www.westcoastescrow.com Open in urlscan Pro
198.175.44.150 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://ow.ly/uyjV50PQRIc
Effective URL:
https://www.westcoastescrow.com/wire-fraud?Region=Los%20Angeles%20County&utm_medium=social&utm_source=facebook&utm_campaign=wire...
Submission: On November 01 via manual (November 1st 2023, 3:41:04 pm UTC) from US — Scanned from DE

Summary HTTP 62 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 11 IPs in 3 countries across 11 domains to perform 62 HTTP transactions. The main IP is 198.175.44.150, located in United States and belongs to REALOGY-DDC, US. The main domain is www.westcoastescrow.com.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on September 18th 2023. Valid for: a year.

This is the only time www.westcoastescrow.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	44.208.145.194 44.208.145.194	14618 (AMAZON-AES) (AMAZON-AES)
31	198.175.44.150 198.175.44.150	54053 (REALOGY-DDC) (REALOGY-DDC)
2	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
2	20.225.15.113 20.225.15.113	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
8	2a02:6ea0:c70... 2a02:6ea0:c700::17	60068 (CDN77 ^_^) (CDN77 ^_^)
2	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
3	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
1	2600:1f14:5db... 2600:1f14:5db:eb11:9a56:ad25:21d5:260a	16509 (AMAZON-02) (AMAZON-02)
62	11

1 44.208.145.194 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-208-145-194.compute-1.amazonaws.com

ow.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 198.175.44.150 (United States)

ASN54053 (REALOGY-DDC, US)

www.westcoastescrow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.225.15.113 (San Antonio, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

mobile.trgc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:6ea0:c700::17 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

cdn.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f14:5db:eb11:9a56:ad25:21d5:260a (Boardman, United States)

ASN16509 (AMAZON-02, US)

api.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	westcoastescrow.com www.westcoastescrow.com	3 MB
9	userway.org cdn.userway.org — Cisco Umbrella Rank: 4291 api.userway.org — Cisco Umbrella Rank: 4209 Failed	98 KB
7	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2462	42 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	309 KB
2	gstatic.com fonts.gstatic.com	65 KB
2	trgc.com mobile.trgc.com	3 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	2 KB
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 78	354 B
1	ow.ly 1 redirects ow.ly — Cisco Umbrella Rank: 93426	274 B
0	google.de Failed www.google.de Failed
0	google.com Failed www.google.com Failed
62	11

	Domain	Requested by
31	www.westcoastescrow.com	www.westcoastescrow.com
8	cdn.userway.org	www.westcoastescrow.com cdn.userway.org
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	www.googletagmanager.com	www.westcoastescrow.com www.googletagmanager.com
3	region1.google-analytics.com	www.googletagmanager.com
2	fonts.gstatic.com	fonts.googleapis.com
2	mobile.trgc.com	www.westcoastescrow.com
2	fonts.googleapis.com	www.westcoastescrow.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	api.userway.org	cdn.userway.org
1	ow.ly	1 redirects
0	www.google.de Failed
0	www.google.com Failed
62	13

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.linkedin.com
www.instagram.com
4czmag5bvi4.typeform.com
bec.ic3.gov
realogy.sharepoint.com

Subject Issuer	Validity	Valid
westcoastescrow.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-18` - `2024-10-18`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.trgc.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-17` - `2023-12-18`	a year	crt.sh
1667503734.rsc.cdn77.org R3	`2023-10-10` - `2024-01-08`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
api.userway.org Amazon RSA 2048 M03	`2023-09-02` - `2024-09-30`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.westcoastescrow.com/wire-fraud?Region=Los%20Angeles%20County&utm_medium=social&utm_source=facebook&utm_campaign=wire_fraud
Frame ID: AAAB92900BB15CA41A669684DAFF6282
Requests: 62 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Preventing Wire Fraud

Page URL History Show full URLs

https://ow.ly/uyjV50PQRIc HTTP 301
https://www.westcoastescrow.com/wire-fraud?utm_medium=social&utm_source=facebook&utm_campaign=wire_fraud Page URL
https://www.westcoastescrow.com/wire-fraud?Region=Los%20Angeles%20County&utm_medium=social&utm_source=facebo... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

UserWay (Accessibility) Expand

Overall confidence: 100%
Detected patterns

cdn\.userway\.org/widget.*\.js

Page Statistics

62
Requests

94 %
HTTPS

73 %
IPv6

11
Domains

13
Subdomains

11
IPs

3
Countries

3687 kB
Transfer

4760 kB
Size

6
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/WestCoastEscrow/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/west-coast-escrow

Search URL Search Domain Scan URL

URL: http://www.instagram.com/westcoastescrow

Search URL Search Domain Scan URL

URL: https://4czmag5bvi4.typeform.com/WCE-Quiz?utm_medium=quiz&utm_source=websites&utm_campaign=wire-fraud-23
Title: TAKE THE QUIZ

Search URL Search Domain Scan URL

URL: https://bec.ic3.gov/
Title: Click here to file a complaint with the FBI’s official Internet Crime Complaint Center.

Search URL Search Domain Scan URL

URL: https://realogy.sharepoint.com/sites/TestHRLegal/SitePages/Insurance-Certifications.aspx?Region=Los%20Angeles%20County
Title: LEGALOpens in a new tab

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ow.ly/uyjV50PQRIc HTTP 301
https://www.westcoastescrow.com/wire-fraud?utm_medium=social&utm_source=facebook&utm_campaign=wire_fraud Page URL
https://www.westcoastescrow.com/wire-fraud?Region=Los%20Angeles%20County&utm_medium=social&utm_source=facebook&utm_campaign=wire_fraud Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://ow.ly/uyjV50PQRIc HTTP 301
https://www.westcoastescrow.com/wire-fraud?utm_medium=social&utm_source=facebook&utm_campaign=wire_fraud

62 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

wire-fraud Show response
www.westcoastescrow.com/
Redirect Chain

https://ow.ly/uyjV50PQRIc
https://www.westcoastescrow.com/wire-fraud?utm_medium=social&utm_source=facebook&utm_campaign=wire_fraud

47 KB
47 KB

932ms
445ms

Document
text/html

198.175.44.150
REALOGY-DDC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westcoastescrow.com/wire-fraud?utm_medium=social&utm_source=facebook&utm_campaign=wire_fraud

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.175.44.150 , United States, ASN54053 (REALOGY-DDC, US),

Reverse DNS

Software

Resource Hash

832cb7057a7d8a8ac4e45626e4d23ec8132342db22325a4e1346e765926ce2e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Content-Length: 47959
Content-Type: text/html; charset=utf-8
Date: Wed, 01 Nov 2023 15:40:54 GMT
Expires: -1
Pragma: no-cache
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Frame-options: SAMEORIGIN

Redirect headers

content-length: 0
date: Wed, 01 Nov 2023 15:40:54 GMT
location: https://www.westcoastescrow.com/wire-fraud?utm_medium=social&utm_source=facebook&utm_campaign=wire_fraud
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-frame-options: DENY
x-permitted-cross-domain-policies: master-only
x-xss-protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 4 KB
928 B 83ms
33ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Muli:400,600,700,900&display=swap

Requested by

Host: www.westcoastescrow.com
URL: https://www.westcoastescrow.com/wire-fraud?utm_medium=social&utm_source=facebook&utm_campaign=wire_fraud

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

adde718d63e9399a1f494babb23afa41e7b8e13dbeef1a32123fc98736a78681

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.westcoastescrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 01 Nov 2023 15:40:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 01 Nov 2023 15:40:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 01 Nov 2023 15:40:55 GMT

GET
H/1.1 200
OK bundle
www.westcoastescrow.com/ResourcePackages/Bootstrap/assets/MetroPortal/Shared/css/ 400 KB
401 KB 301ms
157ms Stylesheet
text/css 198.175.44.150
REALOGY-DDC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westcoastescrow.com/ResourcePackages/Bootstrap/assets/MetroPortal/Shared/css/bundle?v=8VlGEywxghTLzJaVSppDDFV6pWPE_Iuj9MhfGFtEVow1

Requested by

Host: www.westcoastescrow.com
URL: https://www.westcoastescrow.com/wire-fraud?utm_medium=social&utm_source=facebook&utm_campaign=wire_fraud

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.175.44.150 , United States, ASN54053 (REALOGY-DDC, US),

Reverse DNS

Software

Resource Hash

82fd59ead7b3ce376a05bf7fa1bf8ac9fda8665181a52b6f769c16c1d344aab4

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.westcoastescrow.com/wire-fraud?utm_medium=social&utm_source=facebook&utm_campaign=wire_fraud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 01 Nov 2023 15:40:54 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
Last-Modified: Wed, 01 Nov 2023 15:40:55 GMT
Vary: User-Agent
X-Frame-options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public
Content-Length: 410020
Expires: Thu, 31 Oct 2024 15:40:55 GMT

