urlscan.io logo urlscan.io
SecurityTrails logo

digroup-us.com Open in urlscan Pro
2a06:98c1:3120::c  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://aplr.ink/r?i=diligenceinternational&r=abrqre5tlzvk6mrrw4agayypvikrsnuognc2jiyvmv3g63dwnfxgollmnftgkljsgyw...
Effective URL: https://digroup-us.com/blog/evolving-life-and-health-fraud-scheme?apcid=00630893b35e6aaf3231b700&utm_campaign=evolving-...
Submission: On August 31 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 3 countries across 14 domains to perform 51 HTTP transactions. The main IP is 2a06:98c1:3120::c, located in United States and belongs to CLOUDFLARENET, US. The main domain is digroup-us.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on December 2nd 2021. Valid for: a year.
This is the only time digroup-us.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 3.134.45.95 16509 (AMAZON-02)
18 2a06:98c1:312... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 18.66.122.4 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
4 23.36.162.17 20940 (AKAMAI-ASN1)
1 52.222.214.103 16509 (AMAZON-02)
3 52.48.225.22 16509 (AMAZON-02)
1 54.194.210.249 16509 (AMAZON-02)
1 1 142.250.186.162 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 76.223.116.242 16509 (AMAZON-02)
5 23.36.162.71 20940 (AKAMAI-ASN1)
51 16
1    3.134.45.95 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-134-45-95.us-east-2.compute.amazonaws.com
aplr.ink
18    2a06:98c1:3120::c (United States)

ASN13335 (CLOUDFLARENET, US)
digroup-us.com
3    2a00:1450:400e:80e::200a (Ireland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700::6811:f449 (United States)

ASN13335 (CLOUDFLARENET, US)
hello.myfonts.net
2    2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
5    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    18.66.122.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-4.fra60.r.cloudfront.net
cdn.leadinfo.net
2    2606:4700::6811:915b (United States)

ASN13335 (CLOUDFLARENET, US)
diffuser-cdn.app-us1.com
prism.app-us1.com
4    23.36.162.17 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-162-17.deploy.static.akamaitechnologies.com
cdn.livechatinc.com
1    52.222.214.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-103.fra56.r.cloudfront.net
scripts.iconnode.com
3    52.48.225.22 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-225-22.eu-west-1.compute.amazonaws.com
collector.leadinfo.net
1    54.194.210.249 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-210-249.eu-west-1.compute.amazonaws.com
api.leadinfo.com
1    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
www.googleadservices.com
1    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    76.223.116.242 (United States)

ASN16509 (AMAZON-02, US)
PTR: a171616d2c13795e3.awsglobalaccelerator.com
process.iconnode.com
5    23.36.162.71 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-162-71.deploy.static.akamaitechnologies.com
api.livechatinc.com
secure.livechatinc.com
accounts.livechatinc.com
Apex Domain
Subdomains		 Transfer
18 digroup-us.com
digroup-us.com
2 MB
9 livechatinc.com
cdn.livechatinc.com — Cisco Umbrella Rank: 6160
api.livechatinc.com — Cisco Umbrella Rank: 5068
secure.livechatinc.com — Cisco Umbrella Rank: 6275
accounts.livechatinc.com — Cisco Umbrella Rank: 7250
310 KB
7 gstatic.com
fonts.gstatic.com
www.gstatic.com
71 KB
4 leadinfo.net
cdn.leadinfo.net — Cisco Umbrella Rank: 95846
collector.leadinfo.net — Cisco Umbrella Rank: 77894
49 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 43
2 KB
2 iconnode.com
scripts.iconnode.com — Cisco Umbrella Rank: 34613
process.iconnode.com — Cisco Umbrella Rank: 38505
8 KB
2 app-us1.com
diffuser-cdn.app-us1.com — Cisco Umbrella Rank: 7701
prism.app-us1.com — Cisco Umbrella Rank: 7844
6 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37
20 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 6487
565 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 132
504 B
1 leadinfo.com
api.leadinfo.com — Cisco Umbrella Rank: 96462
278 B
1 myfonts.net
hello.myfonts.net — Cisco Umbrella Rank: 5447
351 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 66
40 KB
1 aplr.ink
aplr.ink
448 B
51 14
Domain Requested by
18 digroup-us.com digroup-us.com
5 fonts.gstatic.com fonts.googleapis.com
4 cdn.livechatinc.com digroup-us.com
secure.livechatinc.com
3 api.livechatinc.com cdn.livechatinc.com
3 collector.leadinfo.net cdn.leadinfo.net
3 fonts.googleapis.com digroup-us.com
secure.livechatinc.com
cdn.livechatinc.com
2 www.gstatic.com www.googletagmanager.com
www.gstatic.com
2 www.google-analytics.com digroup-us.com
www.google-analytics.com
1 accounts.livechatinc.com cdn.livechatinc.com
1 secure.livechatinc.com cdn.livechatinc.com
1 process.iconnode.com scripts.iconnode.com
1 prism.app-us1.com diffuser-cdn.app-us1.com
1 www.google.de digroup-us.com
1 www.googleadservices.com 1 redirects
1 api.leadinfo.com cdn.leadinfo.net
1 scripts.iconnode.com www.googletagmanager.com
1 diffuser-cdn.app-us1.com digroup-us.com
1 cdn.leadinfo.net digroup-us.com
1 hello.myfonts.net digroup-us.com
1 www.googletagmanager.com digroup-us.com
1 aplr.ink 1 redirects
51 21

This site contains links to these domains. Also see Links.

Domain
learning.digroup-us.com
digroup-us.viewcases.com
twitter.com
www.linkedin.com
www.instagram.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-12-02 -
2022-12-01		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh
cdn.leadinfo.net
Amazon		 2022-07-06 -
2023-08-04		 a year crt.sh
livechat.com
DigiCert ECC Secure Server CA		 2022-02-25 -
2023-03-01		 a year crt.sh
*.iconnode.com
Amazon		 2022-07-24 -
2023-08-22		 a year crt.sh
collector.leadinfo.net
Amazon		 2022-07-06 -
2023-08-04		 a year crt.sh
api.leadinfo.com
Amazon		 2022-07-25 -
2023-08-22		 a year crt.sh

This page contains 3 frames:

Primary Page: https://digroup-us.com/blog/evolving-life-and-health-fraud-scheme?apcid=00630893b35e6aaf3231b700&utm_campaign=evolving-life-26-heal&utm_content=&utm_medium=email&utm_source=ortto
Frame ID: ED1119DE237E3ACB4107C9608CACBDA8
Requests: 41 HTTP requests in this frame

Frame: https://secure.livechatinc.com/customer/action/open_chat?license_id=13898394&group=0&embedded=1&widget_version=3&unique_groups=0
Frame ID: 8C996212A8237DE6D4251ED2A95D2F75
Requests: 8 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Noto+Sans:400,700&subset=latin-ext&display=swap
Frame ID: DD90EC008A71B16CDB71EF0ECD269CD9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Evolving Life & Health Fraud Schemes | Diligence Group

Page URL History Show full URLs

  1. https://aplr.ink/r?i=diligenceinternational&r=abrqre5tlzvk6mrrw4agayypvikrsnuognc2jiyvmv3g63d... HTTP 302
    https://digroup-us.com/blog/evolving-life-and-health-fraud-scheme?apcid=00630893b35e6aaf3231b700&ut... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • cdn\.livechatinc\.com/.*tracking\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js

Page Statistics

51
Requests

98 %
HTTPS

50 %
IPv6

14
Domains

21
Subdomains

16
IPs

3
Countries

2309 kB
Transfer

4094 kB
Size

21
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://aplr.ink/r?i=diligenceinternational&r=abrqre5tlzvk6mrrw4agayypvikrsnuognc2jiyvmv3g63dwnfxgollmnftgkljsgywwqzlbnqywi2lhojxxk4bnovzs4y3pnuxwe3dpm4xwk5tpnr3gs3thfvwgsztffvqw4zbnnbswc3dunawwm4tbovsc243dnbsw2zi HTTP 302
    https://digroup-us.com/blog/evolving-life-and-health-fraud-scheme?apcid=00630893b35e6aaf3231b700&utm_campaign=evolving-life-26-heal&utm_content=&utm_medium=email&utm_source=ortto Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33
  • https://www.googleadservices.com/pagead/conversion/10903976733/wcm?cc=ZZ&dn=18006604202&cl=XK9yCJGt68IDEJ32tc8o&ct_eid=2 HTTP 302
  • https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=18006604202&cl=XK9yCJGt68IDEJ32tc8o

