urlscan.io logo urlscan.io
SecurityTrails logo

orbograph.com Open in urlscan Pro
151.101.130.159  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://content.orbograph.com/e/16322/raud--pmc-Fraud-MyID-0emailurl/4n7gm3/3503314001/hari.vunnava%40ubs.com?h=ximBbgUka9C_AA...
Effective URL: https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vu...
Submission: On June 01 via api from CH — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 27 IPs in 4 countries across 20 domains to perform 121 HTTP transactions. The main IP is 151.101.130.159, located in United States and belongs to FASTLY, US. The main domain is orbograph.com.
TLS certificate: Issued by R3 on April 29th 2022. Valid for: 3 months.
This is the only time orbograph.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 3.92.120.28 14618 (AMAZON-AES)
32 151.101.130.159 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
2 209.128.119.150 7151 (BAYAREA-AS)
7 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 18.66.139.80 16509 (AMAZON-02)
8 2a00:1450:400... 15169 (GOOGLE)
16 2a00:1450:400... 15169 (GOOGLE)
2 5 2600:9000:231... 16509 (AMAZON-02)
1 52.222.236.122 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
2 209.128.92.239 7151 (BAYAREA-AS)
2 4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
8 2a04:4e42:600... 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
1 18.66.139.117 16509 (AMAZON-02)
2 2a04:4e42::626 54113 (FASTLY)
1 54.74.116.255 16509 (AMAZON-02)
1 108.157.4.129 16509 (AMAZON-02)
121 27
1    3.92.120.28 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-92-120-28.compute-1.amazonaws.com
content.orbograph.com
32    151.101.130.159 (United States)

ASN54113 (FASTLY, US)
orbograph.com
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a02:26f0:3500:591::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
assets.adobedtm.com
2    209.128.119.150 (San Jose, United States)

ASN7151 (BAYAREA-AS, US)
PTR: 209-128-119-150.bayarea.net
stats.sa-as.com
7    2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    18.66.139.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-80.fra60.r.cloudfront.net
static.hotjar.com
8    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
16    2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
5    2600:9000:2315:4e00:1:a3fa:7cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
content.jwplatform.com
1    52.222.236.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-122.fra56.r.cloudfront.net
script.hotjar.com
4    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    209.128.92.239 (United States)

ASN7151 (BAYAREA-AS, US)
PTR: 209-128-92-239.bayarea.net
api.kickfire.com
4    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a00:1450:4001:803::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
6    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
jnn-pa.googleapis.com
2    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
2    2a00:1450:4001:811::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
1    2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
8    2a04:4e42:600::626 (United States)

ASN54113 (FASTLY, US)
ssl.p.jwpcdn.com
assets-jpcust.jwpsrv.com
prd.jwpltx.com
1    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
8    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    18.66.139.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-117.fra60.r.cloudfront.net
vars.hotjar.com
2    2a04:4e42::626 (United States)

ASN54113 (FASTLY, US)
assets-jpcust.jwpsrv.com
1    54.74.116.255 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-74-116-255.eu-west-1.compute.amazonaws.com
in.hotjar.com
1    108.157.4.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-129.dus51.r.cloudfront.net
vc.hotjar.io
Apex Domain
Subdomains		 Transfer
33 orbograph.com
content.orbograph.com
orbograph.com
750 KB
16 youtube.com
www.youtube.com — Cisco Umbrella Rank: 91
1 MB
16 gstatic.com
fonts.gstatic.com
www.gstatic.com Failed
620 KB
7 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 40
static.doubleclick.net — Cisco Umbrella Rank: 338
stats.g.doubleclick.net — Cisco Umbrella Rank: 84
2 KB
7 google.com
www.google.com — Cisco Umbrella Rank: 2
51 KB
7 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 42
jnn-pa.googleapis.com — Cisco Umbrella Rank: 275
60 KB
6 jwpcdn.com
ssl.p.jwpcdn.com — Cisco Umbrella Rank: 2418
245 KB
5 jwplatform.com
content.jwplatform.com — Cisco Umbrella Rank: 3308
48 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35
60 KB
4 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 584
script.hotjar.com — Cisco Umbrella Rank: 713
vars.hotjar.com — Cisco Umbrella Rank: 832
in.hotjar.com — Cisco Umbrella Rank: 1585
67 KB
3 jwpsrv.com
assets-jpcust.jwpsrv.com — Cisco Umbrella Rank: 3230
21 KB
2 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 111
109 KB
2 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 213
5 KB
2 kickfire.com
api.kickfire.com — Cisco Umbrella Rank: 67598
850 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 64
50 KB
2 sa-as.com
stats.sa-as.com — Cisco Umbrella Rank: 49549
1 KB
1 hotjar.io
vc.hotjar.io — Cisco Umbrella Rank: 2056
258 B
1 jwpltx.com
prd.jwpltx.com — Cisco Umbrella Rank: 2619
58 B
1 google.de
www.google.de — Cisco Umbrella Rank: 6117
501 B
1 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 487
8 KB
121 20
Domain Requested by
32 orbograph.com orbograph.com
16 www.youtube.com orbograph.com
www.youtube.com
8 www.gstatic.com www.youtube.com
www.google.com
www.gstatic.com
8 fonts.gstatic.com fonts.googleapis.com
www.youtube.com
www.google.com
7 www.google.com orbograph.com
www.youtube.com
www.gstatic.com
www.google.com
6 ssl.p.jwpcdn.com content.jwplatform.com
6 jnn-pa.googleapis.com www.youtube.com
5 content.jwplatform.com 2 redirects orbograph.com
content.jwplatform.com
4 googleads.g.doubleclick.net 2 redirects www.youtube.com
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
orbograph.com
3 assets-jpcust.jwpsrv.com orbograph.com
2 i.ytimg.com www.youtube.com
2 yt3.ggpht.com www.youtube.com
2 static.doubleclick.net www.youtube.com
2 api.kickfire.com orbograph.com
2 www.googletagmanager.com orbograph.com
2 stats.sa-as.com orbograph.com
1 vc.hotjar.io script.hotjar.com
1 in.hotjar.com script.hotjar.com
1 prd.jwpltx.com orbograph.com
1 vars.hotjar.com static.hotjar.com
1 www.google.de orbograph.com
1 stats.g.doubleclick.net www.google-analytics.com
1 script.hotjar.com static.hotjar.com
1 static.hotjar.com orbograph.com
1 assets.adobedtm.com orbograph.com
1 fonts.googleapis.com orbograph.com
1 content.orbograph.com 1 redirects
121 28
Subject Issuer Validity Valid
orbograph.com
R3		 2022-04-29 -
2022-07-28		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
assets.adobedtm.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-10 -
2022-09-10		 a year crt.sh
stats.sa-as.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-14 -
2023-02-14		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
*.hotjar.com
Amazon		 2021-11-25 -
2022-12-23		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
jwplayer.com
Amazon		 2021-12-29 -
2023-01-25		 a year crt.sh
api.kickfire.com
Sectigo RSA Domain Validation Secure Server CA		 2020-07-28 -
2022-07-28		 2 years crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
*.jwplayer.com
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-02-22 -
2023-03-26		 a year crt.sh
www.google.de
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
*.hotjar.io
Amazon		 2021-08-17 -
2022-09-15		 a year crt.sh

This page contains 7 frames:

Primary Page: https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
Frame ID: D9C0B0CF6855863E1457CC865C6C95F6
Requests: 58 HTTP requests in this frame

Frame: https://www.youtube.com/embed/ilbMKK7yk9g
Frame ID: A85B28356BAD2189DF2C85DB074DF93F
Requests: 19 HTTP requests in this frame

Frame: https://content.jwplatform.com/players/XPQ6J5vk-YrbGYzGZ.html
Frame ID: 0AC2B885F610C5EF896B706AEDF53FF8
Requests: 13 HTTP requests in this frame

Frame: https://www.youtube.com/embed/ilbMKK7yk9g
Frame ID: 5A7CE923C83E1E5AE82A97C8CC062F4A
Requests: 20 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-63c3a81830bf549dafe40b369003f751.html
Frame ID: AFECC738EF34C456AFA53D5D03AEA383
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lft798ZAAAAAC0HNhyQyx5jp7L0fjW_9UksIWib&co=aHR0cHM6Ly9vcmJvZ3JhcGguY29tOjQ0Mw..&hl=de&v=M-QqaF9xk6BpjLH22uHZRhXt&theme=light&size=normal&cb=4nxf3vj4qsox
Frame ID: EB1A06C84B9D2E9A5F655E6210BDC96B
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=M-QqaF9xk6BpjLH22uHZRhXt&k=6Lft798ZAAAAAC0HNhyQyx5jp7L0fjW_9UksIWib
Frame ID: D6AD3A718D5167976617B937528033F0
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

PaymentsJournal: Checks Are the Top Vehicle for Commercial Payments Fraud – OrboGraph

Page URL History Show full URLs

  1. https://content.orbograph.com/e/16322/raud--pmc-Fraud-MyID-0emailurl/4n7gm3/3503314001/hari.vunnava%40ubs.... HTTP 301
    https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pm... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

121
Requests

93 %
HTTPS

67 %
IPv6

20
Domains

28
Subdomains

27
IPs

4
Countries

3574 kB
Transfer

10966 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://content.orbograph.com/e/16322/raud--pmc-Fraud-MyID-0emailurl/4n7gm3/3503314001/hari.vunnava%40ubs.com?h=ximBbgUka9C_AAB12ABCDEFGHIJKLMNOPQnH9cFFgpU HTTP 301
    https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 53
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Request Chain 90
  • https://content.jwplatform.com/tracks/wRiwaQEN.srt HTTP 301
  • https://assets-jpcust.jwpsrv.com/tracks/wRiwaQEN.srt
Request Chain 92
  • https://content.jwplatform.com/strips/XPQ6J5vk-120.vtt HTTP 301
  • https://assets-jpcust.jwpsrv.com/strips/XPQ6J5vk-120.vtt
Request Chain 103
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

121 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/
Redirect Chain
  • https://content.orbograph.com/e/16322/raud--pmc-Fraud-MyID-0emailurl/4n7gm3/3503314001/hari.vunnava%40ubs.com?h=ximBbgUka9C_AAB12ABCDEFGHIJKLMNOPQnH9cFFgpU
  • https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
192 KB
43 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Flywheel/5.1.0 /
Resource Hash
e4fc9c551e8bfbbbea6df414d4eb5c6cc7c91ea2a9d89a5052c93ea6ecd255f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
43144
content-type
text/html; charset=UTF-8
date
Wed, 01 Jun 2022 18:40:47 GMT
fastly-restarts
1
link
<https://orbograph.com/wp-json/>; rel="https://api.w.org/" <https://orbograph.com/wp-json/wp/v2/posts/31243>; rel="alternate"; type="application/json" <https://orbograph.com/?p=31243>; rel=shortlink
referrer-policy
no-referrer-when-downgrade
server
Flywheel/5.1.0
vary
Accept-Encoding
x-cache
MISS
x-cache-hits
0
x-cacheable
YES
x-content-type-options
nosniff
x-fw-dynamic
TRUE
x-fw-hash
bfse8f7j5u
x-fw-serve
TRUE
x-fw-server
Flywheel/5.1.0
x-fw-static
NO
x-fw-type
VISIT
x-fw-version
5.0.0
x-pingback
https://orbograph.com/xmlrpc.php
x-served-by
cache-hhn4038-HHN
x-timer
S1654108846.936825,VS0,VE1648
x-xss-protection
1

