ray: 6c4eadca3bb57144-YUL
cache-control: s-maxage=7200,max-age=5
last-modified: Tue, 28 Dec 2021 23:48:21 GMT
link: </hs/hsstatic/AsyncSupport/static-1.122/js/comment_listing_asset.js>; rel=preload; as=script, </hs/hsstatic/HubspotToolsMenu/static-1.119/js/index.js>; rel=preload; as=script, </hs/hsstatic/cos-i18n/static-1.53/bundles/project.js>; rel=preload; as=script, </_hcms/forms/v2.js>; rel=preload; as=script
strict-transport-security: max-age=31536000
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: false
content-security-policy: upgrade-insecure-requests
edge-cache-tag: CT-3321049907,CT-3869541826,CT-42654121989,CG-442513759,P-76574,W-14548597792,CW-48287578886,CW-48288020863,CW-48291530378,E-2051074399,E-464698846,E-48289297274,E-48289584914,E-48289584925,E-48290784852,E-48290785183,E-48291530392,E-48291557794,E-48292160306,MENU-14548597792,MENU-46478617859,RA-48290490275,PGS-ALL,SW-2,GC-48289070637,GC-48291598390
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer-when-downgrade
x-hs-cache-config: BrowserCache-5s-EdgeCache-7200s
x-hs-content-campaign-id: 21be9266-6515-41cb-ae9f-5453a76462f6
x-hs-content-id: 42654121989
x-hs-hub-id: 76574
x-hubspot-correlation-id: 3351560f-6630-47e4-812d-63b99ba41014
x-powered-by: HubSpot
x-trace: 2BA3EE398CD3C34351FB6432700B0C30E14D83406E000000000000000000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XMxQWiKSSqWquHvL5ayGgCO3VtTMFI%2B8O27XpWyDe5d9t965nArrpEVO2EWtESOsGGYlPZfgf3HApREQhmYFTR6%2F756Un6tkQxwiB630KIq7PjhfGUIqJOSqiIinM%2FUaNl5l7m4w8%2BZhLiutObaYExm6Lg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
cf-h2-pushed: </hs/hsstatic/AsyncSupport/static-1.122/js/comment_listing_asset.js>,</hs/hsstatic/HubspotToolsMenu/static-1.119/js/index.js>,</hs/hsstatic/cos-i18n/static-1.53/bundles/project.js>,</_hcms/forms/v2.js>

GET
H2 200 comment_listing_asset.js Show response
blog.fraudfighter.com/hs/hsstatic/AsyncSupport/static-1.122/js/ 8 KB
3 KB 19ms
0ms Script
application/javascript 2606:2c40::c73c:6702
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.fraudfighter.com/hs/hsstatic/AsyncSupport/static-1.122/js/comment_listing_asset.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

043cfebfa4ec302e0368eadbae54853a5b6caff633b3d1e02a32f2cd2f71e1fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 23:48:21 GMT
via: 1.1 d2f1890663687b5701416428f5cbb655.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 974675
x-amz-server-side-encryption: AES256
cf-ray: 6c4eadcf79fb7144-YUL
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-encoding: br
last-modified: Fri, 17 Dec 2021 15:26:09 GMT
server: cloudflare
etag: W/"2455723721db341ff86a4f64384a9c0d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aPRY6eHPUHqzze%2F2EnpgdFuDowSiVZruJT1e3EXuc3SNoBX4VpxWV%2BSRB5cfs66n7V%2BWUe%2FiMNQGPO%2B70u74CQ6Q9yKG1jZqGxSrxrhIsA68BWXfoqgoBvSkwzSwyIVnl1ZnTW55jhk5MWp2Dg5sOddo4A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 4D3b_.jtdSCbU1XTktruWk73HT0wxWk7
cache-control: public, max-age=31536000
x-amz-cf-pop: YTO50-C3
content-type: application/javascript
x-amz-cf-id: A95aAA5OS7c_uvEaJVoKvLJMBo46vQq4JRTxCKb7YRCV0U8KJB-F0w==
expires: Wed, 28 Dec 2022 23:48:21 GMT

GET
H2 200 index.js Show response
blog.fraudfighter.com/hs/hsstatic/HubspotToolsMenu/static-1.119/js/ 11 KB
4 KB 13ms
0ms Script
application/javascript 2606:2c40::c73c:6702
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.fraudfighter.com/hs/hsstatic/HubspotToolsMenu/static-1.119/js/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d9bc6dec214e0ac4562af8a3854d2d46772e46e66806ab6aed8ba22d833d0dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 23:48:21 GMT
via: 1.1 90b7b9dc3aa8817f0cef3cfd45fb8917.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3657062
x-amz-server-side-encryption: AES256
cf-ray: 6c4eadcf79fe7144-YUL
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
content-encoding: br
last-modified: Mon, 15 Nov 2021 14:59:45 GMT
server: cloudflare
etag: W/"e87d0efee17e652760ab5ccd33fbc8ad"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KcIluXLgEm5V8581d5UVIENRjj58fHa6Xjl%2FVDQ95vxDDnZsBW6R2UQeORGoWCTsiCI2bVucPCFWYggVF2FRXWUMKBgfQkqr1qQ%2BUVTa3u%2F6zjWWO4xb4ZI5LFEnZnv1LhAOuQWVdJGeVoMBUK5GIl%2FKuw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: vdFz9Y2Y_lpsefQtRnWK89fgZF54ag5p
cache-control: public, max-age=31536000
x-amz-cf-pop: YUL62-C2
content-type: application/javascript
x-amz-cf-id: -CqyxlXkYwObrPEB-62aA4FxAAEBIWNdn26M-4xBDT9OD8S-t-CETw==
expires: Wed, 28 Dec 2022 23:48:21 GMT

GET
H2 200 project.js Show response
blog.fraudfighter.com/hs/hsstatic/cos-i18n/static-1.53/bundles/ 1 KB
1 KB 8ms
0ms Script
application/javascript 2606:2c40::c73c:6702
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.fraudfighter.com/hs/hsstatic/cos-i18n/static-1.53/bundles/project.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 23:48:21 GMT
via: 1.1 039b6acf310ef8fb314d9bef263bf88a.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4257709
x-amz-server-side-encryption: AES256
cf-ray: 6c4eadcf79ff7144-YUL
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-encoding: br
last-modified: Tue, 09 Nov 2021 16:12:42 GMT
server: cloudflare
etag: W/"61ca66de658cab9587e4636894680d5d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6ydh3siV4BaBYMIqILhXR8Gj8QxBuoWNhrv3vU25rSwXZFmt0JnzOqcC6yR%2BiOdhkdNK4Y7vP6R0EjO4hxB1x54bdiY5V%2Bxv2U54n8aBhAe9CzdN8pMGqCdpGl2x0%2FqQyZd2l15s4Dzj1v2546amN%2BpemA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: P9ES7sOpFzrLl1QoRwjEAy5outPo5_GO
cache-control: public, max-age=31536000
x-amz-cf-pop: YTO50-C3
content-type: application/javascript
x-amz-cf-id: L5iE3kjDJFpsME8nlR9rXLbBzDFauKmjDJZbEDO34qds18WPg0Lwag==
expires: Wed, 28 Dec 2022 23:48:21 GMT

GET
H2 200 v2.js Show response
blog.fraudfighter.com/_hcms/forms/ 565 KB
144 KB 13ms
0ms Script
application/javascript 2606:2c40::c73c:6702
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.fraudfighter.com/_hcms/forms/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

1de48ca333e7ed7ea263055100dad7bb8ced7fe44d59831ccd49fe8b7155d0b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 23:48:21 GMT
via: 1.1 3500e6db5ae43764ed5ca43fc6d56059.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 503
x-amz-server-side-encryption: AES256
cf-ray: 6c4eadcf7a007144-YUL
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-encoding: br
last-modified: Fri, 17 Dec 2021 10:24:31 UTC
server: cloudflare
etag: W/"4a09092143104bbd73d83353e3de8f45"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pV12KEha7Gqua8fGkn7m%2ByyT%2B37EMcnzD%2F72v1zmnE7XlUq4zEW5lCNfteHbOgR7B5LrhxnYEBb%2B2U7udTiY9jci1F6ydL4t0Ob1Pv2L%2BmwSJSCpnfGQ95YCCijB7jxo10gAxHeNcx%2FU1XLWO2H4zbs8nA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: XQgMPDVWVhxA2fBXXk7Bfu.xqq3CrItk
access-control-allow-origin: *
cache-control: s-maxage=600, max-age=0
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-P1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: -tPlNaJHYwzf4JA3lZSNCICRqVgFnSQbd5HPUDu1rYJ6ovscZfuLkA==
x-hs-target-asset: FormsNext/static-5.429/bundles/project_with_deps.js

GET
H2 200 jquery-1.7.1.js Show response
blog.fraudfighter.com/hs/hsstatic/jquery-libs/static-1.1/jquery/ 92 KB
34 KB 36ms
35ms Script
application/javascript 2606:2c40::c73c:6702
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.fraudfighter.com/hs/hsstatic/jquery-libs/static-1.1/jquery/jquery-1.7.1.js

Requested by

Host: blog.fraudfighter.com
URL: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 23:48:21 GMT
via: 1.1 3a9f76e15ac64134cc339fc4f9fb6a4c.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 21561885
cf-ray: 6c4eadcfba477144-YUL
x-cache: Miss from cloudfront
content-encoding: br
last-modified: Tue, 25 Nov 2014 17:03:30 GMT
server: cloudflare
etag: W/"ddb84c1587287b2df08966081ef063bf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zRMIeYM0XxXDWRgOuafHR412Vyzbv%2Bl4ZHySBWx4Qt5nQyn3tS29y%2FTfrdoN1i5iTqvCI%2FLgaJEFmygOt2IZDSe1IZlqBbBzmlHgeU0xv5mMchwxPoVxU%2BjsLP2%2FaXV28OTV9C44Rihv0FmvDe1K2Vvlvw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: null
cache-control: public, max-age=31536000
x-amz-cf-pop: PHL50-C1
content-type: application/javascript
x-amz-cf-id: RHjZeDWqfzWlZWUM-uXhoL3jjqQfoQcxon-T6L48d-6lzXpjjwX8sw==
expires: Wed, 28 Dec 2022 23:48:21 GMT

GET
H2 200 main.min.css
blog.fraudfighter.com/hs-fs/hub/76574/hub_generated/template_assets/48291557794/1635879973671/barricade-FF/css/ 20 KB
5 KB 207ms
205ms Stylesheet
text/css 2606:2c40::c73c:6702
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.fraudfighter.com/hs-fs/hub/76574/hub_generated/template_assets/48291557794/1635879973671/barricade-FF/css/main.min.css
Requested by: Host: blog.fraudfighter.com
URL: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6aca30318a958c8e4682ad5be497e3169863683b6b8d3491520447aa9ccb73b2

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis: 1635879973753
date: Tue, 28 Dec 2021 23:48:21 GMT
via: 1.1 5148e372b4ab17878741ea92be548473.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-P1
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
content-encoding: br
x-amz-request-id: 7827NT7A01471AJN
x-amz-id-2: 6nrQK28dFmo5wnVMsyfZA/N0mYI6qnWPHTGh8zQaqVegN4cQD5Izbq9C3erAs6QIcZTB4XXBdhM=
last-modified: Tue, 02 Nov 2021 19:06:14 GMT
server: cloudflare
etag: W/"879379a08dd2de71ba75573a979c010c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FfBIhc3ZZttoVujISHseMzPy1ieJ8Jiar7VUNRVbRK4CPI%2BXgrrNjuu6Plhu9Amy7gRgkKE68T9jRnt%2Fg4JzKe7rgt18%2FIf21VbBfKOqkLzfC%2Bi9g%2FLTyZwdpSLR5R7owxhgdURFv%2F1vvcOsXMM7639%2FnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
x-amz-version-id: Z3.mfZpHdLANNzHchvLo1tB.mXc4xZ1W
cf-ray: 6c4eadcfba4a7144-YUL
x-amz-cf-id: UDXL3yJG2aG3ap7yW4t-1TVx2bwu3DGY4VmVmvNh40yNaxcQ2vj2xw==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 blog.min.css
blog.fraudfighter.com/hs-fs/hub/76574/hub_generated/template_assets/48290785183/1635879972764/barricade-FF/css/templates/ 8 KB
3 KB 215ms
213ms Stylesheet
text/css 2606:2c40::c73c:6702
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.fraudfighter.com/hs-fs/hub/76574/hub_generated/template_assets/48290785183/1635879972764/barricade-FF/css/templates/blog.min.css
Requested by: Host: blog.fraudfighter.com
URL: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9f594df637738a058ba8762605b5e41af3442363df95d698fc50f9e31badc13

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis: 1635879972807
date: Tue, 28 Dec 2021 23:48:21 GMT
via: 1.1 3500e6db5ae43764ed5ca43fc6d56059.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-P1
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
content-encoding: br
x-amz-request-id: 7826HRYN9B5VBWRY
x-amz-id-2: IJhflrlzyPNbwNquTe65HoIouLALQbeH01JmwEn2LRN5fN/Upia3INkYddiA8g3rhEIugXMSr2Y=
last-modified: Tue, 02 Nov 2021 19:06:13 GMT
server: cloudflare
etag: W/"21d5f93ff8fff92d5833c6f3bfb1b83c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KlOUdQwRX8oy%2BjFxAVhah%2B6MOZZ0J4GYptpS%2BkbT1Lle4veVf3iTY8KKtB7Po36futNBTsjmADLX%2BkaepUa19WpPDtsEvuv17B2zqupQ%2Bf7BZunu2Bvgm0%2B53fMAeM5VtFmXiqWuSYo29VLjJh%2BE1C4fUA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
x-amz-version-id: gTPcZKwOsyf8NREy5W4rcJ3xm45LEidX
cf-ray: 6c4eadcfba4d7144-YUL
x-amz-cf-id: OsYrZ0NI4SmfHt0UK_AJ0Nn0rv8Y0wy5lYg0jji3ku67_7-2Ymrblg==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 theme-overrides.min.css
blog.fraudfighter.com/hs-fs/hub/76574/hub_generated/template_assets/48291530392/1635879971254/barricade-FF/css/ 19 KB
4 KB 221ms
219ms Stylesheet
text/css 2606:2c40::c73c:6702
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.fraudfighter.com/hs-fs/hub/76574/hub_generated/template_assets/48291530392/1635879971254/barricade-FF/css/theme-overrides.min.css
Requested by: Host: blog.fraudfighter.com
URL: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 061dd1f8e2ad66edce1af343fd19163b17ea1e34e213e8b9fd90e838ce8eff93

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis: 1635879971339
date: Tue, 28 Dec 2021 23:48:21 GMT
via: 1.1 979084a90b32fe3f5fdc377fb6e67b76.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-P1
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
content-encoding: br
x-amz-request-id: 782CVJNVXAT5MNKR
x-amz-id-2: yb0UEOOxuuu82hhINq4hQododARkpbUyXy3hQRZSe1vOMptDcBjKL1InG5h/ntzfJ5LrsfP1JtY=
last-modified: Tue, 02 Nov 2021 19:06:12 GMT
server: cloudflare
etag: W/"81eec7135f85d6f44ca87a89f9193308"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IizNWd%2FWf0V1fHO%2BlKuuN160393nt%2FgJEslLmsk7A7R8%2BzRnbh%2BIZPpBOIGdW4HGxn0%2BVEEOxOMqrHrunZ%2F5RUIqC%2Faja83%2F09d0dh3qaUOhqLLRcPI0qB12VCs%2FZURdFqOLKc%2F3XMpCovE4v0GlQoiKBA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
x-amz-version-id: _kbZYoj0U8PDKJLXf3bNzRwMwkTu7OYF
cf-ray: 6c4eadcfba4f7144-YUL
x-amz-cf-id: id5tUUdzf_d5rSXifVdwfrUTOt9a62uHYsvBYOjnmaiJsNdBgcLzjw==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 module_48288020863_menu-section.min.css
blog.fraudfighter.com/hs-fs/hub/76574/hub_generated/module_assets/48288020863/1622676051601/ 5 KB
2 KB 227ms
225ms Stylesheet
text/css 2606:2c40::c73c:6702
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.fraudfighter.com/hs-fs/hub/76574/hub_generated/module_assets/48288020863/1622676051601/module_48288020863_menu-section.min.css
Requested by: Host: blog.fraudfighter.com
URL: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43d4aed1e04888d50cdc4b5c5950a9821927de85bf03262c5b8c937756d08c58