51 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request evolving-life-and-health-fraud-scheme
digroup-us.com/blog/
Redirect Chain
  • https://aplr.ink/r?i=diligenceinternational&r=abrqre5tlzvk6mrrw4agayypvikrsnuognc2jiyvmv3g63dwnfxgollmnftgkljsgywwqzlbnqywi2lhojxxk4bnovzs4y3pnuxwe3dpm4xwk5tpnr3gs3thfvwgsztffvqw4zbnnbswc3dunawwm4t...
  • https://digroup-us.com/blog/evolving-life-and-health-fraud-scheme?apcid=00630893b35e6aaf3231b700&utm_campaign=evolving-life-26-heal&utm_content=&utm_medium=email&utm_source=ortto
53 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://digroup-us.com/blog/evolving-life-and-health-fraud-scheme?apcid=00630893b35e6aaf3231b700&utm_campaign=evolving-life-26-heal&utm_content=&utm_medium=email&utm_source=ortto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed8fca0c9be804fcf0d25bb42dca33266913abb81fed8e709993ded4b0a57c6b
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'self' 'unsafe-inline' 'unsafe-eval' www.gravatar.com i.vimeocdn.com player.vimeo.com fonts.gstatic.com hello.myfonts.net fonts.googleapis.com *.google-analytics.com ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=0
cf-cache-status
DYNAMIC
cf-ray
7437ec2eba9bbb14-MXP
content-encoding
br
content-security-policy
default-src https: data: 'self' 'unsafe-inline' 'unsafe-eval' www.gravatar.com i.vimeocdn.com player.vimeo.com fonts.gstatic.com hello.myfonts.net fonts.googleapis.com *.google-analytics.com ;
content-type
text/html; charset=UTF-8
date
Wed, 31 Aug 2022 18:45:21 GMT
expires
Wed, 31 Aug 2022 18:45:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vm52t8qQqiXanzjC9zTPRjSxw%2FCsy%2FpKoTKIu%2FI4YRz77EaaqhB%2BlBRtITGwqjEZm0baXrUOrWKKi7WtpQyWeIyfbZomdtcA%2BHshvHxWUU3sPHqUolQVDWitmpc1WdupcS%2Br7bxGkOFTA07nTw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
allow
GET, POST, PUT, DELETE, OPTIONS
cache-control
no-cache, must-revalidate
content-length
0
content-type
application/json
date
Wed, 31 Aug 2022 18:45:19 GMT
expires
0
location
https://digroup-us.com/blog/evolving-life-and-health-fraud-scheme?apcid=00630893b35e6aaf3231b700&utm_campaign=evolving-life-26-heal&utm_content=&utm_medium=email&utm_source=ortto
pragma
no-cache
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
x-version
master-2208250138-3084-35c086c
css
fonts.googleapis.com/ 		3 KB
1011 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins:400,500,600&display=swap
Requested by
Host: digroup-us.com
URL: https://digroup-us.com/blog/evolving-life-and-health-fraud-scheme?apcid=00630893b35e6aaf3231b700&utm_campaign=evolving-life-26-heal&utm_content=&utm_medium=email&utm_source=ortto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:80e::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3ce18986d97fa7ec40028723de7a1a27c5341c7ab4f37cfd15592a70dabcce74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://digroup-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 31 Aug 2022 18:38:55 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 31 Aug 2022 18:45:21 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 31 Aug 2022 18:45:21 GMT
vendor.css
digroup-us.com/themes/diligence/assets/ 		165 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://digroup-us.com/themes/diligence/assets/vendor.css?id=d40207d70221f8b7dda6
Requested by
Host: digroup-us.com
URL: https://digroup-us.com/blog/evolving-life-and-health-fraud-scheme?apcid=00630893b35e6aaf3231b700&utm_campaign=evolving-life-26-heal&utm_content=&utm_medium=email&utm_source=ortto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf0b26d49b8a4d70aba4fd6e03f060baa8e6b4d8bba960c9116d1cb4e5649b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://digroup-us.com/blog/evolving-life-and-health-fraud-scheme?apcid=00630893b35e6aaf3231b700&utm_campaign=evolving-life-26-heal&utm_content=&utm_medium=email&utm_source=ortto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 18:45:21 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 09 Jul 2019 21:28:37 GMT
server
cloudflare
etag
W/"5d250705-293f9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M4%2F9OeLNNxRJHcMD%2FVnB4ckVB8JkcDFwcsrbFmRvc1OsracqV8EhC1t0QVFHFArwVgAtwe533Ht1MOjtPcjxFeLeC2JZwSc2LugWHuD4GAueC8kEoCWWNERLLgIc7DfH6WDWqo1ikXPj9HQ3Vw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7437ec37097fbb14-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 31 Aug 2023 17:49:25 GMT
theme.css
digroup-us.com/themes/diligence/assets/ 		222 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://digroup-us.com/themes/diligence/assets/theme.css?id=7b1e9170cca1b5f393cd
Requested by
Host: digroup-us.com
URL: https://digroup-us.com/blog/evolving-life-and-health-fraud-scheme?apcid=00630893b35e6aaf3231b700&utm_campaign=evolving-life-26-heal&utm_content=&utm_medium=email&utm_source=ortto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdbe1cb3ac7b6f8fe25aeae0f454cc9b1f5e0c6ed8b69bad55830b3b01ed5750