Redirect headers

Connection
keep-alive
Content-Length
182
Content-Type
text/html; charset=UTF-8
Date
Wed, 01 Jun 2022 18:40:45 GMT
Server
PardotServer
X-Pardot-Route
e8229a0ff18ebffc83a98010d2521dd5
cache-control
max-age=63072000
content-encoding
gzip
expires
Fri, 31 May 2024 18:40:45 GMT
location
https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
vary
Accept-Encoding,User-Agent
formidableforms.css
orbograph.com/wp-content/plugins/formidable/css/ 		134 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://orbograph.com/wp-content/plugins/formidable/css/formidableforms.css?ver=611800
Requested by
Host: orbograph.com
URL: https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Flywheel/5.1.0 /
Resource Hash
19cfdda48f963f58f620cd6cae53ffeb759feeb7a310ffc4653e939ac9529b5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-fw-static
YES
date
Wed, 01 Jun 2022 18:40:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
fastly-restarts
1
x-cacheable
YES
x-fw-server
Flywheel/5.1.0
x-cache
MISS
content-length
25091
x-xss-protection
1
x-served-by
cache-hhn4038-HHN
x-fw-type
VISIT
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 01 Jun 2022 18:00:03 GMT
server
Flywheel/5.1.0
x-timer
S1654108848.203907,VS0,VE222
etag
W/"6297a923-217e9"
x-fw-hash
bfse8f7j5u
vary
Accept-Encoding, Authorization
x-fw-version
5.0.0
content-type
text/css
x-fw-serve
TRUE
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
0
style.min.css
orbograph.com/wp-includes/css/dist/block-library/ 		81 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://orbograph.com/wp-includes/css/dist/block-library/style.min.css?ver=5.9.3
Requested by
Host: orbograph.com
URL: https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Flywheel/5.1.0 /
Resource Hash
cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-fw-static
YES
date
Wed, 01 Jun 2022 18:40:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
fastly-restarts
1
x-cacheable
YES
x-fw-server
Flywheel/5.1.0
x-cache
HIT
content-length
13391
x-xss-protection
1
x-served-by
cache-hhn4038-HHN
x-fw-type
VISIT
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 05 Apr 2022 21:15:08 GMT
server
Flywheel/5.1.0
x-timer
S1654108848.203974,VS0,VE1
etag
W/"624cb15c-145db"
x-fw-hash
bfse8f7j5u
vary
Accept-Encoding, Authorization
x-fw-version
5.0.0
content-type
text/css
x-fw-serve
TRUE
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1
31243-layout.css
orbograph.com/wp-content/uploads/bb-plugin/cache/ 		47 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://orbograph.com/wp-content/uploads/bb-plugin/cache/31243-layout.css?ver=d7307474a8f342de1eb769c504250a0b
Requested by
Host: orbograph.com
URL: https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Flywheel/5.1.0 /
Resource Hash
15d18ebb2a2d3652f373af6d8f21610f76ea2f4d67943fc13bc5f826b2385380
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-fw-static
YES
date
Wed, 01 Jun 2022 18:40:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
fastly-restarts
1
x-cacheable
YES
x-fw-server
Flywheel/5.1.0
x-cache
MISS
content-length
8215
x-xss-protection
1
x-served-by
cache-hhn4038-HHN
x-fw-type
VISIT
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 01 Jun 2022 18:03:44 GMT
server
Flywheel/5.1.0
x-timer
S1654108848.207037,VS0,VE431
etag
W/"6297aa00-ba08"
x-fw-hash
bfse8f7j5u
vary
Accept-Encoding, Authorization
x-fw-version
5.0.0
content-type
text/css
x-fw-serve
TRUE
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
0
style.css
orbograph.com/wp-content/uploads/bb-plugin/icons/ultimate-icons/ 		21 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://orbograph.com/wp-content/uploads/bb-plugin/icons/ultimate-icons/style.css?ver=2.5.4.3
Requested by
Host: orbograph.com
URL: https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Flywheel/5.1.0 /
Resource Hash
b48c3484dca153a689cdb6e4a1276dc85a5503092be036b8bdcbcd1506f45315
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-fw-static
YES
date
Wed, 01 Jun 2022 18:40:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
fastly-restarts
1
x-cacheable
YES
x-fw-server
Flywheel/5.1.0
x-cache
MISS
content-length
3590
x-xss-protection
1
x-served-by
cache-hhn4038-HHN
x-fw-type
VISIT
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 26 Jan 2017 20:15:10 GMT
server
Flywheel/5.1.0
x-timer
S1654108848.208217,VS0,VE434
etag
W/"588a58ce-54a3"
x-fw-hash
bfse8f7j5u
vary
Accept-Encoding, Authorization
x-fw-version
5.0.0
content-type
text/css
x-fw-serve
TRUE
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
0
all.min.css
orbograph.com/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/css/ 		58 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://orbograph.com/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/css/all.min.css?ver=2.5.4.3
Requested by
Host: orbograph.com
URL: https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Flywheel/5.1.0 /
Resource Hash
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-fw-static
YES
date
Wed, 01 Jun 2022 18:40:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
fastly-restarts
1
x-cacheable
YES
x-fw-server
Flywheel/5.1.0
x-cache
MISS
content-length
14273
x-xss-protection
1
x-served-by
cache-hhn4038-HHN
x-fw-type
VISIT
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 01 Jun 2022 17:59:51 GMT
server
Flywheel/5.1.0
x-timer
S1654108848.208182,VS0,VE429
etag
W/"6297a917-e7a9"
x-fw-hash
bfse8f7j5u
vary
Accept-Encoding, Authorization
x-fw-version
5.0.0
content-type
text/css
x-fw-serve
TRUE
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
0
v4-shims.min.css
orbograph.com/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/css/ 		26 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://orbograph.com/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/css/v4-shims.min.css?ver=2.5.4.3
Requested by
Host: orbograph.com
URL: https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Flywheel/5.1.0 /
Resource Hash
8fe2f1cb7bc41c640ad3ea24449cfa1ba5291e16dbbbab0ef61bfe43f3212910
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-fw-static
YES
date
Wed, 01 Jun 2022 18:40:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
fastly-restarts
1
x-cacheable
YES
x-fw-server
Flywheel/5.1.0
x-cache
MISS
content-length
4632
x-xss-protection
1
x-served-by
cache-hhn4038-HHN
x-fw-type
VISIT
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 01 Jun 2022 17:59:51 GMT
server
Flywheel/5.1.0
x-timer
S1654108848.208202,VS0,VE323
etag
W/"6297a917-684e"
x-fw-hash
bfse8f7j5u
vary
Accept-Encoding, Authorization
x-fw-version
5.0.0
content-type
text/css
x-fw-serve
TRUE
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
0
1d224c08ae02cf018109c18df869fa24-layout-bundle.css
orbograph.com/wp-content/uploads/bb-plugin/cache/ 		360 KB
39 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://orbograph.com/wp-content/uploads/bb-plugin/cache/1d224c08ae02cf018109c18df869fa24-layout-bundle.css?ver=2.5.4.3-1.4.1.3
Requested by
Host: orbograph.com
URL: https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Flywheel/5.1.0 /
Resource Hash
fe25388a9811bb06d7f0c6a1019078a9e7d688b629dca6954d99d52fb093dde7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-fw-static
YES
date
Wed, 01 Jun 2022 18:40:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
fastly-restarts
1
x-cacheable
YES
x-fw-server
Flywheel/5.1.0
x-cache
MISS
content-length
39233
x-xss-protection
1
x-served-by
cache-hhn4038-HHN
x-fw-type
VISIT
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 01 Jun 2022 18:03:17 GMT
server
Flywheel/5.1.0
x-timer
S1654108848.208105,VS0,VE539
etag
W/"6297a9e5-59f1d"
x-fw-hash
bfse8f7j5u
vary
Accept-Encoding, Authorization
x-fw-version
5.0.0
content-type
text/css
x-fw-serve
TRUE
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
0
jquery.magnificpopup.min.css
orbograph.com/wp-content/plugins/bb-plugin/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://orbograph.com/wp-content/plugins/bb-plugin/css/jquery.magnificpopup.min.css?ver=2.5.4.3
Requested by
Host: orbograph.com
URL: https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Flywheel/5.1.0 /
Resource Hash
b698d7d63c8c236cda0499131978654fa884f24df6755f7b6909e5d784e096db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-fw-static
YES
date
Wed, 01 Jun 2022 18:40:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
fastly-restarts
1
x-cacheable
YES
x-fw-server
Flywheel/5.1.0
x-cache
MISS
content-length
1770
x-xss-protection
1
x-served-by
cache-hhn4038-HHN
x-fw-type
VISIT
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 01 Jun 2022 17:59:51 GMT
server
Flywheel/5.1.0
x-timer
S1654108848.208099,VS0,VE430
etag
W/"6297a917-169c"
x-fw-hash
bfse8f7j5u
vary
Accept-Encoding, Authorization
x-fw-version
5.0.0
content-type
text/css
x-fw-serve
TRUE
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
0
bootstrap.min.css
orbograph.com/wp-content/themes/bb-theme/css/ 		119 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://orbograph.com/wp-content/themes/bb-theme/css/bootstrap.min.css?ver=1.7.11
Requested by
Host: orbograph.com
URL: https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Flywheel/5.1.0 /
Resource Hash
c28eb8900abce3c478234e62390838556d839c10b7073b2ba42bcbae20d6e2fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-fw-static
YES
date
Wed, 01 Jun 2022 18:40:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
fastly-restarts
1
x-cacheable
YES
x-fw-server
Flywheel/5.1.0
x-cache
MISS
content-length
23191
x-xss-protection
1
x-served-by
cache-hhn4038-HHN
x-fw-type
VISIT
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 01 Jun 2022 18:01:06 GMT
server
Flywheel/5.1.0
x-timer
S1654108848.208563,VS0,VE118
etag
W/"6297a962-1da44"
x-fw-hash
bfse8f7j5u
vary
Accept-Encoding, Authorization
x-fw-version
5.0.0
content-type
text/css
x-fw-serve
TRUE
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
0
skin-6297a9c57b4b1.css
orbograph.com/wp-content/uploads/bb-theme/ 		63 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://orbograph.com/wp-content/uploads/bb-theme/skin-6297a9c57b4b1.css?ver=1.7.11
Requested by
Host: orbograph.com
URL: https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Flywheel/5.1.0 /
Resource Hash
98918024d30317cf0ce328aecf8b55fedab94b6d0d85123d8b2b526b23612290
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-fw-static
YES
date
Wed, 01 Jun 2022 18:40:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
fastly-restarts
1
x-cacheable
YES
x-fw-server
Flywheel/5.1.0
x-cache
MISS
content-length
11149
x-xss-protection
1
x-served-by
cache-hhn4038-HHN
x-fw-type
VISIT
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 01 Jun 2022 18:02:45 GMT
server
Flywheel/5.1.0
x-timer
S1654108848.208521,VS0,VE111
etag
W/"6297a9c5-fab0"
x-fw-hash
bfse8f7j5u
vary
Accept-Encoding, Authorization
x-fw-version
5.0.0
content-type
text/css
x-fw-serve
TRUE
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
0
css
fonts.googleapis.com/ 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A500%2C300%2C700%2C400%7CRoboto+Mono%3A400&ver=5.9.3
Requested by
Host: orbograph.com
URL: https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0f68a5c39ee4c0cb83c52227944687e32b13726dbeb369083593bb1916b9c2f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 18:40:48 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 01 Jun 2022 18:40:48 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 01 Jun 2022 18:40:48 GMT
jquery.min.js
orbograph.com/wp-includes/js/jquery/ 		87 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://orbograph.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: orbograph.com
URL: https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Flywheel/5.1.0 /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-fw-static
YES
date
Wed, 01 Jun 2022 18:40:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
fastly-restarts
1
x-cacheable
YES
x-fw-server
Flywheel/5.1.0
x-cache
HIT
content-length
34060
x-xss-protection
1
x-served-by
cache-hhn4038-HHN
x-fw-type
VISIT
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 05 Apr 2022 21:15:08 GMT
server
Flywheel/5.1.0
x-timer
S1654108848.212283,VS0,VE1
etag
W/"624cb15c-15db1"
x-fw-hash
bfse8f7j5u
vary
Accept-Encoding, Authorization
x-fw-version
5.0.0
content-type
application/javascript
x-fw-serve
TRUE
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1
jquery-migrate.min.js
orbograph.com/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://orbograph.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: orbograph.com
URL: https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Flywheel/5.1.0 /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-fw-static
YES
date
Wed, 01 Jun 2022 18:40:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
fastly-restarts
1
x-cacheable
YES
x-fw-server
Flywheel/5.1.0
x-cache
HIT
content-length
4405
x-xss-protection
1
x-served-by
cache-hhn4038-HHN
x-fw-type
VISIT
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 05 Apr 2022 21:15:08 GMT
server
Flywheel/5.1.0
x-timer
S1654108848.212123,VS0,VE2
etag
W/"624cb15c-2bd8"
x-fw-hash
bfse8f7j5u
vary
Accept-Encoding, Authorization
x-fw-version
5.0.0
content-type
application/javascript
x-fw-serve
TRUE
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1
seo-automated-link-building.js
orbograph.com/wp-content/plugins/seo-automated-link-building/js/ 		493 B
588 B 		Script
General
Check archive.org
Download Go to
Full URL
https://orbograph.com/wp-content/plugins/seo-automated-link-building/js/seo-automated-link-building.js?ver=5.9.3
Requested by
Host: orbograph.com
URL: https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Flywheel/5.1.0 /
Resource Hash
3a8566c410bdc9c4b1a222d4e198c179255893accb662ed34ac308c39fc01bac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-fw-static
YES
date
Wed, 01 Jun 2022 18:40:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
fastly-restarts
1
x-cacheable
YES
x-fw-server
Flywheel/5.1.0
x-cache
HIT
content-length
291
x-xss-protection
1
x-served-by
cache-hhn4038-HHN
x-fw-type
VISIT
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 11 Aug 2021 18:54:31 GMT
server
Flywheel/5.1.0
x-timer
S1654108848.212060,VS0,VE1
etag
W/"61141ce7-1ed"
x-fw-hash
bfse8f7j5u
vary
Accept-Encoding, Authorization
x-fw-version
5.0.0
content-type
application/javascript
x-fw-serve
TRUE
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1
imagesloaded.min.js
orbograph.com/wp-includes/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://orbograph.com/wp-includes/js/imagesloaded.min.js?ver=5.9.3
Requested by
Host: orbograph.com
URL: https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Flywheel/5.1.0 /
Resource Hash
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-fw-static
YES
date
Wed, 01 Jun 2022 18:40:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
fastly-restarts
1
x-cacheable
YES
x-fw-server
Flywheel/5.1.0
x-cache
HIT
content-length
1946
x-xss-protection
1
x-served-by
cache-hhn4038-HHN
x-fw-type
VISIT
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 05 Apr 2022 21:15:08 GMT
server
Flywheel/5.1.0
x-timer
S1654108848.212053,VS0,VE1
etag
W/"624cb15c-15fd"
x-fw-hash
bfse8f7j5u
vary
Accept-Encoding, Authorization
x-fw-version
5.0.0
content-type
application/javascript
x-fw-serve
TRUE
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1
launch-ac3dc07c53a3.min.js
assets.adobedtm.com/175f7caa2b90/e546bb2912de/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/175f7caa2b90/e546bb2912de/launch-ac3dc07c53a3.min.js
Requested by
Host: orbograph.com
URL: https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
1c831cd9d7b07245dc92db1412e0fce7ed3f3f15d81c4f8e37405a4e11de0347