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis: 1622676051602
date: Tue, 28 Dec 2021 23:48:21 GMT
via: 1.1 aa6e16f47d6a0519f52b8dcfca2d841a.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-P1
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
content-encoding: br
x-amz-request-id: 7822SR1JYXS73FKF
x-amz-id-2: KEosXZLlD1EaO0q5Q06p3tXzvtX+77+s9Z1ckRStesG1p0nd6Y1gyY37KH1pFy6Zch6AR5LBa5Y=
last-modified: Wed, 02 Jun 2021 23:20:52 GMT
server: cloudflare
etag: W/"e1ad23790ce2881b11d87abafd6b5808"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a%2BUK380yxgBtWcOUEDGA1VKShiRdOrUf1QPStLXWNkr7rKuNGqzGbDc6Ll1bH5603RUMj5WQpnH2%2BviG6757Rse%2FmHJKPJiNcA%2Fb07hCQeio95rr193F4lw1xSwG3p9FuQdZAu4ygZack%2FwsD%2BsO8nGQcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
x-amz-version-id: GM0d0ek8mUqE9KpdHyCis6Zk32L8smwf
cf-ray: 6c4eadcfca517144-YUL
x-amz-cf-id: EFBlZULHVNGkDiSOFtDQhmQEPbnv6jMXXojNKlgFuY72bNuBvpO6fw==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 comments_listing_asset.css
blog.fraudfighter.com/hs/hsstatic/AsyncSupport/static-1.122/sass/ 1 KB
880 B 42ms
40ms Stylesheet
text/css 2606:2c40::c73c:6702
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.fraudfighter.com/hs/hsstatic/AsyncSupport/static-1.122/sass/comments_listing_asset.css

Requested by

Host: blog.fraudfighter.com
URL: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed92c951c39983af4f5fac78a5bab4c390b3faf7c46e2a35256ee38f5443ffa2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 23:48:21 GMT
via: 1.1 039b6acf310ef8fb314d9bef263bf88a.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 974676
x-amz-server-side-encryption: AES256
cf-ray: 6c4eadcfca527144-YUL
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-encoding: br
last-modified: Fri, 17 Dec 2021 15:26:10 GMT
server: cloudflare
etag: W/"6b1d31d121f4c84e5ee3b7d7446495d8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TLrH7o6dztoIrON7N90ARKp7Tp7abCk0NTt7RBSoDJOAmn5W78BZ7R06kSLxFuLbMf2gHROfY9y8%2BcUgDTNjtMuGRG7B%2FhImUlY%2Bo%2Fo8fJ8kXOIX3cP1AVOh4Bk54ILaf5DZ0Ni71lHVRK%2BXjirZu%2BI07Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: LQgaE1SSZjkxZtePb5jE9vLc6kDw7LTx
cache-control: public, max-age=31536000
x-amz-cf-pop: YTO50-C3
content-type: text/css
x-amz-cf-id: WCj5TRocI6ru1zfsp0LduUJhH_RpqqpJflOtd7VQdFTats0tXkYSxA==
expires: Wed, 28 Dec 2022 23:48:21 GMT

GET
H2 200 module_48291530378_social-follow.min.css
blog.fraudfighter.com/hs-fs/hub/76574/hub_generated/module_assets/48291530378/1622760737132/ 441 B
828 B 207ms
205ms Stylesheet
text/css 2606:2c40::c73c:6702
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.fraudfighter.com/hs-fs/hub/76574/hub_generated/module_assets/48291530378/1622760737132/module_48291530378_social-follow.min.css
Requested by: Host: blog.fraudfighter.com
URL: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c9c25dd851a7543634a1f2e9f83f69584b118d0851bebca621314db90560a26

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis: 1622760737132
date: Tue, 28 Dec 2021 23:48:21 GMT
via: 1.1 bfba2464a75a65b0c6568afe15f68b4c.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-P1
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
content-encoding: br
x-amz-request-id: M9QVGNSKVB7WTYKT
x-amz-id-2: CjKNslOf16w3NJOahzFuFxZySvjlkpCI42Xppop6Nd4EenE1ksSuvsULNQMPmk94kWWVdGjcAKw=
last-modified: Thu, 03 Jun 2021 22:52:18 GMT
server: cloudflare
etag: W/"1a0d81cf3e33943719b1270e58c3000d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nBMqo%2FBSHbASlpPlbSyKHSZLHvuON%2Foqw3KNkrdE8Ad3XGQlT1j7PkWnYqo2QT9srJm44Q%2FSvodWGKmWzAd2ukNPaIMeFq2qoSjWfRX0Ub6uD3x1wpik4OkeZLdlmb5yqE8S6QFPCwM5bUWtN60zMrg7sQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
x-amz-version-id: 4jxNAWHDt8VpgpP54S4mO6cJm0ZW8zku
cf-ray: 6c4eadcfca537144-YUL
x-amz-cf-id: pbTGYvG2BoESP4B_YMsD-8Lrzz3otfwS5gC1rj3zfeQ94KavF2KfIA==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 css
fonts.googleapis.com/ 6 KB
915 B 108ms
47ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:regular|Open+Sans:regular|Teko:regular,700&display=swap

Requested by

Host: blog.fraudfighter.com
URL: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5e62e9d66b785bac35a0a6269c2ce4f0fe0c926344b6df9da5b38a949bd0fe5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 28 Dec 2021 23:48:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 28 Dec 2021 23:48:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 28 Dec 2021 23:48:21 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
933 B 105ms
45ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,900,700,300

Requested by

Host: blog.fraudfighter.com
URL: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

30c7c639fd48a0186026f900282a3b92893c32043019a5efb0ddf7e0805e296f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 28 Dec 2021 23:31:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 28 Dec 2021 23:48:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 28 Dec 2021 23:48:21 GMT

GET
H2 200 font-awesome.css
blog.fraudfighter.com/hs-fs/hub/76574/file-1695441182-css/Fraudfighter_2014/Sidr/ 25 KB
5 KB 239ms
237ms Stylesheet
text/css 2606:2c40::c73c:6702
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.fraudfighter.com/hs-fs/hub/76574/file-1695441182-css/Fraudfighter_2014/Sidr/font-awesome.css
Requested by: Host: blog.fraudfighter.com
URL: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb818836a70f7da289ce43e670611da138b71cb3fffedec4297b103ef85d10e9

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 23:48:21 GMT
via: 1.1 b9d1b307966c2273bf97ed7c681603db.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-P1
edge-cache-tag: F-1695441182,P-76574,FLS-ALL
x-cache: Miss from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
content-encoding: br
last-modified: Sat, 07 Oct 2017 23:50:30 GMT
server: cloudflare
etag: W/"363a44d1cabfac01211fee0ce76ed296"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vXSWb9geCYL%2BXi90eS8%2F1xx4uFZ8bhSvigvQRHlKNdmFFM%2BY8PbG%2BqZUEYIIgJpCVajS%2FlmKymOECQCxe3ZP5Wi5rmmxtXyc0xBPnZ3y2EMYLlM4rpgDqyWpATW2e0UfTdXbSGh49cBleE8Et6EepjozMw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=60
access-control-allow-credentials: false
cf-ray: 6c4eadcfca557144-YUL
x-amz-cf-id: 4CjRWMFM5MPQOWqSb3NFGaeH2Iiq8RRqqN3twnK1wxrV5Ei0R9d1Pw==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 jquery.sidr.light.css
blog.fraudfighter.com/hs-fs/hub/76574/file-1695915800-css/Fraudfighter_2014/Sidr/ 3 KB
1 KB 273ms
271ms Stylesheet
text/css 2606:2c40::c73c:6702
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.fraudfighter.com/hs-fs/hub/76574/file-1695915800-css/Fraudfighter_2014/Sidr/jquery.sidr.light.css
Requested by: Host: blog.fraudfighter.com
URL: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13345c70af090d27a3e860deaf5c4b4dbbdcc04282dccbc1a35ff92836414a5a

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 23:48:21 GMT
via: 1.1 aa6e16f47d6a0519f52b8dcfca2d841a.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-P1
edge-cache-tag: F-1695915800,P-76574,FLS-ALL
x-cache: Miss from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
content-encoding: br
last-modified: Sat, 07 Oct 2017 23:50:31 GMT
server: cloudflare
etag: W/"7a26f5e0e8ecb29a21ac59e051582829"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ap7dIabW2RLI9uOfdh2Nb3HjJLhH946Sjgx5MxXqbE0h%2BXr3jCUzU0JAJ1gcYFtq4aEgWFZFUHRCDlbpO8Qo5yvond%2Fv%2FaA0DDKeOqdS16Li0v%2FzUH5GeSWhtQOEKvYzBSsD7yBTAgTSYalo1VtvrmuDIw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=60
access-control-allow-credentials: false
cf-ray: 6c4eadcfca577144-YUL
x-amz-cf-id: sDmelQQNgmhXSNVlACZB9UTYe6sugUR7TQzmQSJcsSYYdSyuXuwxuQ==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 jquery.sidr.min.js Show response
blog.fraudfighter.com/hs-fs/hub/76574/file-1692043488-js/Fraudfighter_2014/Sidr/ 4 KB
2 KB 287ms
286ms Script
application/javascript 2606:2c40::c73c:6702
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.fraudfighter.com/hs-fs/hub/76574/file-1692043488-js/Fraudfighter_2014/Sidr/jquery.sidr.min.js
Requested by: Host: blog.fraudfighter.com
URL: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7fbb7d0e3338e89ebead71b921eb04443793b56bbdd434e2e5cf58ecf5991b96

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 23:48:21 GMT
via: 1.1 5e1f849553b1d58615d0d8f7c044078f.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-P1
edge-cache-tag: F-1692043488,P-76574,FLS-ALL
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
content-encoding: br
last-modified: Sat, 07 Oct 2017 23:50:26 GMT
server: cloudflare
etag: W/"6797bfefca61c7fb237f40435b17293d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BNpcaYlv4LvLs0s4nTiHlpkxxafBvGchY90JKOcZmN3Ekmg00AQqwkmeNDw8ACVFRi4lkHy%2FbufSDa4pbonVy2er8VCqNb3ftK%2FA%2F1v%2FFTd9CnNr%2Bgf24VGX%2BshpIuveBxywutm1Vk9gviwu%2BlbPBiDIwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=60
access-control-allow-credentials: false
cf-ray: 6c4eadcfca587144-YUL
x-amz-cf-id: SkgNHxiaHSanuKM6a6lbBMk6-p-xxTibEsM3SwaEGW9DAQUovqAdrg==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
39 KB 108ms
51ms Script
application/javascript 2607:f8b0:4006:822::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-CONVERSION_ID

Requested by

Host: blog.fraudfighter.com
URL: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ada879c9222b241c6198d57c379198d8fdec997caa292dcc520f9fa24295611f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 23:48:21 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39569
x-xss-protection: 0
last-modified: Tue, 28 Dec 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 28 Dec 2021 23:48:21 GMT

GET
H/1.1 200
OK 198388.js Show response
secure.hall3hook.com/js/ 5 KB
5 KB 348ms
92ms Script
text/javascript 40.78.102.238
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.hall3hook.com/js/198388.js
Requested by: Host: blog.fraudfighter.com
URL: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.78.102.238 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Kestrel /
Resource Hash: 624c52b109cc96f687bda4995a863ad9e97cde51e7f18b6eb0d04b8be6db2a5e

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Dec 2021 23:48:21 GMT
Server: Kestrel
Content-Type: text/javascript
Expires: 0
Cache-Control: no-store, must-revalidate
Connection: keep-alive
Content-Length: 4954
Request-Context: appId=cid-v1:d25bb469-d549-4f46-8a4f-21a633514f1f

GET
H2 200 in.js Show response
platform.linkedin.com/ 201 KB
61 KB 213ms
54ms Script
text/javascript 2606:2800:21f:edfc:49f9:c096:a5a7:75f2
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.linkedin.com/in.js
Requested by: Host: blog.fraudfighter.com
URL: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:21f:edfc:49f9:c096:a5a7:75f2 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (chb/0289) /
Resource Hash: 38209245677af32c14c5afb4c241af38bf349b75150f1afca8230f2757e82b2e

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 23:48:21 GMT
content-encoding: gzip
x-cdn-client-ip-version: IPV6
x-cdn: ECST
age: 1348
x-cache: HIT
x-cdn-proto: HTTP2
content-length: 62394
x-li-uuid: AAXUPSR2fczLmu9XLj+3Lw==
server: ECAcc (chb/0289)
last-modified: Tue, 28 Dec 2021 23:25:53 GMT
x-li-pop: prod-lor1-x
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
accept-ranges: bytes
x-li-proto: http/1.1
x-li-fabric: prod-lor1
expires: Wed, 29 Dec 2021 00:25:53 GMT

GET
H2 200 logo.png
blog.fraudfighter.com/hs-fs/hub/76574/file-2037847948-png/FraudFighter_Nov_2014/ 5 KB
6 KB 246ms
244ms Image
image/webp 2606:2c40::c73c:6702
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.fraudfighter.com/hs-fs/hub/76574/file-2037847948-png/FraudFighter_Nov_2014/logo.png?width=239&name=logo.png
Requested by: Host: blog.fraudfighter.com
URL: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 947c2f6f0e6762a16392002d723036a25aa88655e807b3c519c8fb21deeda917

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 23:48:21 GMT
via: 1.1 68261aebcfc232344da2ef3bf1d3f9eb.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-P1
cf-polished: origFmt=png, origSize=8595
edge-cache-tag: F-2037847948,P-76574,FLS-ALL
content-disposition: inline; filename="logo.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
content-length: 5486
x-cache: RefreshHit from cloudfront
last-modified: Sat, 07 Oct 2017 23:51:09 GMT
server: cloudflare
etag: "1551c180e597b094d11fb3cf7df82977"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yRbd9%2FMnbO5EzswXuZm55jOd9LvTD7drip74T6firDS7fY%2BrB3dAttKmDh%2FVjk3fqWWHRDOT5EX2VSlyVKyYWTj4ZW2vgXnfjtOcSG1cVyhJjjNZgvAUxGBGcQnRCSSeZL1kakPBiXcCbkm1aMI0SOtoAw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cf-bgj: imgq:85,h2pri
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 6c4eadd21cfa7144-YUL
x-amz-cf-id: fYH0mYlKP-C65H3MnYwXy1YxrP-4dfVYDeG9r5e15UMG27dSsmH6NA==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2

200

default-80
avatars.hubspot.net/
Redirect Chain

https://app.hubspot.com/settings/avatar/241f08e6d94402150d9c586c84a5dc05
https://app.hubspot.com/userpreferences/v1/avatar/241f08e6d94402150d9c586c84a5dc05
https://avatars.hubspot.net/default-80

354 B
1 KB

68ms
23ms

Image
image/webp

2606:4700::6811:f1cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.hubspot.net/default-80
Requested by: Host: blog.fraudfighter.com
URL: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
Protocol: H2
Server: 2606:4700::6811:f1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f44a0999dce72299487d3cb56bdfbb90e3f82dd9e501d37a82deec19b482d8ad

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 23:48:21 GMT
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 73237
x-amz-server-side-encryption: AES256
cf-ray: 6c4eadd3e8277150-YUL
content-length: 354
x-amz-id-2: 89aZM67YQpKzEwpF3kCTuR3j3YuEp6A7ozVLH/WN/1oIHGhBUg1tgqbKIWfbWnrWejkKx6sDPWI=
last-modified: Fri, 18 Sep 2020 15:59:15 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: uid:1997735891/gname:staff/uname:jmendelewski/gid:20/mode:33188/mtime:1484768624/atime:1484768624/md5:f9ac484f1e674f1b05ddaf662904d2d3/ctime:1484768628
etag: "f9ac484f1e674f1b05ddaf662904d2d3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6HhLiojYNj7C2YyL%2F%2BNnnVFHKPkkMkoub4xbhJnM8nzmnvYQd6eeOMlbMAWccbBzCMwKK36Q2UZMvL8R1sWRf%2FsfZBirhWQM5Q8NtQp2t1%2ByvW%2Fs7wados%2BBOr8GIzWlEHdvkpw3%2B7IT3Y4WHKPcX4M%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: JPDCQX68RN490GJ1
cf-polished: origFmt=png, origSize=635
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

Redirect headers

date: Tue, 28 Dec 2021 23:48:21 GMT
location: https://avatars.hubspot.net/default-80
x-hs-worker-debug-mode: false
server: cloudflare
x-hubspot-correlation-id: c69bc293-b256-4142-8716-7f18424014c5
x-trace: 2BF7E19237AEB9E6522392341BE6721272E77F8C78E4C49F677A8F0B8C01
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://exceptions.hubspot.com/csp/reports"}]}
cf-cache-status: DYNAMIC
vary: Accept-Encoding
cache-control: max-age=0
access-control-allow-credentials: false
cf-ray: 6c4eadd308b44bb8-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 undefined.png
blog.fraudfighter.com/hs-fs/hubfs/ 107 KB
108 KB 320ms
318ms Image
image/png 2606:2c40::c73c:6702
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.fraudfighter.com/hs-fs/hubfs/undefined.png?height=420&name=undefined.png
Requested by: Host: blog.fraudfighter.com
URL: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e2f67cb6a0819ac8b9d05f033405404db6b375e2b0c41415732cd70cd6c73c5

