www.bagborroworsteal.com Open in urlscan Pro
162.242.193.40 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.bagborroworsteal.com//signinInput
Effective URL:
https://www.bagborroworsteal.com//signinInput
Submission: On October 04 via api (October 4th 2024, 1:58:18 am UTC) from US — Scanned from DE

Summary HTTP 130 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 66 IPs in 9 countries across 48 domains to perform 130 HTTP transactions. The main IP is 162.242.193.40, located in United States and belongs to RACKSPACE, US. The main domain is www.bagborroworsteal.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on May 28th 2024. Valid for: a year.

This is the only time www.bagborroworsteal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	162.242.193.40 162.242.193.40	27357 (RACKSPACE) (RACKSPACE)
1	2a02:2638:3::e 2a02:2638:3::e	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
11	93.184.220.121 93.184.220.121	15133 (EDGECAST) (EDGECAST)
2	52.222.236.121 52.222.236.121	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
3	68.70.204.1 68.70.204.1	44239 (PROINITY ...) (PROINITY PROINITY)
2	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
2	2600:9000:225... 2600:9000:225e:e800:7:e9e7:15c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:214... 2600:9000:214f:7800:f:8ce2:fb80:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2620:1ec:bdf::64 2620:1ec:bdf::64	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	18.66.130.11 18.66.130.11	16509 (AMAZON-02) (AMAZON-02)
1	13.35.58.65 13.35.58.65	16509 (AMAZON-02) (AMAZON-02)
6	2620:1ec:33:1... 2620:1ec:33:1::10	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:235... 2600:9000:2359:c000:0:43cc:80:93a1	16509 (AMAZON-02) (AMAZON-02)
6	18.66.112.91 18.66.112.91	16509 (AMAZON-02) (AMAZON-02)
1	52.23.10.46 52.23.10.46	14618 (AMAZON-AES) (AMAZON-AES)
1 2	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	74.119.117.16 74.119.117.16	19750 (AS-CRITEO) (AS-CRITEO)
13	91.235.133.113 91.235.133.113	30286 (THM) (THM)
1	18.184.118.166 18.184.118.166	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c04::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
10	52.214.111.170 52.214.111.170	16509 (AMAZON-02) (AMAZON-02)
5	104.18.41.49 104.18.41.49	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	4.227.249.197 4.227.249.197	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
1	35.214.136.108 35.214.136.108	15169 (GOOGLE) (GOOGLE)
2 3	37.252.172.123 37.252.172.123	29990 (ASN-APPNEX) (ASN-APPNEX)
1	81.17.55.173 81.17.55.173	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	185.255.84.153 185.255.84.153	200271 (IGUANE-) (IGUANE-)
1 2	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	52.31.23.243 52.31.23.243	16509 (AMAZON-02) (AMAZON-02)
1	141.95.33.120 141.95.33.120	16276 (OVH) (OVH)
1	108.128.221.62 108.128.221.62	16509 (AMAZON-02) (AMAZON-02)
1	34.117.157.22 34.117.157.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	184.30.20.22 184.30.20.22	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.195.28.232 18.195.28.232	16509 (AMAZON-02) (AMAZON-02)
1	52.16.180.166 52.16.180.166	16509 (AMAZON-02) (AMAZON-02)
1	64.202.112.159 64.202.112.159	23352 (SERVERCEN...) (SERVERCENTRAL)
1	185.64.191.210 185.64.191.210	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	18.197.30.174 18.197.30.174	16509 (AMAZON-02) (AMAZON-02)
1	2.16.97.41 2.16.97.41	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:1f18:612... 2600:1f18:612b:4264:e09b:c511:883e:bd24	14618 (AMAZON-AES) (AMAZON-AES)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1	85.215.5.31 85.215.5.31	6786 (CRONON-BE...) (CRONON-BERLIN-AS)
1	184.30.17.243 184.30.17.243	16625 (AKAMAI-AS) (AKAMAI-AS)
1	54.194.167.115 54.194.167.115	16509 (AMAZON-02) (AMAZON-02)
1	52.58.204.45 52.58.204.45	16509 (AMAZON-02) (AMAZON-02)
2 3	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
1	172.64.146.207 172.64.146.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	91.235.132.130 91.235.132.130	30286 (THM) (THM)
1	2620:f3:0:14:... 2620:f3:0:14:b401:8ee8:4321:ad82	30286 (THM) (THM)
1	91.235.134.131 91.235.134.131	30286 (THM) (THM)
3	2a00:1450:400... 2a00:1450:4001:82f::201b	15169 (GOOGLE) (GOOGLE)
130	66

3 162.242.193.40 (United States)

ASN27357 (RACKSPACE, US)

www.bagborroworsteal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::e (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dynamic.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 93.184.220.121 (London, United Kingdom)

ASN15133 (EDGECAST, US)

assets.bagborroworsteal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.236.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-121.fra56.r.cloudfront.net

cdn-scripts.signifyd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 68.70.204.1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

seal-alaskaoregonwesternwashington.bbb.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
seal-blue.bbb.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:225e:e800:7:e9e7:15c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

sec.webeyez.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:7800:f:8ce2:fb80:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.dwin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::64 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.130.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-130-11.fra60.r.cloudfront.net

cdn.listrakbi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.58.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-58-65.fra60.r.cloudfront.net

cdn.scarabresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:1ec:33:1::10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2359:c000:0:43cc:80:93a1 (United States)

ASN16509 (AMAZON-02, US)

iprecon.iglobalstores.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.66.112.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-91.fra56.r.cloudfront.net

d1vyngmisxigjx.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.23.10.46 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-23-10-46.compute-1.amazonaws.com

checkout.iglobalstores.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.9 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.117.16 (United States)

ASN19750 (AS-CRITEO, US)

widget.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 91.235.133.113 (United States)

ASN30286 (THM, US)

imgs.signifyd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.184.118.166 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-118-166.eu-central-1.compute.amazonaws.com

recommender.scarabresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 52.214.111.170 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-111-170.eu-west-1.compute.amazonaws.com

send.webeyez.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.18.41.49 (None, )

ASN13335 (CLOUDFLARENET, US)

s1.listrakbi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bl.listrakbi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
at1.listrakbi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 4.227.249.197 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

u.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.136.108 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 108.136.214.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.172.123 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 81.17.55.173 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.153 (France)

ASN200271 (IGUANE-, FR)

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.36.155 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.31.23.243 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-23-243.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.33.120 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203256.ip-141-95-33.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.128.221.62 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-221-62.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com

matching.ivitrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.20.22 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-22.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.28.232 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-28-232.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.16.180.166 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-180-166.eu-west-1.compute.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.159 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.197.30.174 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-30-174.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.97.41 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-97-41.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4264:e09b:c511:883e:bd24 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.215.5.31 (Germany)

ASN6786 (CRONON-BERLIN-AS, DE)

a.twiago.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.17.243 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-17-243.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.194.167.115 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-167-115.eu-west-1.compute.amazonaws.com

sync-criteo.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.58.204.45 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-204-45.eu-central-1.compute.amazonaws.com

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.228.174.117 (United Kingdom) 2 redirects

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.146.207 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

bl.listrakbi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.235.132.130 (United States)

ASN30286 (THM, US)
PTR: h.online-metrix.net

h.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:f3:0:14:b401:8ee8:4321:ad82 (United States)

ASN30286 (THM, US)

h64.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.235.134.131 (United States)

ASN30286 (THM, US)

w2txo5aa6buwvntnnzsu3imknluhqrwstmon2d6odf6d618dffe2a34eam1.e.aa.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::201b (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	signifyd.com cdn-scripts.signifyd.com — Cisco Umbrella Rank: 9018 imgs.signifyd.com — Cisco Umbrella Rank: 7626	77 KB
14	bagborroworsteal.com www.bagborroworsteal.com assets.bagborroworsteal.com	306 KB
12	webeyez.com sec.webeyez.com — Cisco Umbrella Rank: 63822 send.webeyez.com — Cisco Umbrella Rank: 59986	167 KB
8	listrakbi.com cdn.listrakbi.com — Cisco Umbrella Rank: 12007 s1.listrakbi.com — Cisco Umbrella Rank: 12980 bl.listrakbi.com — Cisco Umbrella Rank: 16098 at1.listrakbi.com — Cisco Umbrella Rank: 13398	40 KB
6	cloudfront.net d1vyngmisxigjx.cloudfront.net	20 KB
6	bing.com bat.bing.com — Cisco Umbrella Rank: 348	32 KB
6	criteo.com 2 redirects dynamic.criteo.com — Cisco Umbrella Rank: 3850 gum.criteo.com — Cisco Umbrella Rank: 461 sslwidget.criteo.com — Cisco Umbrella Rank: 2477 widget.us.criteo.com — Cisco Umbrella Rank: 23496 dis.criteo.com — Cisco Umbrella Rank: 650	28 KB
5	clarity.ms www.clarity.ms — Cisco Umbrella Rank: 634 u.clarity.ms — Cisco Umbrella Rank: 8722	28 KB
5	google.com www.google.com — Cisco Umbrella Rank: 3 region1.analytics.google.com — Cisco Umbrella Rank: 4401	1 KB
4	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 42 stats.g.doubleclick.net — Cisco Umbrella Rank: 136 cm.g.doubleclick.net — Cisco Umbrella Rank: 283	1 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30 storage.googleapis.com — Cisco Umbrella Rank: 356	939 B
3	online-metrix.net h.online-metrix.net — Cisco Umbrella Rank: 3168 h64.online-metrix.net — Cisco Umbrella Rank: 2424 w2txo5aa6buwvntnnzsu3imknluhqrwstmon2d6odf6d618dffe2a34eam1.e.aa.online-metrix.net	837 B
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 267	3 KB
3	bbb.org seal-alaskaoregonwesternwashington.bbb.org — Cisco Umbrella Rank: 176137 seal-blue.bbb.org — Cisco Umbrella Rank: 44180	4 KB
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 503	739 B
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 243	1 KB
2	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 1988	1 KB
2	iglobalstores.com iprecon.iglobalstores.com — Cisco Umbrella Rank: 358865 checkout.iglobalstores.com	12 KB
2	scarabresearch.com cdn.scarabresearch.com — Cisco Umbrella Rank: 14856 recommender.scarabresearch.com — Cisco Umbrella Rank: 11019	23 KB
2	gstatic.com fonts.gstatic.com www.gstatic.com	236 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 34	22 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 89	23 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	184 KB
1	unrulymedia.com sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1136	378 B
1	emxdgt.com e1.emxdgt.com — Cisco Umbrella Rank: 2090	44 B
1	yieldmo.com sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 3351	38 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 6600	235 B
1	twiago.com a.twiago.com — Cisco Umbrella Rank: 64667	153 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 415	140 B
1	tremorhub.com criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2920	400 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 3027	163 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 521	58 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 413	239 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 905	225 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 881	218 B
1	postrelease.com jadserve.postrelease.com — Cisco Umbrella Rank: 969	422 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1695	882 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 658	817 B
1	ivitrack.com matching.ivitrack.com — Cisco Umbrella Rank: 14280	265 B
1	360yield.com ad.360yield.com — Cisco Umbrella Rank: 734	199 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 522	1 KB
1	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 806	342 B
1	taboola.com sync-t1.taboola.com — Cisco Umbrella Rank: 1888	99 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 739	163 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 399	183 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	273 B
1	google.de www.google.de — Cisco Umbrella Rank: 11271	63 B
1	dwin1.com www.dwin1.com — Cisco Umbrella Rank: 5469	13 KB
130	48