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 18:40:48 GMT
content-encoding
gzip
last-modified
Fri, 16 Oct 2020 16:42:27 GMT
server
AkamaiNetStorage
etag
"716414e1baf4fc3a6de48e0a98a18279:1602866547.660248"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://orbograph.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
7841
expires
Wed, 01 Jun 2022 19:40:48 GMT
style.css
orbograph.com/wp-content/themes/bb-theme-child/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://orbograph.com/wp-content/themes/bb-theme-child/style.css
Requested by
Host: orbograph.com
URL: https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Flywheel/5.1.0 /
Resource Hash
56c9a55f044072d845e3048acb3ecd6139b891b4999e9a9dd7f9ccc35717b0f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-fw-static
YES
date
Wed, 01 Jun 2022 18:40:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
fastly-restarts
1
x-cacheable
YES
x-fw-server
Flywheel/5.1.0
x-cache
HIT
content-length
1273
x-xss-protection
1
x-served-by
cache-hhn4038-HHN
x-fw-type
VISIT
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 15 Nov 2019 23:32:32 GMT
server
Flywheel/5.1.0
x-timer
S1654108848.212122,VS0,VE2
etag
W/"5dcf3590-eae"
x-fw-hash
bfse8f7j5u
vary
Accept-Encoding, Authorization
x-fw-version
5.0.0
content-type
text/css
x-fw-serve
TRUE
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1
live.js
stats.sa-as.com/ 		1 KB
986 B 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.sa-as.com/live.js
Requested by
Host: orbograph.com
URL: https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.128.119.150 San Jose, United States, ASN7151 (BAYAREA-AS, US),
Reverse DNS
209-128-119-150.bayarea.net
Software
Apache /
Resource Hash
44b7fb6f761a2e8bf64400e3311c4c4bf343e888ee1b8bbf125881c4617ed70f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Wed, 01 Jun 2022 18:51:04 GMT
Content-Encoding
gzip
Last-Modified
Fri, 14 Apr 2017 20:48:27 GMT
Server
Apache
ETag
"7200a7-52e-54d2690345cc0"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Type
text/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
630
Fraud-Prevention-Cropped-OrbNet-Forensic-AI-01-2048x1555.jpg
orbograph.com/wp-content/uploads/2021/05/ 		267 KB
255 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://orbograph.com/wp-content/uploads/2021/05/Fraud-Prevention-Cropped-OrbNet-Forensic-AI-01-2048x1555.jpg
Requested by
Host: orbograph.com
URL: https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Flywheel/5.1.0 /
Resource Hash
5e2fff0854622547e065695c6ad99695f120ef939c8d0709d3a3e328a1a95015
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-fw-static
YES
date
Wed, 01 Jun 2022 18:40:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
fastly-restarts
1
x-cacheable
YES
x-fw-server
Flywheel/5.1.0
x-cache
MISS
content-length
261225
x-xss-protection
1
x-served-by
cache-hhn4038-HHN
x-fw-type
VISIT
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 17 May 2021 18:01:40 GMT
server
Flywheel/5.1.0
x-timer
S1654108849.798165,VS0,VE745
etag
W/"60a2af84-42c57"
x-fw-hash
bfse8f7j5u
vary
Accept-Encoding, Authorization
x-fw-version
5.0.0
content-type
image/jpeg
x-fw-serve
TRUE
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
0
OrboGraph-Indigo-Arrow-000A47-57px.png
orbograph.com/wp-content/uploads/2020/06/ 		330 B
521 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://orbograph.com/wp-content/uploads/2020/06/OrboGraph-Indigo-Arrow-000A47-57px.png
Requested by
Host: orbograph.com
URL: https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Flywheel/5.1.0 /
Resource Hash
ae9cb3d5cd115601108624cfe32c87b4fb3ea7c306e8116521ccdb6775df07ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-fw-static
YES
date
Wed, 01 Jun 2022 18:40:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
fastly-restarts
1
x-cacheable
YES
x-fw-server
Flywheel/5.1.0
x-cache
HIT
content-length
353
x-xss-protection
1
x-served-by
cache-hhn4038-HHN
x-fw-type
VISIT
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 12 Jun 2020 23:21:47 GMT
server
Flywheel/5.1.0
x-timer
S1654108849.798157,VS0,VE2
etag
W/"5ee40e0b-14a"
x-fw-hash
bfse8f7j5u
vary
Accept-Encoding, Authorization
x-fw-version
5.0.0
content-type
image/png
x-fw-serve
TRUE
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1
jquery.fitvids.min.js
orbograph.com/wp-content/plugins/bb-plugin/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://orbograph.com/wp-content/plugins/bb-plugin/js/jquery.fitvids.min.js?ver=1.2
Requested by
Host: orbograph.com
URL: https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Flywheel/5.1.0 /
Resource Hash
fcd9ffb64cfd974227451be5fc6ec851c51bb635d8485fd5e48e8717bac902cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-fw-static
YES
date
Wed, 01 Jun 2022 18:40:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
fastly-restarts
1
x-cacheable
YES
x-fw-server
Flywheel/5.1.0
x-cache
HIT
content-length
814
x-xss-protection
1
x-served-by
cache-hhn4038-HHN
x-fw-type
VISIT
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 11 Apr 2022 15:01:02 GMT
server
Flywheel/5.1.0
x-timer
S1654108849.653845,VS0,VE1
etag
W/"625442ae-6f6"
x-fw-hash
bfse8f7j5u
vary
Accept-Encoding, Authorization
x-fw-version
5.0.0
content-type
application/javascript
x-fw-serve
TRUE
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1
31243-layout.js
orbograph.com/wp-content/uploads/bb-plugin/cache/ 		33 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://orbograph.com/wp-content/uploads/bb-plugin/cache/31243-layout.js?ver=d3a7ab33c923e2b89968496cac50e242
Requested by
Host: orbograph.com
URL: https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Flywheel/5.1.0 /
Resource Hash
e214a7a3bbb46c0b1dd63e3d8b7c047410cc28cbc9b9d67e020761db2b3e47d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-fw-static
YES
date
Wed, 01 Jun 2022 18:40:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
fastly-restarts
1
x-cacheable
YES
x-fw-server
Flywheel/5.1.0
x-cache
MISS
content-length
9409
x-xss-protection
1
x-served-by
cache-hhn4038-HHN
x-fw-type
VISIT
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 01 Jun 2022 18:03:44 GMT
server
Flywheel/5.1.0
x-timer
S1654108849.663592,VS0,VE112
etag
W/"6297aa00-827c"
x-fw-hash
bfse8f7j5u
vary
Accept-Encoding, Authorization
x-fw-version
5.0.0
content-type
application/javascript
x-fw-serve
TRUE
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
0
jquery.ba-throttle-debounce.min.js
orbograph.com/wp-content/plugins/bb-plugin/js/ 		731 B
816 B 		Script
General
Check archive.org
Download Go to
Full URL
https://orbograph.com/wp-content/plugins/bb-plugin/js/jquery.ba-throttle-debounce.min.js?ver=2.5.4.3
Requested by
Host: orbograph.com
URL: https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Flywheel/5.1.0 /
Resource Hash
fa7b84bb6e37fba06f79793937e55baf6ebc1bee051e350e11c7ca681a9f3db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-fw-static
YES
date
Wed, 01 Jun 2022 18:40:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
fastly-restarts
1
x-cacheable
YES
x-fw-server
Flywheel/5.1.0
x-cache
MISS
content-length
462
x-xss-protection
1
x-served-by
cache-hhn4038-HHN
x-fw-type
VISIT
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 01 Jun 2022 17:59:53 GMT
server
Flywheel/5.1.0
x-timer
S1654108849.758343,VS0,VE430
etag
W/"6297a919-2db"
x-fw-hash
bfse8f7j5u
vary
Accept-Encoding, Authorization
x-fw-version
5.0.0
content-type
application/javascript
x-fw-serve
TRUE
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
0
js_cookie.js
orbograph.com/wp-content/plugins/bb-ultimate-addon/modules/modal-popup/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://orbograph.com/wp-content/plugins/bb-ultimate-addon/modules/modal-popup/js/js_cookie.js?ver=5.9.3
Requested by
Host: orbograph.com
URL: https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Flywheel/5.1.0 /
Resource Hash
3f85f9f44568e096e459e14198c1600cb30afccaf85d181e034c340154e11772
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-fw-static
YES
date
Wed, 01 Jun 2022 18:40:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
fastly-restarts
1
x-cacheable
YES
x-fw-server
Flywheel/5.1.0
x-cache
HIT
content-length
1507
x-xss-protection
1
x-served-by
cache-hhn4038-HHN
x-fw-type
VISIT
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 14 Mar 2022 15:29:53 GMT
server
Flywheel/5.1.0
x-timer
S1654108849.794221,VS0,VE2
etag
W/"622f5f71-e70"
x-fw-hash
bfse8f7j5u
vary
Accept-Encoding, Authorization
x-fw-version
5.0.0
content-type
application/javascript
x-fw-serve
TRUE
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1
890c55db5663014d41c50ca41599d844-layout-bundle.js
orbograph.com/wp-content/uploads/bb-plugin/cache/ 		74 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://orbograph.com/wp-content/uploads/bb-plugin/cache/890c55db5663014d41c50ca41599d844-layout-bundle.js?ver=2.5.4.3-1.4.1.3
Requested by
Host: orbograph.com
URL: https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Flywheel/5.1.0 /
Resource Hash
6e7bf668f5b0ced020c0e9fefe1da9fb6b32eba15414fb72a1a760dcd168fa56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-fw-static
YES
date
Wed, 01 Jun 2022 18:40:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
fastly-restarts
1
x-cacheable
YES
x-fw-server
Flywheel/5.1.0
x-cache
MISS
content-length
13294
x-xss-protection
1
x-served-by
cache-hhn4038-HHN
x-fw-type
VISIT
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 01 Jun 2022 18:03:17 GMT
server
Flywheel/5.1.0
x-timer
S1654108849.794211,VS0,VE429
etag
W/"6297a9e5-1270c"
x-fw-hash
bfse8f7j5u
vary
Accept-Encoding, Authorization
x-fw-version
5.0.0
content-type
application/javascript
x-fw-serve
TRUE
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
0
jquery.magnificpopup.min.js
orbograph.com/wp-content/plugins/bb-plugin/js/ 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://orbograph.com/wp-content/plugins/bb-plugin/js/jquery.magnificpopup.min.js?ver=2.5.4.3
Requested by
Host: orbograph.com
URL: https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Flywheel/5.1.0 /
Resource Hash
8bfcec07978309844d788b4ade223b49ba0be250c0da82fa94d7477842db1e6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-fw-static
YES
date
Wed, 01 Jun 2022 18:40:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
fastly-restarts
1
x-cacheable
YES
x-fw-server
Flywheel/5.1.0
x-cache
MISS
content-length
7740
x-xss-protection
1
x-served-by
cache-hhn4038-HHN
x-fw-type
VISIT
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 01 Jun 2022 17:59:53 GMT
server
Flywheel/5.1.0
x-timer
S1654108849.794167,VS0,VE435
etag
W/"6297a919-4da3"
x-fw-hash
bfse8f7j5u
vary
Accept-Encoding, Authorization
x-fw-version
5.0.0
content-type
application/javascript
x-fw-serve
TRUE
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
0
comment-reply.min.js
orbograph.com/wp-includes/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://orbograph.com/wp-includes/js/comment-reply.min.js?ver=5.9.3
Requested by
Host: orbograph.com
URL: https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Flywheel/5.1.0 /
Resource Hash
a10b9570a1c7858442b42f1cd48b69a191638269f37e4046607bf5fe188e38bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-fw-static
YES
date
Wed, 01 Jun 2022 18:40:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
fastly-restarts
1
x-cacheable
YES
x-fw-server
Flywheel/5.1.0
x-cache
HIT
content-length
1376
x-xss-protection
1
x-served-by
cache-hhn4038-HHN
x-fw-type
VISIT
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 05 Apr 2022 21:15:08 GMT
server
Flywheel/5.1.0
x-timer
S1654108849.796641,VS0,VE1
etag
W/"624cb15c-ba3"
x-fw-hash
bfse8f7j5u
vary
Accept-Encoding, Authorization
x-fw-version
5.0.0
content-type
application/javascript
x-fw-serve
TRUE
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1
bootstrap.min.js
orbograph.com/wp-content/themes/bb-theme/js/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://orbograph.com/wp-content/themes/bb-theme/js/bootstrap.min.js?ver=1.7.11
Requested by
Host: orbograph.com
URL: https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Flywheel/5.1.0 /
Resource Hash
d3b2f660b434b8f2c4c187adfe0f0b6ab4ebffdd99da232e6900112311d66798
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-fw-static
YES
date
Wed, 01 Jun 2022 18:40:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
fastly-restarts
1
x-cacheable
YES
x-fw-server
Flywheel/5.1.0
x-cache
MISS
content-length
12327
x-xss-protection
1
x-served-by
cache-hhn4038-HHN
x-fw-type
VISIT
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 01 Jun 2022 18:01:07 GMT
server
Flywheel/5.1.0
x-timer
S1654108849.797269,VS0,VE113
etag
W/"6297a963-9b01"
x-fw-hash
bfse8f7j5u
vary
Accept-Encoding, Authorization
x-fw-version
5.0.0
content-type
application/javascript
x-fw-serve
TRUE
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
0
theme.min.js
orbograph.com/wp-content/themes/bb-theme/js/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://orbograph.com/wp-content/themes/bb-theme/js/theme.min.js?ver=1.7.11
Requested by
Host: orbograph.com
URL: https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Flywheel/5.1.0 /
Resource Hash
e1a478b48c8e190782382190951e6410356f384923c3c79e0470935cde4bbdfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-fw-static
YES
date
Wed, 01 Jun 2022 18:40:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
fastly-restarts
1
x-cacheable
YES
x-fw-server
Flywheel/5.1.0
x-cache
MISS
content-length
6180
x-xss-protection
1
x-served-by
cache-hhn4038-HHN
x-fw-type
VISIT
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 01 Jun 2022 18:01:07 GMT
server
Flywheel/5.1.0
x-timer
S1654108849.797440,VS0,VE110
etag
W/"6297a963-5902"
x-fw-hash
bfse8f7j5u
vary
Accept-Encoding, Authorization
x-fw-version
5.0.0
content-type
application/javascript
x-fw-serve
TRUE
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
0
frm.min.js
orbograph.com/wp-content/plugins/formidable-pro/js/ 		285 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://orbograph.com/wp-content/plugins/formidable-pro/js/frm.min.js?ver=5.3
Requested by
Host: orbograph.com
URL: https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Flywheel/5.1.0 /
Resource Hash
0d5dc1106e16a525f3916c1766c5585f28aab6b51b345071c91e98d6ad94ea2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-fw-static
YES
date
Wed, 01 Jun 2022 18:40:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
fastly-restarts
1
x-cacheable
YES
x-fw-server
Flywheel/5.1.0
x-cache
MISS
content-length
88985
x-xss-protection
1
x-served-by
cache-hhn4038-HHN
x-fw-type
VISIT
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 01 Jun 2022 18:00:03 GMT
server
Flywheel/5.1.0
x-timer
S1654108849.797813,VS0,VE658
etag
W/"6297a923-47358"
x-fw-hash
bfse8f7j5u
vary
Accept-Encoding, Authorization
x-fw-version
5.0.0
content-type
application/javascript
x-fw-serve
TRUE
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
0
api.js
www.google.com/recaptcha/ 		850 B
967 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?ver=3
Requested by
Host: orbograph.com
URL: https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7eb0d21ad8b5f6db08f3b4ae96aa3e92a7923fe25b8da9cca40cecd9474725d7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 18:40:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
554
x-xss-protection
1; mode=block
expires
Wed, 01 Jun 2022 18:40:48 GMT
asyncdc.min.js
orbograph.com/wp-content/plugins/pardot/js/ 		457 B
504 B 		Script
General
Check archive.org
Download Go to
Full URL
https://orbograph.com/wp-content/plugins/pardot/js/asyncdc.min.js?ver=5.9.3
Requested by
Host: orbograph.com
URL: https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Flywheel/5.1.0 /
Resource Hash
91d744bf23ae2d21a6565a51934c39e0f8fa6121b958f2998a1979ee7ba2fa9d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-fw-static
YES
date
Wed, 01 Jun 2022 18:40:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
fastly-restarts
1
x-cacheable
YES
x-fw-server
Flywheel/5.1.0
x-cache
HIT
content-length
224
x-xss-protection
1
x-served-by
cache-hhn4038-HHN
x-fw-type
VISIT
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 27 Oct 2021 16:09:13 GMT
server
Flywheel/5.1.0
x-timer
S1654108849.798199,VS0,VE1
etag
W/"617979a9-1c9"
x-fw-hash
bfse8f7j5u
vary
Accept-Encoding, Authorization
x-fw-version
5.0.0
content-type
application/javascript
x-fw-serve
TRUE
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1
lazyload.min.js
orbograph.com/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://orbograph.com/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/lazyload.min.js
Requested by
Host: orbograph.com
URL: https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Flywheel/5.1.0 /
Resource Hash
6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-fw-static
YES
date
Wed, 01 Jun 2022 18:40:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
fastly-restarts
1
x-cacheable
YES
x-fw-server
Flywheel/5.1.0
x-cache
HIT
content-length
2876
x-xss-protection
1
x-served-by
cache-hhn4038-HHN
x-fw-type
VISIT
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 21 Apr 2021 12:53:17 GMT
server
Flywheel/5.1.0
x-timer
S1654108849.799828,VS0,VE2
etag
W/"6080203d-1ed2"
x-fw-hash
bfse8f7j5u
vary
Accept-Encoding, Authorization
x-fw-version
5.0.0
content-type
application/javascript
x-fw-serve
TRUE
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1
gtm.js
www.googletagmanager.com/ 		146 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-56S94BN
Requested by
Host: orbograph.com
URL: https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a7fa4eedfb41ae4f539d0e1d72da076706714988aedf926a934f7b58d172e68d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 18:40:48 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50892
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 01 Jun 2022 18:40:48 GMT
hotjar-721117.js
static.hotjar.com/c/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-721117.js?sv=6
Requested by
Host: orbograph.com
URL: https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-139-80.fra60.r.cloudfront.net
Software
/
Resource Hash
29889d39e7d8a2bb214018a3f05a8209e4e95f418b70d860af6ed85cd2941fbe
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 18:40:48 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
x-amz-cf-pop
FRA60-P4
etag
W/6df410fb7720aef2caf933e3285a2ba9
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cross-origin-resource-policy
cross-origin
x-amz-cf-id
eCJax09cBDxKIPNZubF6_2qk_7tbGc6LIWT065qDgGfVt7KdpT8JaQ==
via
1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront)
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A500%2C300%2C700%2C400%7CRoboto+Mono%3A400&ver=5.9.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://orbograph.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 30 May 2022 11:47:17 GMT
x-content-type-options
nosniff
age
197611
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 30 May 2023 11:47:17 GMT
ilbMKK7yk9g
www.youtube.com/embed/ Frame A85B 		63 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/ilbMKK7yk9g
Requested by
Host: orbograph.com
URL: https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2f7e36b02f57be444dc0ac36f25d02e7912bea88166352fc9bc6697463c3a38e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
date
Wed, 01 Jun 2022 18:40:48 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
XPQ6J5vk-YrbGYzGZ.html
content.jwplatform.com/players/ Frame 0AC2 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://content.jwplatform.com/players/XPQ6J5vk-YrbGYzGZ.html
Requested by
Host: orbograph.com
URL: https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:4e00:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
40424063eaa90028607300fa3406e9b78b9244f209bdbfb5c76a4399d16421f4