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 23:48:21 GMT
via: 1.1 2a6e657acb4fd3f6aee2e3da45e44642.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-P1
x-amz-server-side-encryption: AES256
edge-cache-tag: F-42654684490,P-76574,FLS-ALL
x-amz-replication-status: COMPLETED
x-cache: Miss from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
content-length: 109729
last-modified: Sun, 12 Dec 2021 18:38:53 GMT
server: cloudflare
etag: "7e7ce08f8e719aea477f7cf92743069b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BIDAEBhfqGZln86GdcrugVZCG9m%2BdN5bhLXYKxrAFOTwFqnWjPi1kjae5Z%2BrUjy7YJ6j%2BKVbByzkGlw18iAjj6pQ3scOGrlCBb3T%2FxaPc24mNKyrCHqFyaQaSf5dIwhzzgKUTcCjrZZSw%2BaDg34hf%2F0nXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 6c4eadd21cfb7144-YUL
x-amz-cf-id: ImLqVrjLhDU9hH_yagm6KGaU2wbchYRANAV3V-qbJp6xmLmCnZeXAA==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 15b08b2c-e504-40fb-93fa-7f029ace9568.png
no-cache.hubspot.com/cta/default/76574/ 16 KB
16 KB 137ms
97ms Image
image/jpeg 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://no-cache.hubspot.com/cta/default/76574/15b08b2c-e504-40fb-93fa-7f029ace9568.png

Requested by

Host: blog.fraudfighter.com
URL: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf192d230a1cbfc9b5a4f59aa5a15f18e450792043cfc3820ce395152e92b155

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 23:48:21 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: S6VEGABMMTE84BQD
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 16004
x-amz-id-2: QkNzuqc/gmbwCEsJlk1nPvWA9sQkIbkCd8MoAxELPlz60DCKj97qdj7KAcH0pkPJXyy3/L9wubg=
last-modified: Mon, 08 Mar 2021 06:11:55 GMT
server: cloudflare
etag: "027ba85b0bd1d2e26247e5a0e5c568e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PYoCkksPHJyE11FHu2W1WnwfMJCOX4zuiGNSIbvXpisaQNVR0aLzYZXJQ0VIEnxIb7ZVKwf4YO3sor6yBB%2FkECZyTE9FjSk4kp1rcqWP0Qa1hUHRKPrDc4%2B0WEdxejUY91bW%2FbPIK74XTo%2BDHk7veVz1"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: no-cache, no-store
accept-ranges: bytes
cf-ray: 6c4eadd25d434bb9-YUL

GET
H2 200 current.js Show response
blog.fraudfighter.com/hs/cta/cta/ 15 KB
6 KB 35ms
34ms Script
application/javascript 2606:2c40::c73c:6702
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.fraudfighter.com/hs/cta/cta/current.js

Requested by

Host: blog.fraudfighter.com
URL: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

139ef45414de3cfdd6f9f835e1c6c823e272077d681e1f7002ad2337adfe763e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 23:48:21 GMT
via: 1.1 126bc2e5c4c1b9ac0ffa004edc6f02c5.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 142
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=cta-embed-js/static-1.68/bundles/current.js&cfRay=6c21a0e71411713c-IAD
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-encoding: br
cf-ray: 6c4eadd18c427144-YUL
last-modified: Tue, 30 Nov 2021 01:08:26 UTC
server: cloudflare
etag: W/"cfafba4e004c0a83b025f7c53b683b1c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FBWRzvKVIosNCdTpJSuPkLnQjbrue4mhLRezu2bTnnwrVjxZMhpBX94Ul%2FPYWB0uN0pqpEMW5yE9CCQvQgl%2B1JrP%2Bt%2B3lyYxFnIMJnlrJJGG%2FO3frtotEivBz6zKXUTRbnIGS6OjVFPTyfVZqEGRF1Ufng%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 6ptpsjcKAFwLr0kxY4mzTNXp0BbdP5LF
cache-control: max-age=600
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-P1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: ycR44FE_RPPNetaPd_FyVxiSCxne5HFGDIGDAqZtPEW0WW0E2wudug==
x-hs-target-asset: cta-embed-js/static-1.68/bundles/current.js

GET
H2 200 fraudfighter-logo---white---125.png
blog.fraudfighter.com/hs-fs/hubfs/2016/icons/ 1 KB
2 KB 37ms
35ms Image
image/webp 2606:2c40::c73c:6702
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.fraudfighter.com/hs-fs/hubfs/2016/icons/fraudfighter-logo---white---125.png?width=125&name=fraudfighter-logo---white---125.png
Requested by: Host: blog.fraudfighter.com
URL: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05047e12878d3add3236728f725f460b973c54616a9cf391273d01791d06a9f7

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 23:48:21 GMT
via: 1.1 a7a1b4c19abc42d237405ce4c4069f11.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 15542
cf-polished: origFmt=png, origSize=1903
edge-cache-tag: F-4583514477,P-76574,FLS-ALL
content-disposition: inline; filename="fraudfighter-logo---white---125.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
content-length: 1392
x-cache: RefreshHit from cloudfront
last-modified: Sun, 08 Oct 2017 00:02:31 GMT
server: cloudflare
etag: "60f955047dd5170608859c092d1594ab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bhj62%2BdTtWXPegQu1a8cES8yOJdtRiMuBv51RobSAR2hmcUtbfc%2BBZtYCJDoudAcdbDx4plDEotg%2FixxNPKNTvwntinlTC%2B9RQAd9iHYDbKMzruJID5zsnspE80U%2FqfsdI9EgRyqFHnjX9bb7Rt5Lzy1Cw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cf-bgj: imgq:85,h2pri
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials: false
x-amz-cf-pop: IAD89-P1
accept-ranges: bytes
cf-ray: 6c4eadd21cfc7144-YUL
x-amz-cf-id: isRj_LC6S6sf5SCYmYbdtYxb9fWqTxM-WbnjccVdB15iaMBWk3Jcmw==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 99f422fc-e5f0-46af-9488-5b6bbe77a215.png
no-cache.hubspot.com/cta/default/76574/ 2 KB
3 KB 131ms
92ms Image
image/png 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://no-cache.hubspot.com/cta/default/76574/99f422fc-e5f0-46af-9488-5b6bbe77a215.png

Requested by

Host: blog.fraudfighter.com
URL: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2668945b573de2e6a14c00d217a90591eb0a0a4d3508b9bb32183a934c219a98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 23:48:21 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: S6V5SXGN243SJFD9
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2391
x-amz-id-2: kocbjZEu/DgDvwpG3QysaTvx+tICeqtZ/Xf/m4W5FzUpH9xeN1GmlYD84Ua24RWGvK6aKxtWAi4=
last-modified: Thu, 03 Jun 2021 21:08:51 GMT
server: cloudflare
etag: "17045086fa4c322189824c65a2fa245a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ao%2BH17Ja1ZmOlAGyZjSxmygTINkCVFHj8HcvAnRr6NinpiglZB7SuxJFD7HegLrwW3rzHt3La4yBx5Czcu8XiSy1L6L4zS6%2FeT9Vjc%2Bx6d%2B8SQ6Uwkt8ZuvBkJKiW8R9UMKhe3bQVH%2Buuwwqmc%2F9GaHr"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-cache, no-store
accept-ranges: bytes
cf-ray: 6c4eadd25d444bb9-YUL

GET
H2 200 main.min.js Show response
blog.fraudfighter.com/hs-fs/hub/76574/hub_generated/template_assets/48289297274/1635879973209/barricade-FF/js/ 1 KB
1 KB 232ms
231ms Script
application/javascript 2606:2c40::c73c:6702
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.fraudfighter.com/hs-fs/hub/76574/hub_generated/template_assets/48289297274/1635879973209/barricade-FF/js/main.min.js
Requested by: Host: blog.fraudfighter.com
URL: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a6a362fdda222c7db89716a43b8399aa49fb578c2c4fef6331c661c1bddaf25

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis: 1635879973478
date: Tue, 28 Dec 2021 23:48:21 GMT
via: 1.1 cea67f5ca1b497624430e599aa6b7c63.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-P1
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
content-encoding: br
x-amz-request-id: 493NR2N3DR1NW7E4
x-amz-id-2: sLik49CeigRQBEbrZDZ0Inr0v3kC8yAPl14cW0ycjQ16lzBHv5EHqwyK6cmeC6Bkk70zvjFZbV4=
last-modified: Tue, 02 Nov 2021 19:06:14 GMT
server: cloudflare
etag: W/"1f43931480c5456d73b9d3bad02d9574"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fb06UVEdvhnItblCsfROdyRMiHg0PB7AEi0YQfDiM4nijM2r7fSeg7bJUHsktRCN29nzGRRALzcGQM2Lfn0HxFXf%2F8iDhT7Gf1EKpYxZXkGEEn3cS5RP7xcsIAsgIJURW5nybSioz95ycsuMAd1oi8%2F3Zw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
x-amz-version-id: _eHn9G.10SuUcPdsjVPhO0LNqTHnoXBh
cf-ray: 6c4eadd1ccab7144-YUL
x-amz-cf-id: qcj0aJpjM65lK-I3NVl_xppGT6lnbjGb88GU786s6c1pmnZBsHC3XA==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 module_48288020863_menu-section.min.js Show response
blog.fraudfighter.com/hs-fs/hub/76574/hub_generated/module_assets/48288020863/1622676051503/ 7 KB
2 KB 192ms
192ms Script
application/javascript 2606:2c40::c73c:6702
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.fraudfighter.com/hs-fs/hub/76574/hub_generated/module_assets/48288020863/1622676051503/module_48288020863_menu-section.min.js
Requested by: Host: blog.fraudfighter.com
URL: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53314e26abc9c20c032c5b9f9346b7c6dabb9f93eea7ef64610dac7362df2958

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis: 1622676051503
date: Tue, 28 Dec 2021 23:48:21 GMT
via: 1.1 040f8a2cdffe1cf7a35d28e06c3ed574.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-P1
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
content-encoding: br
x-amz-request-id: 3KEWJPZEY8GSB3CK
x-amz-id-2: a6GqO2c3IO6kPSFhpaipmF+ExSyHCrfoYrtuDFTdB6RKFPDAf5ooxs7FTdPEKb/xyXv4zjzJlLE=
last-modified: Wed, 02 Jun 2021 23:20:52 GMT
server: cloudflare
etag: W/"229f983a7dffc0c1018849960df1fbc5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fq8sCzUxNXDPbl5LLNGQ7dH092zNs%2BBEQ0jjycGbTs9ZzYbJALo%2Bd%2B2mjAcz5x%2Fvyagm4qouJxeYD%2FLlc%2Bp8DMNk4qjffLFBYfDT6RA8%2FU0MCdoigV7%2B8Mzjor7F5sKTortpNi0VhFBrIpQjV26hT3qfYg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
x-amz-version-id: l2KihOpRuBs14ObzsHV3shM__lJJFH7N
cf-ray: 6c4eadd1fccd7144-YUL
x-amz-cf-id: 56Rspk89uReh9Yre4lPrRP_aSdZJA0Yx66ReDCHxJk95zd0sDnuINA==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 76574.js Show response
blog.fraudfighter.com/hs/scriptloader/ 2 KB
1 KB 90ms
89ms Script
application/javascript 2606:2c40::c73c:6702
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.fraudfighter.com/hs/scriptloader/76574.js
Requested by: Host: blog.fraudfighter.com
URL: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d04a65134e3bb4f9e8f5b6f4f9b052a24c114e42aebce2216f7d8d65b8c93637

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 23:48:21 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 3102cb5a-3d64-4f96-9073-36b0bd6c4d71
last-modified: Tue, 28 Dec 2021 19:38:03 GMT
server: cloudflare
x-trace: 2B4B20CE3487CCC5B5720D0CAC4306134205E52C0F000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aSB%2BoC1%2Bs9nE2I2vTEFj%2BxUo9UdbNCgIeZUm7ybCNbSfsuunjSam6zPCxOJQFjljXhFm1XKFF98A8rCO3wmALxZ3Q5RI8xu3ToQcHUmLrH99Z57SxNoNu62WwjF5AY%2BZs7OcwXmj2eXSB%2FzW4kMMutla9w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://blog.fraudfighter.com
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 6c4eadd21cfd7144-YUL
expires: Tue, 28 Dec 2021 23:49:21 GMT

GET
H2 200 Fraudfighter-main.min.js Show response
blog.fraudfighter.com/hs-fs/hub/76574/hub_generated/template_assets/464698846/1571301026254/Coded_files/Custom/page/FraudFighter_Theme/ 1 KB
1 KB 215ms
213ms Script
application/javascript 2606:2c40::c73c:6702
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.fraudfighter.com/hs-fs/hub/76574/hub_generated/template_assets/464698846/1571301026254/Coded_files/Custom/page/FraudFighter_Theme/Fraudfighter-main.min.js
Requested by: Host: blog.fraudfighter.com
URL: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40a6a129b104c170217739cda797cc6a9aa0e21a19a0de30e6645cb8784490bf

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 23:48:21 GMT
via: 1.1 979084a90b32fe3f5fdc377fb6e67b76.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-P1
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
content-encoding: br
x-amz-request-id: Q0X7W4ADES6D94G6
x-amz-id-2: UDuDub39AWlsPD56tstzpIx2iQuNKVAWg4j4CdqQBm2mdh2e2318GqZIXgoSOTc8TNEzmhHNcIY=
last-modified: Thu, 17 Oct 2019 08:30:27 GMT
server: cloudflare
etag: W/"5075551a8ed1a8f1ad10e82a9660d00b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DbkLg3H%2F%2FMkEi8qm8mJNOtjCDT0bEVCqOom8lwJmXq81rlYTIN50t2mwAONDYveC4nON7IboZgFksGLaOaDeXknentjBp1y%2FgEVCMI8YBMmpW8mvSvQcm9jmaScZpSxfZb%2FAYG6bHEs4LfBEHg5P%2FJ4XVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
x-amz-version-id: eyc.Qv17jWlqb1H5Qu.oEfXUWMRwCBmu
cf-ray: 6c4eadd21cf77144-YUL
x-amz-cf-id: jcue_SM1xMy87Rc04UX13Iqb1d1pxapK8JKU_Ulm0JvYaVc9dKTBzg==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 integrations-hubspot-v1.js Show response
fast.wistia.com/static/ 44 KB
9 KB 64ms
13ms Script
application/javascript 2a04:4e42:400::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/static/integrations-hubspot-v1.js

Requested by

Host: blog.fraudfighter.com
URL: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9e7cea768f47ae3a1746cbb1030d5e773dd5b38892c49b1dd88e9656e0bd4018

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 23:48:21 GMT
content-encoding: br
vary: Accept-Encoding
age: 1896
x-cache: HIT, HIT
content-length: 9034
x-served-by: cache-iad-kiad7000067-IAD, cache-yul12827-YUL
access-control-allow-origin: *
x-browser-version: 96
last-modified: Tue, 21 Dec 2021 15:15:28 GMT
x-timer: S1640735302.504882,VS0,VE0
etag: "61c1ef90-234a"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 4

GET
H2 200 Fraudfighter_November_2014.min.js Show response
blog.fraudfighter.com/hs-fs/hub/76574/hub_generated/template_assets/2051074399/1571301027303/Coded_files/Custom/page/FraudFigther_November_2014/ 3 KB
1 KB 175ms
173ms Script
application/javascript 2606:2c40::c73c:6702
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.fraudfighter.com/hs-fs/hub/76574/hub_generated/template_assets/2051074399/1571301027303/Coded_files/Custom/page/FraudFigther_November_2014/Fraudfighter_November_2014.min.js
Requested by: Host: blog.fraudfighter.com
URL: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6340ccf31c4c390375a5d8cfba87d219e27e19752579534c9e8314740b4e20a