	Domain	Requested by
13	imgs.signifyd.com	cdn-scripts.signifyd.com imgs.signifyd.com
11	assets.bagborroworsteal.com	www.bagborroworsteal.com
10	send.webeyez.com	sec.webeyez.com
6	d1vyngmisxigjx.cloudfront.net	www.bagborroworsteal.com
6	bat.bing.com	www.bagborroworsteal.com bat.bing.com sec.webeyez.com
3	storage.googleapis.com
3	at1.listrakbi.com	cdn.listrakbi.com
3	ib.adnxs.com	2 redirects
3	u.clarity.ms	sec.webeyez.com
3	www.google.com	www.bagborroworsteal.com www.gstatic.com
3	www.bagborroworsteal.com	www.bagborroworsteal.com
2	bl.listrakbi.com	sec.webeyez.com
2	sync.1rx.io	2 redirects
2	dpm.demdex.net	1 redirects
2	r.casalemedia.com	1 redirects
2	region1.analytics.google.com	www.googletagmanager.com sec.webeyez.com
2	googleads.g.doubleclick.net	www.googleadservices.com www.bagborroworsteal.com
2	cdn.listrakbi.com	www.bagborroworsteal.com cdn.listrakbi.com
2	www.clarity.ms	www.bagborroworsteal.com www.clarity.ms
2	sec.webeyez.com	www.bagborroworsteal.com sec.webeyez.com
2	gum.criteo.com	1 redirects dynamic.criteo.com
2	www.google-analytics.com	www.bagborroworsteal.com www.google-analytics.com
2	www.googleadservices.com	www.bagborroworsteal.com www.googleadservices.com
2	seal-alaskaoregonwesternwashington.bbb.org	www.bagborroworsteal.com
2	www.googletagmanager.com	www.bagborroworsteal.com www.googletagmanager.com
2	cdn-scripts.signifyd.com	www.bagborroworsteal.com cdn-scripts.signifyd.com
1	w2txo5aa6buwvntnnzsu3imknluhqrwstmon2d6odf6d618dffe2a34eam1.e.aa.online-metrix.net
1	h64.online-metrix.net	imgs.signifyd.com
1	h.online-metrix.net	imgs.signifyd.com
1	sync.targeting.unrulymedia.com
1	e1.emxdgt.com
1	sync-criteo.ads.yieldmo.com
1	ad.yieldlab.net
1	a.twiago.com
1	eb2.3lift.com
1	criteo-partners.tremorhub.com
1	criteo-sync.teads.tv
1	match.sharethrough.com
1	pixel.rubiconproject.com
1	simage2.pubmatic.com
1	sync.outbrain.com
1	jadserve.postrelease.com
1	exchange.mediavine.com
1	contextual.media.net
1	matching.ivitrack.com
1	ad.360yield.com
1	id5-sync.com
1	visitor.omnitagjs.com
1	sync-t1.taboola.com
1	rtb-csync.smartadserver.com
1	dis.criteo.com
1	x.bidswitch.net
1	cm.g.doubleclick.net
1	seal-blue.bbb.org	seal-alaskaoregonwesternwashington.bbb.org
1	www.facebook.com	www.bagborroworsteal.com
1	s1.listrakbi.com	cdn.listrakbi.com
1	www.google.de	www.bagborroworsteal.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	recommender.scarabresearch.com	cdn.scarabresearch.com
1	widget.us.criteo.com	www.bagborroworsteal.com
1	sslwidget.criteo.com	1 redirects
1	checkout.iglobalstores.com	www.bagborroworsteal.com
1	iprecon.iglobalstores.com	assets.bagborroworsteal.com
1	cdn.scarabresearch.com	www.bagborroworsteal.com
1	www.dwin1.com	www.googletagmanager.com
1	www.gstatic.com	www.google.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	www.bagborroworsteal.com
1	dynamic.criteo.com	www.bagborroworsteal.com
130	69

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.pinterest.com
instagram.com
www.bbb.org

Subject Issuer	Validity	Valid
bagborroworsteal.com Go Daddy Secure Certificate Authority - G2	`2024-05-28` - `2025-06-29`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-09-24` - `2024-12-25`	3 months	crt.sh
upload.video.google.com WR2	`2024-09-16` - `2024-12-09`	3 months	crt.sh
assets.bagborroworsteal.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-08-20` - `2025-03-31`	7 months	crt.sh
cdn-scripts.signifyd.com Amazon RSA 2048 M02	`2024-06-02` - `2025-06-30`	a year	crt.sh
*.google-analytics.com WR2	`2024-09-16` - `2024-12-09`	3 months	crt.sh
*.google.com WR2	`2024-09-16` - `2024-12-09`	3 months	crt.sh
*.bbb.org DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-04-04` - `2025-04-25`	a year	crt.sh
*.googleadservices.com WR2	`2024-09-16` - `2024-12-09`	3 months	crt.sh
*.gstatic.com WR2	`2024-09-16` - `2024-12-09`	3 months	crt.sh
*.webeyez.com Amazon RSA 2048 M02	`2023-12-19` - `2025-01-16`	a year	crt.sh
*.dwin1.com Amazon RSA 2048 M03	`2024-10-02` - `2025-10-30`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2024-09-04` - `2025-09-04`	a year	crt.sh
*.listrakbi.com Amazon RSA 2048 M03	`2023-12-08` - `2025-01-03`	a year	crt.sh
*.scarabresearch.com Amazon RSA 2048 M03	`2024-07-23` - `2025-08-20`	a year	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 03	`2024-09-16` - `2025-03-15`	6 months	crt.sh
*.g.doubleclick.net WR2	`2024-09-16` - `2024-12-09`	3 months	crt.sh
*.iglobalstores.com Amazon RSA 2048 M02	`2024-06-08` - `2025-07-06`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2024-07-30` - `2025-07-03`	a year	crt.sh
imgs.signifyd.com Go Daddy Secure Certificate Authority - G2	`2023-10-20` - `2024-11-20`	a year	crt.sh
*.google.de WR2	`2024-09-16` - `2024-12-09`	3 months	crt.sh
listrakbi.com E6	`2024-08-12` - `2024-11-10`	3 months	crt.sh
a.clarity.ms Microsoft Azure RSA TLS Issuing CA 08	`2024-06-23` - `2025-06-18`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-07-13` - `2024-10-11`	3 months	crt.sh
*.bidswitch.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-09-23` - `2024-12-21`	3 months	crt.sh
*.smartadserver.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-01-17` - `2025-01-16`	a year	crt.sh
*.taboola.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-07-30` - `2024-12-31`	5 months	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2024-07-02` - `2025-08-01`	a year	crt.sh
*.id5-sync.com E5	`2024-09-01` - `2024-11-30`	3 months	crt.sh
*.360yield.com Amazon RSA 2048 M02	`2024-04-28` - `2025-05-27`	a year	crt.sh
itm.ivitrack.com R10	`2024-08-10` - `2024-11-08`	3 months	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-12-21` - `2024-12-21`	a year	crt.sh
exchange.mediavine.com Amazon RSA 2048 M02	`2024-05-06` - `2025-06-04`	a year	crt.sh
*.postrelease.com Amazon RSA 2048 M02	`2023-12-19` - `2025-01-16`	a year	crt.sh
*.outbrain.com Thawte TLS RSA CA G1	`2024-07-31` - `2024-11-27`	4 months	crt.sh
*.pubmatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-03-19` - `2025-04-19`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2024-07-30` - `2025-04-03`	8 months	crt.sh
*.sharethrough.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-07-15` - `2025-08-15`	a year	crt.sh
teads.tv R10	`2024-09-02` - `2024-12-01`	3 months	crt.sh
*.tremorhub.com Amazon RSA 2048 M03	`2024-01-24` - `2025-02-21`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2024-03-13` - `2025-04-11`	a year	crt.sh
*.twiago.com Sectigo RSA Domain Validation Secure Server CA	`2023-12-07` - `2025-01-06`	a year	crt.sh
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1	`2024-08-08` - `2025-08-10`	a year	crt.sh
*.ads.yieldmo.com Amazon RSA 2048 M03	`2024-03-04` - `2025-04-03`	a year	crt.sh
*.emxdgt.com Amazon RSA 2048 M03	`2024-04-02` - `2025-05-01`	a year	crt.sh
online-metrix.net Viking Cloud Organization Validation CA, Level 1	`2024-09-19` - `2025-10-20`	a year	crt.sh
*.aa.online-metrix.net Viking Cloud Organization Validation CA, Level 1	`2024-09-19` - `2025-10-20`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2024-02-14` - `2025-03-16`	a year	crt.sh
storage.googleapis.com WR2	`2024-09-16` - `2024-12-09`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://www.bagborroworsteal.com//signinInput
Frame ID: C13DB03854B929E71AE38E102910F5DC
Requests: 77 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.bagborroworsteal.com&origin=onetag
Frame ID: BBC0F6B2E42155715DBDC4FF3984FE95
Requests: 1 HTTP requests in this frame

Frame: https://www.bagborroworsteal.com/blank_for_iframe.html
Frame ID: D850C16D649E148B1BD34FA8CD06BCEC
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdYSfMkAAAAANEsL_lmLaQa22gAnP5tsfPZ3RDx&co=aHR0cHM6Ly93d3cuYmFnYm9ycm93b3JzdGVhbC5jb206NDQz&hl=de&v=xds0rzGrktR88uEZ2JUvdgOY&size=invisible&cb=h2b08lyalrbb
Frame ID: A85433C2E3337483D936509283842BFF
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=xds0rzGrktR88uEZ2JUvdgOY&k=6LdYSfMkAAAAANEsL_lmLaQa22gAnP5tsfPZ3RDx
Frame ID: BCDD92A97DB54F136DA31F2CC6C4930A
Requests: 1 HTTP requests in this frame