Request headers

Referer
https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
content-encoding
gzip
content-length
1418
content-type
text/html; charset=utf-8
date
Wed, 01 Jun 2022 18:40:48 GMT
server
openresty
via
1.1 2667cbb82aabb944a65b99430aa06d1a.cloudfront.net (CloudFront)
x-amz-cf-id
Yvw_0yOB0bfagthn-Rv7a9L24966Tr3N4xwR3GNaNL-ADLcFcLQPBA==
x-amz-cf-pop
DUS51-P2
x-cache
Miss from cloudfront
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A500%2C300%2C700%2C400%7CRoboto+Mono%3A400&ver=5.9.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://orbograph.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 30 May 2022 16:12:47 GMT
x-content-type-options
nosniff
age
181681
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 30 May 2023 16:12:47 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A500%2C300%2C700%2C400%7CRoboto+Mono%3A400&ver=5.9.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://orbograph.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 30 May 2022 12:43:04 GMT
x-content-type-options
nosniff
age
194264
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 30 May 2023 12:43:04 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A500%2C300%2C700%2C400%7CRoboto+Mono%3A400&ver=5.9.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://orbograph.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 30 May 2022 11:07:47 GMT
x-content-type-options
nosniff
age
199981
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 30 May 2023 11:07:47 GMT
L0xuDF4xlVMF-BfR8bXMIhJHg45mwgGEFl0_3vq_ROW4.woff2
fonts.gstatic.com/s/robotomono/v21/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotomono/v21/L0xuDF4xlVMF-BfR8bXMIhJHg45mwgGEFl0_3vq_ROW4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A500%2C300%2C700%2C400%7CRoboto+Mono%3A400&ver=5.9.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e1fd013ac18aebac28e366bf82aace3b2fb6900fecc4793303ed93aeadd31910
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://orbograph.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 31 May 2022 22:18:19 GMT
x-content-type-options
nosniff
age
73349
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12312
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:02:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 31 May 2023 22:18:19 GMT
fa-solid-900.woff2
orbograph.com/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/webfonts/ 		76 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://orbograph.com/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/webfonts/fa-solid-900.woff2
Requested by
Host: orbograph.com
URL: https://orbograph.com/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/css/all.min.css?ver=2.5.4.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Flywheel/5.1.0 /
Resource Hash
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://orbograph.com/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/css/all.min.css?ver=2.5.4.3
Origin
https://orbograph.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-fw-static
YES
date
Wed, 01 Jun 2022 18:40:48 GMT
x-content-type-options
nosniff
fastly-restarts
1
x-cacheable
YES
x-fw-server
Flywheel/5.1.0
x-cache
HIT
content-length
78268
x-xss-protection
1
x-served-by
cache-hhn4038-HHN
x-fw-type
VISIT
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 11 Apr 2022 15:01:01 GMT
server
Flywheel/5.1.0
x-timer
S1654108849.929774,VS0,VE2
etag
"625442ad-131bc"
x-fw-hash
bfse8f7j5u
vary
Authorization
x-fw-version
5.0.0
content-type
application/octet-stream
access-control-allow-origin
*
x-fw-serve
TRUE
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1
Ultimate-Icons.ttf
orbograph.com/wp-content/uploads/bb-plugin/icons/ultimate-icons/fonts/ 		91 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://orbograph.com/wp-content/uploads/bb-plugin/icons/ultimate-icons/fonts/Ultimate-Icons.ttf?1ddi1j
Requested by
Host: orbograph.com
URL: https://orbograph.com/wp-content/uploads/bb-plugin/icons/ultimate-icons/style.css?ver=2.5.4.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Flywheel/5.1.0 /
Resource Hash
49f204eb11dd2940cb55d01fbe8f8f2fef9167ff1cb6e22bcecde06c0078f630
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://orbograph.com/wp-content/uploads/bb-plugin/icons/ultimate-icons/style.css?ver=2.5.4.3
Origin
https://orbograph.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-fw-static
YES
date
Wed, 01 Jun 2022 18:40:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
fastly-restarts
1
x-cacheable
YES
x-fw-server
Flywheel/5.1.0
x-cache
HIT
content-length
45592
x-xss-protection
1
x-served-by
cache-hhn4038-HHN
x-fw-type
VISIT
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 26 Jan 2017 20:15:10 GMT
server
Flywheel/5.1.0
x-timer
S1654108849.929909,VS0,VE1
etag
"588a58ce-16b60"
x-fw-hash
bfse8f7j5u
vary
Authorization, Accept-Encoding
x-fw-version
5.0.0
content-type
application/octet-stream
access-control-allow-origin
*
x-fw-serve
TRUE
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1
modules.d0961e771164cd91e405.js
script.hotjar.com/ 		243 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.d0961e771164cd91e405.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-721117.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-122.fra56.r.cloudfront.net
Software
/
Resource Hash
dd6afc5ca21e20fba6c0f8063017e22fcbcf5f94d9ad50db0b5320133f0cfbb4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 31 May 2022 07:34:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
126403
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
64057
access-control-allow-origin
*
last-modified
Tue, 31 May 2022 07:33:23 GMT
etag
"1ed5739adb19197da798013ab080794d"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 d9bcd0a29e17b9290f8c9f1617335954.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
uVOxVrZOPOMrq-DEMI3wyvrSMwc0e7YCJhFImttuSb3uliHr2hQz-w==
www-player.css
www.youtube.com/s/player/c403842a/ Frame A85B 		337 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/c403842a/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ilbMKK7yk9g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92c87807cd3aea4e8fbad9288fe66b7ca4c7c6355af33d503f6e87c85e73bbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/ilbMKK7yk9g
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 31 May 2022 14:08:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
102749
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47369
x-xss-protection
0
last-modified
Thu, 26 May 2022 00:19:27 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 31 May 2023 14:08:20 GMT
www-embed-player.js
www.youtube.com/s/player/c403842a/www-embed-player.vflset/ Frame A85B 		284 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/c403842a/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ilbMKK7yk9g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f0fb9cee6dc37e103b890cd1efa3bf5ab17bc867e94a17a9100f3acac8c0312
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/ilbMKK7yk9g
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 04:11:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
52163
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
89287
x-xss-protection
0
last-modified
Thu, 26 May 2022 00:19:27 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 01 Jun 2023 04:11:26 GMT
base.js
www.youtube.com/s/player/c403842a/player_ias.vflset/de_DE/ Frame A85B 		2 MB
531 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/c403842a/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ilbMKK7yk9g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6453f3dce1d26604b40467694b7ac73b78c304a7eaa67b4e85c1441b453e72f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/ilbMKK7yk9g
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 26 May 2022 15:49:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
528666
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
543860
x-xss-protection
0
last-modified
Thu, 26 May 2022 00:19:27 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 26 May 2023 15:49:43 GMT
fetch-polyfill.js
www.youtube.com/s/player/c403842a/fetch-polyfill.vflset/ Frame A85B 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/c403842a/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ilbMKK7yk9g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/ilbMKK7yk9g
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 04:46:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
50064
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2786
x-xss-protection
0
last-modified
Thu, 26 May 2022 00:19:27 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 01 Jun 2023 04:46:25 GMT
optimize.js
www.google-analytics.com/gtm/ 		103 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/optimize.js?id=OPT-MW2QRGX
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-56S94BN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5b1113a99861b84705cae70726c1c418c3ec580a809568820b76449496b28c57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 18:40:49 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40613
x-xss-protection
0
expires
Wed, 01 Jun 2022 18:40:49 GMT
gip
api.kickfire.com/ 		22 B
305 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.kickfire.com/gip
Requested by
Host: orbograph.com
URL: https://orbograph.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.128.92.239 , United States, ASN7151 (BAYAREA-AS, US),
Reverse DNS
209-128-92-239.bayarea.net
Software
Apache /
Resource Hash
090ff2d0ae36e48705755a4fdd4fa2d5fe697d2ccb549877f3e595bf198acfc1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept
*/*
Referer
https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Wed, 01 Jun 2022 18:40:49 GMT
Server
Apache
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Keep-Alive
timeout=5, max=33
Content-Length
22
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A85B 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ilbMKK7yk9g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 31 May 2022 11:18:05 GMT
x-content-type-options
nosniff
age
112964
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 31 May 2023 11:18:05 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-56S94BN
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
1301
date
Wed, 01 Jun 2022 18:19:08 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 01 Jun 2022 20:19:08 GMT
id
googleads.g.doubleclick.net/pagead/ Frame A85B
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
146 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ilbMKK7yk9g
Protocol
H3
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dffa6a00156271ebf928a98f0865ed70249a4599904146e8c39b6c8c32352f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 18:40:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 01 Jun 2022 18:40:49 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.youtube.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame A85B 		29 B
587 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c403842a/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 18:40:21 GMT
x-content-type-options
nosniff
age
28
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 01 Jun 2022 18:55:21 GMT
XPQ6J5vk-YrbGYzGZ.js
content.jwplatform.com/players/ Frame 0AC2 		128 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://content.jwplatform.com/players/XPQ6J5vk-YrbGYzGZ.js
Requested by
Host: content.jwplatform.com
URL: https://content.jwplatform.com/players/XPQ6J5vk-YrbGYzGZ.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:4e00:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
647cf0b42e5bc462ebf0a6d8d09c5935eb523917b2c1ccc21b4ce72a8597b213