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://digroup-us.com/blog/evolving-life-and-health-fraud-scheme?apcid=00630893b35e6aaf3231b700&utm_campaign=evolving-life-26-heal&utm_content=&utm_medium=email&utm_source=ortto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 18:45:21 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 28 Aug 2019 23:09:20 GMT
server
cloudflare
etag
W/"5d6709a0-3790f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MqkrhfZxLjJP3cRhLSkyCqVOwMpQOF7glo7O7G1KjOglS4yrS5NdSiOMcTNd%2ByoOZQi5iPRbEAzobmkIUu4EY41we6WihnWWlNW%2B%2FHKd73V2tL2LWHF2G5ReiBCqfHlktifo3AScumVjF%2BxInQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7437ec370983bb14-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 31 Aug 2023 17:49:25 GMT
logo.png
digroup-us.com/themes/diligence/assets/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://digroup-us.com/themes/diligence/assets/images/logo.png
Requested by
Host: digroup-us.com
URL: https://digroup-us.com/blog/evolving-life-and-health-fraud-scheme?apcid=00630893b35e6aaf3231b700&utm_campaign=evolving-life-26-heal&utm_content=&utm_medium=email&utm_source=ortto
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a93d4c205895b74243758d7b13a01c37436c27af412b744f5f5c77830b04cce
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'self' 'unsafe-inline' 'unsafe-eval' www.gravatar.com i.vimeocdn.com player.vimeo.com fonts.gstatic.com hello.myfonts.net fonts.googleapis.com *.google-analytics.com ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://digroup-us.com/blog/evolving-life-and-health-fraud-scheme?apcid=00630893b35e6aaf3231b700&utm_campaign=evolving-life-26-heal&utm_content=&utm_medium=email&utm_source=ortto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 18:45:21 GMT
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
content-length
2374
x-xss-protection
1; mode=block
last-modified
Thu, 06 Jun 2019 17:38:30 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"5cf94f96-946"
strict-transport-security
max-age=31536000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mfsb3RvggZhmWCSm19aPEX9W0zWuIIHaFM0RcMikwHR4FDaX5F3eD3LZcRH1sGYjLHneou2qiolxIsQiCcDFAYruFjhO210uX%2FFnCFJmpDZAsrpFV3mg79iAjjrPt2qluYucUjV%2FdRq7UtRucg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=2592000
content-security-policy
default-src https: data: 'self' 'unsafe-inline' 'unsafe-eval' www.gravatar.com i.vimeocdn.com player.vimeo.com fonts.gstatic.com hello.myfonts.net fonts.googleapis.com *.google-analytics.com ;
accept-ranges
bytes
cf-ray
7437ec396f5d3755-MXP
expires
Fri, 30 Sep 2022 18:45:21 GMT
logo-small.png
digroup-us.com/themes/diligence/assets/images/ 		658 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://digroup-us.com/themes/diligence/assets/images/logo-small.png
Requested by
Host: digroup-us.com
URL: https://digroup-us.com/blog/evolving-life-and-health-fraud-scheme?apcid=00630893b35e6aaf3231b700&utm_campaign=evolving-life-26-heal&utm_content=&utm_medium=email&utm_source=ortto
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8de605aca2044d6643ec4ea23d11c1e20688b965538f5d5d4620bcbded9ec5fc
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'self' 'unsafe-inline' 'unsafe-eval' www.gravatar.com i.vimeocdn.com player.vimeo.com fonts.gstatic.com hello.myfonts.net fonts.googleapis.com *.google-analytics.com ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://digroup-us.com/blog/evolving-life-and-health-fraud-scheme?apcid=00630893b35e6aaf3231b700&utm_campaign=evolving-life-26-heal&utm_content=&utm_medium=email&utm_source=ortto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 18:45:21 GMT
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
content-length
658
x-xss-protection
1; mode=block
last-modified
Mon, 24 Jun 2019 23:34:19 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"5d115dfb-292"
strict-transport-security
max-age=31536000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GoUvG2WsjrKlLpLal4WBC17LqauaMCJJWh7RS3j8NYuBR90Pz9g9Om8CxPiMOvxCZF3fzhQR8UcEvcSX4tI%2BbLrrjUM6%2FkPlBmSdbMdyVXugCa5q%2BdiT2RnvqX7cQ94bdHG5apBNEOvq3FwS6g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=2592000
content-security-policy
default-src https: data: 'self' 'unsafe-inline' 'unsafe-eval' www.gravatar.com i.vimeocdn.com player.vimeo.com fonts.gstatic.com hello.myfonts.net fonts.googleapis.com *.google-analytics.com ;
accept-ranges
bytes
cf-ray
7437ec396f5e3755-MXP
expires
Fri, 30 Sep 2022 18:45:21 GMT
63074c4222b89
digroup-us.com/asset/ 		22 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://digroup-us.com/asset/63074c4222b89?w=370&h=270&fit=max
Requested by
Host: digroup-us.com
URL: https://digroup-us.com/blog/evolving-life-and-health-fraud-scheme?apcid=00630893b35e6aaf3231b700&utm_campaign=evolving-life-26-heal&utm_content=&utm_medium=email&utm_source=ortto
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5f984220858da3d60a08c332bfeacc23e3d1c8ce08db55a008cbbbd6881055c
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'self' 'unsafe-inline' 'unsafe-eval' www.gravatar.com i.vimeocdn.com player.vimeo.com fonts.gstatic.com hello.myfonts.net fonts.googleapis.com *.google-analytics.com ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://digroup-us.com/blog/evolving-life-and-health-fraud-scheme?apcid=00630893b35e6aaf3231b700&utm_campaign=evolving-life-26-heal&utm_content=&utm_medium=email&utm_source=ortto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 18:45:21 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
22837
x-xss-protection
1; mode=block
last-modified
Thu, 25 Aug 2022 10:28:52 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tmeWjAMAC1vVRQsda2HxywA2wOJ4p%2BOtZ0KaS%2Fg4dhrVM1d%2BLXd0Ww3r9jkLE1JsfQD2ZljEgCH%2BMfT6gHlrsFNAoK2Gvh%2F7HGtxGlLE70G6MKNyInNrQ0C3xQ2zWjMYMW8jZndSDojgRsdo2w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
content-security-policy
default-src https: data: 'self' 'unsafe-inline' 'unsafe-eval' www.gravatar.com i.vimeocdn.com player.vimeo.com fonts.gstatic.com hello.myfonts.net fonts.googleapis.com *.google-analytics.com ;
cf-ray
7437ec396f623755-MXP
expires
Fri, 30 Sep 2022 18:45:21 GMT
62e8df542722f
digroup-us.com/asset/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://digroup-us.com/asset/62e8df542722f
Requested by
Host: digroup-us.com
URL: https://digroup-us.com/blog/evolving-life-and-health-fraud-scheme?apcid=00630893b35e6aaf3231b700&utm_campaign=evolving-life-26-heal&utm_content=&utm_medium=email&utm_source=ortto
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c4a4d44981b6c00d7d63ab1b908ec941754d2e88637594f33168800be3ff8a2
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'self' 'unsafe-inline' 'unsafe-eval' www.gravatar.com i.vimeocdn.com player.vimeo.com fonts.gstatic.com hello.myfonts.net fonts.googleapis.com *.google-analytics.com ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://digroup-us.com/blog/evolving-life-and-health-fraud-scheme?apcid=00630893b35e6aaf3231b700&utm_campaign=evolving-life-26-heal&utm_content=&utm_medium=email&utm_source=ortto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 18:45:21 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1250285
x-xss-protection
1; mode=block
last-modified
Thu, 25 Aug 2022 10:28:51 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9oC2O0JSFovLehNm0TBQuhUU%2BAicrFnGuI4dlOEDBUC8B05H3v4mP2DxOKwmFmbhz5xX5fDN422jiq4tWDhKS9tEcXfz5l7VItGLluR3AcWyfE2DL4AwJF6al1Y0bJUHHuVF8xLPovl7ykX1KA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
content-security-policy
default-src https: data: 'self' 'unsafe-inline' 'unsafe-eval' www.gravatar.com i.vimeocdn.com player.vimeo.com fonts.gstatic.com hello.myfonts.net fonts.googleapis.com *.google-analytics.com ;
cf-ray
7437ec396f643755-MXP
expires
Fri, 30 Sep 2022 18:45:21 GMT
blog_bg_image.png
digroup-us.com/themes/diligence/assets/images/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://digroup-us.com/themes/diligence/assets/images/blog_bg_image.png
Requested by
Host: digroup-us.com
URL: https://digroup-us.com/blog/evolving-life-and-health-fraud-scheme?apcid=00630893b35e6aaf3231b700&utm_campaign=evolving-life-26-heal&utm_content=&utm_medium=email&utm_source=ortto
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ce15fe4fbbe3bec2179a5e3b758169751de4fdd93c6b4953d370f3b570aef4a
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'self' 'unsafe-inline' 'unsafe-eval' www.gravatar.com i.vimeocdn.com player.vimeo.com fonts.gstatic.com hello.myfonts.net fonts.googleapis.com *.google-analytics.com ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://digroup-us.com/blog/evolving-life-and-health-fraud-scheme?apcid=00630893b35e6aaf3231b700&utm_campaign=evolving-life-26-heal&utm_content=&utm_medium=email&utm_source=ortto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 18:45:21 GMT
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
content-length
34982
x-xss-protection
1; mode=block
last-modified
Mon, 24 Jun 2019 23:34:19 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"5d115dfb-88a6"
strict-transport-security
max-age=31536000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UF8Pqm7N1SnaKR07s3RVjx0mLpOzRBWvu011vraHUD9p4hQh%2FNCnNgP2JVib2pEfctx6I60Pw0BMzpd2krVJIIRaa2mMAztZGV8EOAEkIKDUR5HmZwGkZjxIydPKBdnNGVPUX6Edajv7oOkI%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=2592000
content-security-policy
default-src https: data: 'self' 'unsafe-inline' 'unsafe-eval' www.gravatar.com i.vimeocdn.com player.vimeo.com fonts.gstatic.com hello.myfonts.net fonts.googleapis.com *.google-analytics.com ;
accept-ranges
bytes
cf-ray
7437ec396f653755-MXP
expires
Fri, 30 Sep 2022 18:45:21 GMT
email-decode.min.js
digroup-us.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://digroup-us.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: digroup-us.com
URL: https://digroup-us.com/blog/evolving-life-and-health-fraud-scheme?apcid=00630893b35e6aaf3231b700&utm_campaign=evolving-life-26-heal&utm_content=&utm_medium=email&utm_source=ortto
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://digroup-us.com/blog/evolving-life-and-health-fraud-scheme?apcid=00630893b35e6aaf3231b700&utm_campaign=evolving-life-26-heal&utm_content=&utm_medium=email&utm_source=ortto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 18:45:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 26 Aug 2022 16:13:01 GMT
server
cloudflare
etag
W/"6308f10d-4d7"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BJBWKEs0mkTQz8KaxA%2F1XsvLtsLkzmzcKdIKNgi3HC42ywEAnhJgjUx3X9Zm4%2FSgfwO78nvl0uXIkBZGVBxxfNlSPC551ef09Bv%2Fs4YxsKwVjhwNGCGvdU3MxOebuhoIywXWa0VmbYQ87QUpjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7437ec389d6f3755-MXP
vary
Accept-Encoding
expires
Fri, 02 Sep 2022 18:45:21 GMT
manifest.js
digroup-us.com/themes/diligence/assets/ 		799 B
955 B 		Script
General
Check archive.org
Download Go to
Full URL
https://digroup-us.com/themes/diligence/assets/manifest.js?id=40dcfff9d09d402daf38
Requested by
Host: digroup-us.com
URL: https://digroup-us.com/blog/evolving-life-and-health-fraud-scheme?apcid=00630893b35e6aaf3231b700&utm_campaign=evolving-life-26-heal&utm_content=&utm_medium=email&utm_source=ortto
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a8162403bfffd36e97c3d0d2f07f8bdc2fc5e65b6638b0d8d951c58e7f95327

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://digroup-us.com/blog/evolving-life-and-health-fraud-scheme?apcid=00630893b35e6aaf3231b700&utm_campaign=evolving-life-26-heal&utm_content=&utm_medium=email&utm_source=ortto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 18:45:21 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 24 Jun 2019 23:34:19 GMT
server
cloudflare
etag
W/"5d115dfb-31f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3eiJUq9FvhHt3EdrXH5jWL4eL8aUGbB4OchQjDw0RK1aJTc7VMtprgBt0zCCChtP%2BU%2B6%2BLzr%2F0Qez0xJG1zkn3VyRjyPE67hH60DxU7nJ0Pxw1bfBlBL4CIqbJFILjJlqfsevP0oXBuYeen%2FUw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7437ec38bdab3755-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 20 Aug 2023 11:52:34 GMT
vendor.js
digroup-us.com/themes/diligence/assets/ 		433 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://digroup-us.com/themes/diligence/assets/vendor.js?id=387ba3d920f7bc5771ff
Requested by
Host: digroup-us.com
URL: https://digroup-us.com/blog/evolving-life-and-health-fraud-scheme?apcid=00630893b35e6aaf3231b700&utm_campaign=evolving-life-26-heal&utm_content=&utm_medium=email&utm_source=ortto
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2e780d1bd0e711fecd63b9def64e3032c5c99808124943b8203fd2019ea5e6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://digroup-us.com/blog/evolving-life-and-health-fraud-scheme?apcid=00630893b35e6aaf3231b700&utm_campaign=evolving-life-26-heal&utm_content=&utm_medium=email&utm_source=ortto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 18:45:21 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 24 Jun 2019 23:34:19 GMT
server
cloudflare
etag
W/"5d115dfb-6c234"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IkUYmFUiIvZ1IKLeECv1SnSNAC6kQdm73kcdxTpEjODZQIrjk1XFS3F543rJciIhMNwxrQfEzwihi8SGu%2FoupLPzMtPZ2AwL6xbaUgU7LuxzPg7pvBPxB8WzFxtg2atU5EWq7u1JNdfGfaWc1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7437ec396f583755-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Mon, 28 Aug 2023 12:32:59 GMT
theme.js
digroup-us.com/themes/diligence/assets/ 		119 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://digroup-us.com/themes/diligence/assets/theme.js?id=300a659036f53a9c16b3
Requested by
Host: digroup-us.com
URL: https://digroup-us.com/blog/evolving-life-and-health-fraud-scheme?apcid=00630893b35e6aaf3231b700&utm_campaign=evolving-life-26-heal&utm_content=&utm_medium=email&utm_source=ortto
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b4cc6b2ad7a300799af5fce4820f3850d759e390de47c495f7cf486efcaa733