Frame: https://imgs.signifyd.com/I6LJMm0O5dq_YjOO?42734eb3826b1a6f=5VjADE7Jq-dtIkpjm1WWbeTYltlzy8QrJqBh_zxxtY_aZBB1w-w637POup_qQDIcnu7gZbfXpGNJOuIY-t1O9qVso-PLzmhC0vE0jTaQ2a5fZIRf5T-mtivErxETk9Ahw_ZV7KA569OjimcwMQ1gguYLEBeG96NsezF2-4m2FjOkX481PzhrweVQa-u2AcHXntdGrxFMpTafeU6t&jb=3532262468716f77354e6b6e75702668716d354e6b6c757024687362753d436a7a6f6d65266873603f416870676f6725323831303b
Frame ID: 7B4B38E242B61F5E50814209FD4E6102
Requests: 12 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-grVYMSpJcI4WrhmDPvOGrmewo3YR8PzCuL9vzQ&google_cm&google_hm=ay1nclZZTVNwSmNJNFdyaG1EUHZPR3JtZXdvM1lSOFB6Q3VMOXZ6UQ
Frame ID: B974992C63EC58C20D2A7A48C8F22E90
Requests: 27 HTTP requests in this frame

Frame: https://imgs.signifyd.com/6iW4n0w8w3Erh9fT?79fcfe13efebbfef=3xzAx4wJ6_lKqVTZolz2cZkWzIxHIwZ1LGA5SCgFhPtRo_Jxfs0qpsr6W2_8OqpeKHbDFkpfzHf8UoHOzTQmF5FCNDb9xOHFm9mI7Ayb5YscCpNkX2nOFX867NV8RN-lV0V2bJAM4BN4NSSicEidlz78Un09zHPvaaKrQuoiMdYzNYWak3yDQs8vlPXkJ9-1f-HEM11ZUW4_-15lrKw
Frame ID: 9F276E0595B8F36C2F3DB4D20C921DF1
Requests: 1 HTTP requests in this frame

Frame: https://h.online-metrix.net/3RQk_P0rO72JXExt?bb5fa346a6618607=S-3cubTvl89TSR0RWiFLt7YlehOFnKHQYY_KH4osABm8b-CQh1pwFYXGUVhzWwEg8oZy0KKK3yx4hWB5x3MtgFuFnftdpe3wOuSs00QOOvPL3hYMONofqTYyyJqy51rUI_mWggRAsi-VZpoe4gYeGA2W6vOfxbsrhd_vmawl78jJ6xzEY9DSRyraKA3_CdBhAA8mgHXQsjEqUr7MdWwp
Frame ID: 4E3A23BE6029734AA7FB3CD12251DCB4
Requests: 1 HTTP requests in this frame

Frame: https://imgs.signifyd.com/b-4Icy_duJjv6KUh?bd6117fd6f361598=hclDMWxLuMF46_i1euFgcTMIVFFRYH8tH0_7_mNLj2E2X7HXBBIil93SjTYhdG8KzBpQjDoVTAQQeKG95f5ijd0PVa0tUIO0zyYX8MzTuLte3jy19n4xnmrdR5VFyMpaD77gHWNaokAQix7bkBpW8ShVP4TCtbH3d_KkHZdggjeGHfXdNFQ_zi2P0sYn-YUQqD8D37LYUiwvYYgV6Z5k
Frame ID: 602C40FF0671FA11B7C40B4EEF1D0D33
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Account Sign In

Page URL History Show full URLs

http://www.bagborroworsteal.com//signinInput HTTP 307
https://www.bagborroworsteal.com//signinInput Page URL

Detected technologies

Cart Functionality (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

<a[^>]*href=[^>]*/ShoppingBag

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

AWIN (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

dwin1\.com

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

130
Requests

95 %
HTTPS

32 %
IPv6

48
Domains

69
Subdomains

66
IPs

9
Countries

1227 kB
Transfer

3044 kB
Size

54
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: http://www.facebook.com/bagborroworsteal

Search URL Search Domain Scan URL

URL: http://twitter.com/bagborrowsteal

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/bagborroworsteal/

Search URL Search Domain Scan URL

URL: http://instagram.com/bagborroworsteal

Search URL Search Domain Scan URL

URL: http://www.bbb.org/western-washington/business-reviews/handbags/bag-borrow-or-steal-in-seattle-wa-22027217#bbbseal

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.bagborroworsteal.com//signinInput HTTP 307
https://www.bagborroworsteal.com//signinInput Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43

https://sslwidget.criteo.com/event?a=5825&v=5.27.0&otl=1&p0=e%3Dce%26m%3D%255B%255D%26h%3Dsha256&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvpg&p3=e%3Ddis&adce=1&bundle=4-yCgF9NNVFqZmtxbGNIbThIYnElMkZURzN5Y3RZN0VtS0N6SkpsbDIyWGQzY0x3Z3laOTdscndvdXk3WHhZNm5zN2tPc1ZaUGlUVzNMNG10Y0daYTJacjFBOUljbGQ3bldHbWpKb2laREpNWjZ2VTBXQTc2WDl5ZVZsUEJJJTJGSjM5TG5FTTFiQVgyYzVzSG1UNjNIbmc1aTlucTB2djJBcmhYQTJpYU9jJTJGR3RPdE9GV28lM0Q&tld=bagborroworsteal.com&dy=1&fu=https%253A%252F%252Fwww.bagborroworsteal.com%252F%252FsigninInput&ceid=ab43191b-b388-46cf-9656-4331aa383867 HTTP 302
https://widget.us.criteo.com/event?a=5825&v=5.27.0&otl=1&p0=e%3Dce%26m%3D%255B%255D%26h%3Dsha256&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvpg&p3=e%3Ddis&adce=1&bundle=4-yCgF9NNVFqZmtxbGNIbThIYnElMkZURzN5Y3RZN0VtS0N6SkpsbDIyWGQzY0x3Z3laOTdscndvdXk3WHhZNm5zN2tPc1ZaUGlUVzNMNG10Y0daYTJacjFBOUljbGQ3bldHbWpKb2laREpNWjZ2VTBXQTc2WDl5ZVZsUEJJJTJGSjM5TG5FTTFiQVgyYzVzSG1UNjNIbmc1aTlucTB2djJBcmhYQTJpYU9jJTJGR3RPdE9GV28lM0Q&tld=bagborroworsteal.com&dy=1&fu=https%253A%252F%252Fwww.bagborroworsteal.com%252F%252FsigninInput&ceid=ab43191b-b388-46cf-9656-4331aa383867

Request Chain 75

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6597276482756212730

Request Chain 79

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-QfYdQipJcI4WrhmDPvOGrmewo3bwDvqpm4XCvA HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-QfYdQipJcI4WrhmDPvOGrmewo3bwDvqpm4XCvA&C=1

Request Chain 80

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=TFxCwGm6WrcUJ7E17brCBb9GLiMTASWH HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=TFxCwGm6WrcUJ7E17brCBb9GLiMTASWH

Request Chain 98

https://sync.1rx.io/usersync/criteodsp/k-kh6aqypJcI4WrhmDPvOGrmewo3Y6d1i0VfxkCA HTTP 302
https://sync.1rx.io/usersync/criteodsp/k-kh6aqypJcI4WrhmDPvOGrmewo3Y6d1i0VfxkCA?zcc=1&cb=1728007094130 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-5f02ccf2-9982-42ed-9954-acf3ddc5e853-003

130 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200

Primary Request signinInput Show response
www.bagborroworsteal.com//
Redirect Chain

http://www.bagborroworsteal.com//signinInput
https://www.bagborroworsteal.com//signinInput

37 KB
37 KB

456ms
243ms

Document
text/html

162.242.193.40
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bagborroworsteal.com//signinInput

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

162.242.193.40 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

Software

Apache /

Resource Hash

a19adeed4244be9e3307b2c361623e712784bd38a6bcab4982704ec1049ba044

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Connection: Keep-Alive
Content-Type: text/html;charset=UTF-8
Date: Fri, 04 Oct 2024 01:58:12 GMT
Keep-Alive: timeout=5, max=488
Server: Apache
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN

Redirect headers

Location: https://www.bagborroworsteal.com//signinInput
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 50 KB
22 KB 47ms
13ms Script
application/javascript 2a02:2638:3::e
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=5825

Requested by

Host: www.bagborroworsteal.com
URL: https://www.bagborroworsteal.com//signinInput

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::e , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

b4f43b7b43bb756bad35eb1878d75596d375cc71007ea757c400645a110dc36e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bagborroworsteal.com/

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: public,max-age=10800
timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
date: Fri, 04 Oct 2024 01:58:12 GMT
content-type: application/javascript; charset=utf-8
vary: Origin, Accept-Encoding
server: Kestrel

GET
H2 200 css
fonts.googleapis.com/ 2 KB
939 B 43ms
15ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Playfair+Display

Requested by

Host: www.bagborroworsteal.com
URL: https://www.bagborroworsteal.com//signinInput

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8cf47ea8985768c9c6480425d9792931ad69674444f109fe0b778031d0b9c093

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bagborroworsteal.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Fri, 04 Oct 2024 01:58:13 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 04 Oct 2024 01:58:13 GMT
content-type: text/css; charset=utf-8
last-modified: Fri, 04 Oct 2024 01:43:31 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 global.min.css
assets.bagborroworsteal.com/TNT2518/css/ 30 KB
7 KB 63ms
8ms Stylesheet
text/css 93.184.220.121
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bagborroworsteal.com/TNT2518/css/global.min.css

Requested by

Host: www.bagborroworsteal.com
URL: https://www.bagborroworsteal.com//signinInput

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.184.220.121 London, United Kingdom, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67F3) /

Resource Hash

f2f9dc26b39abfa9ac387ecae488834ac78043c2069aa43b2f7abd5258345234

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bagborroworsteal.com/

Response headers

x-frame-options: SAMEORIGIN
content-encoding: gzip
etag: "77b7-611fcad10bc19+gzip"
age: 489546
x-cache: HIT
content-length: 7093
date: Fri, 04 Oct 2024 01:58:13 GMT
content-type: text/css
last-modified: Thu, 22 Feb 2024 18:33:13 GMT
server: ECS (frb/67F3)
vary: Accept-Encoding