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://content.jwplatform.com/players/XPQ6J5vk-YrbGYzGZ.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 18:40:49 GMT
content-encoding
gzip
server
openresty
x-amz-cf-pop
DUS51-P2
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=150, max-stale=180
content-length
44802
via
1.1 2667cbb82aabb944a65b99430aa06d1a.cloudfront.net (CloudFront)
x-amz-cf-id
MKB4AchqsCjSSubCMVWZLWt92i-lPwRY-5SQ_d5xQYwyP85mmV9r5Q==
expires
Wed, 01 Jun 2022 18:43:19 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Wed, 01 Jun 2022 18:40:49 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame A85B 		63 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c403842a/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1ca0fb181d2ed8aee92877a5c38b01dc3ce42b9b8123d6dec8667068f6d9d779
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Wed, 01 Jun 2022 18:40:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
29831
x-xss-protection
0
remote.js
www.youtube.com/s/player/c403842a/player_ias.vflset/de_DE/ Frame A85B 		119 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/c403842a/player_ias.vflset/de_DE/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c403842a/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6747849a02d58eb8fb6e057913fd8718f7350dbbdf24e60d2b17d6afe8d74e60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/ilbMKK7yk9g
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 26 May 2022 15:49:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
528666
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37777
x-xss-protection
0
last-modified
Thu, 26 May 2022 00:19:27 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 26 May 2023 15:49:43 GMT
zkn2XJXs9kfP2MQuCF5C6xKG5fA8wNFR23g3TMMQUJA.js
www.google.com/js/th/ Frame A85B 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/zkn2XJXs9kfP2MQuCF5C6xKG5fA8wNFR23g3TMMQUJA.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c403842a/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce49f65c95ecf647cfd8c42e085e42eb1286e5f03cc0d151db78374cc3105090
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 16:46:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
6835
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13752
x-xss-protection
0
last-modified
Tue, 17 May 2022 14:00:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 01 Jun 2023 16:46:54 GMT
embed.js
www.youtube.com/s/player/c403842a/player_ias.vflset/de_DE/ Frame A85B 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/c403842a/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c403842a/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
51328350fc58bb8debaa2d8e07e9cfc22fd34129ed07f51c71ed900d56638212
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/ilbMKK7yk9g
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 26 May 2022 15:52:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
528479
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8042
x-xss-protection
0
last-modified
Thu, 26 May 2022 00:19:27 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 26 May 2023 15:52:50 GMT
truncated
/ Frame A85B 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/png
AKedOLS0N72D1F1ZfzWwuQKWehdFS52zkNnrR10Nr2M=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame A85B 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AKedOLS0N72D1F1ZfzWwuQKWehdFS52zkNnrR10Nr2M=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ilbMKK7yk9g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
6205ca1eb7dba9e6c56594b12fd896d7a5bcd44f1032631f6db9171998452526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 18:40:49 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2125
x-xss-protection
0
server
fife
etag
"v8"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 02 Mar 2022 10:27:27 GMT
sddefault.webp
i.ytimg.com/vi_webp/ilbMKK7yk9g/ Frame A85B 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/ilbMKK7yk9g/sddefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ilbMKK7yk9g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ef6f1dbb1da1522a022de61dd700fd4aaad8b3ede96f48247d790377a81568f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 18:40:49 GMT
x-content-type-options
nosniff
server
sffe
etag
"1650556192"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37024
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 01 Jun 2022 20:40:49 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1885670064&t=pageview&_s=1&dl=https%3A%2F%2Forbograph.com%2Fpaymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud%2F%3Fpmc%3DFraud%26MyID%3Dhari.vunnava%2540ubs.com&ul=en-us&de=UTF-8&dt=PaymentsJournal%3A%20Checks%20Are%20the%20Top%20Vehicle%20for%20Commercial%20Payments%20Fraud%20%E2%80%93%20OrboGraph&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABQAAAAC~&jid=9511039&gjid=1899928835&cid=1797431064.1654108848&tid=UA-93645701-1&_gid=1126246270.1654108848&_r=1&gtm=2wg5p156S94BN&z=1595629594
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Jun 2022 18:40:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://orbograph.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.php
stats.sa-as.com/ 		95 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.sa-as.com/index.php?DID=257638&MyPage=undefined&MyID=hari.vunnava@ubs.com&MySearch=undefined&TitleTag=PaymentsJournal%3A%20Checks%20Are%20the%20Top%20Vehicle%20for%20Commercial%20Payments%20Fraud%20%u2013%20OrboGraph&Hst=orbograph.com&width=1600&height=1200&ColDep=24&Lang=en-US&Cook=true&Page=%2Fpaymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud%2F&Reff=&FullPage=https%3A%2F%2Forbograph.com%2Fpaymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud%2F%3Fpmc%3DFraud%26MyID%3Dhari.vunnava%2540ubs.com&PMCD=https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com&r=0.8497031193831868
Requested by
Host: orbograph.com
URL: https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.128.119.150 San Jose, United States, ASN7151 (BAYAREA-AS, US),
Reverse DNS
209-128-119-150.bayarea.net
Software
Apache /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Wed, 01 Jun 2022 18:51:05 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection
close
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Type
IMAGE/PNG
Content-Length
102
collect
stats.g.doubleclick.net/j/ 		4 B
440 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-93645701-1&cid=1797431064.1654108848&jid=9511039&gjid=1899928835&_gid=1126246270.1654108848&_u=YEBAAEAAQAAAAC~&z=1191597165
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 01 Jun 2022 18:40:49 GMT
content-type
text/plain
access-control-allow-origin
https://orbograph.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
company:(all)
api.kickfire.com/v2/ 		143 B
545 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.kickfire.com/v2/company:(all)?ip=UErd74ulGrSMcg%3D%3D&key=ba7675b073d51fab
Requested by
Host: orbograph.com
URL: https://orbograph.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.128.92.239 , United States, ASN7151 (BAYAREA-AS, US),
Reverse DNS
209-128-92-239.bayarea.net
Software
Apache /
Resource Hash
2cabb172719c507c74a377112eee344baab7b522fdcb5a90f516b076589a6e13
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Wed, 01 Jun 2022 18:40:49 GMT
Server
Apache
Strict-Transport-Security
max-age=15552000; includeSubDomains
Access-Control-Allow-Methods
*
Content-Type
application/json
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
143
Keep-Alive
timeout=5, max=23
jwpsrv.js
ssl.p.jwpcdn.com/player/v/8.25.1/ Frame 0AC2 		61 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.25.1/jwpsrv.js
Requested by
Host: content.jwplatform.com
URL: https://content.jwplatform.com/players/XPQ6J5vk-YrbGYzGZ.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cfa7a03558006522a62cff68598a23b5df942a302f5d562ea8a1757465314e40

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://content.jwplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 18:40:49 GMT
content-encoding
gzip
age
466
x-cache
HIT
content-length
18774
via
1.1 varnish
x-served-by
cache-hhn4059-HHN
last-modified
Mon, 25 Apr 2022 19:35:02 GMT
server
AmazonS3
x-timer
S1654108850.674245,VS0,VE0
etag
"b1a6104dbbfab0c05f4ced56046c3bd9"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=900, immutable
accept-ranges
bytes
x-cache-hits
1203
gapro.js
ssl.p.jwpcdn.com/player/v/8.25.1/ Frame 0AC2 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.25.1/gapro.js
Requested by
Host: content.jwplatform.com
URL: https://content.jwplatform.com/players/XPQ6J5vk-YrbGYzGZ.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f9fbeaf40d2ffc26488be92110e35c3714a07273c7bc4d79f54c22017254991a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://content.jwplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 18:40:49 GMT
content-encoding
gzip
age
1966420
x-cache
HIT
content-length
958
via
1.1 varnish
x-served-by
cache-hhn4059-HHN
last-modified
Mon, 25 Apr 2022 19:34:55 GMT
server
AmazonS3
x-timer
S1654108850.674220,VS0,VE0
etag
"35531725579fe3b0c3fb3ad5114de74b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
117021
jwplayer.core.controls.js
ssl.p.jwpcdn.com/player/v/8.25.1/ Frame 0AC2 		308 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.25.1/jwplayer.core.controls.js
Requested by
Host: content.jwplatform.com
URL: https://content.jwplatform.com/players/XPQ6J5vk-YrbGYzGZ.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8abb083a257283bbd88d9996d0dc557487a4866ea05591343e48885148f7ddfb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://content.jwplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 18:40:49 GMT
content-encoding
gzip
age
1368823
x-cache
HIT
content-length
81932
via
1.1 varnish
x-served-by
cache-hhn4059-HHN
last-modified
Mon, 25 Apr 2022 19:34:50 GMT
server
AmazonS3
x-timer
S1654108850.674246,VS0,VE0
etag
"4efa6b080b4ca101f5054178fbb88e04"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
1035869
XPQ6J5vk
content.jwplatform.com/v2/media/ Frame 0AC2 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://content.jwplatform.com/v2/media/XPQ6J5vk?recommendations_playlist_id=98Y51HDD
Requested by
Host: content.jwplatform.com
URL: https://content.jwplatform.com/players/XPQ6J5vk-YrbGYzGZ.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:4e00:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
bc2379066198fea049bbab6301a3fd97beed29f1ed9684755341dcc72c364577