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://digroup-us.com/blog/evolving-life-and-health-fraud-scheme?apcid=00630893b35e6aaf3231b700&utm_campaign=evolving-life-26-heal&utm_content=&utm_medium=email&utm_source=ortto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 18:45:21 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 26 Aug 2019 22:10:11 GMT
server
cloudflare
etag
W/"5d6458c3-1db08"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WzPcetDmjtcz6%2B6RHXEKDbknTpF%2Bv9dTnRg82qWYAgtZnKrHsf4bPqyx6RlvywGbHGjiO8UmmQJEmPSxhvOD0oen43PcR7nK2uDiVEGk7laFTZ94cbyhGDN9LGapm6jUHgZEOHeF1lgGG1IBxg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7437ec396f593755-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 31 Aug 2023 17:49:25 GMT
gtm.js
www.googletagmanager.com/ 		102 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WZZZNKM
Requested by
Host: digroup-us.com
URL: https://digroup-us.com/blog/evolving-life-and-health-fraud-scheme?apcid=00630893b35e6aaf3231b700&utm_campaign=evolving-life-26-heal&utm_content=&utm_medium=email&utm_source=ortto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
eb2ddbe6093297ebe3186f498724f3441d798a53a9a742cd2b40df26df030c30
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://digroup-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 18:45:21 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40584
x-xss-protection
0
last-modified
Wed, 31 Aug 2022 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 31 Aug 2022 18:45:21 GMT
38e420
hello.myfonts.net/count/ 		0
351 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hello.myfonts.net/count/38e420
Requested by
Host: digroup-us.com
URL: https://digroup-us.com/themes/diligence/assets/theme.css?id=7b1e9170cca1b5f393cd
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:f449 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://digroup-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 18:45:21 GMT
server
cloudflare
age
1
expect-ct
null
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7437ec391ed223af-ZRH
content-length
0
expires
Thu, 31 Aug 2023 18:45:21 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: digroup-us.com
URL: https://digroup-us.com/blog/evolving-life-and-health-fraud-scheme?apcid=00630893b35e6aaf3231b700&utm_campaign=evolving-life-26-heal&utm_content=&utm_medium=email&utm_source=ortto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://digroup-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
6201
date
Wed, 31 Aug 2022 17:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 31 Aug 2022 19:02:00 GMT
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,500,600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://digroup-us.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:25:01 GMT
x-content-type-options
nosniff
age
602420
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7748
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:21:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 24 Aug 2023 19:25:01 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,500,600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://digroup-us.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:25:00 GMT
x-content-type-options
nosniff
age
602421
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7884
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:03:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 24 Aug 2023 19:25:00 GMT
fa-light-300.woff2
digroup-us.com/themes/diligence/assets/fonts/ 		65 KB
66 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://digroup-us.com/themes/diligence/assets/fonts/fa-light-300.woff2?25ea1f58b39fcf5a5caa3e67d54ea1d3
Requested by
Host: digroup-us.com
URL: https://digroup-us.com/themes/diligence/assets/vendor.css?id=d40207d70221f8b7dda6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08c5812dd025af3149b80ecb972803b280476bebb5e9f02416e6f007a04de8b4
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'self' 'unsafe-inline' 'unsafe-eval' www.gravatar.com i.vimeocdn.com player.vimeo.com fonts.gstatic.com hello.myfonts.net fonts.googleapis.com *.google-analytics.com ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://digroup-us.com/themes/diligence/assets/vendor.css?id=d40207d70221f8b7dda6
Origin
https://digroup-us.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 18:45:21 GMT
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
content-length
66880
x-xss-protection
1; mode=block
last-modified
Thu, 06 Jun 2019 17:38:30 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"5cf94f96-10540"
strict-transport-security
max-age=31536000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QygkgCJYtLsmfGu%2B%2Bxwevvfacjpiy3EqSBQhKiEqRip%2BG4wO%2ByF9TCmiSrF9E8e8OLZBgBlli6mQzpWnIZqnhhHMXNNZDURft9qZk9oy%2FgspfZfjGpPdHSMqM8VOKWUVD7q5eVQ1QPh4FISDVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=2592000
content-security-policy
default-src https: data: 'self' 'unsafe-inline' 'unsafe-eval' www.gravatar.com i.vimeocdn.com player.vimeo.com fonts.gstatic.com hello.myfonts.net fonts.googleapis.com *.google-analytics.com ;
accept-ranges
bytes
cf-ray
7437ec397f733755-MXP
expires
Fri, 30 Sep 2022 18:45:21 GMT
38E420_0_0.woff2
digroup-us.com/themes/diligence/assets/fonts/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://digroup-us.com/themes/diligence/assets/fonts/38E420_0_0.woff2?18d38c773ed991d782f16dea72b51457
Requested by
Host: digroup-us.com
URL: https://digroup-us.com/themes/diligence/assets/theme.css?id=7b1e9170cca1b5f393cd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1989756a501b1a912531d94f0679ce9b57d18886a86ab7861e63c02990cca57b
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'self' 'unsafe-inline' 'unsafe-eval' www.gravatar.com i.vimeocdn.com player.vimeo.com fonts.gstatic.com hello.myfonts.net fonts.googleapis.com *.google-analytics.com ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://digroup-us.com/themes/diligence/assets/theme.css?id=7b1e9170cca1b5f393cd
Origin
https://digroup-us.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 18:45:21 GMT
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
content-length
26246
x-xss-protection
1; mode=block
last-modified
Mon, 24 Jun 2019 23:34:19 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"5d115dfb-6686"
strict-transport-security
max-age=31536000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wed24Z6rYgmE1WoOUM7N86RWBhVqHm7U1MqCRTitZU1W6GfEap0YMpqyOmfq977JJNmdmkHcxsOgujjYk%2BooZsSl2X9VGzQ9TkgIKATR7Nxi5OO6tt%2BU44vZ4ezPtlowkTy8bFwjFDppz1C4wg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=2592000
content-security-policy
default-src https: data: 'self' 'unsafe-inline' 'unsafe-eval' www.gravatar.com i.vimeocdn.com player.vimeo.com fonts.gstatic.com hello.myfonts.net fonts.googleapis.com *.google-analytics.com ;
accept-ranges
bytes
cf-ray
7437ec399fb23755-MXP
expires
Fri, 30 Sep 2022 18:45:21 GMT
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,500,600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://digroup-us.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:25:01 GMT
x-content-type-options
nosniff
age
602420
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8000
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:59:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 24 Aug 2023 19:25:01 GMT
blog_pattern_bg.png
digroup-us.com/themes/diligence/assets/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://digroup-us.com/themes/diligence/assets/images/blog_pattern_bg.png?08f9734d1a644f7563d95b1f9e7b4571
Requested by
Host: digroup-us.com
URL: https://digroup-us.com/themes/diligence/assets/theme.css?id=7b1e9170cca1b5f393cd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f17421de2f8205ae6085bef6304d5753aa670531ee4c2730d4dd62b60c4aa74e
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'self' 'unsafe-inline' 'unsafe-eval' www.gravatar.com i.vimeocdn.com player.vimeo.com fonts.gstatic.com hello.myfonts.net fonts.googleapis.com *.google-analytics.com ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://digroup-us.com/themes/diligence/assets/theme.css?id=7b1e9170cca1b5f393cd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 18:45:21 GMT
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
content-length
4542
x-xss-protection
1; mode=block
last-modified
Thu, 27 Jun 2019 22:26:00 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"5d154278-11be"
strict-transport-security
max-age=31536000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1w27In9lQVYqih0rD35x8EW0cgbBe4vfB%2BplK1L6Qv%2FRgqx9IL71%2BGbC6u9q10LWL0m5AIyicfW35g7Y0O%2BNCLbRTRxcQO6evPxBl326A32Z%2B3Bhaxs%2B9O1GbHvXjIYTdXJu%2FrA%2B3LxQg%2BksEw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=2592000
content-security-policy
default-src https: data: 'self' 'unsafe-inline' 'unsafe-eval' www.gravatar.com i.vimeocdn.com player.vimeo.com fonts.gstatic.com hello.myfonts.net fonts.googleapis.com *.google-analytics.com ;
accept-ranges
bytes
cf-ray
7437ec39bfd83755-MXP
expires
Fri, 30 Sep 2022 18:45:21 GMT
fa-solid-900.woff2
digroup-us.com/themes/diligence/assets/fonts/ 		52 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://digroup-us.com/themes/diligence/assets/fonts/fa-solid-900.woff2?5229fc2de01ebaf2f66ea0906d99934d
Requested by
Host: digroup-us.com
URL: https://digroup-us.com/themes/diligence/assets/vendor.css?id=d40207d70221f8b7dda6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
556213d68f2f3386a34135c07ea432d252682ac7deecc5eb9c9c23a194e83415
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'self' 'unsafe-inline' 'unsafe-eval' www.gravatar.com i.vimeocdn.com player.vimeo.com fonts.gstatic.com hello.myfonts.net fonts.googleapis.com *.google-analytics.com ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://digroup-us.com/themes/diligence/assets/vendor.css?id=d40207d70221f8b7dda6
Origin
https://digroup-us.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 18:45:21 GMT
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
content-length
53592
x-xss-protection
1; mode=block
last-modified
Thu, 06 Jun 2019 17:38:30 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"5cf94f96-d158"
strict-transport-security
max-age=31536000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1PbVb57ExWxYPp9BpZl6TXqGrbA1%2BLMz5zg%2BNveJ5p0qhn6%2B9gdsTwfJtoIItlK3vQJ1dZLXiGzq19O9LJL%2B%2BjCW7bdvveMgabHo8M%2BAibGH8HN105bkgp9OoK%2FNm1FNnOF4DwNOYRcCTNRIIg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=2592000
content-security-policy
default-src https: data: 'self' 'unsafe-inline' 'unsafe-eval' www.gravatar.com i.vimeocdn.com player.vimeo.com fonts.gstatic.com hello.myfonts.net fonts.googleapis.com *.google-analytics.com ;
accept-ranges
bytes
cf-ray
7437ec39bfdc3755-MXP
expires
Fri, 30 Sep 2022 18:45:21 GMT
fa-brands-400.woff2
digroup-us.com/themes/diligence/assets/fonts/ 		53 KB
54 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://digroup-us.com/themes/diligence/assets/fonts/fa-brands-400.woff2?65b96d56a9e1826650fb28b8aa806f26
Requested by
Host: digroup-us.com
URL: https://digroup-us.com/themes/diligence/assets/vendor.css?id=d40207d70221f8b7dda6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a840cbc1851e412ca570bde62526c4cbecde684da1c79e9ef8debd83ab15869
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'self' 'unsafe-inline' 'unsafe-eval' www.gravatar.com i.vimeocdn.com player.vimeo.com fonts.gstatic.com hello.myfonts.net fonts.googleapis.com *.google-analytics.com ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://digroup-us.com/themes/diligence/assets/vendor.css?id=d40207d70221f8b7dda6
Origin
https://digroup-us.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 18:45:21 GMT
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
content-length
54480
x-xss-protection
1; mode=block
last-modified
Thu, 06 Jun 2019 17:38:30 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"5cf94f96-d4d0"
strict-transport-security
max-age=31536000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rBAfHTdIQjMCCL%2BsCLwtihFBFh4NREM%2FSwB8UKI%2BZbJGtJqIRdMKHjSZrvl%2F%2BYjSGhwUaWCiAfrwChuQms6%2BHF4IMW3d1WMpOCUtUN40XqQQzFwHH%2FbzkVD1QXsWUr1Fos60WzPXuz7Vv5CwOw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=2592000
content-security-policy
default-src https: data: 'self' 'unsafe-inline' 'unsafe-eval' www.gravatar.com i.vimeocdn.com player.vimeo.com fonts.gstatic.com hello.myfonts.net fonts.googleapis.com *.google-analytics.com ;
accept-ranges
bytes
cf-ray
7437ec39bfe13755-MXP
expires
Fri, 30 Sep 2022 18:45:21 GMT
fa-regular-400.woff2
digroup-us.com/themes/diligence/assets/fonts/ 		62 KB
63 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://digroup-us.com/themes/diligence/assets/fonts/fa-regular-400.woff2?1b8460876060f25c32aea45299537695
Requested by
Host: digroup-us.com
URL: https://digroup-us.com/themes/diligence/assets/vendor.css?id=d40207d70221f8b7dda6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f9d60dfa847591e27ebc1b76f6ed87529dbc57382055b8a170cff951013a5fa
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'self' 'unsafe-inline' 'unsafe-eval' www.gravatar.com i.vimeocdn.com player.vimeo.com fonts.gstatic.com hello.myfonts.net fonts.googleapis.com *.google-analytics.com ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://digroup-us.com/themes/diligence/assets/vendor.css?id=d40207d70221f8b7dda6
Origin
https://digroup-us.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 18:45:21 GMT
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
content-length
63588
x-xss-protection
1; mode=block
last-modified
Thu, 06 Jun 2019 17:38:30 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"5cf94f96-f864"
strict-transport-security
max-age=31536000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l75yj0H779q57V8KAgEMfuuKsfCXxj8BhBVjI4NVHNMj1Nqy9LT9Ne%2FWTc%2BZwUbgUCXeFBgBcQU2aQr499yFgvtovKYLKn3CDFPXw16VJgaghZ4Qd02G2mRhb0kcnHgIcxaMyv0NbN2XW0JGRg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=2592000
content-security-policy
default-src https: data: 'self' 'unsafe-inline' 'unsafe-eval' www.gravatar.com i.vimeocdn.com player.vimeo.com fonts.gstatic.com hello.myfonts.net fonts.googleapis.com *.google-analytics.com ;
accept-ranges
bytes
cf-ray
7437ec39bfe33755-MXP
expires
Fri, 30 Sep 2022 18:45:21 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=349994000&t=pageview&_s=1&dl=https%3A%2F%2Fdigroup-us.com%2Fblog%2Fevolving-life-and-health-fraud-scheme%3Fapcid%3D00630893b35e6aaf3231b700%26utm_campaign%3Devolving-life-26-heal%26utm_content%3D%26utm_medium%3Demail%26utm_source%3Dortto&ul=en-us&de=UTF-8&dt=Evolving%20Life%20%26%20Health%20Fraud%20Schemes%20%7C%20Diligence%20Group&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=767463972&gjid=927907868&cid=963957234.1661971522&tid=UA-154498994-1&_gid=637241579.1661971522&_r=1&_slc=1&z=1665789330
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://digroup-us.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 18:45:21 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://digroup-us.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
loader.js
www.gstatic.com/wcm/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/wcm/loader.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WZZZNKM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9f959aaad80347edc26ed8279c6a68c098efc76876ac2e2f8ccc54b118f197f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://digroup-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 18:15:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
1800
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
last-modified
Mon, 15 Mar 2021 16:45:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 31 Aug 2022 19:15:21 GMT
ping.js
cdn.leadinfo.net/ 		139 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.leadinfo.net/ping.js
Requested by
Host: digroup-us.com
URL: https://digroup-us.com/blog/evolving-life-and-health-fraud-scheme?apcid=00630893b35e6aaf3231b700&utm_campaign=evolving-life-26-heal&utm_content=&utm_medium=email&utm_source=ortto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-4.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
310cce7731d3b3ca1495c6c4be67b9f0dfd8e76fe702891795d15cf9a480ec3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://digroup-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 10:11:56 GMT
content-encoding
gzip
last-modified
Mon, 29 Aug 2022 10:11:50 GMT
server
AmazonS3
age
203606
etag
W/"e9d23815b541934c4bf60ebcb7c4c581"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
x-amz-version-id
1nxpdTzCyJ_sIAuIDK5m_GlZE_sh9FQV
via
1.1 109c7a7f1cf897851e09b16d3030a948.cloudfront.net (CloudFront)
cache-control
private, max-age=900
x-amz-cf-pop
FRA60-P2
content-type
application/javascript
x-amz-cf-id
2ZwqFD0BRCmdEiYCWmDXdfuV0w3M0LZo2LXLKyybJswTojXG9jr1UQ==
diffuser.js
diffuser-cdn.app-us1.com/diffuser/ 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Requested by
Host: digroup-us.com
URL: https://digroup-us.com/blog/evolving-life-and-health-fraud-scheme?apcid=00630893b35e6aaf3231b700&utm_campaign=evolving-life-26-heal&utm_content=&utm_medium=email&utm_source=ortto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:915b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15eb202865d1d835fae2eff61bb922fa91fb4064a1fb850ebadab1f190782648