GET
H2 200 concat_global.min.js Show response
assets.bagborroworsteal.com/TNT2518/js_prod/ 118 KB
118 KB 71ms
16ms Script
application/javascript 93.184.220.121
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bagborroworsteal.com/TNT2518/js_prod/concat_global.min.js

Requested by

Host: www.bagborroworsteal.com
URL: https://www.bagborroworsteal.com//signinInput

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.184.220.121 London, United Kingdom, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/674D) /

Resource Hash

df095f2eeccde5bd77d3d845d3c1a077d9f72f2c757d7a77bd2ef540af9c234f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bagborroworsteal.com/

Response headers

etag: "1d940-5d828757d7140"
age: 244463
accept-ranges: bytes
x-cache: HIT
content-length: 121152
date: Fri, 04 Oct 2024 01:58:13 GMT
content-type: application/javascript
last-modified: Wed, 16 Feb 2022 20:26:05 GMT
server: ECS (frb/674D)
x-frame-options: SAMEORIGIN

GET
H2 200 ig_welcome_mat_bagborrowsteal.css
assets.bagborroworsteal.com/TNT2518/css/ 4 KB
2 KB 66ms
10ms Stylesheet
text/css 93.184.220.121
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bagborroworsteal.com/TNT2518/css/ig_welcome_mat_bagborrowsteal.css

Requested by

Host: www.bagborroworsteal.com
URL: https://www.bagborroworsteal.com//signinInput

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.184.220.121 London, United Kingdom, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6793) /

Resource Hash

01708dc7992dc288a868c11571d919e7d474d4936cac11735c2f7d363f3d2d6f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bagborroworsteal.com/

Response headers

x-frame-options: SAMEORIGIN
content-encoding: gzip
etag: "f14-58a72411eddc0+gzip"
age: 489555
x-cache: HIT
content-length: 1456
date: Fri, 04 Oct 2024 01:58:13 GMT
content-type: text/css
last-modified: Mon, 03 Jun 2019 21:43:27 GMT
server: ECS (frb/6793)
vary: Accept-Encoding

GET
H2 200 ig_welcome_mat_bagborrowsteal.js Show response
assets.bagborroworsteal.com/TNT2518/js_dev/ 30 KB
30 KB 67ms
12ms Script
application/javascript 93.184.220.121
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bagborroworsteal.com/TNT2518/js_dev/ig_welcome_mat_bagborrowsteal.js

Requested by

Host: www.bagborroworsteal.com
URL: https://www.bagborroworsteal.com//signinInput

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.184.220.121 London, United Kingdom, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/669E) /

Resource Hash

63302d1db7161aa5add476568458cccf5d85ed30a615b8a29df686deb5d42245

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bagborroworsteal.com/

Response headers

etag: "7790-58f14119a5c40"
age: 489546
accept-ranges: bytes
x-cache: HIT
content-length: 30608
date: Fri, 04 Oct 2024 01:58:13 GMT
content-type: application/javascript
last-modified: Thu, 01 Aug 2019 20:27:21 GMT
server: ECS (frb/669E)
x-frame-options: SAMEORIGIN

GET
H2 200 script-tag.js Show response
cdn-scripts.signifyd.com/api/ 10 KB
4 KB 43ms
5ms Script
application/javascript 52.222.236.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-scripts.signifyd.com/api/script-tag.js
Requested by: Host: www.bagborroworsteal.com
URL: https://www.bagborroworsteal.com//signinInput
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-121.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d7a363f752524fb545c3b2eb48a56d163cb659bc427d5215800ee7781d92c2ca

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bagborroworsteal.com/

Response headers

vary: Accept-Encoding
cache-control: max-age=1800
content-encoding: gzip
etag: W/"73ca6f23f3e08738233832c7a7a0c30c"
age: 1254
via: 1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: 1dant-ZrJZzPWnvV9h5FVSFWHtHELar9rduVevh-COEAdIXcibU-kQ==
date: Fri, 04 Oct 2024 01:37:20 GMT
content-type: application/javascript
last-modified: Tue, 23 Apr 2024 14:51:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256

GET
H2 200 _20th.gif
assets.bagborroworsteal.com/images/logos/ 39 KB
39 KB 64ms
9ms Image
image/gif 93.184.220.121
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.bagborroworsteal.com/images/logos/_20th.gif

Requested by

Host: www.bagborroworsteal.com
URL: https://www.bagborroworsteal.com//signinInput

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.184.220.121 London, United Kingdom, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67DF) /

Resource Hash

52be2a3c0ff84d6dd0c627008c8c8c992eec48e996bb625b8fe6a981e2baffd7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bagborroworsteal.com/

Response headers

etag: "9ba5-616e0c8fae3cd"
age: 163409
accept-ranges: bytes
x-cache: HIT
content-length: 39845
date: Fri, 04 Oct 2024 01:58:13 GMT
content-type: image/gif
last-modified: Thu, 25 Apr 2024 00:22:40 GMT
server: ECS (frb/67DF)
x-frame-options: SAMEORIGIN

GET
H2 200 spacer.gif
assets.bagborroworsteal.com/images/ 43 B
135 B 10ms
10ms Image
image/gif 93.184.220.121
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.bagborroworsteal.com/images/spacer.gif

Requested by

Host: www.bagborroworsteal.com
URL: https://www.bagborroworsteal.com//signinInput

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.184.220.121 London, United Kingdom, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67E2) /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bagborroworsteal.com/

Response headers

etag: "2b-406be1133c140"
age: 275145
accept-ranges: bytes
x-cache: HIT
content-length: 43
date: Fri, 04 Oct 2024 01:58:13 GMT
content-type: image/gif
last-modified: Wed, 30 Nov 2005 01:15:09 GMT
server: ECS (frb/67E2)
x-frame-options: SAMEORIGIN

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 208 KB
75 KB 53ms
26ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W7WRQLN

Requested by

Host: www.bagborroworsteal.com
URL: https://www.bagborroworsteal.com//signinInput

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5cb8a40eae3b0022c4133f51b943d34299e6d35922b4ee96bf9a07b6b34f32f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bagborroworsteal.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Fri, 04 Oct 2024 01:58:13 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 04 Oct 2024 01:58:13 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 04 Oct 2024 00:19:24 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 75710
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
989 B 34ms
18ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit

Requested by

Host: www.bagborroworsteal.com
URL: https://www.bagborroworsteal.com//signinInput

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b1dadbdf36d4d5b0eaed6313d9d135ee9d31bf3bea5cf4be9197781120bde0da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bagborroworsteal.com/

Response headers

cache-control: private, max-age=300
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options: nosniff
expires: Fri, 04 Oct 2024 01:58:13 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date: Fri, 04 Oct 2024 01:58:13 GMT
x-xss-protection: 0
content-type: text/javascript; charset=utf-8
server: ESF
x-frame-options: SAMEORIGIN

GET
H2 200 sign_in_pink.gif
assets.bagborroworsteal.com/images/icons/buttons/ 2 KB
2 KB 359ms
359ms Image
image/gif 93.184.220.121
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.bagborroworsteal.com/images/icons/buttons/sign_in_pink.gif

Requested by

Host: www.bagborroworsteal.com
URL: https://www.bagborroworsteal.com//signinInput

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.184.220.121 London, United Kingdom, ASN15133 (EDGECAST, US),

Reverse DNS

Software

Apache /

Resource Hash

3276b3d1db11c0bf2d0115055682512dc39716d2f1dccf07f529ddae440e3317

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bagborroworsteal.com/

Response headers

etag: "77d-58f8da3b0ffc0"
accept-ranges: bytes
content-length: 1917
date: Fri, 04 Oct 2024 01:58:13 GMT
content-type: image/gif
last-modified: Wed, 07 Aug 2019 21:29:43 GMT
server: Apache
x-frame-options: SAMEORIGIN

GET
H2 200 accessibility.gif
assets.bagborroworsteal.com/images/icons/ 5 KB
6 KB 10ms
9ms Image
image/gif 93.184.220.121
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.bagborroworsteal.com/images/icons/accessibility.gif

Requested by

Host: www.bagborroworsteal.com
URL: https://www.bagborroworsteal.com//signinInput

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.184.220.121 London, United Kingdom, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6795) /

Resource Hash

d61f1e577b16aefc5029d0642694c25da422759e1ba766ca6d675dcc47d02ddc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bagborroworsteal.com/

Response headers

etag: "15bc-59bd14b6602c0"
age: 107214
accept-ranges: bytes
x-cache: HIT
content-length: 5564
date: Fri, 04 Oct 2024 01:58:13 GMT
content-type: image/gif
last-modified: Fri, 10 Jan 2020 23:14:59 GMT
server: ECS (frb/6795)
x-frame-options: SAMEORIGIN

GET
H2 200 bag-borrow-or-steal-22027217.png
seal-alaskaoregonwesternwashington.bbb.org/logo/rbvtbas/ 2 KB
2 KB 78ms
9ms Image
image/png 68.70.204.1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://seal-alaskaoregonwesternwashington.bbb.org/logo/rbvtbas/bag-borrow-or-steal-22027217.png
Requested by: Host: www.bagborroworsteal.com
URL: https://www.bagborroworsteal.com//signinInput
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.70.204.1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn / ASP.NET
Resource Hash: 8a4abb5036a3d41d296a67f613cf72313b272e6a39ef12eb7aefc46a646c0d37

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bagborroworsteal.com/

Response headers

x-robots-tag: noindex
cache-control: max-age=14400
x-aspnet-version: 4.0.30319
x-edge-location: defr
expires: Fri, 04 Oct 2024 05:58:13 GMT
accept-ranges: bytes
access-control-allow-origin: *
x-cache: HIT
content-length: 2080
date: Fri, 04 Oct 2024 01:58:13 GMT
x-shield: active
content-type: image/png
last-modified: Thu, 03 Oct 2024 19:21:44 GMT
server: keycdn
x-powered-by: ASP.NET

GET
H3 200 conversion.js Show response
www.googleadservices.com/pagead/ 56 KB
20 KB 43ms
19ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: www.bagborroworsteal.com
URL: https://www.bagborroworsteal.com//signinInput

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

29527df360190a1acb385a4221db9e308e34945f775cc718fcfd5c9adcefd4d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bagborroworsteal.com/