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://content.jwplatform.com/players/XPQ6J5vk-YrbGYzGZ.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 18:40:49 GMT
content-encoding
gzip
server
openresty
x-amz-cf-pop
DUS51-P2
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
content-length
812
via
1.1 2667cbb82aabb944a65b99430aa06d1a.cloudfront.net (CloudFront)
x-amz-cf-id
iwoXUAI409LusPF0R-NWnm6MVxfOT02HAo62pJI6DcVBBkv_-xK--A==
expires
Wed, 01 Jun 2022 18:43:49
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-93645701-1&cid=1797431064.1654108848&jid=9511039&_u=YEBAAEAAQAAAAC~&z=445038169
Requested by
Host: orbograph.com
URL: https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Jun 2022 18:40:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-93645701-1&cid=1797431064.1654108848&jid=9511039&_u=YEBAAEAAQAAAAC~&z=445038169
Requested by
Host: orbograph.com
URL: https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Jun 2022 18:40:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame A85B 		0
0
recaptcha__de.js
www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/ 		365 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?ver=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
195fc406dbdbe81846387873a37f88b81514ddedd3877b59e1a4615e90b18173
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
Origin
https://orbograph.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 17:55:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2702
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
147703
x-xss-protection
0
last-modified
Mon, 16 May 2022 04:03:20 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 01 Jun 2023 17:55:47 GMT
generate_204
www.youtube.com/ Frame A85B 		0
0
atr
www.youtube.com/api/stats/ Frame A85B 		0
0
log_event
www.youtube.com/youtubei/v1/ Frame A85B 		0
0
ilbMKK7yk9g
www.youtube.com/embed/ Frame 5A7C 		63 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/ilbMKK7yk9g
Requested by
Host: orbograph.com
URL: https://orbograph.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ee3f15c5cb8713cfca230a36b2eed13566bf8cf35286b8b1f5c33d45af5bf3dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
date
Wed, 01 Jun 2022 18:40:49 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1885670064&t=event&ni=1&_s=1&dl=https%3A%2F%2Forbograph.com%2Fpaymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud%2F%3Fpmc%3DFraud%26MyID%3Dhari.vunnava%2540ubs.com&ul=en-us&de=UTF-8&dt=PaymentsJournal%3A%20Checks%20Are%20the%20Top%20Vehicle%20for%20Commercial%20Payments%20Fraud%20%E2%80%93%20OrboGraph&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=KickFire%20API&ea=error&el=Too%20Many%20Requests&_u=aEDAAEABQAAAAC~&jid=&gjid=&cid=1797431064.1654108848&tid=UA-93645701-1&_gid=1126246270.1654108848&gtm=2wg5p156S94BN&z=1311038826
Requested by
Host: orbograph.com
URL: https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 May 2022 19:18:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
84162
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
box-63c3a81830bf549dafe40b369003f751.html
vars.hotjar.com/ Frame AFEC 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-63c3a81830bf549dafe40b369003f751.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-721117.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-139-117.fra60.r.cloudfront.net
Software
/
Resource Hash
f05ac9ba83369cd58d06d8ee2e5f8d61c040d30d044e20752153f95577627dc6

Request headers

Referer
https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
126404
cache-control
max-age=31536000
content-encoding
br
content-length
1044
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 31 May 2022 07:34:06 GMT
etag
"e6fb1304cb60a0dea0f76f7077cb13c6"
last-modified
Tue, 31 May 2022 07:33:23 GMT
vary
Accept-Encoding
via
1.1 32db37931b5639dc27ebaba3ad4f3d2c.cloudfront.net (CloudFront)
x-amz-cf-id
qxAB98y4o0NhyjX0jTxub-21crYCnwWNynbte0m4o4wRVTKqbYkj6Q==
x-amz-cf-pop
FRA60-P4
x-cache
Hit from cloudfront
x-robots-tag
none
provider.hlsjs.js
ssl.p.jwpcdn.com/player/v/8.25.1/ Frame 0AC2 		419 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.25.1/provider.hlsjs.js
Requested by
Host: content.jwplatform.com
URL: https://content.jwplatform.com/players/XPQ6J5vk-YrbGYzGZ.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c8208faba31cabb7ea3da9c8ba107f434e5c133a9bbc4071e7d040573fd4ad73

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://content.jwplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 18:40:50 GMT
content-encoding
gzip
age
3109161
x-cache
HIT
content-length
118860
via
1.1 varnish
x-served-by
cache-hhn4059-HHN
last-modified
Mon, 25 Apr 2022 19:34:53 GMT
server
AmazonS3
x-timer
S1654108850.017504,VS0,VE0
etag
"ee5074a7437af7f267f3cc5a33173dc1"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
872853
www-player.css
www.youtube.com/s/player/c403842a/ Frame 5A7C 		337 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/c403842a/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ilbMKK7yk9g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92c87807cd3aea4e8fbad9288fe66b7ca4c7c6355af33d503f6e87c85e73bbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/ilbMKK7yk9g
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 31 May 2022 14:08:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
102750
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47369
x-xss-protection
0
last-modified
Thu, 26 May 2022 00:19:27 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 31 May 2023 14:08:20 GMT
www-embed-player.js
www.youtube.com/s/player/c403842a/www-embed-player.vflset/ Frame 5A7C 		284 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/c403842a/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ilbMKK7yk9g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f0fb9cee6dc37e103b890cd1efa3bf5ab17bc867e94a17a9100f3acac8c0312
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/ilbMKK7yk9g
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 04:11:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
52164
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
89287
x-xss-protection
0
last-modified
Thu, 26 May 2022 00:19:27 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 01 Jun 2023 04:11:26 GMT
base.js
www.youtube.com/s/player/c403842a/player_ias.vflset/de_DE/ Frame 5A7C 		2 MB
531 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/c403842a/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ilbMKK7yk9g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6453f3dce1d26604b40467694b7ac73b78c304a7eaa67b4e85c1441b453e72f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/ilbMKK7yk9g
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 26 May 2022 15:49:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
528667
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
543860
x-xss-protection
0
last-modified
Thu, 26 May 2022 00:19:27 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 26 May 2023 15:49:43 GMT
fetch-polyfill.js
www.youtube.com/s/player/c403842a/fetch-polyfill.vflset/ Frame 5A7C 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/c403842a/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ilbMKK7yk9g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/ilbMKK7yk9g
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 04:46:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
50065
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2786
x-xss-protection
0
last-modified
Thu, 26 May 2022 00:19:27 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 01 Jun 2023 04:46:25 GMT
anchor
www.google.com/recaptcha/api2/ Frame EB1A 		42 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lft798ZAAAAAC0HNhyQyx5jp7L0fjW_9UksIWib&co=aHR0cHM6Ly9vcmJvZ3JhcGguY29tOjQ0Mw..&hl=de&v=M-QqaF9xk6BpjLH22uHZRhXt&theme=light&size=normal&cb=4nxf3vj4qsox
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c7160aa52e513bd9135b507028252157a2968a5eeedad45cf58a264765a5a808
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-EboTl76GlmjmGo1kXmaQ_Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
22472
content-security-policy
script-src 'report-sample' 'nonce-EboTl76GlmjmGo1kXmaQ_Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 01 Jun 2022 18:40:50 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5A7C 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ilbMKK7yk9g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 31 May 2022 11:18:05 GMT
x-content-type-options
nosniff
age
112965
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 31 May 2023 11:18:05 GMT
ymgJyp0v.jpeg
assets-jpcust.jwpsrv.com/watermarks/ Frame 0AC2 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/watermarks/ymgJyp0v.jpeg
Requested by
Host: orbograph.com
URL: https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a730f38443260d1b1b224875cd4f6a86ad420dab7c2175523a3fbf35eb5a76a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://content.jwplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 18:40:50 GMT
content-encoding
gzip
age
450
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
6283
x-served-by
cache-iad-kcgs7200021-IAD, cache-hhn4059-HHN
access-control-allow-origin
*
last-modified
Wed, 26 May 2021 23:49:26 GMT
server
nginx
x-timer
S1654108850.211541,VS0,VE92
etag
"57a0a36e84a78e1436747147b11b5301"
vary
Accept-Encoding
content-type
image/jpeg
via
1.1 varnish, 1.1 varnish
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
1, 1
wRiwaQEN.srt
assets-jpcust.jwpsrv.com/tracks/ Frame 0AC2
Redirect Chain
  • https://content.jwplatform.com/tracks/wRiwaQEN.srt
  • https://assets-jpcust.jwpsrv.com/tracks/wRiwaQEN.srt
38 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://assets-jpcust.jwpsrv.com/tracks/wRiwaQEN.srt
Requested by
Host: orbograph.com
URL: https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
Protocol
H2
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9ea59878e4976d8ca1c7307f343f18b22c588a33197554b5a9e4d97ee62c7486

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://content.jwplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 18:40:50 GMT
content-encoding
gzip
age
0
x-amz-server-side-encryption
AES256
x-cache
HIT, MISS
access-control-max-age
180
content-length
13696
x-served-by
cache-iad-kjyo7100064-IAD, cache-fra19125-FRA
access-control-allow-origin
*
last-modified
Tue, 01 Mar 2022 21:22:28 GMT
server
nginx
x-timer
S1654108850.346996,VS0,VE95
etag
"bd2db87e0c57c48cf3e8999b0cf885b7"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/plain
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
1, 0

Redirect headers

date
Wed, 01 Jun 2022 18:40:50 GMT
via
1.1 2667cbb82aabb944a65b99430aa06d1a.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
DUS51-P2
location
https://assets-jpcust.jwpsrv.com/tracks/wRiwaQEN.srt
x-cache
Miss from cloudfront
content-type
text/html
access-control-allow-origin
*
content-length
166
x-amz-cf-id
f-kIN11SOFej7FxSgEuKJCET8VwMK2dXcqan7FGU48vvbF6YQng3aw==
polyfills.webvtt.js
ssl.p.jwpcdn.com/player/v/8.25.1/ Frame 0AC2 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.25.1/polyfills.webvtt.js
Requested by
Host: content.jwplatform.com
URL: https://content.jwplatform.com/players/XPQ6J5vk-YrbGYzGZ.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c28282356c9a5c994698b1cf80faaa6d3b7c87609f81a5ea4a89965bcc825848

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://content.jwplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 18:40:50 GMT
content-encoding
gzip
age
1962338
x-cache
HIT
content-length
4401
via
1.1 varnish
x-served-by
cache-hhn4059-HHN
last-modified
Mon, 25 Apr 2022 19:34:52 GMT
server
AmazonS3
x-timer
S1654108850.214068,VS0,VE0
etag
"24de2f30b18c0c5732533ff917c34baa"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
81709
XPQ6J5vk-120.vtt
assets-jpcust.jwpsrv.com/strips/ Frame 0AC2
Redirect Chain
  • https://content.jwplatform.com/strips/XPQ6J5vk-120.vtt
  • https://assets-jpcust.jwpsrv.com/strips/XPQ6J5vk-120.vtt
5 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://assets-jpcust.jwpsrv.com/strips/XPQ6J5vk-120.vtt
Requested by
Host: orbograph.com
URL: https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
Protocol
H2
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f1d9e6f9810f200f2f084878132b625034067342cf072d98cb651d8da915e60c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://content.jwplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 18:40:50 GMT
content-encoding
gzip
age
0
x-amz-server-side-encryption
AES256
x-cache
HIT, MISS
access-control-max-age
180
content-length
876
x-served-by
cache-iad-kiad7000132-IAD, cache-fra19125-FRA
access-control-allow-origin
*
last-modified
Tue, 01 Mar 2022 13:45:04 GMT
server
nginx
x-timer
S1654108850.347725,VS0,VE96
etag
"ae8a91d41e54570772c93adcd9045be1"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/vtt
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
1, 0