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://digroup-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 18:45:21 GMT
content-encoding
gzip
cf-cache-status
HIT
age
19
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
last-modified
Thu, 21 Oct 2021 17:42:06 GMT
server
cloudflare
etag
W/"4d482a43613d3966f353ec9d97452e0c"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 eeeb5087a36839b2299b9c53f96feb8e.cloudfront.net (CloudFront)
cache-control
public, max-age=300
x-amz-cf-pop
TXL50-P1
cf-ray
7437ec3a8c9b0208-ZRH
x-amz-cf-id
Lcg6TJ_UqGRQkdT_N_-ulNBZlJ4_008XKOtagiafajTlppIIND9hnQ==
tracking.js
cdn.livechatinc.com/ 		84 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.livechatinc.com/tracking.js
Requested by
Host: digroup-us.com
URL: https://digroup-us.com/blog/evolving-life-and-health-fraud-scheme?apcid=00630893b35e6aaf3231b700&utm_campaign=evolving-life-26-heal&utm_content=&utm_medium=email&utm_source=ortto
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.162.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-162-17.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
aaa4f2ba531431216c858c5a6f3cd1025e27b4a1fe6c28a69dff28bd0c48daa5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://digroup-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id
Egqmf1pgeyDlcCg5BbgUwW.yVQDQ30QB
content-encoding
br
last-modified
Wed, 31 Aug 2022 10:16:05 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
etag
W/"6a4fa4403464477a31b3b06855e18d08"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=28800
date
Wed, 31 Aug 2022 18:45:21 GMT
content-length
25730
x-amz-cf-id
l34s2_ZZQqPx7ULCQ9qrLQo7QQOUXo_Jilo9cOD6cyOeoWpN0YgSow==
expires
Thu, 01 Sep 2022 02:45:21 GMT
94186.js
scripts.iconnode.com/ 		45 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.iconnode.com/94186.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WZZZNKM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-103.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
776c0c5a94e82c3d20857008eccd0fc17484c1aa247d613ed14742990330e820