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 23:48:21 GMT
via: 1.1 615f410a3a080a335933e9fa08c15261.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-P1
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
content-encoding: br
x-amz-request-id: VSA51JDBGA7SAN4D
x-amz-id-2: 3jgCGweiOw5l0HImDiyr8eS03Gp+nt4w5oj7/aHnO8/HhAxrXr+DxmpRkHQhaPwsY7aDYpu7RC8=
last-modified: Thu, 17 Oct 2019 08:30:28 GMT
server: cloudflare
etag: W/"63729d370293e20953587c73cacad16e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YIitZVn4JMR7GS7j3Yh8i8PQwH%2B2UejKndjVSwpA7fzucI%2FrfmoQ4qT1NYN7GyO3mXJwu7yS1FH1t7O5%2ByY0FIEQhRp1vM9Vj%2FmiHdAGYWr3LKstf0CPp8HedYHz%2BH%2BM4yDoGj3Y%2FXps0hNjYu4jSjQkdA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
x-amz-version-id: 8C.v2Sx5vVgfUy9JIYT_WbqjV13Vy6F0
cf-ray: 6c4eadd21cf97144-YUL
x-amz-cf-id: _gR9aJjjvYIWn2HX8xrJdlrhNYYN_IM-PNP86-8-bvO23lUMbjVa0A==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 45 KB
18 KB 125ms
51ms Script
text/javascript 142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: blog.fraudfighter.com
URL: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

cafe /

Resource Hash

dadcb61725f4f875aee4816ce3eafd8d1b544a5350796e5e875e62ae9cdf6172

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 23:48:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17611
x-xss-protection: 0
server: cafe
etag: 6886643199593491833
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 28 Dec 2021 23:48:21 GMT

GET
H/1.1 200
OK Capture.aspx Show response
secure.hall3hook.com/Track/ 0
184 B 101ms
100ms Script
text/plain 40.78.102.238
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.hall3hook.com/Track/Capture.aspx?retType=js&trk_uid=&trk_user=198388&trk_sw=1600&trk_sh=1200&trk_ref=https%3A%2F%2Fwww.fraudfightermail.net%2F&trk_tit=When%C2%A0do%20we%C2%A0return%20to%C2%A0the%20bad-old-days%20of%C2%A0normal%C2%A0fraud%3F&trk_loc=https%3A%2F%2Fblog.fraudfighter.com%2Fwhen-do-we-return-to-the-bad-old-days-of-normal-fraud%3Fsid%3D1386007%26rID%3D30026110&trk_agn=Netscape&trk_agv=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.93%20Safari%2F537.36.lfcd24.lflngen-US&trk_dom=blog.fraudfighter.com&trk_cookie=55cece7d-29c2-40ea-9237-177628557ff4-c198388-sw1600-sh1200-ms1640735301424-r8852761
Requested by: Host: secure.hall3hook.com
URL: https://secure.hall3hook.com/js/198388.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.78.102.238 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 28 Dec 2021 23:48:21 GMT
Server: Kestrel
Connection: keep-alive
Content-Length: 0
Request-Context: appId=cid-v1:d25bb469-d549-4f46-8a4f-21a633514f1f

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v27/ 16 KB
16 KB 103ms
52ms Font
font/woff2 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:regular|Open+Sans:regular|Teko:regular,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cce577471c2586f3e0c2518fff84a970d33f61491fb8c629341b86f238cf07c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://blog.fraudfighter.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 22:28:21 GMT
x-content-type-options: nosniff
age: 264000
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16692
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:32:10 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sun, 25 Dec 2022 22:28:21 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ 23 KB
23 KB 99ms
49ms Font
font/woff2 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:regular|Open+Sans:regular|Teko:regular,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://blog.fraudfighter.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 04:58:07 GMT
x-content-type-options: nosniff
age: 586214
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:19:01 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 22 Dec 2022 04:58:07 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 22 KB
23 KB 85ms
35ms Font
font/woff2 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,900,700,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://blog.fraudfighter.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 00:38:10 GMT
x-content-type-options: nosniff
age: 256211
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22992
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:18:57 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Mon, 26 Dec 2022 00:38:10 GMT

GET
H2 200 S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 23 KB
23 KB 71ms
21ms Font
font/woff2 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh7USSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,900,700,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9194059997d722ec01e41980dffbff03ebe00808b1cdd164a7fd18a561bc312a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://blog.fraudfighter.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:34:02 GMT
x-content-type-options: nosniff
age: 65659
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23248
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:18:53 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 28 Dec 2022 05:34:02 GMT

GET
H2 200 LYjCdG7kmE0gdRhYsCRgqA.woff2
fonts.gstatic.com/s/teko/v10/ 13 KB
13 KB 95ms
46ms Font
font/woff2 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/teko/v10/LYjCdG7kmE0gdRhYsCRgqA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:regular|Open+Sans:regular|Teko:regular,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3a8b7336bec502f846c8101cd4b1a751bdbf3d3fff3949949462517f27e1cec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://blog.fraudfighter.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 17:58:05 GMT
x-content-type-options: nosniff
age: 539416
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12888
x-xss-protection: 0
last-modified: Tue, 01 Sep 2020 05:54:44 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 22 Dec 2022 17:58:05 GMT

GET
H2 200 undefined.png
blog.fraudfighter.com/hubfs/ 218 KB
219 KB 317ms
316ms Image
image/png 2606:2c40::c73c:6702
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.fraudfighter.com/hubfs/undefined.png
Requested by: Host: blog.fraudfighter.com
URL: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6986db0e9b9884574d7ef57c2d4e27b2df248fc81f1ef5e4133af1160f9925c3

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-meta-cache-tag: F-42654684490,P-76574,FLS-ALL
x-amz-request-id: S6V2Q3R893SEF7GQ
x-amz-server-side-encryption: AES256
edge-cache-tag: F-42654684490,P-76574,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
etag: "a88c7850ac3504dd4bdebba34927f413"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12
x-amz-meta-created-unix-time-millis: 1615182656157
date: Tue, 28 Dec 2021 23:48:21 GMT
via: 1.1 9e89086b4bc4697bea1e1dec6ddc5c5c.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: JFK51-C1
x-hs-alternate-content-type: text/plain
x-cache: Miss from cloudfront
x-amz-meta-index-tag: all
content-length: 222845
x-amz-id-2: 8z/qOl+jONKW896tzGo3ufQpB4rsvT0lZuTTsU/JP8kDyG31JylG8ayi5DAQKUPSJfCiKEHF904=
last-modified: Mon, 08 Mar 2021 05:50:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2MhTHTfypXuz0cmHseGZj%2F1u0R6l2ck%2FVi20XQzdYwBI%2F5Xch4qHFQqEhzxAcdfxQB9%2FWR7rxwSojsZBLFwJxnncUXbpoZm8H9mxzT5YmQ5oi3sctvEOSEx9pzPcPHMcAK9g1KQIgpPuzrMjXkKtQPU3Pw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 1hHqrACYOImNi9Gw9uBtIRQC_me5LCs2
accept-ranges: bytes
cf-ray: 6c4eadd25d557144-YUL
x-amz-cf-id: Zto2Wmjso0YJQ4hKt5pp-hHKmVfKjlyHrdivfhYqhKWJt3e76sQnCA==

GET
H2 200 undefined-1.png
blog.fraudfighter.com/hubfs/ 51 KB
52 KB 235ms
235ms Image
image/png 2606:2c40::c73c:6702
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.fraudfighter.com/hubfs/undefined-1.png
Requested by: Host: blog.fraudfighter.com
URL: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3febd11da2d083ff7ff6a7732c83bc5d2a747a09ef72fcb4fb744eb01ae5e84

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-meta-cache-tag: F-42654677177,P-76574,FLS-ALL
x-amz-request-id: S6V2P7BMD4EJS2V0
x-amz-server-side-encryption: AES256
edge-cache-tag: F-42654677177,P-76574,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
etag: "cdb6bc87a6bcd72ceb0821a98b1797a3"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12
x-amz-meta-created-unix-time-millis: 1615182716285
date: Tue, 28 Dec 2021 23:48:21 GMT
via: 1.1 027e28c3e3bc8e973485de11ace0dd5d.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: JFK51-C1
x-hs-alternate-content-type: text/plain
x-cache: Miss from cloudfront
x-amz-meta-index-tag: all
content-length: 52546
x-amz-id-2: TJr5Ol59KRKVUV4PMUbHASEPpzEUe4Pk6DrDhUGEpqefc9a8pjhZVBVslQmBHxK5/p4FaMTRdLk=
last-modified: Mon, 08 Mar 2021 05:51:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J8DV2Rao2QWn508oXhADtUNxOlJu0qZV4S88QEHF1zigR323MQ1OGR2Z9SoISD%2B4QKgCrOeG3Ub%2B5Xto4I00kx3x%2BgtWofs4cU6DcX5b4Bf2YpNNmWzLKUZogc8lc3z5o7HcRAOPIiSN40TFI7vkisuXow%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: I3sPIaqq6BK40EHXw51bdH2B9HkLO8Gt
accept-ranges: bytes
cf-ray: 6c4eadd25d587144-YUL
x-amz-cf-id: y7ZiaPt5nrjspWVrURGb1uFRD-RhRtx4T_dIMbgqM41kW4uZZYcpOg==

GET
H2 200 featured-graph-588x352.png
blog.fraudfighter.com/hs-fs/hubfs/Blog_images/ 29 KB
30 KB 484ms
483ms Image
image/png 2606:2c40::c73c:6702
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.fraudfighter.com/hs-fs/hubfs/Blog_images/featured-graph-588x352.png?height=230&name=featured-graph-588x352.png
Requested by: Host: blog.fraudfighter.com
URL: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98d9da36eb33d8171372b4bd51d5e6e0c018ae3eddb24dd2b23fae44aae01e4f

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-methods: GET
date: Tue, 28 Dec 2021 23:48:21 GMT
via: 1.1 7a9ee72a0b48ca2cabd7b6a48922db46.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-3321111252,P-76574,FLS-ALL
x-amz-cf-pop: JFK51-C1
edge-cache-tag: F-3321111252,P-76574,FLS-ALL
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
x-amz-request-id: HM6NNA8A1W5K7549
x-amz-id-2: 33VjON08OpFVnTzomBpAJ9K9/doy0KgrBVOaks3HgbbKqmvnzKzgdH1QJUWEA0VVYJBY7uKROTg=
accept-ranges: bytes
last-modified: Sat, 07 Oct 2017 23:57:06 GMT
server: cloudflare
etag: "e6808727d28167f6d59e91f0c0586044"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F20hqeLgZikCcbuPG54NcIQfzg%2Fzd6Je1ZJ7ZRmKXBDKkZihFb3mFVm1U1FHLOZDFMb4mMiJMWJAPUIsqiFtuZ3tEx81H6%2Bn6GzwHESjEvnDTquRddAC1L%2FV3BvhZ0XkaTGoUu1PXYB6G3Ou3ZTe5a38eg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id: 8RkkWXNmhgjQ0k.L2NmhsEBT4ilVvuAK
content-length: 30191
cf-ray: 6c4eadd27d847144-YUL
x-amz-cf-id: rk262CB_CsooYBGSOAhU01tFyg3LwBM-AVoSBNZvIk4IhSpxGrTYbw==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 fast_food_pos.jpg
blog.fraudfighter.com/hs-fs/hubfs/Blog_images/ 22 KB
23 KB 257ms
257ms Image
image/jpeg 2606:2c40::c73c:6702
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.fraudfighter.com/hs-fs/hubfs/Blog_images/fast_food_pos.jpg?height=230&name=fast_food_pos.jpg
Requested by: Host: blog.fraudfighter.com
URL: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c3b64c4dbde7483c980b04b7fa19d1c12b44fefb261af65cb07ae437fe6cc0e

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 23:48:21 GMT
via: 1.1 b9d1b307966c2273bf97ed7c681603db.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-P1
x-amz-server-side-encryption: AES256
edge-cache-tag: F-4025726380,FD-3465603155,P-76574,FLS-ALL
x-amz-replication-status: COMPLETED
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
content-length: 22795
last-modified: Sat, 11 Dec 2021 00:20:40 GMT
server: cloudflare
etag: "6a866d7c1edb580ff8f4e0cd97a7a087"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BF0xU1%2BchaWOfiFDOQBvHDi4YEQYYqWa4Y%2Fb1f1Xs7FLcyS7YNdjDbA1PBO%2BRIAYa%2BJnlQdI1Syw%2FLUI61fD0z5htJr1t%2FTcKkGql1MOQLPcgMANhf5dij%2BxlyK%2BlcwFMGzcjZlnPvjTJ6kPO6plSjQpog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 6c4eadd27d897144-YUL
x-amz-cf-id: T2-2LTi_F0QpBqSjn-VItqYzd_6P2oYCFX78xSRZXcpocTszpqp4uw==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 37 KB
14 KB 77ms
77ms Script
text/javascript 142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-CONVERSION_ID

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

cafe /

Resource Hash

7317a02358b2b617ba0934b570c313ee76f29176c4821a9a5fd1656413e5f41b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 23:48:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14333
x-xss-protection: 0
server: cafe
etag: 8469929769973419123
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 28 Dec 2021 23:48:21 GMT

GET
H2 200 fb17fa63-182c-4212-bf52-d7126330389e Show response
blog.fraudfighter.com/_hcms/forms//embed/v3/form/76574/ 20 KB
5 KB 74ms
74ms Script
application/javascript 2606:2c40::c73c:6702
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.fraudfighter.com/_hcms/forms//embed/v3/form/76574/fb17fa63-182c-4212-bf52-d7126330389e?callback=hs_reqwest_0&hutk=

Requested by

Host: blog.fraudfighter.com
URL: https://blog.fraudfighter.com/_hcms/forms/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

827632f426e0c0290d86b5d5879957643ea945f72644b7924f2c7d4476dd3ce9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 23:48:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 4c6ef8d6-439e-4022-a89f-aa40f808f91a
cf-ray: 6c4eadd37eef7144-YUL
content-disposition: attachment; filename=no-rfd.txt
vary: Accept-Encoding
server: cloudflare
x-trace: 2BC2B8CFD4118E53CD12BA2F8D85B2E9F6F9AEE630000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5NtLdBkHaP4GxYhvx6JtFI55P3x5SBwkZ4R3OoVdZerUpbgGje6kxSCFzMVhCl01t0yAY1VTamxDk5jUsT0TAxUJYuW9uibRQwfzD9rBJjNQ%2Fc2SF26szaPwlfRfmST8zrVS5pFd0cXRyAIgsvFsk3XfyA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript;charset=utf-8
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 76574.js Show response
js.hs-analytics.net/analytics/1640735100000/ 62 KB
20 KB 183ms
116ms Script
text/javascript 2606:4700::6811:47b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1640735100000/76574.js
Requested by: Host: blog.fraudfighter.com
URL: https://blog.fraudfighter.com/hs/scriptloader/76574.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:47b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2f9fedbd4a344bf422418eaa6a8e6a4e5081875a09837ef99d437563aaa8964

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 23:48:21 GMT
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: S6V8EKWHK4D4MH6E
x-amz-server-side-encryption: AES256
cf-ray: 6c4eadd3e840ca53-YUL
x-amz-id-2: fbna0f1gNlNlB9CYcp1K3R3SjH00vOpKY1zXpHu+AMRg8732vHznayJEAH+DLbbrdR8eM7cFZnI=
last-modified: Tue, 23 Nov 2021 14:37:42 GMT
server: cloudflare
etag: W/"0c3383e5c9265aa9d4bb678b3d5073ef"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: max-age=300, public
access-control-allow-credentials: false
content-type: text/javascript
expires: Tue, 28 Dec 2021 23:53:21 GMT

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
3 KB 77ms
28ms Script
application/javascript 2606:4700::6811:74b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsadspixel.net/fb.js
Requested by: Host: blog.fraudfighter.com
URL: https://blog.fraudfighter.com/hs/scriptloader/76574.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:74b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1462ee824fc3172a7c7fb70f6f2276fa6be8bcffaa9eea71ef529c94eb56124

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 23:48:21 GMT
via: 1.1 5630c5d6ce3870273aaf2ed5fe6c2f14.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 145
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.260/bundles/pixels-release.js&cfRay=6c21abbdeebe7138-IAD
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
last-modified: Tue, 21 Dec 2021 12:57:36 UTC
server: cloudflare
etag: W/"4810ba79843c6ef24b5495e240dece67"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: Boqywn5qgiRrIgfbl8XekFtn0W1ZcHLq
cache-control: max-age=600
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-P1
cf-ray: 6c4eadd3dee94bd0-YUL
x-amz-cf-id: Q_s-S6FryTVoDyo0h9_u165UHyNX49DLq7PmUSGUGYlhkySD7UmhLQ==
x-hs-target-asset: adsscriptloaderstatic/static-1.260/bundles/pixels-release.js

GET
H2 200 76574.js Show response
js.hs-banner.com/ 60 KB
16 KB 238ms
197ms Script
text/javascript 2606:4700::6812:15bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/76574.js
Requested by: Host: blog.fraudfighter.com
URL: https://blog.fraudfighter.com/hs/scriptloader/76574.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:15bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35717662476b8860cad0880b7a1da6a0c0f3fbfb619935cb9924838eac75b4c7