GET
H/1.1 200
OK Telerik.Web.UI.WebResource.axd
www.westcoastescrow.com/ 2 KB
2 KB 442ms
153ms Stylesheet
text/css 198.175.44.150
REALOGY-DDC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westcoastescrow.com/Telerik.Web.UI.WebResource.axd?d=PMrIT5dOWaVYIcpFWUE4nLSVBfSDfFhzQzWlTr5F0LcoQ0mJv3EYYxedhiPqHRHCi07flgmEyJW9uR6tn1sDtmJefMMkmCR3C8mrzehbpkPtGaWy0&t=638227109199744065&compress=0&_TSM_CombinedScripts_=%3b%3bTelerik.Sitefinity.Resources%2c+Version%3d14.4.8100.0%2c+Culture%3dneutral%2c+PublicKeyToken%3db28c218413bdf563%3aen%3aca651bf7-ab52-4d0b-838f-dc7a536af758%3a7a90d6a

Requested by

Host: www.westcoastescrow.com
URL: https://www.westcoastescrow.com/wire-fraud?utm_medium=social&utm_source=facebook&utm_campaign=wire_fraud

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.175.44.150 , United States, ASN54053 (REALOGY-DDC, US),

Reverse DNS

Software

Resource Hash

3ceb845596cd0b2142d50f3144ded925563816a3787579266f81384c6f8cc6cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.westcoastescrow.com/wire-fraud?utm_medium=social&utm_source=facebook&utm_campaign=wire_fraud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 01 Nov 2023 15:40:54 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
Last-Modified: Tue, 17 Jan 2023 00:00:00 GMT
Vary: User-Agent
X-Frame-options: SAMEORIGIN
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Content-Length: 2144
Expires: Thu, 31 Oct 2024 15:40:55 GMT

GET
H/1.1 200
OK WebResource.axd Show response
www.westcoastescrow.com/ 23 KB
23 KB 438ms
148ms Script
application/x-javascript 198.175.44.150
REALOGY-DDC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westcoastescrow.com/WebResource.axd?d=pynGkmcFUV13He1Qd6_TZDLKpyie61fXtvO3mG44yOYwr0wuJCxO2FuCmyrrhRU6QSqPzw2&t=638259218771233176

Requested by

Host: www.westcoastescrow.com
URL: https://www.westcoastescrow.com/wire-fraud?utm_medium=social&utm_source=facebook&utm_campaign=wire_fraud

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.175.44.150 , United States, ASN54053 (REALOGY-DDC, US),

Reverse DNS

Software

Resource Hash

40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.westcoastescrow.com/wire-fraud?utm_medium=social&utm_source=facebook&utm_campaign=wire_fraud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 01 Nov 2023 15:40:54 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
Last-Modified: Wed, 26 Jul 2023 02:44:37 GMT
X-Frame-options: SAMEORIGIN
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public
Content-Length: 23063
Expires: Thu, 31 Oct 2024 08:11:57 GMT

GET
H/1.1 200
OK Telerik.Web.UI.WebResource.axd Show response
www.westcoastescrow.com/ 140 KB
141 KB 453ms
159ms Script
application/x-javascript 198.175.44.150
REALOGY-DDC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westcoastescrow.com/Telerik.Web.UI.WebResource.axd?_TSM_HiddenField_=ctl04_TSM&compress=0&_TSM_CombinedScripts_=%3b%3bSystem.Web.Extensions%2c+Version%3d4.0.0.0%2c+Culture%3dneutral%2c+PublicKeyToken%3d31bf3856ad364e35%3aen%3a74e2d6b4-8086-4964-ae5a-39250647f25e%3aea597d4b%3ab25378d2

Requested by

Host: www.westcoastescrow.com
URL: https://www.westcoastescrow.com/wire-fraud?utm_medium=social&utm_source=facebook&utm_campaign=wire_fraud

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.175.44.150 , United States, ASN54053 (REALOGY-DDC, US),

Reverse DNS

Software

Resource Hash

f038dc5d3108d5cd4ec3986b594b7eb6157eef50a00a05b0515ed53c16fbc8d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.westcoastescrow.com/wire-fraud?utm_medium=social&utm_source=facebook&utm_campaign=wire_fraud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 01 Nov 2023 15:40:55 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
Last-Modified: Tue, 17 Jan 2023 00:00:00 GMT
Vary: User-Agent
X-Frame-options: SAMEORIGIN
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Content-Length: 143794
Expires: Thu, 31 Oct 2024 15:40:55 GMT

GET
H/1.1 200
OK ajax-loading.gif
www.westcoastescrow.com/ResourcePackages/Bootstrap/assets/MetroPortal/Shared/images/ 4 KB
4 KB 457ms
160ms Image
image/gif 198.175.44.150
REALOGY-DDC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.westcoastescrow.com/ResourcePackages/Bootstrap/assets/MetroPortal/Shared/images/ajax-loading.gif

Requested by

Host: www.westcoastescrow.com
URL: https://www.westcoastescrow.com/wire-fraud?utm_medium=social&utm_source=facebook&utm_campaign=wire_fraud

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.175.44.150 , United States, ASN54053 (REALOGY-DDC, US),

Reverse DNS

Software

Resource Hash

a01f924c1c6e0d3c256ffbb4ab7aad1d58cf271b60acfa383088a9d9ddecafa2

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.westcoastescrow.com/wire-fraud?utm_medium=social&utm_source=facebook&utm_campaign=wire_fraud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 01 Nov 2023 15:40:54 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
Last-Modified: Fri, 06 Oct 2023 13:16:27 GMT
ETag: "42c2205057f8d91:0"
X-Frame-options: SAMEORIGIN
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=2678400
Accept-Ranges: bytes
Content-Length: 3951

GET
H/1.1 200
OK wce2022a.png
www.westcoastescrow.com/images/default-source/default-album/west-coast-escrow/ 4 KB
5 KB 474ms
166ms Image
image/png 198.175.44.150
REALOGY-DDC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.westcoastescrow.com/images/default-source/default-album/west-coast-escrow/wce2022a.png?sfvrsn=401d9c9d_0

Requested by

Host: www.westcoastescrow.com
URL: https://www.westcoastescrow.com/wire-fraud?utm_medium=social&utm_source=facebook&utm_campaign=wire_fraud

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.175.44.150 , United States, ASN54053 (REALOGY-DDC, US),

Reverse DNS

Software

Resource Hash

5ca16ef1dfe956d6aeb1b1ccfd087fec31bc7e0b283ea10ac09f0435831bb7a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.westcoastescrow.com/wire-fraud?utm_medium=social&utm_source=facebook&utm_campaign=wire_fraud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Nov 2023 15:40:55 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Frame-options: SAMEORIGIN
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Content-Disposition: inline; filename=wce2022a.png
Accept-Ranges: bytes
Content-Length: 4348
Expires: -1

GET
H/1.1 200
OK wirefraud2023.jpg
www.westcoastescrow.com/images/default-source/default-album/guardiantitleagency/ 273 KB
274 KB 160ms
159ms Image
image/jpeg 198.175.44.150
REALOGY-DDC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.westcoastescrow.com/images/default-source/default-album/guardiantitleagency/wirefraud2023.jpg?sfvrsn=46c1979d_0

Requested by

Host: www.westcoastescrow.com
URL: https://www.westcoastescrow.com/wire-fraud?utm_medium=social&utm_source=facebook&utm_campaign=wire_fraud

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.175.44.150 , United States, ASN54053 (REALOGY-DDC, US),

Reverse DNS

Software

Resource Hash

bdb11742001e696bcbf59b02fe1aa1b3e2f2549115e363aecbbd9795b215e385

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.westcoastescrow.com/wire-fraud?utm_medium=social&utm_source=facebook&utm_campaign=wire_fraud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Nov 2023 15:40:54 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Frame-options: SAMEORIGIN
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Content-Disposition: inline; filename=wirefraud2023.jpg
Accept-Ranges: bytes
Content-Length: 280012
Expires: -1

GET
H/1.1 200
OK cybermonth.jpg
www.westcoastescrow.com/images/default-source/default-album/guardiantitleagency/ 112 KB
113 KB 160ms
160ms Image
image/jpeg 198.175.44.150
REALOGY-DDC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.westcoastescrow.com/images/default-source/default-album/guardiantitleagency/cybermonth.jpg?sfvrsn=5bc6979d_0

Requested by

Host: www.westcoastescrow.com
URL: https://www.westcoastescrow.com/wire-fraud?utm_medium=social&utm_source=facebook&utm_campaign=wire_fraud

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.175.44.150 , United States, ASN54053 (REALOGY-DDC, US),

Reverse DNS

Software

Resource Hash

c77276e8b330cb0362c41628560c0f67d5d877437b99a78ebc1815a1a79c4bf6

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.westcoastescrow.com/wire-fraud?utm_medium=social&utm_source=facebook&utm_campaign=wire_fraud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Nov 2023 15:40:54 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Frame-options: SAMEORIGIN
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Content-Disposition: inline; filename=cybermonth.jpg
Accept-Ranges: bytes
Content-Length: 114907
Expires: -1