Response headers

content-encoding: br
etag: 908115578960139221
x-content-type-options: nosniff
expires: Fri, 04 Oct 2024 01:58:13 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Fri, 04 Oct 2024 01:58:13 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 20957
x-xss-protection: 0
server: cafe

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 33ms
6ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.bagborroworsteal.com
URL: https://www.bagborroworsteal.com//signinInput

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bagborroworsteal.com/

Response headers

content-encoding: gzip
age: 1685
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Fri, 04 Oct 2024 03:30:08 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 04 Oct 2024 01:30:08 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H2 200 bag-borrow-or-steal-22027217.js Show response
seal-alaskaoregonwesternwashington.bbb.org/logo/ 1 KB
1 KB 75ms
8ms Script
application/javascript 68.70.204.1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://seal-alaskaoregonwesternwashington.bbb.org/logo/bag-borrow-or-steal-22027217.js
Requested by: Host: www.bagborroworsteal.com
URL: https://www.bagborroworsteal.com//signinInput
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.70.204.1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn / ASP.NET
Resource Hash: 3bab32ceca79e24492efb8a84a23643fefbe791c30d5a3bc70cd77cd848eb245

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Referer: https://www.bagborroworsteal.com/

Response headers

x-robots-tag: noindex
content-encoding: gzip
etag: "1db3ee92f550d81:0"
expires: Fri, 04 Oct 2024 05:58:13 GMT
x-cache: HIT
date: Fri, 04 Oct 2024 01:58:13 GMT
x-shield: active
content-type: application/javascript
last-modified: Fri, 15 Apr 2022 18:21:06 GMT
vary: Accept-Encoding
cache-control: max-age=14400
x-edge-location: defr
accept-ranges: bytes
access-control-allow-origin: *
content-length: 704
x-powered-by: ASP.NET
server: keycdn

GET
H2 200 global_sprites.png
assets.bagborroworsteal.com/TNT2518/css/sprites/ 62 KB
62 KB 10ms
9ms Image
image/png 93.184.220.121
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.bagborroworsteal.com/TNT2518/css/sprites/global_sprites.png

Requested by

Host: www.bagborroworsteal.com
URL: https://www.bagborroworsteal.com//signinInput

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.184.220.121 London, United Kingdom, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67D3) /

Resource Hash

1fa823896b863bc6bf90a0e3b122db129a337a98b16364fd72018549e1184600

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bagborroworsteal.com/

Response headers

etag: "f748-58a72411eddc0"
age: 473606
accept-ranges: bytes
x-cache: HIT
content-length: 63304
date: Fri, 04 Oct 2024 01:58:13 GMT
content-type: image/png
last-modified: Mon, 03 Jun 2019 21:43:27 GMT
server: ECS (frb/67D3)
x-frame-options: SAMEORIGIN

GET
H2 200 search_vert.gif
assets.bagborroworsteal.com/images/navigation/mainnav/ 1 KB
1 KB 12ms
12ms Image
image/gif 93.184.220.121
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.bagborroworsteal.com/images/navigation/mainnav/search_vert.gif

Requested by

Host: www.bagborroworsteal.com
URL: https://www.bagborroworsteal.com//signinInput

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.184.220.121 London, United Kingdom, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6762) /

Resource Hash

91ddf1744d48128e8279b661f1c36bcae9eed12b542c420ae8de883a6d2002c9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bagborroworsteal.com/

Response headers

etag: "452-4ef9415df5a00"
age: 170239
accept-ranges: bytes
x-cache: HIT
content-length: 1106
date: Fri, 04 Oct 2024 01:58:13 GMT
content-type: image/gif
last-modified: Fri, 10 Jan 2014 02:00:08 GMT
server: ECS (frb/6762)
x-frame-options: SAMEORIGIN

GET
H2 200 search_arrow.gif
assets.bagborroworsteal.com/images/navigation/mainnav/ 68 B
161 B 7ms
7ms Image
image/gif 93.184.220.121
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.bagborroworsteal.com/images/navigation/mainnav/search_arrow.gif

Requested by

Host: www.bagborroworsteal.com
URL: https://www.bagborroworsteal.com//signinInput

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.184.220.121 London, United Kingdom, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67D3) /

Resource Hash

1319095e503185318684b65d6a8eda0cf1efb19028b35d3f966c154019df9c69

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bagborroworsteal.com/

Response headers

etag: "44-4ef7dd9362f40"
age: 248499
accept-ranges: bytes
x-cache: HIT
content-length: 68
date: Fri, 04 Oct 2024 01:58:13 GMT
content-type: image/gif
last-modified: Wed, 08 Jan 2014 23:28:21 GMT
server: ECS (frb/67D3)
x-frame-options: SAMEORIGIN

GET
H3 200 nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKdFvXDXbtM.woff2
fonts.gstatic.com/s/playfairdisplay/v37/ 21 KB
21 KB 22ms
7ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/playfairdisplay/v37/nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKdFvXDXbtM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playfair+Display

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51c8eae79bf05bbcc1811da8cb56ff69d87d40bafdce8282fea8a43259b4afcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.bagborroworsteal.com
Referer: https://fonts.googleapis.com/

Response headers

age: 236806
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 01 Oct 2025 08:11:27 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 01 Oct 2024 08:11:27 GMT
last-modified: Wed, 31 Jan 2024 23:15:04 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 21904
x-xss-protection: 0
server: sffe

GET
H2 200 syncframe
gum.criteo.com/ Frame BBC0 0
0 45ms
14ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=www.bagborroworsteal.com&origin=onetag

Requested by

Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=5825

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.bagborroworsteal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 04 Oct 2024 01:58:12 GMT
server: Kestrel
server-processing-duration-in-ticks: 330254
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/ 541 KB
215 KB 23ms
7ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8635cb1f53e720094ad3494627fd904246c714272f0aaa563117f2688deaee24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.bagborroworsteal.com
Referer: https://www.bagborroworsteal.com/

Response headers

content-encoding: gzip
age: 21961
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options: nosniff
expires: Fri, 03 Oct 2025 19:52:12 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 03 Oct 2024 19:52:12 GMT
last-modified: Mon, 23 Sep 2024 04:00:50 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges: bytes
access-control-allow-origin: *
content-length: 219745
x-xss-protection: 0
server: sffe

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
427 B 14ms
13ms XHR
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=687089056&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bagborroworsteal.com%2F%2FsigninInput&dp=Sign%20In&ul=de-de&de=UTF-8&dt=Account%20Sign%20In&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=910569402&gjid=1495383694&cid=824013684.1728007093&tid=UA-238171-1&_gid=1236007369.1728007093&_r=1&_slc=1&z=500772131

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.bagborroworsteal.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 04 Oct 2024 01:58:13 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://www.bagborroworsteal.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 3
server: Golfe2

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 336 KB
109 KB 28ms
27ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LB9EL787KX&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W7WRQLN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

25f746f65a5420d72ff207dd74daa798139d3063835488f4fe542c30fffdde8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bagborroworsteal.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Fri, 04 Oct 2024 01:58:13 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 04 Oct 2024 01:58:13 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 111585
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 wzbody.js Show response
sec.webeyez.com/js/7c044089-c3f8-4413-81bd-a0e8b978a407/ 235 KB
66 KB 50ms
7ms Script
text/javascript 2600:9000:225e:e800:7:e9e7:15c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sec.webeyez.com/js/7c044089-c3f8-4413-81bd-a0e8b978a407/wzbody.js

Requested by

Host: www.bagborroworsteal.com
URL: https://www.bagborroworsteal.com//signinInput

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225e:e800:7:e9e7:15c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

28b2bfdf91199a7761c4ecec8f056f3dc3228fd72fd3bdfb27bb681b654aca86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bagborroworsteal.com/

Response headers

content-encoding: br
etag: W/"f0ec1c75b4fb975840b47ea5dd19ae98"
age: 53535
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: puv4aAhfTVJr0XganV91TGTYcDROkgaIHYFU9kfndkqlhZbwvNpHzg==
date: Thu, 03 Oct 2024 11:05:59 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
last-modified: Tue, 01 Oct 2024 15:56:52 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 70d755f7200c02162c7545e4ce74649a.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA60-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 66880.js Show response
www.dwin1.com/ 46 KB
13 KB 32ms
11ms Script
application/javascript 2600:9000:214f:7800:f:8ce2:fb80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dwin1.com/66880.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W7WRQLN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:7800:f:8ce2:fb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ceffae1993d2324451784eeccc918d5c032efe2af2d67fef2e14a92953ea93c5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bagborroworsteal.com/

Response headers

content-encoding: gzip
x-amz-version-id: tCMo3FBk9HhpsDLLBATYY6B_8Swp5wca
etag: W/"7dcf2c897aedb7651221deb0d0908994"
age: 249
access-control-allow-methods: GET, HEAD
x-cache: Hit from cloudfront
x-amz-cf-id: psZ5DlPq35hv2Of4tmJIUFR1UOVQTL4Ru7EJ9DjkfU0ig-tz2GlA8g==
date: Fri, 04 Oct 2024 01:58:13 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Fri, 16 Aug 2024 08:48:07 GMT
x-amz-replication-status: COMPLETED
cache-control: max-age=600, s-maxage=600
via: 1.1 2d1e1e8dc0f3eb7773ec9d89a7d50ce2.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA53-C1
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 n8fq6bttmg Show response
www.clarity.ms/tag/ 501 B
757 B 151ms
101ms Script
application/x-javascript 2620:1ec:bdf::64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/n8fq6bttmg?ref=gtm2
Requested by: Host: www.bagborroworsteal.com
URL: https://www.bagborroworsteal.com//signinInput
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 7c10d0d4f2ba5026639d7921c8ae1c06dc90f1fedd1fd384fa62b8efdec07bc2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bagborroworsteal.com/

Response headers

cache-control: no-cache, no-store
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
expires: -1
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 501
date: Fri, 04 Oct 2024 01:58:13 GMT
content-type: application/x-javascript
x-azure-ref: 20241004T015813Z-176d4fdd79c5lw2m85440x50vg0000000nv0000000011uya

GET
H/1.1 200
OK blank_for_iframe.html Show response
www.bagborroworsteal.com/ Frame D850 293 B
606 B 94ms
93ms Document
text/html 162.242.193.40
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bagborroworsteal.com/blank_for_iframe.html

Requested by

Host: www.bagborroworsteal.com
URL: https://www.bagborroworsteal.com//signinInput