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 23:48:21 GMT
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: S6V2HE88HBVCPSBH
x-amz-server-side-encryption: AES256
content-type: text/javascript; charset=UTF-8
access-control-max-age: 604800
x-amz-id-2: tqkC47CJT+DqMs4LmhG42MQtAEfr007RFiQFmFvlh1ae+CMCqtZCmeYP9dSNQ1zU/v9Xb5Nh+IU=
timing-allow-origin: *
last-modified: Tue, 23 Nov 2021 14:37:41 GMT
server: cloudflare
etag: W/"96627b59d4a79f18a57a93b503deeeae"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id: khS6dlkoVxT01G6AQ_xasKc_MoXuFhiM
access-control-allow-origin: https://blog.fraudfighter.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
cf-ray: 6c4eadd3cbae4bbf-YUL
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Tue, 28 Dec 2021 23:53:21 GMT

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 537 KB
87 KB 74ms
35ms Script
application/javascript 2606:4700::6811:eacc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsleadflows.net/leadflows.js
Requested by: Host: blog.fraudfighter.com
URL: https://blog.fraudfighter.com/hs/scriptloader/76574.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:eacc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb54934c45f4c74ce2c3d2cc7b8b08b49b5c75d1dc0a64dd5071bf2b452c69ea

Request headers

Referer: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
Origin: https://blog.fraudfighter.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 23:48:21 GMT
via: 1.1 0920aeb1eced22df07c9ece1cab0a555.cloudfront.net (CloudFront)
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
age: 15541
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=lead-flows-js/static-1.1066/bundle/main/lead-flows-release.js&cfRay=6c4598b669c754cd-IAD
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-encoding: br
cf-ray: 6c4eadd3bac0ca4f-YUL
last-modified: Fri, 10 Dec 2021 01:08:50 UTC
server: cloudflare
etag: W/"a20da5f3327ff62c3dfbc71571e4fc6d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: L5EK4Wtvn0GVRD3yODp9CC_dzIEEuKk.
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=0
x-hs-cache-status: MISS
x-amz-cf-pop: IAD89-P1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: CvikceMQ3ZLGY-VaZjwkuedBDUlpRr18IeUCJy4BmD6pLvvJqRPRQw==
x-hs-target-asset: lead-flows-js/static-1.1066/bundle/main/lead-flows-release.js

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1071859702/ 2 KB
1 KB 102ms
42ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1071859702/?random=1640735301674&cv=9&fst=1640735301674&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fblog.fraudfighter.com%2Fwhen-do-we-return-to-the-bad-old-days-of-normal-fraud%3Fsid%3D1386007%26rID%3D30026110&ref=https%3A%2F%2Fwww.fraudfightermail.net%2F&tiba=When%C2%A0do%20we%C2%A0return%20to%C2%A0the%20bad-old-days%20of%C2%A0normal%C2%A0fraud%3F&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f5fe1c575ed4c8cb5dc3c1fe6118010fc15f07a84ce9d1a7fc3b469299984bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 23:48:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1101
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 568e9f3dacb70f7a620001c1.js Show response
tag.marinsm.com/serve/ 12 KB
4 KB 90ms
45ms Script
text/javascript 151.101.0.65
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.marinsm.com/serve/568e9f3dacb70f7a620001c1.js

Requested by

Host: blog.fraudfighter.com
URL: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.65 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

c1219785374752ce40e9954f8ce61716228769d7679ebecd7a82d77c272b7464

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 28 Dec 2021 23:48:21 GMT
Via: 1.1 vegur, 1.1 varnish
X-Content-Type-Options: nosniff
Age: 0
X-Cache: MISS
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 4169
X-Served-By: cache-yul12828-YUL
Server: Cowboy
X-Timer: S1640735302.730252,VS0,VE35
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=1800
Accept-Ranges: bytes
X-Cache-Hits: 0

GET
H2 200 all.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 94ms
27ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Requested by

Host: blog.fraudfighter.com
URL: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

17afb78bd2b73c4010b358da89f5403625ac707dfcbc8f8e4e27b9a3bb51197a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: ow2q+xAZlw6AqxnNpg1QTw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Wed, 29 Dec 2021 00:04:04 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: as4f6lcFIxtHTiIjkLt+29yXWPgtDZgQJiP8/8OSyYwxI0nk5Sj2nWBNugXeRM+h1Bgwi3JMC3584HPShjCBeQ==
x-fb-trip-id: 1512268381
x-fb-content-md5: 5bd243e3ee91144bd26ffd642a501569
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 28 Dec 2021 23:48:21 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "5e16a4e2d63aafd04ee5644c2df07e99"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 126ms
31ms Script
application/javascript 2606:2800:220:de:468:2285:c1:4a3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: blog.fraudfighter.com
URL: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:220:de:468:2285:c1:4a3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (cha/8198) /
Resource Hash: 97719c71e44494e537beba8d51c6bb268a34dcd867fdefc431229225ca734b46

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 28 Dec 2021 23:48:21 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 1224
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Content-Length: 29126
x-tw-cdn: VZ
Last-Modified: Thu, 02 Dec 2021 21:35:27 GMT
Server: ECS (cha/8198)
Etag: "50ec7e701ed018305368886c39cac301+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H3 204 has-permission Show response
app.hubspot.com/content-tools-menu/api/v1/tools-menu/ 0
540 B 78ms
77ms Script
text/plain 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/content-tools-menu/api/v1/tools-menu/has-permission?portalId=76574&callback=jsonpHandler

Requested by

Host: blog.fraudfighter.com
URL: https://blog.fraudfighter.com/hs/hsstatic/HubspotToolsMenu/static-1.119/js/index.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
x-hs-worker-debug-mode: false
server: cloudflare
x-hubspot-correlation-id: 09d0bee6-d5e9-4ac4-831f-82e801d0ab25
x-trace: 2B4C41EF8C51B27EABCFB1E71E8CA2D7D54EED5F19000000000000000000
date: Tue, 28 Dec 2021 23:48:21 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
cf-cache-status: DYNAMIC
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://exceptions.hubspot.com/csp/reports"}]}
cache-control: max-age=0
access-control-allow-credentials: true
cf-ray: 6c4eadd38ded7154-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 cta-json Show response
cta-service-cms2.hubspot.com/ctas/v2/public/cs/ 7 KB
2 KB 132ms
119ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cta-service-cms2.hubspot.com/ctas/v2/public/cs/cta-json?canon=https%3A%2F%2Fblog.fraudfighter.com%2Fwhen-do-we-return-to-the-bad-old-days-of-normal-fraud&pageId=42654121989&pid=76574&sv=cta-embed-js-static-1.68&utm_referrer=https%3A%2F%2Fwww.fraudfightermail.net%2F&rdy=1&cos=1&df=t&pg=15b08b2c-e504-40fb-93fa-7f029ace9568&pg=99f422fc-e5f0-46af-9488-5b6bbe77a215

Requested by

Host: blog.fraudfighter.com
URL: https://blog.fraudfighter.com/hs/cta/cta/current.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0122e600a543be699b6cdcefcdb81288a9f206b79592a7b61191abbc5b653d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 23:48:21 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: d8c02f29-9288-47c2-b3b2-9f0e7492a470
access-control-allow-methods: OPTIONS, GET
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-robots-tag: noindex, follow
server: cloudflare
x-trace: 2B742648060959C064F553571A4A4A8E9E6D6FF798000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BZkZhlEd%2B%2FHpW1dBghUdPXsup2UINESr9LO1QrkgznMHwjB3I93Fc9VJrMRFWwGTVRz84%2BNqbbLgL%2FHoLlrGq%2B7H9ymbLwpAlgahb6ZjKT%2Fkpzseo7pN9wGsq%2FF%2FT0d5DP%2FhZ9vHX0gVSROLmr4ywFkzDTZxQe3OCR0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://blog.fraudfighter.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
cf-ray: 6c4eadd3aef54bb9-YUL
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent

GET
H2 200 public Show response
api-na1.hubapi.com/comments/v3/comments/thread/ 76 B
833 B 142ms
97ms Script
application/javascript 2606:4700::6811:cccc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-na1.hubapi.com/comments/v3/comments/thread/public?portalId=76574&offset=0&limit=10000&contentId=42654121989&collectionId=442513759&callback=jsonp_1640735301690_89148

Requested by

Host: blog.fraudfighter.com
URL: https://blog.fraudfighter.com/hs/hsstatic/AsyncSupport/static-1.122/js/comment_listing_asset.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:cccc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3d6e7c84e2afedeb10818be1ba71a1b8d73b5d0046c3a44047865ae65f35f89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 23:48:21 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-hubspot-correlation-id: e1046134-98b5-4418-8993-ee658d30d750
x-trace: 2B1367C15BA3E5523D98AD48C811FF3F64449F49BD000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1uAdIuh3f7wFDhHMtBsKooOY0Jct50cQio4KVI%2Fl3iFci6xudZ%2FYA6vIwVtnaS%2F5ULKPXwMFIAp%2BLA4udVSVQ8cdIw88Hxjfdfz0MtiWM5C2s12KiKuQ%2F4V3ZlUkkOmiauluyYG2zTxUDx4T6Wf7gg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-credentials: false
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6c4eadd3edd04bc5-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 embed_shepherd-v1.js Show response
fast.wistia.com/assets/external/ 580 KB
105 KB 13ms
12ms Script
application/javascript 2a04:4e42:400::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/embed_shepherd-v1.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/static/integrations-hubspot-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ca56287bb2c937e0df8bc761a1b5b2b1d90184eefb3e0e90283beb0fe6f80b9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 23:48:21 GMT
content-encoding: br
vary: Accept-Encoding
age: 1896
x-cache: HIT, HIT
content-length: 107327
x-served-by: cache-iad-kiad7000104-IAD, cache-yul12827-YUL
access-control-allow-origin: *
x-browser-version: 96
last-modified: Tue, 21 Dec 2021 15:15:28 GMT
x-timer: S1640735302.702354,VS0,VE0
etag: "61c1ef90-1a33f"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 5

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/CONVERSION_ID/ 3 KB
2 KB 75ms
42ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/CONVERSION_ID/?random=1640735301702&cv=9&fst=1640735301702&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.fraudfighter.com%2Fwhen-do-we-return-to-the-bad-old-days-of-normal-fraud%3Fsid%3D1386007%26rID%3D30026110&ref=https%3A%2F%2Fwww.fraudfightermail.net%2F&tiba=When%C2%A0do%20we%C2%A0return%20to%C2%A0the%20bad-old-days%20of%C2%A0normal%C2%A0fraud%3F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dc123b8c2478f39918c42e034a51ad1097e2ecab81ab64ae7d684dd71f1128ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 23:48:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1135
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cta-loaded.js Show response
blog.fraudfighter.com/hs/cta/ctas/v2/public/cs/ 0
674 B 80ms
80ms Script
text/plain 2606:2c40::c73c:6702
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.fraudfighter.com/hs/cta/ctas/v2/public/cs/cta-loaded.js?pid=76574&pg=15b08b2c-e504-40fb-93fa-7f029ace9568&lt=1640735301488&dt=1640735301489&at=1640735301842&an=1

Requested by

Host: blog.fraudfighter.com
URL: https://blog.fraudfighter.com/hs/cta/cta/current.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 23:48:21 GMT
cf-cache-status: MISS
last-modified: Tue, 28 Dec 2021 23:48:21 GMT
server: cloudflare
x-hubspot-correlation-id: 917b580d-b137-495c-95df-002a36a06060
x-trace: 2BF3C11635BDB6AE203E7DB30CCBC92BBEC21009EA000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rvSz1sQpctqPOsj1Xu5%2BIPfpD5PdSKDl4lW8HaFYgm08YT5W7irzdPZnBfpbQkvaaier5vmxIhQKkA6FgAPB63pOe8AXJjb3WFZqD%2BxQu6OPhTdtDFWO78Y3JstfOo7gSFKl1bFwa8Mv6A6cuURMiRy2YA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=0, no-cache, no-store
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6c4eadd488ae7144-YUL
x-robots-tag: noindex, follow

GET
H2 200 cta-loaded.js Show response
blog.fraudfighter.com/hs/cta/ctas/v2/public/cs/ 0
674 B 78ms
78ms Script
text/plain 2606:2c40::c73c:6702
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.fraudfighter.com/hs/cta/ctas/v2/public/cs/cta-loaded.js?pid=76574&pg=99f422fc-e5f0-46af-9488-5b6bbe77a215&lt=1640735301507&dt=1640735301507&at=1640735301844&an=1

Requested by

Host: blog.fraudfighter.com
URL: https://blog.fraudfighter.com/hs/cta/cta/current.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 23:48:21 GMT
cf-cache-status: MISS
last-modified: Tue, 28 Dec 2021 23:48:21 GMT
server: cloudflare
x-hubspot-correlation-id: 28078c85-870b-49d7-9147-bb9e4d76454b
x-trace: 2B20A80CF7782FEE8CF373BE74F51A3A5D568C866E000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LTZ1K%2BYKqBKCwKy1c3yzHqw8aM0GSlFnjWanSEGnMO%2FgRxtWojGrtanwXVQz1Z2U5v%2BqavLHiIMTzslrkXbWBj4ohIJIZj6YC%2BtloqYOQDMVZISYabEf5dIGKbZrVUYtvqzSdPmLvIyZyeGJv2xiXYqn%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=0, no-cache, no-store
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6c4eadd488b37144-YUL
x-robots-tag: noindex, follow

GET
H2 200 counters.gif
perf.hsforms.com/embed/v3/ 35 B
548 B 108ms
59ms Image
image/gif 2606:4700::6810:5905
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf.hsforms.com/embed/v3/counters.gif?key=cta-json-success&value=1

Requested by

Host: blog.fraudfighter.com
URL: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5905 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 23:48:21 GMT
vary: Accept-Encoding
cf-cache-status: MISS
x-hubspot-correlation-id: 64589e50-1674-4ff2-932d-1b2616ab6f73
cf-ray: 6c4eadd4dcf9713c-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 35
last-modified: Tue, 28 Dec 2021 23:48:21 GMT
server: cloudflare
x-trace: 2BC6D729D17618876EE34F5EC3E8EC0554A9084626000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
accept-ranges: bytes
x-robots-tag: none

GET
H2 200 190caa72-785a-4db9-808c-c129f6bde285.jpeg
f.hubspotusercontent20.net/hubfs/76574/hub_generated/resized/ 16 KB
16 KB 254ms
208ms Image
image/jpeg 2606:4700::6810:ba72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://f.hubspotusercontent20.net/hubfs/76574/hub_generated/resized/190caa72-785a-4db9-808c-c129f6bde285.jpeg

Requested by

Host: blog.fraudfighter.com
URL: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:ba72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf192d230a1cbfc9b5a4f59aa5a15f18e450792043cfc3820ce395152e92b155

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 23:48:22 GMT
via: 1.1 7a9ee72a0b48ca2cabd7b6a48922db46.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: MISS
x-amz-cf-pop: JFK51-C1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
x-amz-request-id: 2EAJ6R0HGAAJDC3X
x-amz-id-2: SWfB6acoGGSo9WaeJwuu/e3e3ZMcmWK2o+Y3SJIcgYX8vbMdNDOKaLo69BHR9/DCGrJt1He26Xk=
accept-ranges: bytes
last-modified: Mon, 08 Mar 2021 06:11:55 GMT
server: cloudflare
etag: "027ba85b0bd1d2e26247e5a0e5c568e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id: 7h5iSqmYgEuy9WdPwv988uO6ExuFPl8R
content-length: 16004
cf-ray: 6c4eadd4ed427138-YUL
x-amz-cf-id: 3-jw6hrw7vOcDBH58HVIY91La8JNNfTxGQ5nLyLZM0BOsSA9Cdx3Ug==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 counters.gif
perf.hsforms.com/embed/v3/ 35 B
171 B 121ms
73ms Image
image/gif 2606:4700::6810:5905
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf.hsforms.com/embed/v3/counters.gif?key=cta-render-success&value=1

Requested by

Host: blog.fraudfighter.com
URL: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5905 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 23:48:21 GMT
vary: Accept-Encoding
cf-cache-status: MISS
x-hubspot-correlation-id: 88e27757-dd67-408c-91b2-b04e5939facb
cf-ray: 6c4eadd4dcfa713c-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 35
last-modified: Tue, 28 Dec 2021 23:48:21 GMT
server: cloudflare
x-trace: 2BBE2E68AD81C351DFDEDADFC7FD14D3263F3D1161000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
accept-ranges: bytes
x-robots-tag: none

GET
H/1.1

200
OK

tagjs Show response
pixel-geo.prfct.co/
Redirect Chain

https://pixel-geo.prfct.co/tagjs?a_id=55519&source=js_tag
https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=55519&source=js_tag