GET
H/1.1 200
OK bundle
www.westcoastescrow.com/ResourcePackages/Bootstrap/assets/MetroPortal/Shared/js/ 563 KB
564 KB 168ms
168ms Script
text/javascript 198.175.44.150
REALOGY-DDC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westcoastescrow.com/ResourcePackages/Bootstrap/assets/MetroPortal/Shared/js/bundle?v=fCuNSK8KsJFlzrZICeVrqqQkcfDjdbuAXn1DbmrmJfA1

Requested by

Host: www.westcoastescrow.com
URL: https://www.westcoastescrow.com/wire-fraud?utm_medium=social&utm_source=facebook&utm_campaign=wire_fraud

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.175.44.150 , United States, ASN54053 (REALOGY-DDC, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.westcoastescrow.com/wire-fraud?utm_medium=social&utm_source=facebook&utm_campaign=wire_fraud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 01 Nov 2023 15:40:55 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
Last-Modified: Wed, 01 Nov 2023 15:40:55 GMT
Vary: User-Agent
X-Frame-options: SAMEORIGIN
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public
Content-Length: 576995
Expires: Thu, 31 Oct 2024 15:40:55 GMT

GET
H/1.1 200
OK titlesnap.js Show response
mobile.trgc.com/powersnap/JavaScriptPackage/ 3 KB
2 KB 654ms
164ms Script
application/javascript 20.225.15.113
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://mobile.trgc.com/powersnap/JavaScriptPackage/titlesnap.js?v=3eab118e-1283-4103-ab3d-a91925f41c53

Requested by

Host: www.westcoastescrow.com
URL: https://www.westcoastescrow.com/wire-fraud?utm_medium=social&utm_source=facebook&utm_campaign=wire_fraud

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

20.225.15.113 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

4622804f93244b64a3104b14a59a09f33411e50ccf85cfffa729a4864b85d633

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.westcoastescrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 01 Nov 2023 15:40:55 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2592000
Last-Modified: Fri, 13 Oct 2023 03:08:57 GMT
Server: Microsoft-IIS/10.0
ETag: "1d9fd829adea091"
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Request-Context: appId=cid-v1:3b10ded6-1a26-46cf-a85c-6786ca5cfece

GET
H2 200 widget.js Show response
cdn.userway.org/ 2 KB
2 KB 90ms
31ms Script
application/javascript 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widget.js
Requested by: Host: www.westcoastescrow.com
URL: https://www.westcoastescrow.com/wire-fraud?utm_medium=social&utm_source=facebook&utm_campaign=wire_fraud
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: b452b6054c204404bb37c1eefeadca3491747bb8691e7aff05683ce5bdffaa5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.westcoastescrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 01 Nov 2023 15:40:55 GMT
via: 1.1 d63ea68c8b7458d49fe25f66ef7f0a5e.cloudfront.net (CloudFront)
content-encoding: gzip
x-age-lb: 1722
x-amz-cf-pop: FRA60-P3
age: 123
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-accel-date: 1698851533
x-77-nzt: ApySIYg3Nzf/ugYAANRmOJw3NzfR
x-accel-expires: @1698855133
x-77-age: 1722
x-cache-lb: HIT
last-modified: Fri, 27 Oct 2023 14:48:14 GMT
server: CDN77-Turbo
etag: W/"f838acf852e46c1ddeb80db6be8f9222"
x-77-nzt-ray: f6587a1d4da0628b87714265c1b21d13
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=3600, public
content-type: application/javascript
x-amz-cf-id: ISAyPuOFdwUuZGxEHo5W3j-GceJYWKgVZjUJ2yQ1-J7d7tYgnh1tFA==

GET
H/1.1 200
OK search-icon.png
www.westcoastescrow.com/ResourcePackages/Bootstrap/assets/MetroPortal/Shared/images/ 4 KB
4 KB 159ms
159ms Image
image/png 198.175.44.150
REALOGY-DDC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.westcoastescrow.com/ResourcePackages/Bootstrap/assets/MetroPortal/Shared/images/search-icon.png

Requested by

Host: www.westcoastescrow.com
URL: https://www.westcoastescrow.com/ResourcePackages/Bootstrap/assets/MetroPortal/Shared/css/bundle?v=8VlGEywxghTLzJaVSppDDFV6pWPE_Iuj9MhfGFtEVow1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.175.44.150 , United States, ASN54053 (REALOGY-DDC, US),

Reverse DNS

Software

Resource Hash

39e5db5ae09cb26c27012faa8dfda0b2b71831cc38b749ed25cdd4f1dda3352c

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.westcoastescrow.com/ResourcePackages/Bootstrap/assets/MetroPortal/Shared/css/bundle?v=8VlGEywxghTLzJaVSppDDFV6pWPE_Iuj9MhfGFtEVow1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 01 Nov 2023 15:40:55 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
Last-Modified: Fri, 06 Oct 2023 13:16:27 GMT
ETag: "74ae2c5057f8d91:0"
X-Frame-options: SAMEORIGIN
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=2678400
Accept-Ranges: bytes
Content-Length: 3723

GET
H2 200 7Auwp_0qiz-afTLGLQ.woff2
fonts.gstatic.com/s/muli/v29/ 32 KB
33 KB 71ms
21ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/muli/v29/7Auwp_0qiz-afTLGLQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli:400,600,700,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f68d37d474952b1fbe30def1b69e63e79c46a70263433285783b69ac0107b929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.westcoastescrow.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 18:35:15 GMT
x-content-type-options: nosniff
age: 507941
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32796
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:41:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Oct 2024 18:35:15 GMT

GET
H2 200 widget_app_base_1698417958350.js
cdn.userway.org/widgetapp/2023-10-27-14-45-58/ 135 KB
40 KB 79ms
38ms Script
application/javascript 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2023-10-27-14-45-58/widget_app_base_1698417958350.js
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash

Request headers

Referer: https://www.westcoastescrow.com/
Origin: https://www.westcoastescrow.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 01 Nov 2023 15:40:56 GMT
via: 1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
content-encoding: gzip
x-age-lb: 434964
x-amz-cf-pop: FRA60-P3
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-accel-date: 1698418292
x-77-nzt: ApySIYg3Nzf/FKMGANRmOJw3Nzf/dwAAAA
x-accel-expires: @1724338173
x-77-age: 435083
x-cache-lb: HIT
last-modified: Fri, 27 Oct 2023 14:48:08 GMT
server: CDN77-Turbo
etag: W/"290bc5ab4df6122b860aadf459246740"
x-77-nzt-ray: f6587a1d699ee2b48871426559c3ab2c
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: application/javascript
x-amz-cf-id: jM5j8T3KkD5LaunhbuhLMaRUGZvkHai63mVTeonvCNwSCJRIsNDtXA==

GET
H/1.1 200
OK Primary Request wire-fraud Show response
www.westcoastescrow.com/ 47 KB
47 KB 399ms
399ms Document
text/html 198.175.44.150
REALOGY-DDC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westcoastescrow.com/wire-fraud?Region=Los%20Angeles%20County&utm_medium=social&utm_source=facebook&utm_campaign=wire_fraud

Requested by

Host: www.westcoastescrow.com
URL: https://www.westcoastescrow.com/ResourcePackages/Bootstrap/assets/MetroPortal/Shared/js/bundle?v=fCuNSK8KsJFlzrZICeVrqqQkcfDjdbuAXn1DbmrmJfA1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.175.44.150 , United States, ASN54053 (REALOGY-DDC, US),

Reverse DNS

Software

Resource Hash

27836a9fbc65458b432c410844c112b77e88346e443a750790560b6e260ef2be

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.westcoastescrow.com/wire-fraud?utm_medium=social&utm_source=facebook&utm_campaign=wire_fraud
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Content-Length: 47989
Content-Type: text/html; charset=utf-8
Date: Wed, 01 Nov 2023 15:40:56 GMT
Expires: -1
Pragma: no-cache
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Frame-options: SAMEORIGIN

GET
H/1.1 200
OK wirefraud2023.jpg
www.westcoastescrow.com/images/default-source/default-album/guardiantitleagency/ 241 KB
0 168ms
168ms Image
image/jpeg 198.175.44.150
REALOGY-DDC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.westcoastescrow.com/images/default-source/default-album/guardiantitleagency/wirefraud2023.jpg?sfvrsn=46c1979d_0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.175.44.150 , United States, ASN54053 (REALOGY-DDC, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.westcoastescrow.com/wire-fraud?utm_medium=social&utm_source=facebook&utm_campaign=wire_fraud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Nov 2023 15:40:56 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Frame-options: SAMEORIGIN
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Content-Disposition: inline; filename=wirefraud2023.jpg
Accept-Ranges: bytes
Content-Length: 280012
Expires: -1