Redirect headers

date
Wed, 01 Jun 2022 18:40:50 GMT
via
1.1 2667cbb82aabb944a65b99430aa06d1a.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
DUS51-P2
location
https://assets-jpcust.jwpsrv.com/strips/XPQ6J5vk-120.vtt
x-cache
Miss from cloudfront
content-type
text/html
access-control-allow-origin
*
content-length
166
x-amz-cf-id
gRlOutDpGFRC_S1NcQifOTI_Z_acYChthRLN73jUbF8oxQ0GmrvIQw==
related.js
ssl.p.jwpcdn.com/player/v/8.25.1/ Frame 0AC2 		107 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.25.1/related.js
Requested by
Host: content.jwplatform.com
URL: https://content.jwplatform.com/players/XPQ6J5vk-YrbGYzGZ.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6238da885f072c856560cc65bda22f94818c95e1af3c87190a97a3dcd9b172e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://content.jwplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 18:40:50 GMT
content-encoding
gzip
age
3109168
x-cache
HIT
content-length
25213
via
1.1 varnish
x-served-by
cache-hhn4059-HHN
last-modified
Mon, 25 Apr 2022 19:34:56 GMT
server
AmazonS3
x-timer
S1654108850.249262,VS0,VE0
etag
"d2d4221270da2d411a70dcb1601f7a84"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
772729
ping.gif
prd.jwpltx.com/v1/jwplayer6/ Frame 0AC2 		0
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prd.jwpltx.com/v1/jwplayer6/ping.gif?h=-249362022&e=e&n=2846401470547175&aid=ig7%2BQrJZEeuh6oayoV9PnA&amp=0&at=1&c=-1&ccp=0&cp=0&d=2&eb=0&ed=6&emi=s1fies1u76sy&i=1&id=XPQ6J5vk&lid=2blgu61utb8g&lsa=set&mt=0&pbd=1&pbr=1&pgi=q25m1f1u2dim&ph=3&pid=YrbGYzGZ&pii=0&pl=368&plc=1&pli=1gc9cr3hnp6h&pp=hlsjs&ppm=VOD&prc=1&ps=4&pss=1&pt=Fireside%20Chat%20with%20Drew%20Edwards%20of%20Ingo%20Money&pu=https%3A%2F%2Forbograph.com%2Fpaymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud%2F%3Fpmc%3DFraud%26MyID%3Dhari.vunnava%2540ubs.com&pv=8.25.1&pyc=0&s=1&sdk=0&stc=1&stpe=0&t=Fireside%20Chat%20with%20Drew%20Edwards%20of%20Ingo%20Money&tv=3.39.0&vb=0&vi=0&vl=90&wd=654&ab=0&cae=0&cb=0&cdid=botr_XPQ6J5vk_YrbGYzGZ_div&cme=0&dd=1&flc=1&fv=&ga=1&mk=hls&mu=https%3A%2F%2Fcontent.jwplatform.com%2Fmanifests%2FXPQ6J5vk.m3u8&pbc=1&pd=2&plng=en-US&plt=300&pni=0&po=0&pogt=Fireside%20Chat%20with%20Drew%20Edwards%20of%20Ingo%20Money&sp=0&st=630&sa=1654108849097
Requested by
Host: orbograph.com
URL: https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://content.jwplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 18:40:50 GMT
via
1.1 varnish
server
nginx
accept-ranges
bytes
x-served-by
cache-hhn4059-HHN
x-cache
MISS
x-cache-hits
0
styles__ltr.css
www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/ Frame EB1A 		51 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lft798ZAAAAAC0HNhyQyx5jp7L0fjW_9UksIWib&co=aHR0cHM6Ly9vcmJvZ3JhcGguY29tOjQ0Mw..&hl=de&v=M-QqaF9xk6BpjLH22uHZRhXt&theme=light&size=normal&cb=4nxf3vj4qsox
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 16:33:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7665
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 16 May 2022 04:03:20 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 01 Jun 2023 16:33:05 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/ Frame EB1A 		365 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lft798ZAAAAAC0HNhyQyx5jp7L0fjW_9UksIWib&co=aHR0cHM6Ly9vcmJvZ3JhcGguY29tOjQ0Mw..&hl=de&v=M-QqaF9xk6BpjLH22uHZRhXt&theme=light&size=normal&cb=4nxf3vj4qsox
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
195fc406dbdbe81846387873a37f88b81514ddedd3877b59e1a4615e90b18173
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 17:55:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2703
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
147703
x-xss-protection
0
last-modified
Mon, 16 May 2022 04:03:20 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 01 Jun 2023 17:55:47 GMT
visit-data
in.hotjar.com/api/v2/client/sites/721117/ 		147 B
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in.hotjar.com/api/v2/client/sites/721117/visit-data?sv=6
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.d0961e771164cd91e405.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.74.116.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-74-116-255.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
4c88237efbd80053668d55dfb4f84f10c756d3d69142f801bd440d5ca4c46468

Request headers

Referer
https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Wed, 01 Jun 2022 18:40:50 GMT
content-encoding
br
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store
access-control-allow-credentials
true
721117
vc.hotjar.io/sessions/ 		0
258 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vc.hotjar.io/sessions/721117?s=0.25&r=0.0076170749718667
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.d0961e771164cd91e405.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-129.dus51.r.cloudfront.net
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 18:40:50 GMT
via
1.1 021d8c03b9a9a9281489f9b9055209cc.cloudfront.net (CloudFront)
server
Python/3.7 aiohttp/3.5.4
x-amz-cf-pop
DUS51-P2
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store
x-amz-cf-id
-chh4RYedDZHoFwDy-o5_cn3tbxZ_yI94pQL5WMZIPGNqZFstLWIzw==
truncated
/ Frame EB1A 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame EB1A 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/png
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame EB1A 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 26 May 2022 19:40:09 GMT
x-content-type-options
nosniff
age
514841
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Thu, 02 Jun 2022 19:40:09 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame EB1A 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lft798ZAAAAAC0HNhyQyx5jp7L0fjW_9UksIWib&co=aHR0cHM6Ly9vcmJvZ3JhcGguY29tOjQ0Mw..&hl=de&v=M-QqaF9xk6BpjLH22uHZRhXt&theme=light&size=normal&cb=4nxf3vj4qsox
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 31 May 2022 11:18:05 GMT
x-content-type-options
nosniff
age
112965
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 31 May 2023 11:18:05 GMT
id
googleads.g.doubleclick.net/pagead/ Frame 5A7C
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
146 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ilbMKK7yk9g
Protocol
H3
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2cfa39d4c5c23cc9d0093280cbc1b0894f2b37d749f9b687937ed238987ce78c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 18:40:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 01 Jun 2022 18:40:50 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.youtube.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 5A7C 		29 B
54 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c403842a/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 18:40:21 GMT
x-content-type-options
nosniff
age
29
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 01 Jun 2022 18:55:21 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame EB1A 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=M-QqaF9xk6BpjLH22uHZRhXt
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lft798ZAAAAAC0HNhyQyx5jp7L0fjW_9UksIWib&co=aHR0cHM6Ly9vcmJvZ3JhcGguY29tOjQ0Mw..&hl=de&v=M-QqaF9xk6BpjLH22uHZRhXt&theme=light&size=normal&cb=4nxf3vj4qsox
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7127d15642f8979cf58784f91d487e77a81cd8e1db0e8547cb683f62829ad7d0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lft798ZAAAAAC0HNhyQyx5jp7L0fjW_9UksIWib&co=aHR0cHM6Ly9vcmJvZ3JhcGguY29tOjQ0Mw..&hl=de&v=M-QqaF9xk6BpjLH22uHZRhXt&theme=light&size=normal&cb=4nxf3vj4qsox
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 18:40:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Wed, 01 Jun 2022 18:40:50 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Wed, 01 Jun 2022 18:40:50 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 5A7C 		63 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c403842a/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
76e8a921792be55f554f9f03422f140e093a78d39ad6fda6bd882cc003a2d33d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Wed, 01 Jun 2022 18:40:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
29745
x-xss-protection
0
remote.js
www.youtube.com/s/player/c403842a/player_ias.vflset/de_DE/ Frame 5A7C 		119 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/c403842a/player_ias.vflset/de_DE/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c403842a/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6747849a02d58eb8fb6e057913fd8718f7350dbbdf24e60d2b17d6afe8d74e60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/ilbMKK7yk9g
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 26 May 2022 15:49:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
528667
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37777
x-xss-protection
0
last-modified
Thu, 26 May 2022 00:19:27 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 26 May 2023 15:49:43 GMT
zkn2XJXs9kfP2MQuCF5C6xKG5fA8wNFR23g3TMMQUJA.js
www.google.com/js/th/ Frame 5A7C 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/zkn2XJXs9kfP2MQuCF5C6xKG5fA8wNFR23g3TMMQUJA.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c403842a/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce49f65c95ecf647cfd8c42e085e42eb1286e5f03cc0d151db78374cc3105090
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 16:46:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
6836
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13752
x-xss-protection
0
last-modified
Tue, 17 May 2022 14:00:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 01 Jun 2023 16:46:54 GMT
embed.js
www.youtube.com/s/player/c403842a/player_ias.vflset/de_DE/ Frame 5A7C 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/c403842a/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c403842a/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
51328350fc58bb8debaa2d8e07e9cfc22fd34129ed07f51c71ed900d56638212
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/ilbMKK7yk9g
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 26 May 2022 15:52:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
528480
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8042
x-xss-protection
0
last-modified
Thu, 26 May 2022 00:19:27 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 26 May 2023 15:52:50 GMT
truncated
/ Frame 5A7C 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/png
AKedOLS0N72D1F1ZfzWwuQKWehdFS52zkNnrR10Nr2M=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 5A7C 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AKedOLS0N72D1F1ZfzWwuQKWehdFS52zkNnrR10Nr2M=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ilbMKK7yk9g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
6205ca1eb7dba9e6c56594b12fd896d7a5bcd44f1032631f6db9171998452526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 18:40:49 GMT
x-content-type-options
nosniff
age
1
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2125
x-xss-protection
0
server
fife
etag
"v8"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 02 Mar 2022 10:27:27 GMT
maxresdefault.webp
i.ytimg.com/vi_webp/ilbMKK7yk9g/ Frame 5A7C 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/ilbMKK7yk9g/maxresdefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ilbMKK7yk9g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cddf238565b27233a406ce307985e576adc928a0d69fa60237e885daac3a380a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 18:40:50 GMT
x-content-type-options
nosniff
server
sffe
etag
"1650556192"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
73908
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 01 Jun 2022 20:40:50 GMT
bframe
www.google.com/recaptcha/api2/ Frame D6AD 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de&v=M-QqaF9xk6BpjLH22uHZRhXt&k=6Lft798ZAAAAAC0HNhyQyx5jp7L0fjW_9UksIWib
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5b85ff1a0cb11ba10c60b32de59975792522f65d38d818656d135b9f80dcbd7b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-hiE_FAJetQ2Put38AmdF4A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
1113
content-security-policy
script-src 'report-sample' 'nonce-hiE_FAJetQ2Put38AmdF4A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 01 Jun 2022 18:40:50 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/ Frame D6AD 		51 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=M-QqaF9xk6BpjLH22uHZRhXt&k=6Lft798ZAAAAAC0HNhyQyx5jp7L0fjW_9UksIWib
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 16:33:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7665
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 16 May 2022 04:03:20 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 01 Jun 2023 16:33:05 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/ Frame D6AD 		365 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=M-QqaF9xk6BpjLH22uHZRhXt&k=6Lft798ZAAAAAC0HNhyQyx5jp7L0fjW_9UksIWib
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
195fc406dbdbe81846387873a37f88b81514ddedd3877b59e1a4615e90b18173
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 17:55:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2703
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
147703
x-xss-protection
0
last-modified
Mon, 16 May 2022 04:03:20 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 01 Jun 2023 17:55:47 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 5A7C 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c403842a/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 18:40:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 01 Jun 2022 18:40:50 GMT
generate_204
www.youtube.com/ Frame 5A7C 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?Yt5DRw
Requested by
Host: orbograph.com
URL: https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/ilbMKK7yk9g
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 18:40:50 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
a
www.googletagmanager.com/ 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=OPT-MW2QRGX&cv=8&t=ol&s=h1&h=379&p=gtmo&o=4000&l=379&q=826&f=68&e=70&i=45&d=-507&c=-39&hc=0&sr=0.050000&ps=0.004411950825000233&cb=1880081414
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://orbograph.com/paymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud/?pmc=Fraud&MyID=hari.vunnava%40ubs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Jun 2022 18:40:51 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cast_sender.js
www.gstatic.com/eureka/clank/102/ Frame 5A7C 		52 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/102/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c0bc3be07587388188143cb937f57c41c1921c60d0ad0c1a278c9099b6fc26a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 17:02:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5906
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15092
x-xss-protection
0
last-modified
Mon, 04 Apr 2022 15:13:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Thu, 02 Jun 2022 17:02:25 GMT
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Wed, 01 Jun 2022 18:40:51 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 5A7C 		98 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c403842a/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d7b729265d3744431edd258f6c4315173595c510c05e8c1430aaab34a8e217ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Wed, 01 Jun 2022 18:40:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
118
x-xss-protection
0
log_event
www.youtube.com/youtubei/v1/ Frame 5A7C 		28 B
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c403842a/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/ilbMKK7yk9g
X-YouTube-Client-Version
1.20220525.01.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgsxSnpkLXo1TDROcyix5d6UBg%3D%3D
X-YouTube-Ad-Signals
dt=1654108849248&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C654%2C368&vis=1&wgl=true&ca_type=image