125 B
454 B

24ms
23ms

Script
text/javascript

52.6.52.44
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=55519&source=js_tag
Requested by: Host: blog.fraudfighter.com
URL: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
Protocol: HTTP/1.1
Server: 52.6.52.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-6-52-44.compute-1.amazonaws.com
Software: /
Resource Hash: f768823ecbfb0bc9a38984681b7a9a52254c52d50bdad0316812e870533a89d2

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, private
Connection: keep-alive
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length: 125
Content-Type: text/javascript

Redirect headers

Location: https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=55519&source=js_tag
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H3 200 all.js Show response
connect.facebook.net/en_US/ 285 KB
80 KB 53ms
24ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=7178915438eb0f50e4a871bceaa6bcfd

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

65352bf8841e0d3abd012542469e35861e67d5076992850e3708d7791d7bda0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
Origin: https://blog.fraudfighter.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 3zLh+0XIGPIDfEBcVGWUsA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Wed, 28 Dec 2022 22:23:49 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 81985
x-fb-rlafr: 0
x-fb-debug: ieLzGdFeP5h7oPKjDLdL6b93BZekqYCbiQGQwNUmAqd8szfWqHcZxhqR5GWbiXJUC84sYzDEuD0IeLbWZdy7wA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: cb60a6c75a8f57ef2f1581e6ae3e11bc
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 28 Dec 2021 23:48:21 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "438396e553cf5c7302813b05f90cbee4"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 /
www.google.com/pagead/1p-user-list/CONVERSION_ID/ 42 B
108 B 89ms
40ms Image
image/gif 2607:f8b0:4006:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/CONVERSION_ID/?random=1640735301702&cv=9&fst=1640732400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.fraudfighter.com%2Fwhen-do-we-return-to-the-bad-old-days-of-normal-fraud%3Fsid%3D1386007%26rID%3D30026110&ref=https%3A%2F%2Fwww.fraudfightermail.net%2F&tiba=When%C2%A0do%20we%C2%A0return%20to%C2%A0the%20bad-old-days%20of%C2%A0normal%C2%A0fraud%3F&async=1&fmt=3&is_vtc=1&random=1104744656&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: blog.fraudfighter.com
URL: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 23:48:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.ca/pagead/1p-user-list/CONVERSION_ID/ 42 B
108 B 97ms
41ms Image
image/gif 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/CONVERSION_ID/?random=1640735301702&cv=9&fst=1640732400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.fraudfighter.com%2Fwhen-do-we-return-to-the-bad-old-days-of-normal-fraud%3Fsid%3D1386007%26rID%3D30026110&ref=https%3A%2F%2Fwww.fraudfightermail.net%2F&tiba=When%C2%A0do%20we%C2%A0return%20to%C2%A0the%20bad-old-days%20of%C2%A0normal%C2%A0fraud%3F&async=1&fmt=3&is_vtc=1&random=1104744656&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: blog.fraudfighter.com
URL: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 23:48:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1071859702/ 42 B
327 B 87ms
40ms Image
image/gif 2607:f8b0:4006:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1071859702/?random=1640735301674&cv=9&fst=1640732400000&num=1&guid=ON&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fblog.fraudfighter.com%2Fwhen-do-we-return-to-the-bad-old-days-of-normal-fraud%3Fsid%3D1386007%26rID%3D30026110&ref=https%3A%2F%2Fwww.fraudfightermail.net%2F&tiba=When%C2%A0do%20we%C2%A0return%20to%C2%A0the%20bad-old-days%20of%C2%A0normal%C2%A0fraud%3F&fmt=3&is_vtc=1&random=3488293265&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: blog.fraudfighter.com
URL: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 23:48:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.ca/pagead/1p-user-list/1071859702/ 42 B
548 B 96ms
40ms Image
image/gif 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/1071859702/?random=1640735301674&cv=9&fst=1640732400000&num=1&guid=ON&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fblog.fraudfighter.com%2Fwhen-do-we-return-to-the-bad-old-days-of-normal-fraud%3Fsid%3D1386007%26rID%3D30026110&ref=https%3A%2F%2Fwww.fraudfightermail.net%2F&tiba=When%C2%A0do%20we%C2%A0return%20to%C2%A0the%20bad-old-days%20of%C2%A0normal%C2%A0fraud%3F&fmt=3&is_vtc=1&random=3488293265&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: blog.fraudfighter.com
URL: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 23:48:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK widget_iframe.21f942bb866c2823339b839747a0c50c.html Show response
platform.twitter.com/widgets/ Frame 7E92 319 KB
103 KB 30ms
29ms Document
text/html 2606:2800:220:de:468:2285:c1:4a3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.21f942bb866c2823339b839747a0c50c.html?origin=https%3A%2F%2Fblog.fraudfighter.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:220:de:468:2285:c1:4a3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (cha/8197) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1653717
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Tue, 28 Dec 2021 23:48:21 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Thu, 02 Dec 2021 21:34:18 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (cha/8197)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105433

GET
H2 200 enterprise.js Show response
www.google.com/recaptcha/ 1008 B
1 KB 60ms
38ms Script
text/javascript 2607:f8b0:4006:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit&isolated=true

Requested by

Host: blog.fraudfighter.com
URL: https://blog.fraudfighter.com/_hcms/forms/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

98c7b48b806c0c4b059bdd8fca49716aac5f5701f3662fcee8316cb8d8c2b603

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 23:48:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 614
x-xss-protection: 1; mode=block
expires: Tue, 28 Dec 2021 23:48:21 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/ 344 KB
135 KB 72ms
24ms Script
text/javascript 2607:f8b0:4006:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit&isolated=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de40f8e9a13821460fad3250442ee45458a1073661d67758f325b3a354995dd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
Origin: https://blog.fraudfighter.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 19:04:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17042
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 137533
x-xss-protection: 0
last-modified: Mon, 13 Dec 2021 05:04:24 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Wed, 28 Dec 2022 19:04:20 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 7E92 233 B
447 B 171ms
62ms Fetch
application/json 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=8a992325c41823acb88551e982b80d6d9fa15dc2

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.21f942bb866c2823339b839747a0c50c.html?origin=https%3A%2F%2Fblog.fraudfighter.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

2816082c025f64540b613fde3096d814ae21ac75279461ec1d6bcb5c07099fdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-response-time: 8
date: Tue, 28 Dec 2021 23:48:21 GMT
content-encoding: gzip
last-modified: Tue, 28 Dec 2021 23:48:22 GMT
server: tsa_b
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 086e287a7a9eee132cbbd5d5d5120bbe142822359ed5e1dd0b5a7db87e755fd6
content-length: 167

GET
H2

200

adsct
analytics.twitter.com/i/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=twtr
https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_NgTofLDTBPNADhD8w

43 B
595 B

212ms
57ms

Image
image/gif

104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_NgTofLDTBPNADhD8w

Requested by

Host: blog.fraudfighter.com
URL: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110

Protocol

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 23:48:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 8
pragma: no-cache
last-modified: Tue, 28 Dec 2021 23:48:22 GMT
server: tsa_b
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: b0cd0d22b5f0633a1efe21ab93d574c5ae36902dbec0460e51bfe2121511be73
x-transaction: 4f8ad42935013229
expires: Tue, 31 Mar 1981 05:00:00 GMT

Redirect headers

Location: https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_NgTofLDTBPNADhD8w
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58288/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=yah
https://ups.analytics.yahoo.com/ups/58288/sync?uid=pa_NgTofLDTBPNADhD8w&_origin=1
https://ups.analytics.yahoo.com/ups/58288/sync?uid=pa_NgTofLDTBPNADhD8w&_origin=1&verify=true

0
122 B

31ms
30ms

Image
text/plain

52.45.33.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58288/sync?uid=pa_NgTofLDTBPNADhD8w&_origin=1&verify=true

Requested by

Host: blog.fraudfighter.com
URL: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110

Protocol

Server

52.45.33.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-45-33-138.compute-1.amazonaws.com

Software

ATS/9.1.0.33 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 23:48:22 GMT
server: ATS/9.1.0.33
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58288/sync?uid=pa_NgTofLDTBPNADhD8w&_origin=1&verify=true
date: Tue, 28 Dec 2021 23:48:22 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=opx
https://us-u.openx.net/w/1.0/sd?id=537114372&val=pa_NgTofLDTBPNADhD8w
https://us-u.openx.net/w/1.0/sd?cc=1&id=537114372&val=pa_NgTofLDTBPNADhD8w

43 B
61 B

47ms
32ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537114372&val=pa_NgTofLDTBPNADhD8w
Requested by: Host: blog.fraudfighter.com
URL: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 23:48:22 GMT
via: 1.1 google
server: OXGW/17.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537114372&val=pa_NgTofLDTBPNADhD8w
date: Tue, 28 Dec 2021 23:48:22 GMT
via: 1.1 google
server: OXGW/17.0.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=rbcn
https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_NgTofLDTBPNADhD8w

42 B
767 B

135ms
25ms

Image
image/gif

8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_NgTofLDTBPNADhD8w
Requested by: Host: blog.fraudfighter.com
URL: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
Protocol: HTTP/1.1
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 10af108baa8103fb427a2cc0433d74a0
Content-Type: image/gif

Redirect headers

Location: https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_NgTofLDTBPNADhD8w
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H/1.1

200
OK

cb
pixel-geo.prfct.co/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=goo
https://cm.g.doubleclick.net/pixel?google_nid=nowspots_bidder&google_hm=cGFfTmdUb2ZMRFRCUE5BRGhEOHc
https://pixel-geo.prfct.co/cb?partnerId=goo

43 B
365 B

25ms
24ms

Image
image/gif

52.6.52.44
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-geo.prfct.co/cb?partnerId=goo
Requested by: Host: blog.fraudfighter.com
URL: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
Protocol: HTTP/1.1
Server: 52.6.52.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-6-52-44.compute-1.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, private
Connection: keep-alive
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 28 Dec 2021 23:48:22 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel-geo.prfct.co/cb?partnerId=goo
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 240
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK /
pixel-geo.prfct.co/seg/ 43 B
365 B 89ms
40ms Image
image/gif 52.6.52.44
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-geo.prfct.co/seg/?add=4362616&source=js_tag&a_id=55519
Requested by: Host: blog.fraudfighter.com
URL: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.6.52.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-6-52-44.compute-1.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, private
Connection: keep-alive
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length: 43
Content-Type: image/gif

GET
H/1.1

200
OK

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/seg?t=2&add=4362616
https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D4362616

43 B
1023 B

31ms
30ms

Image
image/gif

68.67.181.202
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D4362616

Requested by

Host: blog.fraudfighter.com
URL: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110

Protocol

HTTP/1.1

Server

68.67.181.202 Secaucus, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

555.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Dec 2021 23:48:22 GMT
X-Proxy-Origin: 37.120.205.147; 37.120.205.147; 555.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid: 2c61c9a2-b848-470e-beec-d1a75233d608
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 28 Dec 2021 23:48:22 GMT
X-Proxy-Origin: 37.120.205.147; 37.120.205.147; 555.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid: 388ca283-7a52-48f1-a26c-94c7e2f42ae3
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D4362616
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/enterprise/ Frame C81A 40 KB
20 KB 83ms
51ms Document
text/html 2607:f8b0:4006:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9ibG9nLmZyYXVkZmlnaHRlci5jb206NDQz&hl=en&v=VZKEDW9wslPbEc9RmzMqaOAP&size=invisible&badge=inline&cb=9n953v5cdue4

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

68e65e6d4e65b7e8de6bbee06aae3dd54b154eb5ce180c46882e4169f77e9a28

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-lCPNMFdgB4a9ZULFdJBuJw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 28 Dec 2021 23:48:22 GMT
content-security-policy: script-src 'report-sample' 'nonce-lCPNMFdgB4a9ZULFdJBuJw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 20870
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 counters.gif
perf.hsforms.com/embed/v3/ 35 B
518 B 84ms
70ms Image
image/gif 2606:4700::6810:5905
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf.hsforms.com/embed/v3/counters.gif?key=forms-next-recaptcha-viewed&count=1&portalId=76574

Requested by

Host: blog.fraudfighter.com
URL: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5905 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 23:48:22 GMT
vary: Accept-Encoding
cf-cache-status: MISS
x-hubspot-correlation-id: 3ded2934-c1e6-44f9-a07f-f72fc9f28d45
cf-ray: 6c4eadd649e94bb9-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 35
last-modified: Tue, 28 Dec 2021 23:48:22 GMT
server: cloudflare
x-trace: 2B81966648A75705B566FEFB210D48BCB97EC7BDFC000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
accept-ranges: bytes
x-robots-tag: none

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/ Frame C81A 51 KB
24 KB 48ms
21ms Stylesheet
text/css 2607:f8b0:4006:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9ibG9nLmZyYXVkZmlnaHRlci5jb206NDQz&hl=en&v=VZKEDW9wslPbEc9RmzMqaOAP&size=invisible&badge=inline&cb=9n953v5cdue4

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1ac5bc2d2f0c446b2d5bc135db7414a2662ade7b701bc199456d05f51bfc261

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 06:38:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 148208
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24152
x-xss-protection: 0
last-modified: Mon, 13 Dec 2021 05:04:24 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Tue, 27 Dec 2022 06:38:14 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/ Frame C81A 344 KB
134 KB 48ms
21ms Script
text/javascript 2607:f8b0:4006:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de40f8e9a13821460fad3250442ee45458a1073661d67758f325b3a354995dd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 19:04:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17042
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 137533
x-xss-protection: 0
last-modified: Mon, 13 Dec 2021 05:04:24 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Wed, 28 Dec 2022 19:04:20 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame C81A 2 KB
2 KB 25ms
24ms Image
image/png 2607:f8b0:4006:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 17:24:45 GMT
x-content-type-options: nosniff
age: 455017
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Thu, 30 Dec 2021 17:24:45 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame C81A 15 KB
15 KB 83ms
40ms Font
font/woff2 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 15:59:51 GMT
x-content-type-options: nosniff
age: 28111
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 28 Dec 2022 15:59:51 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame C81A 15 KB
15 KB 85ms
43ms Font
font/woff2 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 24 Dec 2021 12:21:15 GMT
x-content-type-options: nosniff
age: 386827
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 24 Dec 2022 12:21:15 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/enterprise/ Frame C81A 102 B
134 B 42ms
41ms Other
text/javascript 2607:f8b0:4006:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/webworker.js?hl=en&v=VZKEDW9wslPbEc9RmzMqaOAP

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6bfc7f035838df33c0b927be3bc8d8a59d6f055658945c9a17eee1c0d09fb972

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9ibG9nLmZyYXVkZmlnaHRlci5jb206NDQz&hl=en&v=VZKEDW9wslPbEc9RmzMqaOAP&size=invisible&badge=inline&cb=9n953v5cdue4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 23:48:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Tue, 28 Dec 2021 23:48:22 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/enterprise/ Frame BAF4 7 KB
1 KB 41ms
41ms Document
text/html 2607:f8b0:4006:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=VZKEDW9wslPbEc9RmzMqaOAP&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4ab4860adb8d837637cb31d19cea9e7f6b62e8ff6f6514d47eb18609429cf52b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-JWlSvu6vmKEkBKOrKGbbOw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 28 Dec 2021 23:48:22 GMT
content-security-policy: script-src 'report-sample' 'nonce-JWlSvu6vmKEkBKOrKGbbOw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1116
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/ Frame BAF4 51 KB
24 KB 20ms
20ms Stylesheet
text/css 2607:f8b0:4006:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=VZKEDW9wslPbEc9RmzMqaOAP&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1ac5bc2d2f0c446b2d5bc135db7414a2662ade7b701bc199456d05f51bfc261

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 06:38:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 148208
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24152
x-xss-protection: 0
last-modified: Mon, 13 Dec 2021 05:04:24 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Tue, 27 Dec 2022 06:38:14 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/ Frame BAF4 344 KB
134 KB 21ms
21ms Script
text/javascript 2607:f8b0:4006:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=VZKEDW9wslPbEc9RmzMqaOAP&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de40f8e9a13821460fad3250442ee45458a1073661d67758f325b3a354995dd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 19:04:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17042
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 137533
x-xss-protection: 0
last-modified: Mon, 13 Dec 2021 05:04:24 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Wed, 28 Dec 2022 19:04:20 GMT