GET
H2 200 gtm.js
www.googletagmanager.com/ 197 KB
71 KB 93ms
40ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MX5PQPP

Requested by

Host: www.westcoastescrow.com
URL: https://www.westcoastescrow.com/ResourcePackages/Bootstrap/assets/MetroPortal/Shared/js/bundle?v=fCuNSK8KsJFlzrZICeVrqqQkcfDjdbuAXn1DbmrmJfA1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.westcoastescrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 15:40:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72264
x-xss-protection: 0
last-modified: Wed, 01 Nov 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 01 Nov 2023 15:40:56 GMT

GET
H/1.1 200
OK facebook.png
www.westcoastescrow.com/images/default-source/default-album/Social-Media/ 1 KB
2 KB 158ms
157ms Image
image/png 198.175.44.150
REALOGY-DDC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.westcoastescrow.com/images/default-source/default-album/Social-Media/facebook.png?sfvrsn=a6efdd9d_2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.175.44.150 , United States, ASN54053 (REALOGY-DDC, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.westcoastescrow.com/wire-fraud?utm_medium=social&utm_source=facebook&utm_campaign=wire_fraud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Nov 2023 15:40:56 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Frame-options: SAMEORIGIN
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Content-Disposition: inline; filename=facebook.png
Accept-Ranges: bytes
Content-Length: 1505
Expires: -1

GET
H/1.1 200
OK linkedin.png
www.westcoastescrow.com/images/default-source/default-album/Social-Media/ 2 KB
2 KB 158ms
158ms Image
image/png 198.175.44.150
REALOGY-DDC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.westcoastescrow.com/images/default-source/default-album/Social-Media/linkedin.png?sfvrsn=9decdd9d_0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.175.44.150 , United States, ASN54053 (REALOGY-DDC, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.westcoastescrow.com/wire-fraud?utm_medium=social&utm_source=facebook&utm_campaign=wire_fraud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Nov 2023 15:40:56 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Frame-options: SAMEORIGIN
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Content-Disposition: inline; filename=linkedin.png
Accept-Ranges: bytes
Content-Length: 1583
Expires: -1

GET
H/1.1 200
OK instagrama4dbd1072e9d6e4b885aff1900ecfed1.png
www.westcoastescrow.com/images/default-source/default-album/ 2 KB
2 KB 161ms
160ms Image
image/png 198.175.44.150
REALOGY-DDC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.westcoastescrow.com/images/default-source/default-album/instagrama4dbd1072e9d6e4b885aff1900ecfed1.png?sfvrsn=4c46bf9d_0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.175.44.150 , United States, ASN54053 (REALOGY-DDC, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.westcoastescrow.com/wire-fraud?utm_medium=social&utm_source=facebook&utm_campaign=wire_fraud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Nov 2023 15:40:56 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Frame-options: SAMEORIGIN
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Content-Disposition: inline; filename=instagrama4dbd1072e9d6e4b885aff1900ecfed1.png
Accept-Ranges: bytes
Content-Length: 1566
Expires: -1

GET
H/1.1 200
OK homeicon.png
www.westcoastescrow.com/ResourcePackages/Bootstrap/assets/MetroPortal/Shared/images/ 543 B
897 B 155ms
154ms Image
image/png 198.175.44.150
REALOGY-DDC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.westcoastescrow.com/ResourcePackages/Bootstrap/assets/MetroPortal/Shared/images/homeicon.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.175.44.150 , United States, ASN54053 (REALOGY-DDC, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.westcoastescrow.com/wire-fraud?utm_medium=social&utm_source=facebook&utm_campaign=wire_fraud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 01 Nov 2023 15:40:56 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
Last-Modified: Fri, 06 Oct 2023 13:16:27 GMT
ETag: "7ce9275057f8d91:0"
X-Frame-options: SAMEORIGIN
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=2678400
Accept-Ranges: bytes
Content-Length: 543

POST BFXX4RzZi3
api.userway.org/api/tunings/ 0
0

GET
H2 200 js
www.googletagmanager.com/gtag/ 243 KB
84 KB 39ms
38ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-T280NSJM88&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MX5PQPP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.westcoastescrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 15:40:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85767
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 01 Nov 2023 15:40:56 GMT

GET
H2 200 analytics.js
www.google-analytics.com/ 52 KB
21 KB 77ms
21ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MX5PQPP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.westcoastescrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 01 Nov 2023 13:49:42 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6674
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 01 Nov 2023 15:49:42 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
259 B 83ms
28ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-T280NSJM88&gtm=45je3au1v888010844z8863258157&_p=528113934&gcd=11l1l1l1l1&cid=652486893.1698853257&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1698853256&sct=1&seg=0&dl=https%3A%2F%2Fwww.westcoastescrow.com%2Fwire-fraud%3Futm_medium%3Dsocial%26utm_source%3Dfacebook%26utm_campaign%3Dwire_fraud&dt=Preventing%20Wire%20Fraud&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-T280NSJM88&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.westcoastescrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 15:40:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.westcoastescrow.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect
www.google-analytics.com/j/ 4 B
214 B 29ms
28ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=528113934&t=pageview&_s=1&dl=https%3A%2F%2Fwww.westcoastescrow.com%2Fwire-fraud%3Futm_medium%3Dsocial%26utm_source%3Dfacebook%26utm_campaign%3Dwire_fraud&ul=en-us&de=UTF-8&dt=Preventing%20Wire%20Fraud&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=46472226&gjid=2077778152&cid=652486893.1698853257&tid=UA-85499901-13&_gid=127364594.1698853257&_r=1&_slc=1&gtm=45He3au1n81MX5PQPPv863258157&gcd=11l1l1l1l1&z=1466058302

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.westcoastescrow.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 15:40:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.westcoastescrow.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect
stats.g.doubleclick.net/j/ 4 B
354 B 89ms
32ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-85499901-13&cid=652486893.1698853257&jid=46472226&gjid=2077778152&_gid=127364594.1698853257&_u=YADAAEAAAAAAACAAI~&z=1684927802

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.westcoastescrow.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 01 Nov 2023 15:40:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.westcoastescrow.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET ga-audiences
www.google.com/ads/ 0
0

GET ga-audiences
www.google.de/ads/ 0
0

POST collect
region1.google-analytics.com/g/ 0
0

GET
H2 200 css
fonts.googleapis.com/ 4 KB
615 B 33ms
30ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Muli:400,600,700,900&display=swap

Requested by

Host: www.westcoastescrow.com
URL: https://www.westcoastescrow.com/wire-fraud?Region=Los%20Angeles%20County&utm_medium=social&utm_source=facebook&utm_campaign=wire_fraud

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

adde718d63e9399a1f494babb23afa41e7b8e13dbeef1a32123fc98736a78681

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.westcoastescrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 01 Nov 2023 15:40:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 01 Nov 2023 15:40:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 01 Nov 2023 15:40:57 GMT

GET
H/1.1 200
OK bundle
www.westcoastescrow.com/ResourcePackages/Bootstrap/assets/MetroPortal/Shared/css/ 400 KB
401 KB 156ms
154ms Stylesheet
text/css 198.175.44.150
REALOGY-DDC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westcoastescrow.com/ResourcePackages/Bootstrap/assets/MetroPortal/Shared/css/bundle?v=8VlGEywxghTLzJaVSppDDFV6pWPE_Iuj9MhfGFtEVow1

Requested by

Host: www.westcoastescrow.com
URL: https://www.westcoastescrow.com/wire-fraud?Region=Los%20Angeles%20County&utm_medium=social&utm_source=facebook&utm_campaign=wire_fraud

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.175.44.150 , United States, ASN54053 (REALOGY-DDC, US),

Reverse DNS

Software

Resource Hash

82fd59ead7b3ce376a05bf7fa1bf8ac9fda8665181a52b6f769c16c1d344aab4

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.westcoastescrow.com/wire-fraud?Region=Los%20Angeles%20County&utm_medium=social&utm_source=facebook&utm_campaign=wire_fraud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 01 Nov 2023 15:40:56 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
Last-Modified: Wed, 01 Nov 2023 15:40:57 GMT
Vary: User-Agent
X-Frame-options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public
Content-Length: 410020
Expires: Thu, 31 Oct 2024 15:40:57 GMT

GET
H/1.1 200
OK Telerik.Web.UI.WebResource.axd
www.westcoastescrow.com/ 2 KB
2 KB 159ms
157ms Stylesheet
text/css 198.175.44.150
REALOGY-DDC

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.westcoastescrow.com
URL: https://www.westcoastescrow.com/wire-fraud?Region=Los%20Angeles%20County&utm_medium=social&utm_source=facebook&utm_campaign=wire_fraud

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.175.44.150 , United States, ASN54053 (REALOGY-DDC, US),