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

162.242.193.40 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

Software

Apache /

Resource Hash

56f9b2160d7519c225d7455901a249f231349ee1ab51ba38377370f098d9f46d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.bagborroworsteal.com//signinInput
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Accept-Ranges: bytes
Connection: Keep-Alive
Content-Length: 293
Content-Type: text/html; charset=UTF-8
Date: Fri, 04 Oct 2024 01:58:13 GMT
ETag: "125-4faa3156e3540"
Keep-Alive: timeout=5, max=487
Last-Modified: Fri, 30 May 2014 19:30:53 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK script.js Show response
cdn.listrakbi.com/scripts/ 116 KB
36 KB 164ms
122ms Script
text/javascript 18.66.130.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.listrakbi.com/scripts/script.js?m=wvUAmMkZKUfn&v=1
Requested by: Host: www.bagborroworsteal.com
URL: https://www.bagborroworsteal.com//signinInput
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.130.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-130-11.fra60.r.cloudfront.net
Software: cloudflare /
Resource Hash: ce9997dc998f0b50a404083001471d3bde1f92ba16b7884b13e8caae2fc8ba36

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bagborroworsteal.com/

Response headers

Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
ETag: "9k3ZY5jM0VUs1oxTQgZwyA=="
X-Cache: RefreshHit from cloudfront
X-Amz-Cf-Id: nXBBREsBKK5o1cKpp9hVj1VavlaOuIaYiMkfmx8p0daaKaV2RdTQcw==
Date: Fri, 04 Oct 2024 01:58:13 GMT
Content-Type: text/javascript; charset=utf-8
Last-Modified: Thu, 03 Oct 2024 22:14:01 GMT
Vary: Accept-Encoding
Cache-Control: no-store
Connection: keep-alive
Via: 1.1 109c7a7f1cf897851e09b16d3030a948.cloudfront.net (CloudFront)
CF-RAY: 8cd062e37b531c2c-FRA
Accept-Ranges: bytes
Content-Length: 36486
X-Amz-Cf-Pop: FRA60-P2
Server: cloudflare

GET
H/1.1 200
OK scarab-v2.js Show response
cdn.scarabresearch.com/js/1A5CD7799B61CC35/ 95 KB
23 KB 35ms
9ms Script
application/javascript 13.35.58.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.scarabresearch.com/js/1A5CD7799B61CC35/scarab-v2.js
Requested by: Host: www.bagborroworsteal.com
URL: https://www.bagborroworsteal.com//signinInput
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-65.fra60.r.cloudfront.net
Software: /
Resource Hash: 3d295db1746c0ef762e4bce102b65cc4145de246a7c5227f4273ac8ee731b83b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bagborroworsteal.com/

Response headers

Transfer-Encoding: chunked
Cache-Control: max-age=3600,public
Timing-Allow-Origin: *
Content-Encoding: gzip
ETag: "f9c47725f9acdfe38fb62473a4629acb--gzip"
Age: 1373
Connection: keep-alive
Via: 1.1 fe1df26b55e8c12763613686df86f7f2.cloudfront.net (CloudFront)
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: uCxrZ2fd4rAOXI2SK_eQspS9OqSMhkOZ8RptDeoM8TXXCcmUr2OTYQ==
Date: Fri, 04 Oct 2024 01:58:13 GMT
Content-Type: application/javascript;charset=utf-8
Vary: Accept-Encoding
X-Amz-Cf-Pop: FRA60-P10

GET
H2 200 bat.js Show response
bat.bing.com/ 49 KB
15 KB 59ms
30ms Script
application/javascript 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.bagborroworsteal.com
URL: https://www.bagborroworsteal.com//signinInput

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

73aaa4e6bfc1dbed5f3f934710d1ada545f4068742235e59d0cb74f0eaf0a3c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bagborroworsteal.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: gzip
etag: "803483b3aaadb1:0"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 308BE8333B574AF0885F7820BCDE9E5E Ref B: FRAEDGE1317 Ref C: 2024-10-04T01:58:13Z
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 14402
date: Fri, 04 Oct 2024 01:58:12 GMT
content-type: application/javascript
last-modified: Thu, 19 Sep 2024 15:43:41 GMT
vary: Accept-Encoding

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/1070221345/ 5 KB
2 KB 18ms
18ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/1070221345/?random=1728007093235&cv=9&fst=1728007093235&num=1&value=0&label=NoJeCN_H-gIQoZCp_gM&bg=666666&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465925%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.bagborroworsteal.com%2F%2FsigninInput&tiba=Account%20Sign%20In&capi=1&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e89c3fe7566e94fed85640030b6fe52b19529b717cc89577a9e7245ba7f67a5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bagborroworsteal.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 2516
date: Fri, 04 Oct 2024 01:58:13 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/972814219/ 43 B
61 B 34ms
19ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/972814219/?random=1728007093238&cv=9&fst=1728007093235&num=2&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&data=ecomm_prodid%3D%3Becomm_pagetype%3DsigninInput%3Becomm_totalvalue%3D&frm=0&url=https%3A%2F%2Fwww.bagborroworsteal.com%2F%2FsigninInput&tiba=Account%20Sign%20In&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bagborroworsteal.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 37
date: Fri, 04 Oct 2024 01:58:13 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 company_toolkit.js Show response
cdn-scripts.signifyd.com/api/ 4 KB
2 KB 6ms
6ms Script
application/javascript 52.222.236.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-scripts.signifyd.com/api/company_toolkit.js
Requested by: Host: cdn-scripts.signifyd.com
URL: https://cdn-scripts.signifyd.com/api/script-tag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-121.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6082597f3871c77c9b31aa1383577f8c0e54cb5ff09275dc817bc70d96e6217d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bagborroworsteal.com/

Response headers

vary: Accept-Encoding
cache-control: max-age=1800
content-encoding: gzip
etag: W/"2c3950f122b3977df61b0e077aaa92c8"
age: 697
via: 1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: _ZpdZGQXuIUkojhNfwQokk_Ty9ZiUN46E09DaGj-vjLJr4-8EA92_g==
date: Fri, 04 Oct 2024 01:46:36 GMT
content-type: application/javascript
last-modified: Tue, 30 May 2023 10:18:44 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256

GET
H2 200 iGlobalIp.js Show response
iprecon.iglobalstores.com/ 18 B
474 B 47ms
8ms Script
text/javascript 2600:9000:2359:c000:0:43cc:80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://iprecon.iglobalstores.com/iGlobalIp.js?p=igcCallback&_1728007093242=
Requested by: Host: assets.bagborroworsteal.com
URL: https://assets.bagborroworsteal.com/TNT2518/js_dev/ig_welcome_mat_bagborrowsteal.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2359:c000:0:43cc:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4406332ec7167767030f8f3f0561af1bc97ce03b13b86370736f1654e742c09b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bagborroworsteal.com/

Response headers

cache-control: max-age=1800
x-amz-apigw-id: fGiIvHBAIAMEaWA=
age: 382
x-amzn-trace-id: Root=1-66ff4a37-7832e6465743a0714afeea18;Parent=0e99a25f6df36596;Sampled=0;Lineage=1:63b712a3:0
access-control-allow-credentials: true
x-amzn-requestid: e483f4e3-be56-4ac1-aece-66ea7447192a
via: 1.1 425709fb5486bea91d36ef6c75d4ffac.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Hit from cloudfront
content-length: 18
x-amz-cf-id: i4vrdKEyW4MYHQpl8CAZZJmqEz6l61gtjjtJo70Pav1k7-3cPgmRJQ==
date: Fri, 04 Oct 2024 01:51:51 GMT
content-type: text/javascript
x-amz-cf-pop: FRA60-P10

GET
H/1.1 200
OK close-square.png
d1vyngmisxigjx.cloudfront.net/images/ 1 KB
2 KB 44ms
9ms Image
image/png 18.66.112.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1vyngmisxigjx.cloudfront.net/images/close-square.png
Requested by: Host: www.bagborroworsteal.com
URL: https://www.bagborroworsteal.com//signinInput
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-91.fra56.r.cloudfront.net
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: c4a749be78ebdf7a12353556c362cd7a5b63fdfdb0b65306e8968576ed1ffe87

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bagborroworsteal.com/

Response headers

ETag: "554-59d396f2cb8e5"
Age: 77256
Connection: keep-alive
Via: 1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Content-Length: 1364
X-Amz-Cf-Id: iTjbNqYHAiIzb0UFmsrWbo9eG_HX9fTmMrmWV8fkcyRYs2RXYxfbSA==
Date: Thu, 03 Oct 2024 04:30:37 GMT
Content-Type: image/png
Last-Modified: Tue, 28 Jan 2020 20:54:47 GMT
Server: Apache/2.4.29 (Ubuntu)
X-Amz-Cf-Pop: FRA56-P5

GET
H/1.1 200
OK bagborroworsteel.png
checkout.iglobalstores.com/images/ 11 KB
12 KB 402ms
95ms Image
image/png 52.23.10.46
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://checkout.iglobalstores.com/images/bagborroworsteel.png
Requested by: Host: www.bagborroworsteal.com
URL: https://www.bagborroworsteal.com//signinInput
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.23.10.46 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-23-10-46.compute-1.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 65dafcdaae3b766bb4cf47d6ff72f49eeda9af3363a7efae97d48ef76cc22d01

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bagborroworsteal.com/

Response headers

ETag: "2d3b-59d396cd56bb4"
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 11579
Date: Fri, 04 Oct 2024 01:58:13 GMT
Content-Type: image/png
Last-Modified: Tue, 28 Jan 2020 20:54:08 GMT
Server: Apache/2.4.29 (Ubuntu)

GET
H/1.1 200
OK US.png
d1vyngmisxigjx.cloudfront.net/images/flags/96x64/ 3 KB
4 KB 20ms
7ms Image
image/png 18.66.112.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1vyngmisxigjx.cloudfront.net/images/flags/96x64/US.png
Requested by: Host: www.bagborroworsteal.com
URL: https://www.bagborroworsteal.com//signinInput
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-91.fra56.r.cloudfront.net
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 58cdce9d9fa5d1b29625c051c2976d9914d2ddb70fdc6c83bc5c543816453720

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bagborroworsteal.com/

Response headers

ETag: "d23-59d396f3ce581"
Age: 59191
Connection: keep-alive
Via: 1.1 cf2071a2896a4f71dbfdbc521d554362.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Content-Length: 3363
X-Amz-Cf-Id: Mztxs6CowllIg74kdoCvC1q-gspRiNf02U3L6PtBglJR6F78bFJG6A==
Date: Thu, 03 Oct 2024 09:31:41 GMT
Content-Type: image/png
Last-Modified: Tue, 28 Jan 2020 20:54:48 GMT
Server: Apache/2.4.29 (Ubuntu)
X-Amz-Cf-Pop: FRA56-P5