Response headers

date
Wed, 01 Jun 2022 18:40:52 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Wed, 01 Jun 2022 18:40:52 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.gstatic.com
URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Domain
www.youtube.com
URL
https://www.youtube.com/generate_204?EKTmyw
Domain
www.youtube.com
URL
https://www.youtube.com/api/stats/atr?ns=yt&el=embedded&cpn=8VmN85K_8ZdTkSot&ver=2&cmt=0&fs=0&rt=0&euri=https%3A%2F%2Forbograph.com%2Fpaymentsjournal-checks-are-the-top-vehicle-for-commercial-payments-fraud%2F%3Fpmc%3DFraud%26MyID%3Dhari.vunnava%2540ub&lact=553&cl=450991360&mos=0&volume=100&cbr=Chrome&cbrver=102.0.5005.61&c=WEB_EMBEDDED_PLAYER&cver=1.20220525.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&epm=1&hl=de_DE&cr=DE&len=55&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24082661%2C24135310%2C24167177%2C24169501%2C24209325%2C24217472&muted=0&docid=ilbMKK7yk9g
Domain
www.youtube.com
URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Verdicts & Comments Add Verdict or Comment

111 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation undefined| $ function| jQuery object| seoAutomatedLinkBuilding function| EvEmitter function| imagesLoaded function| loadCSS object| dataLayer function| hj object| _hjSettings function| setCookie function| getCookie function| checkCookie number| DID string| MyID string| wpAjaxUrl string| flBuilderUrl object| FLBuilderLayoutConfig object| bowser object| UABBTrigger object| FLBuilderLayout function| FLBuilderVideo object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| _satellite boolean| __satelliteLoaded object| google_tag_manager string| GoogleAnalyticsObject function| ga object| kickfireGTM object| google_optimize object| google_tag_data function| Cookies function| UABBModalPopup function| UABBCreativeMenu object| FLThemeBuilderHeaderLayout function| _createClass function| _classCallCheck function| RocketBrowserCompatibilityChecker object| RocketPreloadLinksConfig object| addComment object| themeopts object| FLTheme object| frm_js object| gaplugins object| gaGlobal object| gaData function| VSCapture function| VSLT undefined| pagename undefined| MyPageName undefined| MySearch object| sniffer object| frmFrontForm function| frmFrontFormJS function| frmRecaptcha function| frmAfterRecaptcha function| frmUpdateField function| frmDeleteEntry function| frmOnSubmit function| frm_resend_email function| frmProFormJS object| frmProForm function| Dropzone function| default object| lazyLoadOptions function| lazyLoadThumb function| lazyLoadYoutubeIframe object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| LazyLoad object| images boolean| is_image object| iframes boolean| is_iframe object| rocket_lazy object| $this object| $node_module object| $popup_id object| popup_wrap string| modal_popup string| node string| iphone string| ipod object| $li boolean| keepOpen6 boolean| keepOpen5 boolean| keepOpen4 boolean| keepOpen3 boolean| keepOpen2 boolean| keepOpen1 boolean| ipad object| recaptcha object| closure_lm_278670

12 Cookies

Domain/Path Name / Value
orbograph.com/ Name: MyID
Value: hari.vunnava@ubs.com
.youtube.com/ Name: YSC
Value: tCIY5amN2rQ
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: 1Jzd-z5L4Ns
orbograph.com/ Name: kickfire_api_session_cookie
Value: 1
.orbograph.com/ Name: _ga
Value: GA1.2.1797431064.1654108848
.orbograph.com/ Name: _gid
Value: GA1.2.1126246270.1654108848
.orbograph.com/ Name: _gat_UA-93645701-1
Value: 1
.orbograph.com/ Name: _hjSessionUser_721117
Value: eyJpZCI6ImZmMWYyYzIwLWE4OTUtNWM5OC04NGFjLTQwNDI5YjFkMzExMyIsImNyZWF0ZWQiOjE2NTQxMDg4NDc5MzEsImV4aXN0aW5nIjpmYWxzZX0=
.orbograph.com/ Name: _hjFirstSeen
Value: 1
orbograph.com/ Name: _hjIncludedInPageviewSample
Value: 1
.orbograph.com/ Name: _hjSession_721117
Value: eyJpZCI6IjA3OTI4ZTI0LTkyYjYtNDQ1OC1iZTgxLTE4ZDViMGU4M2ZkZiIsImNyZWF0ZWQiOjE2NTQxMDg4NDkxNDMsImluU2FtcGxlIjp0cnVlfQ==
.orbograph.com/ Name: _hjAbsoluteSessionInProgress
Value: 1

1 Console Messages

Source Level URL
Text
network error URL: https://api.kickfire.com/v2/company:(all)?ip=UErd74ulGrSMcg%3D%3D&key=ba7675b073d51fab
Message:
Failed to load resource: the server responded with a status of 429 (Too Many Requests)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.kickfire.com
assets-jpcust.jwpsrv.com
assets.adobedtm.com
content.jwplatform.com
content.orbograph.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
in.hotjar.com
jnn-pa.googleapis.com
orbograph.com
prd.jwpltx.com
script.hotjar.com
ssl.p.jwpcdn.com
static.doubleclick.net
static.hotjar.com
stats.g.doubleclick.net
stats.sa-as.com
vars.hotjar.com
vc.hotjar.io
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
www.gstatic.com
www.youtube.com
108.157.4.129
151.101.130.159
18.66.139.117
18.66.139.80
209.128.119.150
209.128.92.239
2600:9000:2315:4e00:1:a3fa:7cc0:93a1
2a00:1450:4001:803::2006
2a00:1450:4001:803::200e
2a00:1450:4001:809::2001
2a00:1450:4001:810::200a
2a00:1450:4001:811::2016
2a00:1450:4001:812::2008
2a00:1450:4001:829::2003
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2004
2a00:1450:4001:82f::2003
2a00:1450:4001:831::2003
2a00:1450:4001:831::200a
2a00:1450:400c:c00::9d
2a02:26f0:3500:591::1e80
2a04:4e42:600::626
2a04:4e42::626
3.92.120.28
52.222.236.122
54.74.116.255
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
090ff2d0ae36e48705755a4fdd4fa2d5fe697d2ccb549877f3e595bf198acfc1
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0d5dc1106e16a525f3916c1766c5585f28aab6b51b345071c91e98d6ad94ea2d
0f0fb9cee6dc37e103b890cd1efa3bf5ab17bc867e94a17a9100f3acac8c0312
0f68a5c39ee4c0cb83c52227944687e32b13726dbeb369083593bb1916b9c2f7
15d18ebb2a2d3652f373af6d8f21610f76ea2f4d67943fc13bc5f826b2385380
195fc406dbdbe81846387873a37f88b81514ddedd3877b59e1a4615e90b18173
19cfdda48f963f58f620cd6cae53ffeb759feeb7a310ffc4653e939ac9529b5b
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c831cd9d7b07245dc92db1412e0fce7ed3f3f15d81c4f8e37405a4e11de0347
1ca0fb181d2ed8aee92877a5c38b01dc3ce42b9b8123d6dec8667068f6d9d779
29889d39e7d8a2bb214018a3f05a8209e4e95f418b70d860af6ed85cd2941fbe
2cabb172719c507c74a377112eee344baab7b522fdcb5a90f516b076589a6e13
2cfa39d4c5c23cc9d0093280cbc1b0894f2b37d749f9b687937ed238987ce78c
2f7e36b02f57be444dc0ac36f25d02e7912bea88166352fc9bc6697463c3a38e
3a8566c410bdc9c4b1a222d4e198c179255893accb662ed34ac308c39fc01bac
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f85f9f44568e096e459e14198c1600cb30afccaf85d181e034c340154e11772
40424063eaa90028607300fa3406e9b78b9244f209bdbfb5c76a4399d16421f4
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
44b7fb6f761a2e8bf64400e3311c4c4bf343e888ee1b8bbf125881c4617ed70f
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
49f204eb11dd2940cb55d01fbe8f8f2fef9167ff1cb6e22bcecde06c0078f630
4c88237efbd80053668d55dfb4f84f10c756d3d69142f801bd440d5ca4c46468
4ef6f1dbb1da1522a022de61dd700fd4aaad8b3ede96f48247d790377a81568f
51328350fc58bb8debaa2d8e07e9cfc22fd34129ed07f51c71ed900d56638212
56c9a55f044072d845e3048acb3ecd6139b891b4999e9a9dd7f9ccc35717b0f4
5b1113a99861b84705cae70726c1c418c3ec580a809568820b76449496b28c57
5b85ff1a0cb11ba10c60b32de59975792522f65d38d818656d135b9f80dcbd7b
5e2fff0854622547e065695c6ad99695f120ef939c8d0709d3a3e328a1a95015
6205ca1eb7dba9e6c56594b12fd896d7a5bcd44f1032631f6db9171998452526
6238da885f072c856560cc65bda22f94818c95e1af3c87190a97a3dcd9b172e7
6453f3dce1d26604b40467694b7ac73b78c304a7eaa67b4e85c1441b453e72f1
647cf0b42e5bc462ebf0a6d8d09c5935eb523917b2c1ccc21b4ce72a8597b213
6747849a02d58eb8fb6e057913fd8718f7350dbbdf24e60d2b17d6afe8d74e60
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6e7bf668f5b0ced020c0e9fefe1da9fb6b32eba15414fb72a1a760dcd168fa56
6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41
7127d15642f8979cf58784f91d487e77a81cd8e1db0e8547cb683f62829ad7d0
76e8a921792be55f554f9f03422f140e093a78d39ad6fda6bd882cc003a2d33d
7eb0d21ad8b5f6db08f3b4ae96aa3e92a7923fe25b8da9cca40cecd9474725d7
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8abb083a257283bbd88d9996d0dc557487a4866ea05591343e48885148f7ddfb
8bfcec07978309844d788b4ade223b49ba0be250c0da82fa94d7477842db1e6a
8fe2f1cb7bc41c640ad3ea24449cfa1ba5291e16dbbbab0ef61bfe43f3212910
91d744bf23ae2d21a6565a51934c39e0f8fa6121b958f2998a1979ee7ba2fa9d
92c87807cd3aea4e8fbad9288fe66b7ca4c7c6355af33d503f6e87c85e73bbd2
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
98918024d30317cf0ce328aecf8b55fedab94b6d0d85123d8b2b526b23612290
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
9ea59878e4976d8ca1c7307f343f18b22c588a33197554b5a9e4d97ee62c7486
a10b9570a1c7858442b42f1cd48b69a191638269f37e4046607bf5fe188e38bf
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a730f38443260d1b1b224875cd4f6a86ad420dab7c2175523a3fbf35eb5a76a6
a7fa4eedfb41ae4f539d0e1d72da076706714988aedf926a934f7b58d172e68d
ae9cb3d5cd115601108624cfe32c87b4fb3ea7c306e8116521ccdb6775df07ec
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b48c3484dca153a689cdb6e4a1276dc85a5503092be036b8bdcbcd1506f45315
b698d7d63c8c236cda0499131978654fa884f24df6755f7b6909e5d784e096db
bc2379066198fea049bbab6301a3fd97beed29f1ed9684755341dcc72c364577
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c0bc3be07587388188143cb937f57c41c1921c60d0ad0c1a278c9099b6fc26a6
c28282356c9a5c994698b1cf80faaa6d3b7c87609f81a5ea4a89965bcc825848
c28eb8900abce3c478234e62390838556d839c10b7073b2ba42bcbae20d6e2fc
c7160aa52e513bd9135b507028252157a2968a5eeedad45cf58a264765a5a808
c8208faba31cabb7ea3da9c8ba107f434e5c133a9bbc4071e7d040573fd4ad73
cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a
cddf238565b27233a406ce307985e576adc928a0d69fa60237e885daac3a380a
ce49f65c95ecf647cfd8c42e085e42eb1286e5f03cc0d151db78374cc3105090
cfa7a03558006522a62cff68598a23b5df942a302f5d562ea8a1757465314e40
d3b2f660b434b8f2c4c187adfe0f0b6ab4ebffdd99da232e6900112311d66798
d7b729265d3744431edd258f6c4315173595c510c05e8c1430aaab34a8e217ad
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
dd6afc5ca21e20fba6c0f8063017e22fcbcf5f94d9ad50db0b5320133f0cfbb4
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dffa6a00156271ebf928a98f0865ed70249a4599904146e8c39b6c8c32352f1e
e1a478b48c8e190782382190951e6410356f384923c3c79e0470935cde4bbdfa
e1fd013ac18aebac28e366bf82aace3b2fb6900fecc4793303ed93aeadd31910
e214a7a3bbb46c0b1dd63e3d8b7c047410cc28cbc9b9d67e020761db2b3e47d3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4fc9c551e8bfbbbea6df414d4eb5c6cc7c91ea2a9d89a5052c93ea6ecd255f3
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee3f15c5cb8713cfca230a36b2eed13566bf8cf35286b8b1f5c33d45af5bf3dd
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f05ac9ba83369cd58d06d8ee2e5f8d61c040d30d044e20752153f95577627dc6
f1d9e6f9810f200f2f084878132b625034067342cf072d98cb651d8da915e60c
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f9fbeaf40d2ffc26488be92110e35c3714a07273c7bc4d79f54c22017254991a
fa7b84bb6e37fba06f79793937e55baf6ebc1bee051e350e11c7ca681a9f3db7
fcd9ffb64cfd974227451be5fc6ec851c51bb635d8485fd5e48e8717bac902cb
fe25388a9811bb06d7f0c6a1019078a9e7d688b629dca6954d99d52fb093dde7
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869