Reverse DNS

Software

Resource Hash

3ceb845596cd0b2142d50f3144ded925563816a3787579266f81384c6f8cc6cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.westcoastescrow.com/wire-fraud?Region=Los%20Angeles%20County&utm_medium=social&utm_source=facebook&utm_campaign=wire_fraud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 01 Nov 2023 15:40:56 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
Last-Modified: Tue, 17 Jan 2023 00:00:00 GMT
Vary: User-Agent
X-Frame-options: SAMEORIGIN
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Content-Length: 2144
Expires: Thu, 31 Oct 2024 15:40:57 GMT

GET
H/1.1 200
OK WebResource.axd Show response
www.westcoastescrow.com/ 23 KB
23 KB 153ms
152ms Script
application/x-javascript 198.175.44.150
REALOGY-DDC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westcoastescrow.com/WebResource.axd?d=pynGkmcFUV13He1Qd6_TZDLKpyie61fXtvO3mG44yOYwr0wuJCxO2FuCmyrrhRU6QSqPzw2&t=638259218771233176

Requested by

Host: www.westcoastescrow.com
URL: https://www.westcoastescrow.com/wire-fraud?Region=Los%20Angeles%20County&utm_medium=social&utm_source=facebook&utm_campaign=wire_fraud

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.175.44.150 , United States, ASN54053 (REALOGY-DDC, US),

Reverse DNS

Software

Resource Hash

40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.westcoastescrow.com/wire-fraud?Region=Los%20Angeles%20County&utm_medium=social&utm_source=facebook&utm_campaign=wire_fraud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 01 Nov 2023 15:40:56 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
Last-Modified: Wed, 26 Jul 2023 02:44:37 GMT
X-Frame-options: SAMEORIGIN
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public
Content-Length: 23063
Expires: Thu, 31 Oct 2024 08:11:57 GMT

GET
H/1.1 200
OK Telerik.Web.UI.WebResource.axd Show response
www.westcoastescrow.com/ 140 KB
141 KB 165ms
163ms Script
application/x-javascript 198.175.44.150
REALOGY-DDC

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.westcoastescrow.com
URL: https://www.westcoastescrow.com/wire-fraud?Region=Los%20Angeles%20County&utm_medium=social&utm_source=facebook&utm_campaign=wire_fraud

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.175.44.150 , United States, ASN54053 (REALOGY-DDC, US),

Reverse DNS

Software

Resource Hash

f038dc5d3108d5cd4ec3986b594b7eb6157eef50a00a05b0515ed53c16fbc8d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.westcoastescrow.com/wire-fraud?Region=Los%20Angeles%20County&utm_medium=social&utm_source=facebook&utm_campaign=wire_fraud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 01 Nov 2023 15:40:56 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
Last-Modified: Tue, 17 Jan 2023 00:00:00 GMT
Vary: User-Agent
X-Frame-options: SAMEORIGIN
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Content-Length: 143794
Expires: Thu, 31 Oct 2024 15:40:57 GMT

GET
H/1.1 200
OK ajax-loading.gif
www.westcoastescrow.com/ResourcePackages/Bootstrap/assets/MetroPortal/Shared/images/ 4 KB
4 KB 286ms
148ms Image
image/gif 198.175.44.150
REALOGY-DDC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.westcoastescrow.com/ResourcePackages/Bootstrap/assets/MetroPortal/Shared/images/ajax-loading.gif

Requested by

Host: www.westcoastescrow.com
URL: https://www.westcoastescrow.com/wire-fraud?Region=Los%20Angeles%20County&utm_medium=social&utm_source=facebook&utm_campaign=wire_fraud

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.175.44.150 , United States, ASN54053 (REALOGY-DDC, US),

Reverse DNS

Software

Resource Hash

a01f924c1c6e0d3c256ffbb4ab7aad1d58cf271b60acfa383088a9d9ddecafa2

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.westcoastescrow.com/wire-fraud?Region=Los%20Angeles%20County&utm_medium=social&utm_source=facebook&utm_campaign=wire_fraud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 01 Nov 2023 15:40:56 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
Last-Modified: Fri, 06 Oct 2023 13:16:27 GMT
ETag: "42c2205057f8d91:0"
X-Frame-options: SAMEORIGIN
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=2678400
Accept-Ranges: bytes
Content-Length: 3951

GET
H/1.1 200
OK wce2022a.png
www.westcoastescrow.com/images/default-source/default-album/west-coast-escrow/ 4 KB
5 KB 310ms
156ms Image
image/png 198.175.44.150
REALOGY-DDC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.westcoastescrow.com/images/default-source/default-album/west-coast-escrow/wce2022a.png?sfvrsn=401d9c9d_0

Requested by

Host: www.westcoastescrow.com
URL: https://www.westcoastescrow.com/wire-fraud?Region=Los%20Angeles%20County&utm_medium=social&utm_source=facebook&utm_campaign=wire_fraud

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.175.44.150 , United States, ASN54053 (REALOGY-DDC, US),

Reverse DNS

Software

Resource Hash

5ca16ef1dfe956d6aeb1b1ccfd087fec31bc7e0b283ea10ac09f0435831bb7a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.westcoastescrow.com/wire-fraud?Region=Los%20Angeles%20County&utm_medium=social&utm_source=facebook&utm_campaign=wire_fraud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Nov 2023 15:40:56 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Frame-options: SAMEORIGIN
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Content-Disposition: inline; filename=wce2022a.png
Accept-Ranges: bytes
Content-Length: 4348
Expires: -1

GET
H/1.1 200
OK wirefraud2023.jpg
www.westcoastescrow.com/images/default-source/default-album/guardiantitleagency/ 273 KB
274 KB 163ms
158ms Image
image/jpeg 198.175.44.150
REALOGY-DDC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.westcoastescrow.com/images/default-source/default-album/guardiantitleagency/wirefraud2023.jpg?sfvrsn=46c1979d_0

Requested by

Host: www.westcoastescrow.com
URL: https://www.westcoastescrow.com/wire-fraud?Region=Los%20Angeles%20County&utm_medium=social&utm_source=facebook&utm_campaign=wire_fraud

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.175.44.150 , United States, ASN54053 (REALOGY-DDC, US),

Reverse DNS

Software

Resource Hash

bdb11742001e696bcbf59b02fe1aa1b3e2f2549115e363aecbbd9795b215e385

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.westcoastescrow.com/wire-fraud?Region=Los%20Angeles%20County&utm_medium=social&utm_source=facebook&utm_campaign=wire_fraud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Nov 2023 15:40:56 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Frame-options: SAMEORIGIN
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Content-Disposition: inline; filename=wirefraud2023.jpg
Accept-Ranges: bytes
Content-Length: 280012
Expires: -1

GET
H/1.1 200
OK cybermonth.jpg
www.westcoastescrow.com/images/default-source/default-album/guardiantitleagency/ 112 KB
113 KB 278ms
152ms Image
image/jpeg 198.175.44.150
REALOGY-DDC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.westcoastescrow.com/images/default-source/default-album/guardiantitleagency/cybermonth.jpg?sfvrsn=5bc6979d_0

Requested by

Host: www.westcoastescrow.com
URL: https://www.westcoastescrow.com/wire-fraud?Region=Los%20Angeles%20County&utm_medium=social&utm_source=facebook&utm_campaign=wire_fraud

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.175.44.150 , United States, ASN54053 (REALOGY-DDC, US),

Reverse DNS

Software

Resource Hash

c77276e8b330cb0362c41628560c0f67d5d877437b99a78ebc1815a1a79c4bf6

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.westcoastescrow.com/wire-fraud?Region=Los%20Angeles%20County&utm_medium=social&utm_source=facebook&utm_campaign=wire_fraud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Nov 2023 15:40:56 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Frame-options: SAMEORIGIN
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Content-Disposition: inline; filename=cybermonth.jpg
Accept-Ranges: bytes
Content-Length: 114907
Expires: -1

GET
H/1.1 200
OK bundle Show response
www.westcoastescrow.com/ResourcePackages/Bootstrap/assets/MetroPortal/Shared/js/ 563 KB
564 KB 150ms
149ms Script
text/javascript 198.175.44.150
REALOGY-DDC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westcoastescrow.com/ResourcePackages/Bootstrap/assets/MetroPortal/Shared/js/bundle?v=fCuNSK8KsJFlzrZICeVrqqQkcfDjdbuAXn1DbmrmJfA1

Requested by

Host: www.westcoastescrow.com
URL: https://www.westcoastescrow.com/wire-fraud?Region=Los%20Angeles%20County&utm_medium=social&utm_source=facebook&utm_campaign=wire_fraud

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.175.44.150 , United States, ASN54053 (REALOGY-DDC, US),