GET
H3 200 counters.gif
perf.hsforms.com/embed/v3/ 35 B
482 B 82ms
82ms Image
image/gif 2606:4700::6810:5905
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf.hsforms.com/embed/v3/counters.gif?key=cta-with-analytics&value=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5905 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 23:48:22 GMT
vary: Accept-Encoding
cf-cache-status: MISS
x-hubspot-correlation-id: 443d63d2-5246-455d-ba2a-9500b0af55cc
cf-ray: 6c4eadd8dca14bb9-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 35
last-modified: Tue, 28 Dec 2021 23:48:22 GMT
server: cloudflare
x-trace: 2BC94C4EF4A5C623ABE90B77FD1CFC779C5236A1B9000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
accept-ranges: bytes
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
390 B 73ms
59ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=12&aij=%5B%2215b08b2c-e504-40fb-93fa-7f029ace9568%22%2C%22d3a99149-c77c-4d26-83f9-1e1c40171cff%22%5D&rfc=8&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1433769858&v=1.1&a=76574&pi=42654121989&ct=blog-post&ccu=https%3A%2F%2Fblog.fraudfighter.com%2Fwhen-do-we-return-to-the-bad-old-days-of-normal-fraud&cpi=42654121989&cgi=442513759&lpi=42654121989&lvi=42654121989&lvc=en-us&r=https%3A%2F%2Fwww.fraudfightermail.net%2F&pu=https%3A%2F%2Fblog.fraudfighter.com%2Fwhen-do-we-return-to-the-bad-old-days-of-normal-fraud%3Fsid%3D1386007%26rID%3D30026110&t=When%C2%A0do+we%C2%A0return+to%C2%A0the+bad-old-days+of%C2%A0normal%C2%A0fraud%3F&cts=1640735302527&vi=dcdb22a443331c21df84a184b99e24d8&nc=true&ce=false&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 23:48:22 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 62f9ac4c-7fe7-47fd-a26d-ce0c3e2716bf
cf-ray: 6c4eadd8fcbb4bb9-YUL
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sqxBJCgGJP68tY9mYRD5oQ8xKjs7Ay1VEoufyty%2Bx1ty0aEhO5ML0uG1mzDYO%2BI78SfRYz81ipO5rMkvWuYdLHOJ3FLDcqtD5WAYsPY8NH9Dl3f%2F9pYBUcvOxLVuvsyj7yVwk5q6j8yZbpJJz2Jp"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
593 B 70ms
57ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=12&aij=%5B%2299f422fc-e5f0-46af-9488-5b6bbe77a215%22%2C%22ffbeadba-68cf-4100-99f2-fbb7129cf2fb%22%5D&rfc=8&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1433769858&v=1.1&a=76574&pi=42654121989&ct=blog-post&ccu=https%3A%2F%2Fblog.fraudfighter.com%2Fwhen-do-we-return-to-the-bad-old-days-of-normal-fraud&cpi=42654121989&cgi=442513759&lpi=42654121989&lvi=42654121989&lvc=en-us&r=https%3A%2F%2Fwww.fraudfightermail.net%2F&pu=https%3A%2F%2Fblog.fraudfighter.com%2Fwhen-do-we-return-to-the-bad-old-days-of-normal-fraud%3Fsid%3D1386007%26rID%3D30026110&t=When%C2%A0do+we%C2%A0return+to%C2%A0the+bad-old-days+of%C2%A0normal%C2%A0fraud%3F&cts=1640735302528&vi=dcdb22a443331c21df84a184b99e24d8&nc=true&ce=false&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 23:48:22 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: e4a35f73-13db-439c-86e6-6d875da0f477
cf-ray: 6c4eadd8fcb94bb9-YUL
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fx4my1yr6rd0xmMo3Okx61TTArSsDvAEMXd5MhLigustvzrmFpbj7DxQT8qpXkQc1A2rmpSYB%2BBFp7lxn3occCWuLbUoC%2FbrUbgG10FJ4MVLFqT9xeYXyYRqkWre1T3QIqo%2FtNrDxHE9pmjDdR3l"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
360 B 74ms
61ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=fb17fa63-182c-4212-bf52-d7126330389e&fci=73a567ff-9194-4af9-9c58-e457246a0e31&ft=4&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1433769858&v=1.1&a=76574&pi=42654121989&ct=blog-post&ccu=https%3A%2F%2Fblog.fraudfighter.com%2Fwhen-do-we-return-to-the-bad-old-days-of-normal-fraud&cpi=42654121989&cgi=442513759&lpi=42654121989&lvi=42654121989&lvc=en-us&r=https%3A%2F%2Fwww.fraudfightermail.net%2F&pu=https%3A%2F%2Fblog.fraudfighter.com%2Fwhen-do-we-return-to-the-bad-old-days-of-normal-fraud%3Fsid%3D1386007%26rID%3D30026110&t=When%C2%A0do+we%C2%A0return+to%C2%A0the+bad-old-days+of%C2%A0normal%C2%A0fraud%3F&cts=1640735302532&vi=dcdb22a443331c21df84a184b99e24d8&nc=true&ce=false&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 23:48:22 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: e89f36b1-160c-422a-874e-85bde8a43bf3
cf-ray: 6c4eadd8fcb64bb9-YUL
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9IPS%2F2swodb9ETl62XTpMeJTxKx741DW4Xk26H3%2FlfhapLMxWXco33aNn8pTs11jlMHl6Diwrxh%2B6cQ54wDBZLPttzdhWZvROTAJ8bJbdG7KCL%2BjS%2BkFRIdZG5C6E9iWCVXeVssIz0SDSB2rRUKt"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
468 B 64ms
52ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1433769858&v=1.1&a=76574&pi=42654121989&ct=blog-post&ccu=https%3A%2F%2Fblog.fraudfighter.com%2Fwhen-do-we-return-to-the-bad-old-days-of-normal-fraud&cpi=42654121989&cgi=442513759&lpi=42654121989&lvi=42654121989&lvc=en-us&r=https%3A%2F%2Fwww.fraudfightermail.net%2F&pu=https%3A%2F%2Fblog.fraudfighter.com%2Fwhen-do-we-return-to-the-bad-old-days-of-normal-fraud%3Fsid%3D1386007%26rID%3D30026110&t=When%C2%A0do+we%C2%A0return+to%C2%A0the+bad-old-days+of%C2%A0normal%C2%A0fraud%3F&cts=1640735302533&vi=dcdb22a443331c21df84a184b99e24d8&nc=true&ce=false&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 23:48:22 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 272f01ac-6818-409a-b379-3c0849130245
cf-ray: 6c4eadd8fcba4bb9-YUL
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b%2FpwC3AnVV%2FC6H8xL1QKxr9Uc7pPn1lTWNn%2BuKZBkxSfe%2B%2F7kFBMx1Uu7Vn%2BVl1ZXNXnn2ACRubZfhV6jEuzMLNuEgYpAbPLD7FbtqObQZRZTMMwDwtQYZF4MMjrL%2F5QB3g2wpKOaIG1WW2v%2FLsw"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 67ms
19ms Script
text/javascript 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: blog.fraudfighter.com
URL: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4043
date: Tue, 28 Dec 2021 22:40:59 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 29 Dec 2021 00:40:59 GMT

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixel/ 68 B
949 B 101ms
64ms XHR
application/json 2606:4700::6811:c9cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixel/json?portalId=76574

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:c9cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a93b2897558da0e8da7aa3185dcef5d150330efb9326643ba8b1f09e91a5cd77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 23:48:22 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 8fc6b524-cd7d-4200-b8d6-87d25fef5cc7
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare
x-trace: 2BB3AADC4249D8B6A94F302D9C4FA1022DDA05ED65000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W%2Fju7UVAsEfi4L0XqUZOlYVSGQe2bSKnY%2FIuOPsX46CerAxLf4Lv5TxUr0YE%2Fgdf5N3OgV305NrCHcvy%2BdlOXxWFogy1LrZYsGf9Jrvk1PT3xjTnmswM6nKR%2Bfo4z084BujEInsngUAwbQGz"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://blog.fraudfighter.com
access-control-allow-credentials: false
cf-ray: 6c4eadd919107150-YUL
access-control-allow-headers: *

POST
H2 200 mput Show response
pipedream.wistia.com/ 2 B
136 B 97ms
27ms XHR
text/plain 52.23.190.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pipedream.wistia.com/mput?topic=metrics
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/static/integrations-hubspot-v1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.23.190.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-23-190-53.compute-1.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Tue, 28 Dec 2021 23:48:22 GMT
content-length: 2
access-control-allow-methods: POST, OPTIONS
content-type: text/plain; charset=utf-8

POST
H3 200 reload Show response
www.google.com/recaptcha/enterprise/ Frame BAF4 36 KB
21 KB 67ms
66ms XHR
application/json 2607:f8b0:4006:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/reload?k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

64166471cb53acf1650fd76874750e5ba79fde6a4810f831a1c205d1d1a6cd95

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=VZKEDW9wslPbEc9RmzMqaOAP&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Tue, 28 Dec 2021 23:48:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21898
x-xss-protection: 1; mode=block
expires: Tue, 28 Dec 2021 23:48:22 GMT

GET
H2 200 json Show response
forms.hubspot.com/lead-flows-config/v1/config/ 167 B
1 KB 104ms
60ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=76574&utk=dcdb22a443331c21df84a184b99e24d8&__hstc=184335545.dcdb22a443331c21df84a184b99e24d8.1640735302523.1640735302523.1640735302523.1&__hssc=184335545.1.1640735302523&referrer=https%3A%2F%2Fwww.fraudfightermail.net%2F&contentId=42654121989&currentUrl=https%3A%2F%2Fblog.fraudfighter.com%2Fwhen-do-we-return-to-the-bad-old-days-of-normal-fraud%3Fsid%3D1386007%26rID%3D30026110

Requested by

Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78f5f7aff35d22945e0f6b82bd22d5d5e22dcaa1570006387fce950d40dd83f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 23:48:22 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 80315d5e-d96d-482b-86c4-a00b3bc41ea5
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-robots-tag: none
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I3okuTbEXAOeMclYp9FBhsIWySBP0sI5hV6kUtVE7cWr5uSz0Xx6s3QK9AmZAhiI0%2FeQQ1lPRwtb4jklSekaqC0qkh%2BE8nSQWf%2FxBifj6mqVWu4Fx8HCkULU3bW53v1lW%2Fu%2BITHlegkyRd3q1W9u"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://blog.fraudfighter.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
cf-ray: 6c4eadd97d324bbe-YUL
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 59ms
32ms XHR
text/plain 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1569128262&t=pageview&_s=1&dl=https%3A%2F%2Fblog.fraudfighter.com%2Fwhen-do-we-return-to-the-bad-old-days-of-normal-fraud%3Fsid%3D1386007%26rID%3D30026110&dr=https%3A%2F%2Fwww.fraudfightermail.net%2F&ul=en-us&de=UTF-8&dt=When%C2%A0do%20we%C2%A0return%20to%C2%A0the%20bad-old-days%20of%C2%A0normal%C2%A0fraud%3F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=126422343&gjid=755928302&cid=230156695.1640735303&tid=UA-1253696-1&_gid=1936786067.1640735303&_r=1&_slc=1&z=1839895681

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 23:48:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.fraudfighter.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame BAF4 600 B
624 B 30ms
29ms Image
image/png 2607:f8b0:4006:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/refresh_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 15:24:30 GMT
x-content-type-options: nosniff
age: 462232
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 600
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Thu, 30 Dec 2021 15:24:30 GMT

GET
H3 200 audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame BAF4 530 B
554 B 31ms
30ms Image
image/png 2607:f8b0:4006:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/audio_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 01:09:05 GMT
x-content-type-options: nosniff
age: 340757
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 530
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Sat, 01 Jan 2022 01:09:05 GMT

GET
H3 200 info_2x.png
www.gstatic.com/recaptcha/api2/ Frame BAF4 665 B
689 B 32ms
32ms Image
image/png 2607:f8b0:4006:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/info_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 16:25:16 GMT
x-content-type-options: nosniff
age: 285786
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 665
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Sat, 01 Jan 2022 16:25:16 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame BAF4 15 KB
15 KB 34ms
33ms Font
font/woff2 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 15:59:51 GMT
x-content-type-options: nosniff
age: 28111
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 28 Dec 2022 15:59:51 GMT

GET
H3 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame BAF4 15 KB
15 KB 43ms
42ms Font
font/woff2 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 19:14:26 GMT
x-content-type-options: nosniff
age: 275636
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15340
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sun, 25 Dec 2022 19:14:26 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame BAF4 15 KB
15 KB 34ms
33ms Font
font/woff2 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 24 Dec 2021 12:21:15 GMT
x-content-type-options: nosniff
age: 386827
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 24 Dec 2022 12:21:15 GMT

GET
H3 200 payload
www.google.com/recaptcha/enterprise/ Frame BAF4 24 KB
24 KB 43ms
40ms Image
image/jpeg 2607:f8b0:4006:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/recaptcha/enterprise/payload?p=06AGdBq27NgEKmjmHVz3tYVxreNUQCfYFqX4kwttx3ytKAp6W0TXRonVCgw06OcH5x0Qwg8r_imkqUhViVprxhgFrtHUxAL6adkq5mYmIONdUQHvS5-fAN7sPf0ECmpt6DBlau0A3f7pmPQEfwYXoygVvbW2ulE6uUyB9irVQUaGfgXAnnJAkxYgLH96mH3-m7dJMHdmmHENXBagPwKL6SCRhuyHtxaEqADw&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

723f29828ad46537f76ddf5d895f5c61ac74981742cc120ff7601396afff780d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=VZKEDW9wslPbEc9RmzMqaOAP&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 23:48:22 GMT
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: private, max-age=30
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24911
x-xss-protection: 1; mode=block
expires: Tue, 28 Dec 2021 23:48:22 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
39 KB 63ms
37ms Script
application/javascript 2607:f8b0:4006:822::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1071859702

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

628eb1b14960abe7c9d9c7cc3d4bac0477fdd6d254a4f09ba297231cda90d608

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 23:48:22 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39600
x-xss-protection: 0
last-modified: Tue, 28 Dec 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 28 Dec 2021 23:48:22 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
39 KB 63ms
38ms Script
application/javascript 2607:f8b0:4006:822::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1071859702&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-CONVERSION_ID

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

957028a313ea06e56e875528e01f31dc7998a9603e8c04c1d7187f40ab2e52d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 23:48:22 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39602
x-xss-protection: 0
last-modified: Tue, 28 Dec 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 28 Dec 2021 23:48:22 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
446 B 142ms
59ms XHR
text/plain 2607:f8b0:4023:1404::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-1253696-1&cid=230156695.1640735303&jid=126422343&gjid=755928302&_gid=1936786067.1640735303&_u=IEBAAEAAAAAAAC~&z=476493422

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1404::9c Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 28 Dec 2021 23:48:22 GMT
content-type: text/plain
access-control-allow-origin: https://blog.fraudfighter.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 37 KB
14 KB 76ms
75ms Script
text/javascript 142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1071859702&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

cafe /

Resource Hash

7317a02358b2b617ba0934b570c313ee76f29176c4821a9a5fd1656413e5f41b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 23:48:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14333
x-xss-protection: 0
server: cafe
etag: 8469929769973419123
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 28 Dec 2021 23:48:22 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 36ms
35ms Image
image/gif 2607:f8b0:4006:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-1253696-1&cid=230156695.1640735303&jid=126422343&_u=IEBAAEAAAAAAAC~&z=1681508778

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 23:48:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.ca/ads/ 42 B
63 B 68ms
40ms Image
image/gif 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-1253696-1&cid=230156695.1640735303&jid=126422343&_u=IEBAAEAAAAAAAC~&z=1681508778

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 23:48:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1071859702/ 3 KB
1 KB 72ms
40ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1071859702/?random=1640735302860&cv=9&fst=1640735302860&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.fraudfighter.com%2Fwhen-do-we-return-to-the-bad-old-days-of-normal-fraud%3Fsid%3D1386007%26rID%3D30026110&ref=https%3A%2F%2Fwww.fraudfightermail.net%2F&tiba=When%C2%A0do%20we%C2%A0return%20to%C2%A0the%20bad-old-days%20of%C2%A0normal%C2%A0fraud%3F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ff3be42dcaa4eab98c04ebbf66ae0c7cc070b2a15c8faa821c360662ee519b9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 23:48:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1131
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/1071859702/ 42 B
64 B 38ms
37ms Image
image/gif 2607:f8b0:4006:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1071859702/?random=1640735302860&cv=9&fst=1640732400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.fraudfighter.com%2Fwhen-do-we-return-to-the-bad-old-days-of-normal-fraud%3Fsid%3D1386007%26rID%3D30026110&ref=https%3A%2F%2Fwww.fraudfightermail.net%2F&tiba=When%C2%A0do%20we%C2%A0return%20to%C2%A0the%20bad-old-days%20of%C2%A0normal%C2%A0fraud%3F&async=1&fmt=3&is_vtc=1&random=3654357223&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 23:48:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.ca/pagead/1p-user-list/1071859702/ 42 B
64 B 46ms
46ms Image
image/gif 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/1071859702/?random=1640735302860&cv=9&fst=1640732400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.fraudfighter.com%2Fwhen-do-we-return-to-the-bad-old-days-of-normal-fraud%3Fsid%3D1386007%26rID%3D30026110&ref=https%3A%2F%2Fwww.fraudfightermail.net%2F&tiba=When%C2%A0do%20we%C2%A0return%20to%C2%A0the%20bad-old-days%20of%C2%A0normal%C2%A0fraud%3F&async=1&fmt=3&is_vtc=1&random=3654357223&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 23:48:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 perf Show response
blog.fraudfighter.com/_hcms/ 2 B
449 B 71ms
71ms XHR
text/plain 2606:2c40::c73c:6702
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.fraudfighter.com/_hcms/perf
Requested by: Host: blog.fraudfighter.com
URL: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://blog.fraudfighter.com/when-do-we-return-to-the-bad-old-days-of-normal-fraud?sid=1386007&rID=30026110
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type: application/json