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://digroup-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 18:45:22 GMT
content-encoding
gzip
last-modified
Wed, 15 Jun 2022 20:51:52 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
etag
"e1c37701e5c640d5002e2d0e72e46b9c"
x-cache
RefreshHit from cloudfront
content-type
application/javascript
via
1.1 626c544a24a86c6cd608360f520b6d8c.cloudfront.net (CloudFront)
cache-control
max-age=0
accept-ranges
bytes
content-length
7680
x-amz-cf-id
_jGgg2hxLrKaspNep-Bk3dV0zJ7dv7pVdDe9QtEMc0k6gP-dUlkfHg==
call-tracking_7.js
www.gstatic.com/call-tracking/ 		54 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/call-tracking/call-tracking_7.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/wcm/loader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff2fde453aa6220144126828a284d4cc227479f1fe83beef3a6b6a4504c7e4df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://digroup-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 26 Aug 2022 11:22:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
458574
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-telephony
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21020
x-xss-protection
0
last-modified
Wed, 03 Feb 2021 22:45:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-telephony"
vary
Accept-Encoding
report-to
{"group":"ads-telephony","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-telephony"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 26 Aug 2023 11:22:27 GMT
/
collector.leadinfo.net/config/LI-624C8F1AAB661/ 		30 B
221 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector.leadinfo.net/config/LI-624C8F1AAB661/
Requested by
Host: cdn.leadinfo.net
URL: https://cdn.leadinfo.net/ping.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.225.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-225-22.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
741ff9ad3c19112fe5d5935d4005d5e461b3ab535526eb470807299f8d72d25a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://digroup-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 18:45:21 GMT
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://digroup-us.com
cache-control
no-cache, no-store, must-revalidate
content-length
30
expires
0
LI-624C8F1AAB661
api.leadinfo.com/v1/identify/ 		2 B
278 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.leadinfo.com/v1/identify/LI-624C8F1AAB661
Requested by
Host: cdn.leadinfo.net
URL: https://cdn.leadinfo.net/ping.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.210.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-210-249.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.54 (Debian) / Leadinfo
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://digroup-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 18:45:21 GMT
server
Apache/2.4.54 (Debian)
x-powered-by
Leadinfo
access-control-allow-methods
GET
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://digroup-us.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
Origin
content-length
2
expires
0
wcm
www.google.de/pagead/attribution/
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/10903976733/wcm?cc=ZZ&dn=18006604202&cl=XK9yCJGt68IDEJ32tc8o&ct_eid=2
  • https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=18006604202&cl=XK9yCJGt68IDEJ32tc8o
80 B
565 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=18006604202&cl=XK9yCJGt68IDEJ32tc8o
Requested by
Host: digroup-us.com
URL: https://digroup-us.com/blog/evolving-life-and-health-fraud-scheme?apcid=00630893b35e6aaf3231b700&utm_campaign=evolving-life-26-heal&utm_content=&utm_medium=email&utm_source=ortto
Protocol
H2
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://digroup-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 18:45:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
application/json; charset=UTF-8
access-control-allow-origin
null
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87
x-xss-protection
0

Redirect headers

timing-allow-origin
*
date
Wed, 31 Aug 2022 18:45:21 GMT
x-content-type-options
nosniff
server
cafe
location
https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=18006604202&cl=XK9yCJGt68IDEJ32tc8o
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
https://digroup-us.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
/
prism.app-us1.com/ 		0
236 B 		Script
General
Check archive.org
Download Go to
Full URL
https://prism.app-us1.com/?a=225676093&u=https%3A%2F%2Fdigroup-us.com%2Fblog%2Fevolving-life-and-health-fraud-scheme%3Fapcid%3D00630893b35e6aaf3231b700%26utm_campaign%3Devolving-life-26-heal%26utm_content%3D%26utm_medium%3Demail%26utm_source%3Dortto
Requested by
Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:915b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.30
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://digroup-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 18:45:22 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
PHP/7.4.30
content-type
application/javascript
cache-control
no-cache, private
x-envoy-upstream-service-time
49
cf-ray
7437ec3bef590208-ZRH
content-length
0
/
process.iconnode.com/google-ads/ 		0
210 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://process.iconnode.com/google-ads/
Requested by
Host: scripts.iconnode.com
URL: https://scripts.iconnode.com/94186.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.116.242 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a171616d2c13795e3.awsglobalaccelerator.com
Software
Apache/2.4.54 () OpenSSL/1.0.2k-fips PHP/7.4.30 / PHP/7.4.30
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://digroup-us.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 31 Aug 2022 18:45:22 GMT
server
Apache/2.4.54 () OpenSSL/1.0.2k-fips PHP/7.4.30
x-powered-by
PHP/7.4.30
access-control-max-age
86400
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://digroup-us.com
access-control-allow-credentials
true
content-length
0
tp2
collector.leadinfo.net/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://collector.leadinfo.net/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.225.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-225-22.eu-west-1.compute.amazonaws.com
Software
spray-can/1.3.3 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://digroup-us.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-origin
https://digroup-us.com
content-length
0
date
Wed, 31 Aug 2022 18:45:22 GMT
server
spray-can/1.3.3
tp2
collector.leadinfo.net/com.snowplowanalytics.snowplow/ 		2 B
229 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector.leadinfo.net/com.snowplowanalytics.snowplow/tp2
Requested by
Host: cdn.leadinfo.net
URL: https://cdn.leadinfo.net/ping.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.225.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-225-22.eu-west-1.compute.amazonaws.com
Software
spray-can/1.3.3 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://digroup-us.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
https://digroup-us.com
date
Wed, 31 Aug 2022 18:45:22 GMT
access-control-allow-credentials
true
server
spray-can/1.3.3
content-type
text/plain; charset=UTF-8
content-length
2
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
get_dynamic_configuration
api.livechatinc.com/v3.3/customer/action/ 		203 B
410 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=13898394&url=https%3A%2F%2Fdigroup-us.com%2Fblog%2Fevolving-life-and-health-fraud-scheme%3Fapcid%3D00630893b35e6aaf3231b700%26utm_campaign%3Devolving-life-26-heal%26utm_content%3D%26utm_medium%3Demail%26utm_source%3Dortto&channel_type=code&jsonp=__mupn7n6wbbg
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.162.71 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-162-71.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6b320966aff12a2712306e3a741c725c8e328d30b489d0f71735d1d6f142d2ef
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://digroup-us.com/;
X-Frame-Options allow-from https://digroup-us.com/

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://digroup-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

content-security-policy
frame-ancestors https://digroup-us.com/;
vary
Accept-Encoding
x-frame-options
allow-from https://digroup-us.com/
date
Wed, 31 Aug 2022 18:45:22 GMT
content-length
203
legacy
2023-06-30
content-type
application/javascript; charset=UTF-8
get_configuration
api.livechatinc.com/v3.3/customer/action/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.livechatinc.com/v3.3/customer/action/get_configuration?license_id=13898394&version=163.1.1.99.1.16.1.1.1.1.1.1&group_id=0&jsonp=__lc_static_config
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.162.71 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-162-71.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
89386b9ea314a324e1c640bbaad35c1f904b1bd38a782f6c8deff3a98b0c4ac4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://digroup-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 18:45:22 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
legacy
2023-06-30
cache-control
public, max-age=600
content-length
1470
expires
Wed, 31 Aug 2022 18:55:22 GMT
open_chat
secure.livechatinc.com/customer/action/ Frame 8C99 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.livechatinc.com/customer/action/open_chat?license_id=13898394&group=0&embedded=1&widget_version=3&unique_groups=0
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.162.71 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-162-71.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
cb69d6262b2aa89d5b01cd3c70ce2ed857ce292981b2c6b48c3c6493ea9872dc