GET
H/1.1 200
OK payment-methods-icon.png
d1vyngmisxigjx.cloudfront.net/images/ 4 KB
4 KB 23ms
8ms Image
image/png 18.66.112.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1vyngmisxigjx.cloudfront.net/images/payment-methods-icon.png
Requested by: Host: www.bagborroworsteal.com
URL: https://www.bagborroworsteal.com//signinInput
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-91.fra56.r.cloudfront.net
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: de6198ebfb4c6f439366c804fa711983cfcbb0c694432d2e5fb1f8e541ecd804

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bagborroworsteal.com/

Response headers

ETag: "fc4-59d396f228788"
Age: 54032
Connection: keep-alive
Via: 1.1 0162e02b2d0212054988a68716227daa.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Content-Length: 4036
X-Amz-Cf-Id: 3Ps6EteujD_a7HnLzoVnPSeGhzXba17gkuwf9dkpq8rsyXNpqnKQcg==
Date: Thu, 03 Oct 2024 10:57:41 GMT
Content-Type: image/png
Last-Modified: Tue, 28 Jan 2020 20:54:46 GMT
Server: Apache/2.4.29 (Ubuntu)
X-Amz-Cf-Pop: FRA56-P5

GET
H/1.1 200
OK prepay-duty-tax-icon.png
d1vyngmisxigjx.cloudfront.net/images/ 2 KB
3 KB 21ms
7ms Image
image/png 18.66.112.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1vyngmisxigjx.cloudfront.net/images/prepay-duty-tax-icon.png
Requested by: Host: www.bagborroworsteal.com
URL: https://www.bagborroworsteal.com//signinInput
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-91.fra56.r.cloudfront.net
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 7446767437b0174b01820e3eb0d2202fa8e67f1753296ab5c97c21bc2dd20147

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bagborroworsteal.com/

Response headers

ETag: "9a5-59d396f5e57f7"
Age: 64941
Connection: keep-alive
Via: 1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Content-Length: 2469
X-Amz-Cf-Id: ApdLSAlG1LCcsVfM5ERrov3PVa8FElus67KxhYcHqDRTbk6keF9OzQ==
Date: Thu, 03 Oct 2024 07:55:51 GMT
Content-Type: image/png
Last-Modified: Tue, 28 Jan 2020 20:54:50 GMT
Server: Apache/2.4.29 (Ubuntu)
X-Amz-Cf-Pop: FRA56-P5

GET
H/1.1 200
OK shipping-icon.png
d1vyngmisxigjx.cloudfront.net/images/ 4 KB
5 KB 8ms
7ms Image
image/png 18.66.112.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1vyngmisxigjx.cloudfront.net/images/shipping-icon.png
Requested by: Host: www.bagborroworsteal.com
URL: https://www.bagborroworsteal.com//signinInput
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-91.fra56.r.cloudfront.net
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 4389239d90f66985ca942fc833a14f1f2269581a37b804843846954e056f8036

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bagborroworsteal.com/

Response headers

ETag: "1133-59d396f5c7398"
Age: 70161
Connection: keep-alive
Via: 1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Content-Length: 4403
X-Amz-Cf-Id: zDko7WAJt3pW-kAGQuIX3flD1e2iL1DeAKiV2vQZbng7dJjgNP8dSw==
Date: Thu, 03 Oct 2024 06:28:51 GMT
Content-Type: image/png
Last-Modified: Tue, 28 Jan 2020 20:54:50 GMT
Server: Apache/2.4.29 (Ubuntu)
X-Amz-Cf-Pop: FRA56-P5

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame A854 0
0 55ms
40ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdYSfMkAAAAANEsL_lmLaQa22gAnP5tsfPZ3RDx&co=aHR0cHM6Ly93d3cuYmFnYm9ycm93b3JzdGVhbC5jb206NDQz&hl=de&v=xds0rzGrktR88uEZ2JUvdgOY&size=invisible&cb=h2b08lyalrbb

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-sxm-pWyVdXaCcqhzQV7KOg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bagborroworsteal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-sxm-pWyVdXaCcqhzQV7KOg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Fri, 04 Oct 2024 01:58:13 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

event Show response
widget.us.criteo.com/
Redirect Chain

https://sslwidget.criteo.com/event?a=5825&v=5.27.0&otl=1&p0=e%3Dce%26m%3D%255B%255D%26h%3Dsha256&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvpg&p3=e%3Ddis&adce=1&bundle=4-yCgF9NNVFqZmtxbGNIbThIYnElMkZURzN5Y...
https://widget.us.criteo.com/event?a=5825&v=5.27.0&otl=1&p0=e%3Dce%26m%3D%255B%255D%26h%3Dsha256&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvpg&p3=e%3Ddis&adce=1&bundle=4-yCgF9NNVFqZmtxbGNIbThIYnElMkZURzN5Y...

10 KB
5 KB

310ms
102ms

Script
application/x-javascript

74.119.117.16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.us.criteo.com/event?a=5825&v=5.27.0&otl=1&p0=e%3Dce%26m%3D%255B%255D%26h%3Dsha256&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvpg&p3=e%3Ddis&adce=1&bundle=4-yCgF9NNVFqZmtxbGNIbThIYnElMkZURzN5Y3RZN0VtS0N6SkpsbDIyWGQzY0x3Z3laOTdscndvdXk3WHhZNm5zN2tPc1ZaUGlUVzNMNG10Y0daYTJacjFBOUljbGQ3bldHbWpKb2laREpNWjZ2VTBXQTc2WDl5ZVZsUEJJJTJGSjM5TG5FTTFiQVgyYzVzSG1UNjNIbmc1aTlucTB2djJBcmhYQTJpYU9jJTJGR3RPdE9GV28lM0Q&tld=bagborroworsteal.com&dy=1&fu=https%253A%252F%252Fwww.bagborroworsteal.com%252F%252FsigninInput&ceid=ab43191b-b388-46cf-9656-4331aa383867

Requested by

Host: www.bagborroworsteal.com
URL: https://www.bagborroworsteal.com//signinInput

Protocol

Server

74.119.117.16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e8a13a599b5072ef253a6366eb2143323aa39b353c028816636fed63c9b1fd38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bagborroworsteal.com/

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: no-cache
timing-allow-origin: *
content-encoding: gzip
pragma: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 11808548
expires: 0
access-control-allow-origin: *
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
date: Fri, 04 Oct 2024 01:58:13 GMT
content-type: application/x-javascript
server: Kestrel

Redirect headers

strict-transport-security: max-age=31536000; preload;
cache-control: no-cache
location: https://widget.us.criteo.com/event?a=5825&v=5.27.0&otl=1&p0=e%3Dce%26m%3D%255B%255D%26h%3Dsha256&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvpg&p3=e%3Ddis&adce=1&bundle=4-yCgF9NNVFqZmtxbGNIbThIYnElMkZURzN5Y3RZN0VtS0N6SkpsbDIyWGQzY0x3Z3laOTdscndvdXk3WHhZNm5zN2tPc1ZaUGlUVzNMNG10Y0daYTJacjFBOUljbGQ3bldHbWpKb2laREpNWjZ2VTBXQTc2WDl5ZVZsUEJJJTJGSjM5TG5FTTFiQVgyYzVzSG1UNjNIbmc1aTlucTB2djJBcmhYQTJpYU9jJTJGR3RPdE9GV28lM0Q&tld=bagborroworsteal.com&dy=1&fu=https%253A%252F%252Fwww.bagborroworsteal.com%252F%252FsigninInput&ceid=ab43191b-b388-46cf-9656-4331aa383867
content-encoding: gzip
pragma: no-cache
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2623048
expires: 0
access-control-allow-origin: *
content-length: 0
date: Fri, 04 Oct 2024 01:58:12 GMT
server: Kestrel

GET
H/1.1 200
OK 7f410yxvc49ewien.js Show response
imgs.signifyd.com/ 97 KB
14 KB 62ms
17ms Script
text/javascript 91.235.133.113
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://imgs.signifyd.com/7f410yxvc49ewien.js?newsfcemcwvrtz5g=w2txo5aa&9o4hy9il1nx2b81g=afd662d7-67da-4c6c-b76a-2214d05c8a50

Requested by

Host: cdn-scripts.signifyd.com
URL: https://cdn-scripts.signifyd.com/api/company_toolkit.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

75a081d1520d6e6d5638795a176b459b1b45dd7a408fc7bfcf3f3ed7f613b22b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bagborroworsteal.com/

Response headers

X-Robots-Tag: noindex, nofollow
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP=IVAa PSAa
Keep-Alive: timeout=2, max=100
Date: Fri, 04 Oct 2024 01:58:13 GMT
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-XSS-Protection: 1; mode=block
Server: Apache

GET
H3 200 /
googleads.g.doubleclick.net/pagead/viewthroughconversion/1070221345/ 42 B
65 B 20ms
20ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1070221345/?random=1442752890&cv=9&fst=1728007093235&num=1&value=0&label=NoJeCN_H-gIQoZCp_gM&bg=666666&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465925%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.bagborroworsteal.com%2F%2FsigninInput&tiba=Account%20Sign%20In&capi=1&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgiRybECSid0cmlnZ2VyPW5hdmlnYXRpb24tc291cmNlLCBldmVudC1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMI0KXZh9DziAMVpoeDBx2RZDg6MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOiFodHRwczovL3d3dy5iYWdib3Jyb3dvcnN0ZWFsLmNvbS8

Requested by

Host: www.bagborroworsteal.com
URL: https://www.bagborroworsteal.com//signinInput

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bagborroworsteal.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 42
date: Fri, 04 Oct 2024 01:58:13 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 / Show response
recommender.scarabresearch.com/merchants/1A5CD7799B61CC35/ 89 B
484 B 40ms
9ms XHR
application/json 18.184.118.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://recommender.scarabresearch.com/merchants/1A5CD7799B61CC35/?pv=170857775&xp=1&cp=1
Requested by: Host: cdn.scarabresearch.com
URL: https://cdn.scarabresearch.com/js/1A5CD7799B61CC35/scarab-v2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.184.118.166 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-184-118-166.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: d99633e45b1f45b030abf8ebcf6bf2b10cf089e202c46c8546939feb776c06e7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bagborroworsteal.com/