Reverse DNS

Software

Resource Hash

3b24170f3a7739854b2de765ddc4b5bd1bddf43f4931b861a4fe8ebaefb852f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.westcoastescrow.com/wire-fraud?Region=Los%20Angeles%20County&utm_medium=social&utm_source=facebook&utm_campaign=wire_fraud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 01 Nov 2023 15:40:56 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
Last-Modified: Wed, 01 Nov 2023 15:40:57 GMT
Vary: User-Agent
X-Frame-options: SAMEORIGIN
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public
Content-Length: 576995
Expires: Thu, 31 Oct 2024 15:40:57 GMT

GET
H/1.1 200
OK titlesnap.js Show response
mobile.trgc.com/powersnap/JavaScriptPackage/ 3 KB
2 KB 150ms
150ms Script
application/javascript 20.225.15.113
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://mobile.trgc.com/powersnap/JavaScriptPackage/titlesnap.js?v=e78ec818-bfee-459c-acc0-f164c97ac045

Requested by

Host: www.westcoastescrow.com
URL: https://www.westcoastescrow.com/wire-fraud?Region=Los%20Angeles%20County&utm_medium=social&utm_source=facebook&utm_campaign=wire_fraud

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

20.225.15.113 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

4622804f93244b64a3104b14a59a09f33411e50ccf85cfffa729a4864b85d633

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.westcoastescrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 01 Nov 2023 15:40:56 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2592000
Last-Modified: Fri, 13 Oct 2023 03:08:57 GMT
Server: Microsoft-IIS/10.0
ETag: "1d9fd829adea091"
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Request-Context: appId=cid-v1:3b10ded6-1a26-46cf-a85c-6786ca5cfece

GET
H2 200 widget.js Show response
cdn.userway.org/ 2 KB
2 KB 20ms
20ms Script
application/javascript 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widget.js
Requested by: Host: www.westcoastescrow.com
URL: https://www.westcoastescrow.com/wire-fraud?Region=Los%20Angeles%20County&utm_medium=social&utm_source=facebook&utm_campaign=wire_fraud
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: b452b6054c204404bb37c1eefeadca3491747bb8691e7aff05683ce5bdffaa5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.westcoastescrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 01 Nov 2023 15:40:57 GMT
via: 1.1 d63ea68c8b7458d49fe25f66ef7f0a5e.cloudfront.net (CloudFront)
content-encoding: gzip
x-age-lb: 1724
x-amz-cf-pop: FRA60-P3
age: 123
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-accel-date: 1698851533
x-77-nzt: ApySIYg3Nzf/vAYAANRmOJw3NzfR
x-accel-expires: @1698855133
x-77-age: 1724
x-cache-lb: HIT
last-modified: Fri, 27 Oct 2023 14:48:14 GMT
server: CDN77-Turbo
etag: W/"f838acf852e46c1ddeb80db6be8f9222"
x-77-nzt-ray: f6587a1d4da0628b89714265627abe11
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=3600, public
content-type: application/javascript
x-amz-cf-id: ISAyPuOFdwUuZGxEHo5W3j-GceJYWKgVZjUJ2yQ1-J7d7tYgnh1tFA==

GET
H/1.1 200
OK search-icon.png
www.westcoastescrow.com/ResourcePackages/Bootstrap/assets/MetroPortal/Shared/images/ 4 KB
4 KB 154ms
153ms Image
image/png 198.175.44.150
REALOGY-DDC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.westcoastescrow.com/ResourcePackages/Bootstrap/assets/MetroPortal/Shared/images/search-icon.png

Requested by

Host: www.westcoastescrow.com
URL: https://www.westcoastescrow.com/ResourcePackages/Bootstrap/assets/MetroPortal/Shared/css/bundle?v=8VlGEywxghTLzJaVSppDDFV6pWPE_Iuj9MhfGFtEVow1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.175.44.150 , United States, ASN54053 (REALOGY-DDC, US),

Reverse DNS

Software

Resource Hash

39e5db5ae09cb26c27012faa8dfda0b2b71831cc38b749ed25cdd4f1dda3352c

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.westcoastescrow.com/ResourcePackages/Bootstrap/assets/MetroPortal/Shared/css/bundle?v=8VlGEywxghTLzJaVSppDDFV6pWPE_Iuj9MhfGFtEVow1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 01 Nov 2023 15:40:57 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
Last-Modified: Fri, 06 Oct 2023 13:16:27 GMT
ETag: "74ae2c5057f8d91:0"
X-Frame-options: SAMEORIGIN
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=2678400
Accept-Ranges: bytes
Content-Length: 3723

GET
H2 200 7Auwp_0qiz-afTLGLQ.woff2
fonts.gstatic.com/s/muli/v29/ 32 KB
32 KB 21ms
20ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/muli/v29/7Auwp_0qiz-afTLGLQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli:400,600,700,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f68d37d474952b1fbe30def1b69e63e79c46a70263433285783b69ac0107b929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.westcoastescrow.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 18:35:15 GMT
x-content-type-options: nosniff
age: 507942
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32796
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:41:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Oct 2024 18:35:15 GMT

GET
H2 200 widget_app_base_1698417958350.js Show response
cdn.userway.org/widgetapp/2023-10-27-14-45-58/ 135 KB
40 KB 24ms
24ms Script
application/javascript 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2023-10-27-14-45-58/widget_app_base_1698417958350.js
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 60069686a475f49fb896a179b9c08da46081803b26ed3676bf0b9e5daf80a3c9

Request headers

Referer: https://www.westcoastescrow.com/
Origin: https://www.westcoastescrow.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 01 Nov 2023 15:40:58 GMT
via: 1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
content-encoding: gzip
x-age-lb: 434966
x-amz-cf-pop: FRA60-P3
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-accel-date: 1698418292
x-77-nzt: ApySIYg3Nzf/FqMGANRmOJw3Nzf/dwAAAA
x-accel-expires: @1724338173
x-77-age: 435085
x-cache-lb: HIT
last-modified: Fri, 27 Oct 2023 14:48:08 GMT
server: CDN77-Turbo
etag: W/"290bc5ab4df6122b860aadf459246740"
x-77-nzt-ray: f6587a1d699ee2b48a714265b98fe10c
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: application/javascript
x-amz-cf-id: jM5j8T3KkD5LaunhbuhLMaRUGZvkHai63mVTeonvCNwSCJRIsNDtXA==

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 197 KB
71 KB 31ms
30ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MX5PQPP

Requested by

Host: www.westcoastescrow.com
URL: https://www.westcoastescrow.com/ResourcePackages/Bootstrap/assets/MetroPortal/Shared/js/bundle?v=fCuNSK8KsJFlzrZICeVrqqQkcfDjdbuAXn1DbmrmJfA1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

166fb4f34cf23d8e2c43c81039696b81fd4a6055bf44bfbcb7effa3c5a11a17e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.westcoastescrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 15:40:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72264
x-xss-protection: 0
last-modified: Wed, 01 Nov 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 01 Nov 2023 15:40:58 GMT

GET
H/1.1 200
OK facebook.png
www.westcoastescrow.com/images/default-source/default-album/Social-Media/ 1 KB
2 KB 155ms
154ms Image
image/png 198.175.44.150
REALOGY-DDC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.westcoastescrow.com/images/default-source/default-album/Social-Media/facebook.png?sfvrsn=a6efdd9d_2

Requested by

Host: www.westcoastescrow.com
URL: https://www.westcoastescrow.com/wire-fraud?Region=Los%20Angeles%20County&utm_medium=social&utm_source=facebook&utm_campaign=wire_fraud

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.175.44.150 , United States, ASN54053 (REALOGY-DDC, US),

Reverse DNS

Software

Resource Hash

ee0e57a6e32f0c44b36fb16e86333aa0c4472322985fb46ed84b38d148f5d508

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.westcoastescrow.com/wire-fraud?Region=Los%20Angeles%20County&utm_medium=social&utm_source=facebook&utm_campaign=wire_fraud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Nov 2023 15:40:58 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Frame-options: SAMEORIGIN
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Content-Disposition: inline; filename=facebook.png
Accept-Ranges: bytes
Content-Length: 1505
Expires: -1

GET
H/1.1 200
OK linkedin.png
www.westcoastescrow.com/images/default-source/default-album/Social-Media/ 2 KB
2 KB 153ms
152ms Image
image/png 198.175.44.150
REALOGY-DDC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.westcoastescrow.com/images/default-source/default-album/Social-Media/linkedin.png?sfvrsn=9decdd9d_0

Requested by

Host: www.westcoastescrow.com
URL: https://www.westcoastescrow.com/wire-fraud?Region=Los%20Angeles%20County&utm_medium=social&utm_source=facebook&utm_campaign=wire_fraud

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.175.44.150 , United States, ASN54053 (REALOGY-DDC, US),

Reverse DNS

Software

Resource Hash

3c7e98fc9f0e620a11dd08662b2230ab1674d6a5008cb428ce954c2df85ea864

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.westcoastescrow.com/wire-fraud?Region=Los%20Angeles%20County&utm_medium=social&utm_source=facebook&utm_campaign=wire_fraud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Nov 2023 15:40:58 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Frame-options: SAMEORIGIN
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Content-Disposition: inline; filename=linkedin.png
Accept-Ranges: bytes
Content-Length: 1583
Expires: -1