Request headers

Referer
https://digroup-us.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-length
1970
content-type
text/html; charset=utf-8
date
Wed, 31 Aug 2022 18:45:22 GMT
vary
Accept-Encoding
get_localization
api.livechatinc.com/v3.3/customer/action/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.livechatinc.com/v3.3/customer/action/get_localization?license_id=13898394&version=ff93808ef52c6dd040640c4853b854bd&language=en&group_id=0&jsonp=__lc_localization
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.162.71 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-162-71.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4dbfef10d4d6893abb724637f9d54d1db71f14d858bd96f4286acbe52828182f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://digroup-us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 18:45:22 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
legacy
2023-06-30
cache-control
public, max-age=600
content-length
3776
expires
Wed, 31 Aug 2022 18:55:22 GMT
css
fonts.googleapis.com/ Frame 8C99 		5 KB
713 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto+Sans:400,700&subset=latin-ext&display=swap
Requested by
Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=13898394&group=0&embedded=1&widget_version=3&unique_groups=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:80e::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4ce2e29fbc4e24edb01b73f09bb5a9e616af2cbc270c23d3b804e251ef247f13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.livechatinc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 31 Aug 2022 18:34:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 31 Aug 2022 18:45:22 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 31 Aug 2022 18:45:22 GMT
0.35c175e9.chunk.js
cdn.livechatinc.com/widget/static/js/ Frame 8C99 		209 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.livechatinc.com/widget/static/js/0.35c175e9.chunk.js
Requested by
Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=13898394&group=0&embedded=1&widget_version=3&unique_groups=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.162.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-162-17.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
265dcb089f251388fb3475ff20b1062bbe22e608023f30989eedff570fd34d2c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.livechatinc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id
6KOYhhgZitgTC5xPbQ368JrlS4su9HeM
content-encoding
br
last-modified
Thu, 18 Aug 2022 13:12:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
etag
W/"aef839accd7202f1a686d4131c6cce4f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
date
Wed, 31 Aug 2022 18:45:22 GMT
content-length
66316
x-amz-cf-id
j5r_t1VIzw_cfi4SfDb8cNCaxtzcFdaFc87zErjq5SNuIg7keeN78A==
expires
Thu, 31 Aug 2023 18:45:22 GMT
2.4e977580.chunk.js
cdn.livechatinc.com/widget/static/js/ Frame 8C99 		328 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.livechatinc.com/widget/static/js/2.4e977580.chunk.js
Requested by
Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=13898394&group=0&embedded=1&widget_version=3&unique_groups=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.162.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-162-17.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
f874d2785d4418cdd92079b7e5b50ac6eeaec161a7e186374b836b04d53d801e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.livechatinc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id
17kB8ifRa1_6_4vRNPLp.N4Xgo2x7RBm
content-encoding
br
last-modified
Wed, 31 Aug 2022 10:16:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
etag
W/"5d48b0d3889241e28d8cbd0d17264f12"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
date
Wed, 31 Aug 2022 18:45:22 GMT
content-length
94388
x-amz-cf-id
ZexaZ_OPs4JqMZHYlH5yuz8K7PMN15kg1RbGlreSX5nae4tHlYyjQA==
expires
Thu, 31 Aug 2023 18:45:22 GMT
iframe.0eeced8b.chunk.js
cdn.livechatinc.com/widget/static/js/ Frame 8C99 		439 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.livechatinc.com/widget/static/js/iframe.0eeced8b.chunk.js
Requested by
Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=13898394&group=0&embedded=1&widget_version=3&unique_groups=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.162.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-162-17.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
a80efd25fc70e3e73a2595f2a20f0cc128bf8cda64f5369a4d891c71b88ea101

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.livechatinc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id
tnmxzkOTyf9Lvc8KinMnKnO936VJNjTm
content-encoding
br
last-modified
Wed, 31 Aug 2022 10:16:07 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
etag
W/"d106cd5997a4597bde9e6572c9935bc4"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
date
Wed, 31 Aug 2022 18:45:22 GMT
content-length
119598
x-amz-cf-id
m_ZI-NlVZj9ZIMR8vXpnLQLoSMQoqIFPhunvxXgavz5oBEEX7Pyoow==
expires
Thu, 31 Aug 2023 18:45:22 GMT
o-0IIpQlx3QUlC5A4PNr5TRA.woff2
fonts.gstatic.com/s/notosans/v27/ Frame 8C99 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v27/o-0IIpQlx3QUlC5A4PNr5TRA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700&subset=latin-ext&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88f00438d26021a325247c4427898f7c778a22976df9f1a9d9876429778bf265
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://secure.livechatinc.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 17:47:57 GMT
x-content-type-options
nosniff
age
176245
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12860
x-xss-protection
0
last-modified
Mon, 09 May 2022 18:27:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 29 Aug 2023 17:47:57 GMT
o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
fonts.gstatic.com/s/notosans/v27/ Frame 8C99 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v27/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700&subset=latin-ext&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c1c30918a861cb6a985ab55d54ad7e861682354197f164cb3b7194f20eed67ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://secure.livechatinc.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 16:22:46 GMT
x-content-type-options
nosniff
age
181356
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12684
x-xss-protection
0
last-modified
Mon, 09 May 2022 18:28:04 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 29 Aug 2023 16:22:46 GMT
token
accounts.livechatinc.com/customer/ Frame 8C99 		138 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.livechatinc.com/customer/token
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/widget/static/js/0.35c175e9.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.162.71 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-162-71.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
861627da1c513ece5044f5046674dab64d879ab975e0368cb1e6d434d2820edd

Request headers

Referer
https://secure.livechatinc.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 18:45:23 GMT
content-type
application/json
access-control-allow-origin
https://secure.livechatinc.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
138
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame DD90 		5 KB
713 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto+Sans:400,700&subset=latin-ext&display=swap
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:80e::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4ce2e29fbc4e24edb01b73f09bb5a9e616af2cbc270c23d3b804e251ef247f13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 31 Aug 2022 18:41:30 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 31 Aug 2022 18:45:23 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 31 Aug 2022 18:45:23 GMT

Verdicts & Comments Add Verdict or Comment

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| dataLayer string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager function| _googWcmImpl string| _googWcmAk object| GlobalLeadinfoNamespace function| leadinfo string| visitorGlobalObjectAlias function| vgo object| __lc object| LiveChatWidget function| webpackJsonp string| prismGlobalObjectAlias object| visitorGlobalObject function| setImmediate function| clearImmediate function| _googWccDebug function| _googCallTrackingImpl function| _gaPhoneImpl object| core object| __core-js_shared__ object| regeneratorRuntime object| SocialSharing object| app function| jQuery function| $ boolean| yrejzpicqjfxoquxuuaw object| request undefined| kvpairs undefined| data function| wc_frame_message function| wc_frame_init string| ilnfnxrqyrwnwhzydizj string| ljwlemjhokqgwcfgbher string| glyhllmiqpawyaiephgc string| ygbiroraszmgfixidfbx string| lusfpvsuqwpgzgkrrkio string| pnwxnirynzktfrtstlnb function| wc_visitor_init function| wc_create_init function| djteiyewvcuvyogyifuj function| lnefmbjncmddwbekmbzd function| oqhaqzwnbjgcpycneryg function| nbfpiriuvmssvizfywxh function| khgahvydosnkcpvjwdip function| bauwiruxzontakyuoxkw function| efbdmcsgiiideurvasjn function| wc_transaction_ypbib function| wc_event_ypbib function| wc_chat_ypbib function| wc_form_ypbib function| wc_iframe_ypbib function| s4 function| wc_doc_ready string| form_name string| form_id boolean| __lc_inited object| LC_API string| google_wcc_status