Response headers

cf-ray: 6c4eadeb89fe7144-YUL
date: Tue, 28 Dec 2021 23:48:25 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-hubspot-correlation-id: edf027e4-73ef-4602-b9b3-8a8a2a365e61
x-trace: 2B96EBA8293968BE665702F6E3B109C9E7F2D976C6000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kBDcYJrQbB8IlP1SYn1Z2GYZLBt9C9%2BPqq3rMkTeMlpbJh8e4Yzx6JhGFLam1AK8y1kdEcWdJ2RnclJQzA1FrOtxjAgHDczObh0bBeUtiwQfUar6G5pX2LKxHslCnU0%2FjTm2BC6gfJyml7vY7lCzBVaCDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
access-control-allow-credentials: false
x-robots-tag: none
content-length: 2

Verdicts & Comments Add Verdict or Comment

153 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 04:04:47	Name: _GRECAPTCHA Value: 09ABBMTcNRWJnhVP8AH2cVsJAYkuzZGvZsTkjiv5Qx-HTyFLEFLe_bNOFxelkJ87HSdwI435Tn8G2JSMaQurm3He4
www.fraudfightermail.net/	1969-12-31 23:59:59	Name: ASPSESSIONIDAURSADST Value: LILMHDBBLMFNJLJJHGDOOPMD
.blog.fraudfighter.com/	1969-12-31 23:59:59	Name: __cfruid Value: 6ad37a28539e76b784934fc90c48e815af2522d2-1640735301
blog.fraudfighter.com/	1970-01-23 07:27:50	Name: lfuuid Value: 55cece7d-29c2-40ea-9237-177628557ff4-c198388-sw1600-sh1200-ms1640735301424-r8852761
.fraudfighter.com/	1970-01-20 01:55:11	Name: _gcl_au Value: 1.1.6971066.1640735302
.hubspot.com/	1970-01-19 23:45:37	Name: __cf_bm Value: 3TmiLrB0PQ3XGludLbwMcrfefNqfYKVmcrKV9sXz9J4-1640735301-0-AYn5rsdp2ql09pT5YpNJ/YnrYxbIli0wBkXlHe8iehEocgzWrdbTl8oxdnjcmojNW3D9a0Nw6J1b4HmbakUflJg=
.prfct.co/	1970-01-20 17:16:47	Name: pa_uid Value: pa_NgTofLDTBPNADhD8w
.prfct.co/	1970-01-20 17:16:47	Name: pa_twitter_ts Value: 1640735302017
.prfct.co/	1970-01-20 17:16:47	Name: pa_yahoo_ts Value: 1640735302045
.adnxs.com/	1970-01-20 01:55:11	Name: uuid2 Value: 2975481957293199305
.prfct.co/	1970-01-20 17:16:47	Name: pa_openx_ts Value: 1640735302060
.prfct.co/	1970-01-20 17:16:47	Name: pa_rubicon_ts Value: 1640735302063
.prfct.co/	1970-01-20 17:16:47	Name: pa_google_ts Value: 1640735302065
.adnxs.com/	1970-01-20 01:55:11	Name: anj Value: dTM7k!M4/8CxrEQF']wIg2HbZL%=f_!1yIE'Yg-$0y=/d!!')N$RTog
.openx.net/	1970-01-20 08:31:11	Name: i Value: 86ca9168-cc76-4a7e-9f0e-e945a7b6e74c\|1640735302
.yahoo.com/	1970-01-20 08:31:32	Name: A3 Value: d=AQABBEaiy2ECENDvTdTe2h7eVaPLk2jFCw0FEgEBAQHzzGHVYQAAAAAA_eMAAA&S=AQAAAkkz2Hv1t1Y6p3PfTDWvBaI
.doubleclick.net/	1970-01-20 17:16:47	Name: IDE Value: AHWqTUlxGUJWpoKICe6IrT20jBlwwGtyQm1xvke8B_HYkwXbetDiqI1o9cK-jYRDF2s
.analytics.yahoo.com/	1970-01-20 08:32:37	Name: IDSYNC Value: 18z4~22cn
.rubiconproject.com/	1970-01-20 08:31:11	Name: khaos Value: KXQRFPKO-1W-DC69
.rubiconproject.com/	1970-01-20 08:31:11	Name: audit Value: 1\|prm1NUjbGVVuPDjkLMeodTiaDMvR64WJejGf+ayHfR+B+d55h43RBk/h++4h2ovjOOFyA/wHHLSM1KxoLazIt7wcSxV5yjQqXQ4+q/PRwAvsuzotweO7hvk/LODV/VhdmjpQyQe1dTELx4hP65HrygUP/Kq3Et3BR9e56vpx9sjQD5U7tEfUTQ==
.twitter.com/	1970-01-20 17:16:47	Name: personalization_id Value: "v1_a3dQhrhXQch35CqCuaKBEA=="
.fraudfighter.com/	1970-01-20 09:07:11	Name: __hstc Value: 184335545.dcdb22a443331c21df84a184b99e24d8.1640735302523.1640735302523.1640735302523.1
.fraudfighter.com/	1970-01-20 09:07:11	Name: hubspotutk Value: dcdb22a443331c21df84a184b99e24d8
.fraudfighter.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.fraudfighter.com/	1970-01-19 23:45:37	Name: __hssc Value: 184335545.1.1640735302523
.fraudfighter.com/	1970-01-20 17:16:47	Name: _ga Value: GA1.2.230156695.1640735303
.fraudfighter.com/	1970-01-19 23:47:01	Name: _gid Value: GA1.2.1936786067.1640735303
.fraudfighter.com/	1970-01-19 23:45:35	Name: _gat Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
analytics.twitter.com
api-na1.hubapi.com
api.hubapi.com
app.hubspot.com
avatars.hubspot.net
blog.fraudfighter.com
cm.g.doubleclick.net
connect.facebook.net
cta-service-cms2.hubspot.com
f.hubspotusercontent20.net
fast.wistia.com
fonts.googleapis.com
fonts.gstatic.com
forms.hubspot.com
googleads.g.doubleclick.net
js.hs-analytics.net
js.hs-banner.com
js.hsadspixel.net
js.hsleadflows.net
no-cache.hubspot.com
perf.hsforms.com
pipedream.wistia.com
pixel-geo.prfct.co
pixel.rubiconproject.com
platform.linkedin.com
platform.twitter.com
secure.adnxs.com
secure.hall3hook.com
software.clickback.com
stats.g.doubleclick.net
syndication.twitter.com
tag.marinsm.com
track.hubspot.com
ups.analytics.yahoo.com
us-u.openx.net
www.fraudfightermail.net
www.google-analytics.com
www.google.ca
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
104.244.42.131
104.244.42.200
142.250.65.226
142.250.80.66
148.59.128.120
148.59.128.71
151.101.0.65
2606:2800:21f:edfc:49f9:c096:a5a7:75f2
2606:2800:220:de:468:2285:c1:4a3
2606:2c40::c73c:6702
2606:4700::6810:5905
2606:4700::6810:ba72
2606:4700::6811:47b0
2606:4700::6811:74b0
2606:4700::6811:c9cc
2606:4700::6811:cccc
2606:4700::6811:eacc
2606:4700::6811:f1cc
2606:4700::6812:15bf
2606:4700::6813:9a53
2606:4700::6813:9b53
2607:f8b0:4006:807::2004
2607:f8b0:4006:80b::2003
2607:f8b0:4006:80c::200a
2607:f8b0:4006:80d::2002
2607:f8b0:4006:81d::200a
2607:f8b0:4006:81e::2003
2607:f8b0:4006:81f::200e
2607:f8b0:4006:822::2008
2607:f8b0:4006:823::2003
2607:f8b0:4023:1404::9c
2a03:2880:f012:8:face:b00c:0:1
2a04:4e42:400::622
34.98.64.218
40.78.102.238
52.23.190.53
52.45.33.138
52.6.52.44
68.67.181.202
8.43.72.98
043cfebfa4ec302e0368eadbae54853a5b6caff633b3d1e02a32f2cd2f71e1fd
05047e12878d3add3236728f725f460b973c54616a9cf391273d01791d06a9f7
061dd1f8e2ad66edce1af343fd19163b17ea1e34e213e8b9fd90e838ce8eff93
0e2f67cb6a0819ac8b9d05f033405404db6b375e2b0c41415732cd70cd6c73c5
13345c70af090d27a3e860deaf5c4b4dbbdcc04282dccbc1a35ff92836414a5a
139ef45414de3cfdd6f9f835e1c6c823e272077d681e1f7002ad2337adfe763e
17afb78bd2b73c4010b358da89f5403625ac707dfcbc8f8e4e27b9a3bb51197a
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c9c25dd851a7543634a1f2e9f83f69584b118d0851bebca621314db90560a26
1de48ca333e7ed7ea263055100dad7bb8ced7fe44d59831ccd49fe8b7155d0b6
210492ea6311d6d2000507d5a4d4847c45033aa269e2fe7fae4e9cbd21502ccf
2668945b573de2e6a14c00d217a90591eb0a0a4d3508b9bb32183a934c219a98
2816082c025f64540b613fde3096d814ae21ac75279461ec1d6bcb5c07099fdd
30c7c639fd48a0186026f900282a3b92893c32043019a5efb0ddf7e0805e296f
35717662476b8860cad0880b7a1da6a0c0f3fbfb619935cb9924838eac75b4c7
38209245677af32c14c5afb4c241af38bf349b75150f1afca8230f2757e82b2e
3c3b64c4dbde7483c980b04b7fa19d1c12b44fefb261af65cb07ae437fe6cc0e
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
40a6a129b104c170217739cda797cc6a9aa0e21a19a0de30e6645cb8784490bf
43d4aed1e04888d50cdc4b5c5950a9821927de85bf03262c5b8c937756d08c58
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
4ab4860adb8d837637cb31d19cea9e7f6b62e8ff6f6514d47eb18609429cf52b
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
53314e26abc9c20c032c5b9f9346b7c6dabb9f93eea7ef64610dac7362df2958
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5d9bc6dec214e0ac4562af8a3854d2d46772e46e66806ab6aed8ba22d833d0dd
5e62e9d66b785bac35a0a6269c2ce4f0fe0c926344b6df9da5b38a949bd0fe5c
624c52b109cc96f687bda4995a863ad9e97cde51e7f18b6eb0d04b8be6db2a5e
628eb1b14960abe7c9d9c7cc3d4bac0477fdd6d254a4f09ba297231cda90d608
64166471cb53acf1650fd76874750e5ba79fde6a4810f831a1c205d1d1a6cd95
65352bf8841e0d3abd012542469e35861e67d5076992850e3708d7791d7bda0b
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
68e65e6d4e65b7e8de6bbee06aae3dd54b154eb5ce180c46882e4169f77e9a28
6986db0e9b9884574d7ef57c2d4e27b2df248fc81f1ef5e4133af1160f9925c3
6aca30318a958c8e4682ad5be497e3169863683b6b8d3491520447aa9ccb73b2
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6bfc7f035838df33c0b927be3bc8d8a59d6f055658945c9a17eee1c0d09fb972
7190acb07092f880526b33b21717f8516019973e6bb1d615c1e026f1c5a4a7e1
723f29828ad46537f76ddf5d895f5c61ac74981742cc120ff7601396afff780d
7317a02358b2b617ba0934b570c313ee76f29176c4821a9a5fd1656413e5f41b
78f5f7aff35d22945e0f6b82bd22d5d5e22dcaa1570006387fce950d40dd83f6
7a6a362fdda222c7db89716a43b8399aa49fb578c2c4fef6331c661c1bddaf25
7fbb7d0e3338e89ebead71b921eb04443793b56bbdd434e2e5cf58ecf5991b96
827632f426e0c0290d86b5d5879957643ea945f72644b7924f2c7d4476dd3ce9
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02
9194059997d722ec01e41980dffbff03ebe00808b1cdd164a7fd18a561bc312a
947c2f6f0e6762a16392002d723036a25aa88655e807b3c519c8fb21deeda917
957028a313ea06e56e875528e01f31dc7998a9603e8c04c1d7187f40ab2e52d0
97719c71e44494e537beba8d51c6bb268a34dcd867fdefc431229225ca734b46
98c7b48b806c0c4b059bdd8fca49716aac5f5701f3662fcee8316cb8d8c2b603
98d9da36eb33d8171372b4bd51d5e6e0c018ae3eddb24dd2b23fae44aae01e4f
9e7cea768f47ae3a1746cbb1030d5e773dd5b38892c49b1dd88e9656e0bd4018
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a6340ccf31c4c390375a5d8cfba87d219e27e19752579534c9e8314740b4e20a
a93b2897558da0e8da7aa3185dcef5d150330efb9326643ba8b1f09e91a5cd77
a9f594df637738a058ba8762605b5e41af3442363df95d698fc50f9e31badc13
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ada879c9222b241c6198d57c379198d8fdec997caa292dcc520f9fa24295611f
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
bb54934c45f4c74ce2c3d2cc7b8b08b49b5c75d1dc0a64dd5071bf2b452c69ea
bb818836a70f7da289ce43e670611da138b71cb3fffedec4297b103ef85d10e9
c1219785374752ce40e9954f8ce61716228769d7679ebecd7a82d77c272b7464
c2f9fedbd4a344bf422418eaa6a8e6a4e5081875a09837ef99d437563aaa8964
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
ca56287bb2c937e0df8bc761a1b5b2b1d90184eefb3e0e90283beb0fe6f80b9f
cce577471c2586f3e0c2518fff84a970d33f61491fb8c629341b86f238cf07c0
cf192d230a1cbfc9b5a4f59aa5a15f18e450792043cfc3820ce395152e92b155
d04a65134e3bb4f9e8f5b6f4f9b052a24c114e42aebce2216f7d8d65b8c93637
d1462ee824fc3172a7c7fb70f6f2276fa6be8bcffaa9eea71ef529c94eb56124
dadcb61725f4f875aee4816ce3eafd8d1b544a5350796e5e875e62ae9cdf6172
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dc123b8c2478f39918c42e034a51ad1097e2ecab81ab64ae7d684dd71f1128ca
de40f8e9a13821460fad3250442ee45458a1073661d67758f325b3a354995dd3
e3a8b7336bec502f846c8101cd4b1a751bdbf3d3fff3949949462517f27e1cec
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3febd11da2d083ff7ff6a7732c83bc5d2a747a09ef72fcb4fb744eb01ae5e84
ed92c951c39983af4f5fac78a5bab4c390b3faf7c46e2a35256ee38f5443ffa2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0122e600a543be699b6cdcefcdb81288a9f206b79592a7b61191abbc5b653d9
f1ac5bc2d2f0c446b2d5bc135db7414a2662ade7b701bc199456d05f51bfc261
f3d6e7c84e2afedeb10818be1ba71a1b8d73b5d0046c3a44047865ae65f35f89
f44a0999dce72299487d3cb56bdfbb90e3f82dd9e501d37a82deec19b482d8ad
f5fe1c575ed4c8cb5dc3c1fe6118010fc15f07a84ce9d1a7fc3b469299984bee
f768823ecbfb0bc9a38984681b7a9a52254c52d50bdad0316812e870533a89d2
f78b58df5ef0e99f170c595a2356eca920adba3a904963d4b1642be7aa3c9cca
ff3be42dcaa4eab98c04ebbf66ae0c7cc070b2a15c8faa821c360662ee519b9d

blog.fraudfighter.com Open in urlscan Pro 2606:2c40::c73c:6702 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

124 Requests

92 %HTTPS

65 %IPv6

31 Domains

43 Subdomains

39 IPs

2 Countries

2193 kBTransfer

5581 kBSize

28 Cookies

82 Outgoing links

Page URL History

Redirected requests

124 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

blog.fraudfighter.com Open in urlscan Pro
2606:2c40::c73c:6702 Public Scan

Screenshot
Live screenshot

Full Image

124
Requests

92 %
HTTPS

65 %
IPv6

31
Domains

43
Subdomains

39
IPs

2
Countries

2193 kB
Transfer

5581 kB
Size

28
Cookies

124 HTTP transactions
0 data transactions