GET
H/1.1 200
OK instagrama4dbd1072e9d6e4b885aff1900ecfed1.png
www.westcoastescrow.com/images/default-source/default-album/ 2 KB
2 KB 162ms
161ms Image
image/png 198.175.44.150
REALOGY-DDC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.westcoastescrow.com/images/default-source/default-album/instagrama4dbd1072e9d6e4b885aff1900ecfed1.png?sfvrsn=4c46bf9d_0

Requested by

Host: www.westcoastescrow.com
URL: https://www.westcoastescrow.com/wire-fraud?Region=Los%20Angeles%20County&utm_medium=social&utm_source=facebook&utm_campaign=wire_fraud

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.175.44.150 , United States, ASN54053 (REALOGY-DDC, US),

Reverse DNS

Software

Resource Hash

ac33332869f74d1ea91e771b5d777b87801bf40920ac23ef928e8acb765dfdf6

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.westcoastescrow.com/wire-fraud?Region=Los%20Angeles%20County&utm_medium=social&utm_source=facebook&utm_campaign=wire_fraud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Nov 2023 15:40:57 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Frame-options: SAMEORIGIN
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Content-Disposition: inline; filename=instagrama4dbd1072e9d6e4b885aff1900ecfed1.png
Accept-Ranges: bytes
Content-Length: 1566
Expires: -1

GET
H/1.1 200
OK homeicon.png
www.westcoastescrow.com/ResourcePackages/Bootstrap/assets/MetroPortal/Shared/images/ 543 B
897 B 158ms
157ms Image
image/png 198.175.44.150
REALOGY-DDC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.westcoastescrow.com/ResourcePackages/Bootstrap/assets/MetroPortal/Shared/images/homeicon.png

Requested by

Host: www.westcoastescrow.com
URL: https://www.westcoastescrow.com/wire-fraud?Region=Los%20Angeles%20County&utm_medium=social&utm_source=facebook&utm_campaign=wire_fraud

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.175.44.150 , United States, ASN54053 (REALOGY-DDC, US),

Reverse DNS

Software

Resource Hash

ceced164b61d897c532c97ce43404b8176efed1543fdc9c6f413f04b4fd09df0

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.westcoastescrow.com/wire-fraud?Region=Los%20Angeles%20County&utm_medium=social&utm_source=facebook&utm_campaign=wire_fraud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 01 Nov 2023 15:40:58 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
Last-Modified: Fri, 06 Oct 2023 13:16:27 GMT
ETag: "7ce9275057f8d91:0"
X-Frame-options: SAMEORIGIN
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=2678400
Accept-Ranges: bytes
Content-Length: 543

POST
H2 200 BFXX4RzZi3 Show response
api.userway.org/api/tunings/ 508 B
893 B 179ms
178ms XHR
application/json 2600:1f14:5db:eb11:9a56:ad25:21d5:260a
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/tunings/BFXX4RzZi3
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2023-10-27-14-45-58/widget_app_base_1698417958350.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f14:5db:eb11:9a56:ad25:21d5:260a Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 327752bc52d050bf9f5d8ea4930bbb18c6ffad1513cf45960ca0274ff7219547

Request headers

Referer: https://www.westcoastescrow.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 01 Nov 2023 15:40:58 GMT
etag: W/"1fc-Gdl2T0kYA7fBGKCSiaW0luwtZtA"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-service-request-id: usr053c43a732ae416
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: *
content-length: 508
x-service-version: uw-pr

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 243 KB
84 KB 39ms
38ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-T280NSJM88&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MX5PQPP

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b3c59103379acf69e68907692fa282acb9ec010734c79fa2c811c93bd428e5ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.westcoastescrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 15:40:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85767
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 01 Nov 2023 15:40:58 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MX5PQPP

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.westcoastescrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 01 Nov 2023 13:49:42 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6676
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 01 Nov 2023 15:49:42 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 3 B
23 B 28ms
28ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1147591429&t=pageview&_s=1&dl=https%3A%2F%2Fwww.westcoastescrow.com%2Fwire-fraud%3FRegion%3DLos%2520Angeles%2520County%26utm_medium%3Dsocial%26utm_source%3Dfacebook%26utm_campaign%3Dwire_fraud&ul=en-us&de=UTF-8&dt=Preventing%20Wire%20Fraud&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=QACAAEABAAAAACAAI~&jid=&gjid=&cid=652486893.1698853257&tid=UA-85499901-13&_gid=127364594.1698853257&_slc=1&gtm=45He3au1n81MX5PQPPv863258157&gcd=11l1l1l1l1&z=2017347571

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.westcoastescrow.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 15:40:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.westcoastescrow.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 28ms
27ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-T280NSJM88&gtm=45je3au1v888010844z8863258157&_p=1147591429&gcd=11l1l1l1l1&cid=652486893.1698853257&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1698853256&sct=1&seg=1&dl=https%3A%2F%2Fwww.westcoastescrow.com%2Fwire-fraud%3FRegion%3DLos%2520Angeles%2520County%26utm_medium%3Dsocial%26utm_source%3Dfacebook%26utm_campaign%3Dwire_fraud&dr=https%3A%2F%2Fwww.westcoastescrow.com%2Fwire-fraud%3Futm_medium%3Dsocial%26utm_source%3Dfacebook%26utm_campaign%3Dwire_fraud&dt=Preventing%20Wire%20Fraud&en=page_view
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-T280NSJM88&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.westcoastescrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 15:40:58 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.westcoastescrow.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 en-US.json Show response
cdn.userway.org/widgetapp/2023-10-27-14-45-58/locales/ 500 B
961 B 25ms
25ms XHR
application/json 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2023-10-27-14-45-58/locales/en-US.json
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2023-10-27-14-45-58/widget_app_base_1698417958350.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 588e561c1b630cc0c94b479e3a0479c7557e4d6991a1bacb5b2acd7f32906f56

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.westcoastescrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 01 Nov 2023 15:40:58 GMT
via: 1.1 0c792defeeaa18965559ad74895ea56a.cloudfront.net (CloudFront)
content-encoding: gzip
x-age-lb: 434966
x-amz-cf-pop: FRA60-P3
age: 25
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-accel-date: 1698418292
x-77-nzt: ApySIYg3Nzf/FqMGANRmOJw3Nzf/WgAAAA
x-accel-expires: @1724338202
x-77-age: 435056
x-cache-lb: HIT
last-modified: Fri, 27 Oct 2023 14:48:08 GMT
server: CDN77-Turbo
etag: W/"6c501e56c0883817da65e6df9f4417ee"
x-77-nzt-ray: f6587a1d699ee2b48a714265de4a491a
access-control-max-age: 3000
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: application/json
x-amz-cf-id: Bklh99sss1qBAJOI2bsIwQ7Pd7Jn-yMk_WhhzYFxJ6grJ1b08d3VKQ==

GET
H2 200 remediation-tool-free.js Show response
cdn.userway.org/remediation/free/ 24 KB
10 KB 22ms
22ms Script
application/javascript 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/remediation/free/remediation-tool-free.js?ts=1698417958350
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2023-10-27-14-45-58/widget_app_base_1698417958350.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 21899b7e56ddedfb9912a82c4c90777c26b0d317c376906c83ed4587b79a75b7

Request headers

Referer: https://www.westcoastescrow.com/
Origin: https://www.westcoastescrow.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 01 Nov 2023 15:40:58 GMT
via: 1.1 319f376925908156190f5fc160137b42.cloudfront.net (CloudFront)
content-encoding: gzip
x-age-lb: 434962
x-amz-cf-pop: FRA60-P3
age: 3
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-accel-date: 1698418296
x-77-nzt: ApySIYg3Nzf/EqMGANRmOAk3Nzf/eQAAAA
x-accel-expires: @1724338175
x-77-age: 435083
x-cache-lb: HIT
last-modified: Fri, 27 Oct 2023 14:48:13 GMT
server: CDN77-Turbo
etag: W/"c1e623cfd72c97e87b52746265700b42"
x-77-nzt-ray: f6587a1d699ee2b48a7142655bf7d937
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: application/javascript
x-amz-cf-id: dvvGhBpgRivjQ6vQ37YGpuOqVvOiVm58OTcF9zlZnyk0R8z7feuLCA==