21 Cookies

Domain/Path Name / Value
digroup-us.com/themes/diligence/assets/images Name: Path
Value: /
digroup-us.com/themes/diligence/assets/fonts Name: Path
Value: /
.accounts.livechatinc.com/v2/customer/token Name: __lc_cid
Value: 3b883a65-409d-48a6-6956-4e8d8fda2f31
.accounts.livechatinc.com/v2/customer/token Name: __lc_cst
Value: ad8136f80b2cec4954adc2641fad551afc075471edd31640aff241f087fa6bfcbf9c506af075c61c04d1ab244c7b004ebb86f9cad4b14cf197e6c71dfc82
.accounts.livechatinc.com/customer/token Name: __lc_cid
Value: 3b883a65-409d-48a6-6956-4e8d8fda2f31
.accounts.livechatinc.com/customer/token Name: __lc_cst
Value: ad8136f80b2cec4954adc2641fad551afc075471edd31640aff241f087fa6bfcbf9c506af075c61c04d1ab244c7b004ebb86f9cad4b14cf197e6c71dfc82
digroup-us.com/asset Name: Path
Value: /
digroup-us.com/blog Name: Path
Value: /
digroup-us.com/ Name: laravel_token
Value: eyJpdiI6IkZ0Y3dPM1AzSjVWSXk0ZU1WUGN3OEE9PSIsInZhbHVlIjoiOEtmN0pSRVRxNnBZREFwTzhVZXlxM2xtWWVRclRtejBPMUNFaUZUcDZmbm9uOHVSRXM1dzNaT0EzdnRzNHpMOGdnMWdIUlIwclN5OEc2NnNvKzhrc1R1Yk1cL0NJYnF5YkVzYlVkYUUwZGtnUysrcEtrYXBOUHZmUzZZblNpQXBHckpnOGZPQUUxTjFFU05ZdnpaZDFER0M1MVVaMFlGNTRLNEpaRnlxcWRpMGtDbzJZRlI0RmRxZjNuVktKQWxnczFwaGRRRDZCN0QxblVTWE5LdnpPR3dlbDBSU3dubVZnNzg3TTFrMU1tNElDREgxS05DVVwvUzdcL3ZxY1BTNE1MSmFaakhTSWY3S0ZLaUVaSFlZWmpEK3c9PSIsIm1hYyI6ImY0YWVmMmVhOWVkNjM3NWJkNTc2ZWJjMzM1ZWM3M2FjZDM2NDFiYTFhMzRhY2IwNjU3MjNiOGQxODI2Nzg4ZjEifQ%3D%3D
.myfonts.net/ Name: __cf_bm
Value: 5ja3if6kQn7TLyEbrFlFZMLlMLbS3o3TJuxuyCYfLvw-1661971521-0-Ae1G8iEvyRr8lTusxvqdgdK/C8UigeNdLVJ3NupeR6acnhYHmfJcJZYl7djxhbDlC1fRACSDHe6bQhaNP3fHoOs=
.digroup-us.com/ Name: _ga
Value: GA1.2.963957234.1661971522
.digroup-us.com/ Name: _gid
Value: GA1.2.637241579.1661971522
.digroup-us.com/ Name: _gat
Value: 1
.digroup-us.com/ Name: _gcl_au
Value: 1.1.810779211.1661971522
digroup-us.com/ Name: XSRF-TOKEN
Value: eyJpdiI6Im50SmU3bmpvNnZyNVpkVWhxaWJ5Unc9PSIsInZhbHVlIjoidUdTNndtSzBPeGREbFI0V1k3MEt6ODNUV3cxb09vSmtERDl1V3lXNEx5bW1JaU1DcVE4TWNoTDltdml0U3hRWllBVEtvaW9xOFV3WlBJTGJsS0F3M3c9PSIsIm1hYyI6IjQ0OWZjZmYyOGNiYzc0NGJjYWY3NjJhNzc2YjAxOTUwYzFkZTVhYTZkYzhlNDJiMGYxYjA0OWU1MmY3NGJkZWUifQ%3D%3D
digroup-us.com/ Name: laravel_session
Value: eyJpdiI6IlZLNzNvWElvU2Vhd21kd0o4elJUY2c9PSIsInZhbHVlIjoiem1pSFdcL3pRNUIzOTd6c3hnZXJONzZqZjVnUDV4a3RSYytjQzNIdWxjMjE0eTBCRWhJS2NVK2hDVU1ITWhTMW5sdE5iQjQ3MFlyc1duZ05BeW0yck1BPT0iLCJtYWMiOiJmNjFlNDkyMDVkMTBlNDRkYjRjYjY0MmE5ZDY1M2NjMzY4OGM1YjFkNzJlNTNmOGY4YTk4NmJiM2MxNzAxNDk0In0%3D
.digroup-us.com/ Name: wc_visitor
Value: 94186-f0aa0188-500c-f0fe-d0f1-4d75643fe06f
.digroup-us.com/ Name: wc_client
Value: ortto+..+email+..+evolving-life-26-heal+..++..++..++..+https%3A%2F%2Fdigroup-us.com%2Fblog%2Fevolving-life-and-health-fraud-scheme%3Fapcid%3D00630893b35e6aaf3231b700%26utm_campaign%3Devolving-life-26-heal%26utm_content%3D%26utm_medium%3Demail%26utm_source%3Dortto+..+94186-f0aa0188-500c-f0fe-d0f1-4d75643fe06f+..+
.digroup-us.com/ Name: wc_client_current
Value: ortto+..+email+..+evolving-life-26-heal+..++..++..++..+https%3A%2F%2Fdigroup-us.com%2Fblog%2Fevolving-life-and-health-fraud-scheme%3Fapcid%3D00630893b35e6aaf3231b700%26utm_campaign%3Devolving-life-26-heal%26utm_content%3D%26utm_medium%3Demail%26utm_source%3Dortto+..+94186-f0aa0188-500c-f0fe-d0f1-4d75643fe06f+..+
prism.app-us1.com/ Name: prism_225676093
Value: 92fa2cd1-7565-44f1-975e-19cc5af6b53c
accounts.livechatinc.com/ Name: __oauth_redirect_detector
Value: counter=1&t=1661971553&tag=09022fe58e3525ea6cad4958c4617639716589cf

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src https: data: 'self' 'unsafe-inline' 'unsafe-eval' www.gravatar.com i.vimeocdn.com player.vimeo.com fonts.gstatic.com hello.myfonts.net fonts.googleapis.com *.google-analytics.com ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.livechatinc.com
api.leadinfo.com
api.livechatinc.com
aplr.ink
cdn.leadinfo.net
cdn.livechatinc.com
collector.leadinfo.net
diffuser-cdn.app-us1.com
digroup-us.com
fonts.googleapis.com
fonts.gstatic.com
hello.myfonts.net
prism.app-us1.com
process.iconnode.com
scripts.iconnode.com
secure.livechatinc.com
www.google-analytics.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
142.250.186.162
18.66.122.4
23.36.162.17
23.36.162.71
2606:4700::6811:915b
2606:4700::6811:f449
2a00:1450:4001:800::200e
2a00:1450:4001:802::2003
2a00:1450:4001:806::2003
2a00:1450:4001:82f::2008
2a00:1450:4001:831::2003
2a00:1450:400e:80e::200a
2a06:98c1:3120::c
3.134.45.95
52.222.214.103
52.48.225.22
54.194.210.249
76.223.116.242
08c5812dd025af3149b80ecb972803b280476bebb5e9f02416e6f007a04de8b4
15eb202865d1d835fae2eff61bb922fa91fb4064a1fb850ebadab1f190782648
1989756a501b1a912531d94f0679ce9b57d18886a86ab7861e63c02990cca57b
1a8162403bfffd36e97c3d0d2f07f8bdc2fc5e65b6638b0d8d951c58e7f95327
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
265dcb089f251388fb3475ff20b1062bbe22e608023f30989eedff570fd34d2c
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
310cce7731d3b3ca1495c6c4be67b9f0dfd8e76fe702891795d15cf9a480ec3f
3c4a4d44981b6c00d7d63ab1b908ec941754d2e88637594f33168800be3ff8a2
3ce18986d97fa7ec40028723de7a1a27c5341c7ab4f37cfd15592a70dabcce74
4ce2e29fbc4e24edb01b73f09bb5a9e616af2cbc270c23d3b804e251ef247f13
4dbfef10d4d6893abb724637f9d54d1db71f14d858bd96f4286acbe52828182f
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
556213d68f2f3386a34135c07ea432d252682ac7deecc5eb9c9c23a194e83415
5a93d4c205895b74243758d7b13a01c37436c27af412b744f5f5c77830b04cce
5b4cc6b2ad7a300799af5fce4820f3850d759e390de47c495f7cf486efcaa733
5f9d60dfa847591e27ebc1b76f6ed87529dbc57382055b8a170cff951013a5fa
6b320966aff12a2712306e3a741c725c8e328d30b489d0f71735d1d6f142d2ef
6ce15fe4fbbe3bec2179a5e3b758169751de4fdd93c6b4953d370f3b570aef4a
741ff9ad3c19112fe5d5935d4005d5e461b3ab535526eb470807299f8d72d25a
776c0c5a94e82c3d20857008eccd0fc17484c1aa247d613ed14742990330e820
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
861627da1c513ece5044f5046674dab64d879ab975e0368cb1e6d434d2820edd
88f00438d26021a325247c4427898f7c778a22976df9f1a9d9876429778bf265
89386b9ea314a324e1c640bbaad35c1f904b1bd38a782f6c8deff3a98b0c4ac4
8de605aca2044d6643ec4ea23d11c1e20688b965538f5d5d4620bcbded9ec5fc
9a840cbc1851e412ca570bde62526c4cbecde684da1c79e9ef8debd83ab15869
9f959aaad80347edc26ed8279c6a68c098efc76876ac2e2f8ccc54b118f197f4
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a80efd25fc70e3e73a2595f2a20f0cc128bf8cda64f5369a4d891c71b88ea101
aaa4f2ba531431216c858c5a6f3cd1025e27b4a1fe6c28a69dff28bd0c48daa5
b2e780d1bd0e711fecd63b9def64e3032c5c99808124943b8203fd2019ea5e6a
b5f984220858da3d60a08c332bfeacc23e3d1c8ce08db55a008cbbbd6881055c
bdbe1cb3ac7b6f8fe25aeae0f454cc9b1f5e0c6ed8b69bad55830b3b01ed5750
c1c30918a861cb6a985ab55d54ad7e861682354197f164cb3b7194f20eed67ac
cb69d6262b2aa89d5b01cd3c70ce2ed857ce292981b2c6b48c3c6493ea9872dc
ccf0b26d49b8a4d70aba4fd6e03f060baa8e6b4d8bba960c9116d1cb4e5649b4
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb2ddbe6093297ebe3186f498724f3441d798a53a9a742cd2b40df26df030c30
ed8fca0c9be804fcf0d25bb42dca33266913abb81fed8e709993ded4b0a57c6b
f17421de2f8205ae6085bef6304d5753aa670531ee4c2730d4dd62b60c4aa74e
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f874d2785d4418cdd92079b7e5b50ac6eeaec161a7e186374b836b04d53d801e
ff2fde453aa6220144126828a284d4cc227479f1fe83beef3a6b6a4504c7e4df