GET
H2 200 body_wh.svg
cdn.userway.org/widgetapp/images/ 931 B
1 KB 20ms
20ms Image
image/svg+xml 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.userway.org/widgetapp/images/body_wh.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 986a5e9be63017ce84536f6792ea984e6251a15af61d5cc20ff4f8b1737c80ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.westcoastescrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 01 Nov 2023 15:40:58 GMT
via: 1.1 5b9a6276a0cfe21df57da85d975de2dc.cloudfront.net (CloudFront)
content-encoding: gzip
x-age-lb: 12034443
x-amz-cf-pop: DUS51-P1
age: 260
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-accel-date: 1686818815
x-77-nzt: AZySIYg3Nzf/i6G3AA
x-accel-expires: @1712738815
x-77-age: 12034443
x-cache-lb: HIT
last-modified: Fri, 13 Jan 2023 11:00:14 GMT
server: CDN77-Turbo
etag: W/"2ec2767a3bb93656fb9b75c893d7be75"
x-77-nzt-ray: f6587a1d4da0628b8a7142655fbebc38
access-control-max-age: 3000
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: image/svg+xml
x-amz-cf-id: Q_qq-aornxmlKWa53pZ-FDmmHstWL1zFeSN9QLitA0u0FvwFCV6Uzg==

GET
H2 200 spin_wh.svg
cdn.userway.org/widgetapp/images/ 2 KB
1 KB 21ms
21ms Image
image/svg+xml 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.userway.org/widgetapp/images/spin_wh.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.westcoastescrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 01 Nov 2023 15:40:58 GMT
via: 1.1 6ee47dd27ca379a812104b559e9a5a22.cloudfront.net (CloudFront)
content-encoding: gzip
x-age-lb: 12034443
x-amz-cf-pop: DUS51-P1
age: 260
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-accel-date: 1686818815
x-77-nzt: AZySIYg3Nzf/i6G3AA
x-accel-expires: @1712738815
x-77-age: 12034443
x-cache-lb: HIT
last-modified: Fri, 13 Jan 2023 11:00:14 GMT
server: CDN77-Turbo
etag: W/"8e0a35946bf39d10f46a1f1653366a0a"
x-77-nzt-ray: f6587a1d4da0628b8a7142650026c738
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: image/svg+xml
x-amz-cf-id: Nfkl6yag52yMJfbsnFD2wFGwvgvGHp9S8ODvhRfCid2Yo_3CLIfAEA==

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 29ms
27ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-T280NSJM88&gtm=45je3au1v888010844&_p=1147591429&gcd=11l1l1l1l1&cid=652486893.1698853257&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1698853256&sct=1&seg=1&dl=https%3A%2F%2Fwww.westcoastescrow.com%2Fwire-fraud%3FRegion%3DLos%2520Angeles%2520County%26utm_medium%3Dsocial%26utm_source%3Dfacebook%26utm_campaign%3Dwire_fraud&dr=https%3A%2F%2Fwww.westcoastescrow.com%2Fwire-fraud%3Futm_medium%3Dsocial%26utm_source%3Dfacebook%26utm_campaign%3Dwire_fraud&dt=Preventing%20Wire%20Fraud&en=scroll&epn.percent_scrolled=90&_et=10
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-T280NSJM88&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.westcoastescrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 15:41:03 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.westcoastescrow.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.userway.org
URL: https://api.userway.org/api/tunings/BFXX4RzZi3

Domain: www.google.com
URL: https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-85499901-13&cid=652486893.1698853257&jid=46472226&_u=YADAAEAAAAAAACAAI~&z=1979446996

Domain: www.google.de
URL: https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-85499901-13&cid=652486893.1698853257&jid=46472226&_u=YADAAEAAAAAAACAAI~&z=1979446996

Domain: region1.google-analytics.com
URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-T280NSJM88&gtm=45je3au1v888010844&_p=528113934&gcd=11l1l1l1l1&cid=652486893.1698853257&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1698853256&sct=1&seg=0&dl=https%3A%2F%2Fwww.westcoastescrow.com%2Fwire-fraud%3Futm_medium%3Dsocial%26utm_source%3Dfacebook%26utm_campaign%3Dwire_fraud&dt=Preventing%20Wire%20Fraud&en=scroll&epn.percent_scrolled=90&_et=10

Verdicts & Comments Add Verdict or Comment

305 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.westcoastescrow.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: 430a004bvwjnugxp1gu0vxwc
www.westcoastescrow.com/	1969-12-31 23:59:59	Name: TS01583d2c Value: 01c4ef74675e1692cc315c69214706bc40ccf78dfa8855824b854793fd7b6fbafc00b8a59ff3b5f56458a0b29dc2ac61d7de7697f0ad0cbd7620bdda9d8db052f12faa0938b21d980b0276d07333fa55ed07186ecc
.westcoastescrow.com/	1970-01-20 15:55:39	Name: _gid Value: GA1.2.127364594.1698853257
.westcoastescrow.com/	1970-01-20 15:54:13	Name: _gat_UA-85499901-13 Value: 1
.westcoastescrow.com/	1970-01-21 01:30:13	Name: _ga Value: GA1.1.652486893.1698853257
.westcoastescrow.com/	1970-01-21 01:30:13	Name: _ga_T280NSJM88 Value: GS1.1.1698853256.1.1.1698853258.0.0.0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.userway.org
cdn.userway.org
fonts.googleapis.com
fonts.gstatic.com
mobile.trgc.com
ow.ly
region1.google-analytics.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.westcoastescrow.com
api.userway.org
region1.google-analytics.com
www.google.com
www.google.de
198.175.44.150
20.225.15.113
2001:4860:4802:34::36
2600:1f14:5db:eb11:9a56:ad25:21d5:260a
2a00:1450:4001:801::2003
2a00:1450:4001:802::200a
2a00:1450:4001:82b::2008
2a00:1450:4001:830::200e
2a00:1450:400c:c00::9a
2a02:6ea0:c700::17
44.208.145.194
166fb4f34cf23d8e2c43c81039696b81fd4a6055bf44bfbcb7effa3c5a11a17e
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
21899b7e56ddedfb9912a82c4c90777c26b0d317c376906c83ed4587b79a75b7
27836a9fbc65458b432c410844c112b77e88346e443a750790560b6e260ef2be
327752bc52d050bf9f5d8ea4930bbb18c6ffad1513cf45960ca0274ff7219547
39e5db5ae09cb26c27012faa8dfda0b2b71831cc38b749ed25cdd4f1dda3352c
3b24170f3a7739854b2de765ddc4b5bd1bddf43f4931b861a4fe8ebaefb852f5
3c7e98fc9f0e620a11dd08662b2230ab1674d6a5008cb428ce954c2df85ea864
3ceb845596cd0b2142d50f3144ded925563816a3787579266f81384c6f8cc6cf
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
4622804f93244b64a3104b14a59a09f33411e50ccf85cfffa729a4864b85d633
588e561c1b630cc0c94b479e3a0479c7557e4d6991a1bacb5b2acd7f32906f56
5ca16ef1dfe956d6aeb1b1ccfd087fec31bc7e0b283ea10ac09f0435831bb7a3
60069686a475f49fb896a179b9c08da46081803b26ed3676bf0b9e5daf80a3c9
82fd59ead7b3ce376a05bf7fa1bf8ac9fda8665181a52b6f769c16c1d344aab4
832cb7057a7d8a8ac4e45626e4d23ec8132342db22325a4e1346e765926ce2e2
986a5e9be63017ce84536f6792ea984e6251a15af61d5cc20ff4f8b1737c80ad
a01f924c1c6e0d3c256ffbb4ab7aad1d58cf271b60acfa383088a9d9ddecafa2
ac33332869f74d1ea91e771b5d777b87801bf40920ac23ef928e8acb765dfdf6
adde718d63e9399a1f494babb23afa41e7b8e13dbeef1a32123fc98736a78681
b3c59103379acf69e68907692fa282acb9ec010734c79fa2c811c93bd428e5ea
b452b6054c204404bb37c1eefeadca3491747bb8691e7aff05683ce5bdffaa5e
bdb11742001e696bcbf59b02fe1aa1b3e2f2549115e363aecbbd9795b215e385
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c
c77276e8b330cb0362c41628560c0f67d5d877437b99a78ebc1815a1a79c4bf6
ceced164b61d897c532c97ce43404b8176efed1543fdc9c6f413f04b4fd09df0
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee0e57a6e32f0c44b36fb16e86333aa0c4472322985fb46ed84b38d148f5d508
f038dc5d3108d5cd4ec3986b594b7eb6157eef50a00a05b0515ed53c16fbc8d2
f68d37d474952b1fbe30def1b69e63e79c46a70263433285783b69ac0107b929

www.westcoastescrow.com Open in urlscan Pro 198.175.44.150 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

62 Requests

94 %HTTPS

73 %IPv6

11 Domains

13 Subdomains

11 IPs

3 Countries

3687 kBTransfer

4760 kBSize

6 Cookies

6 Outgoing links

Page URL History

Redirected requests

62 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.westcoastescrow.com Open in urlscan Pro
198.175.44.150 Public Scan

Screenshot
Live screenshot

Full Image

62
Requests

94 %
HTTPS

73 %
IPv6

11
Domains

13
Subdomains

11
IPs

3
Countries

3687 kB
Transfer

4760 kB
Size

6
Cookies

62 HTTP transactions
0 data transactions