Response headers

timing-allow-origin: *
access-control-allow-credentials: true
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: https://www.bagborroworsteal.com
content-length: 89
p3p: CP="NOI DSP COR NID PSAo OUR IND"
date: Fri, 04 Oct 2024 01:58:13 GMT
content-type: application/json;charset=utf-8
vary: Accept-Encoding, User-Agent

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 41ms
15ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-LB9EL787KX&gtm=45je4a20v899829517z89105512630za200zb9105512630&_p=1728007093061&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101671035~101747727&cid=824013684.1728007093&ecid=820578024&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&ec_mode=a&_s=1&sid=1728007093&sct=1&seg=0&dl=https%3A%2F%2Fwww.bagborroworsteal.com%2F%2FsigninInput&dt=Account%20Sign%20In&en=page_view&_fv=1&_ss=1&tfd=742
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LB9EL787KX&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bagborroworsteal.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.bagborroworsteal.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 04 Oct 2024 01:58:13 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
560 B 69ms
21ms Ping
text/plain 2a00:1450:400c:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-LB9EL787KX&cid=824013684.1728007093&gtm=45je4a20v899829517z89105512630za200zb9105512630&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101671035~101747727
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LB9EL787KX&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c04::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bagborroworsteal.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.bagborroworsteal.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 04 Oct 2024 01:58:13 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 34ms
19ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-LB9EL787KX&cid=824013684.1728007093&gtm=45je4a20v899829517z89105512630za200zb9105512630&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101671035~101747727&tag_exp=101671035~101747727&z=1917415778

Requested by

Host: www.bagborroworsteal.com
URL: https://www.bagborroworsteal.com//signinInput

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bagborroworsteal.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Fri, 04 Oct 2024 01:58:13 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H/1.1 200
OK DE.png
d1vyngmisxigjx.cloudfront.net/images/flags/96x64/ 1 KB
2 KB 8ms
7ms Image
image/png 18.66.112.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1vyngmisxigjx.cloudfront.net/images/flags/96x64/DE.png
Requested by: Host: www.bagborroworsteal.com
URL: https://www.bagborroworsteal.com//signinInput
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-91.fra56.r.cloudfront.net
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: a02b3ffbb8805d295bb9ef2b5676ac97189736203b6779ab848ceb7b9008e67c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bagborroworsteal.com/

Response headers

ETag: "592-59d396f3a7481"
Age: 17950
Connection: keep-alive
Via: 1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Content-Length: 1426
X-Amz-Cf-Id: zbCDcgjW8qrO_idPGpYVF1ADjqwmK34ai4B6HeAbEqf-12L2GpovHQ==
Date: Thu, 03 Oct 2024 21:14:23 GMT
Content-Type: image/png
Last-Modified: Tue, 28 Jan 2020 20:54:48 GMT
Server: Apache/2.4.29 (Ubuntu)
X-Amz-Cf-Pop: FRA56-P5

GET
H2 200 17020539.js Show response
bat.bing.com/p/action/ 2 KB
977 B 30ms
30ms Script
application/javascript 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/17020539.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8298a27e03f69f1cfff40560fc76145634a29ab8ce310c953d4dcbdaa52bcaf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bagborroworsteal.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=60
content-encoding: br
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: BF96AF3CD543446AA6CBC436C2637E47 Ref B: FRAEDGE1317 Ref C: 2024-10-04T01:58:13Z
x-cache: CONFIG_NOCACHE
date: Fri, 04 Oct 2024 01:58:12 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding

POST
H/1.1 200
OK init-analytics Show response
send.webeyez.com/ 2 B
451 B 138ms
40ms XHR
application/json 52.214.111.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://send.webeyez.com/init-analytics
Requested by: Host: sec.webeyez.com
URL: https://sec.webeyez.com/js/7c044089-c3f8-4413-81bd-a0e8b978a407/wzbody.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.214.111.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-111-170.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://www.bagborroworsteal.com/

Response headers

timing-allow-origin: *
ETag: W/"2-l9Fw4VUO7kr8CvBlt4zaMCqXZ0w"
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: https://www.bagborroworsteal.com
Content-Length: 2
Date: Fri, 04 Oct 2024 01:58:13 GMT
Content-Type: application/json; charset=utf-8
X-Powered-By: Express
Access-Control-Allow-Headers: Content-Type, X-Requested-With

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.47/ 64 KB
27 KB 16ms
13ms Script
application/javascript 2620:1ec:bdf::64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.47/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/n8fq6bttmg?ref=gtm2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 30adbc7e799238c336b56a1e20db67910f2a114fc3bc6ced6c550b4c873318aa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bagborroworsteal.com/

Response headers

x-azure-ref: 20241004T015813Z-176d4fdd79c5lw2m85440x50vg0000000nv0000000011uyg
cache-control: public, max-age=86400
x-ms-version: 2018-03-28
content-encoding: br
etag: W/"0x8DCE357CB5C8323"
x-fd-int-roxy-purgeid: 51562430
x-ms-request-id: d519bed0-e01e-0003-10a0-15cfbf000000
access-control-allow-origin: *
x-cache: TCP_HIT
date: Fri, 04 Oct 2024 01:58:13 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
last-modified: Thu, 03 Oct 2024 03:02:19 GMT

GET
H2 200 17020539 Show response
bat.bing.com/p/insights/t/ 712 B
885 B 107ms
107ms Script
application/x-javascript 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/insights/t/17020539

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/p/action/17020539.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

44a26a47e44838547ca41d1512abbc056edf9b818fefcb7d27295dd0260e617e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bagborroworsteal.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, no-store
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 76FC51D024694443BC5B35053A90C39F Ref B: FRAEDGE1317 Ref C: 2024-10-04T01:58:13Z
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
expires: -1
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 606
date: Fri, 04 Oct 2024 01:58:12 GMT
content-type: application/x-javascript
vary: Accept-Encoding
x-azure-ref: 20241004T015813Z-r1b467f6df97ph2d8e683d4qbc00000001100000000052yb

GET
H2 204 0
bat.bing.com/action/ 0
177 B 31ms
31ms Image
text/plain 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=17020539&Ver=2&mid=2f094843-a552-4384-951a-a792a3fa6677&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=Account%20Sign%20In&p=https%3A%2F%2Fwww.bagborroworsteal.com%2F%2FsigninInput&r=&lt=669&evt=pageLoad&sv=1&asc=D&cdb=AQAY&rn=584556

Requested by

Host: www.bagborroworsteal.com
URL: https://www.bagborroworsteal.com//signinInput

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bagborroworsteal.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9A19EC592AEA4E79AE50FD0405723D72 Ref B: FRAEDGE1317 Ref C: 2024-10-04T01:58:13Z
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Fri, 04 Oct 2024 01:58:12 GMT

GET
H2 200 getIds Show response
s1.listrakbi.com/wvUAmMkZKUfn/session/ 175 B
1007 B 436ms
402ms Script
application/x-javascript 104.18.41.49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.listrakbi.com/wvUAmMkZKUfn/session/getIds?callback=ltkCallback5816&gsid=&_sid=&_tid=wvUAmMkZKUfn&ps=null&dps=true
Requested by: Host: cdn.listrakbi.com
URL: https://cdn.listrakbi.com/scripts/script.js?m=wvUAmMkZKUfn&v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.41.49 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b822c70596e9e9f6566f712e55cc7639d581eee52f48e434fcde5116e4f8afdc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bagborroworsteal.com/

Response headers

cache-control: no-cache
content-encoding: gzip
cf-cache-status: DYNAMIC
pragma: no-cache
cf-ray: 8cd190ce39814d5b-FRA
expires: -1
date: Fri, 04 Oct 2024 01:58:13 GMT
content-type: application/x-javascript; charset=utf-8
server: cloudflare

POST
H/1.1 200
OK get-session Show response
send.webeyez.com/ 118 B
570 B 34ms
32ms Fetch
application/json 52.214.111.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://send.webeyez.com/get-session
Requested by: Host: sec.webeyez.com
URL: https://sec.webeyez.com/js/7c044089-c3f8-4413-81bd-a0e8b978a407/wzbody.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.214.111.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-111-170.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 4be5ee1bd6cc9a6e6a8f8b7baafbc4e46201e85f2b047747952f2990e4cc6a40

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.bagborroworsteal.com/

Response headers

timing-allow-origin: *
ETag: W/"76-DidP2YELHD6oB1Sl4grMdmi+Nx4"
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: https://www.bagborroworsteal.com
Content-Length: 118
Date: Fri, 04 Oct 2024 01:58:13 GMT
Content-Type: application/json; charset=utf-8
X-Powered-By: Express
Access-Control-Allow-Headers: Content-Type, X-Requested-With

OPTIONS
H/1.1 200
OK get-session
send.webeyez.com/ Frame 0
0 50ms
30ms Preflight
text/html 52.214.111.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://send.webeyez.com/get-session
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.214.111.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-111-170.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.bagborroworsteal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type, X-Requested-With
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: https://www.bagborroworsteal.com
Allow: POST
Connection: keep-alive
Content-Length: 4
Content-Type: text/html; charset=utf-8
Date: Fri, 04 Oct 2024 01:58:13 GMT
ETag: W/"4-Yf+Bwwqjx254r+pisuO9HfpJ6FQ"
X-Powered-By: Express
timing-allow-origin: *

GET
H2 200 0.7.47 Show response
bat.bing.com/p/insights/s/ 35 KB
15 KB 34ms
34ms Script
application/javascript 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/insights/s/0.7.47

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/p/insights/t/17020539

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

12f2afb6e3d298d3a71abb732ddc6966fa0b2a07f73302fda93d8be88a1ac953

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bagborroworsteal.com/

Response headers

content-encoding: br
x-ms-version: 2018-03-28
etag: W/"0x8DCE357D4B71492"
x-fd-int-roxy-purgeid: 51562430
x-cache: CONFIG_NOCACHE
date: Fri, 04 Oct 2024 01:58:12 GMT
content-type: application/javascript;charset=utf-8
last-modified: Thu, 03 Oct 2024 03:02:35 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 48ECF432496C410481AE71FFBFF8B51C Ref B: FRAEDGE1317 Ref C: 2024-10-04T01:58:13Z
x-ms-request-id: d530d947-e01e-0003-1fa3-15cfbf000000
access-control-allow-origin: *
content-length: 15216
x-azure-ref: 20241004T015813Z-r1b467f6df92xw77278ua53sk000000000xg00000000391p

GET
H3 200 bframe
www.google.com/recaptcha/api2/ Frame BCDD 0
0 23ms
23ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=xds0rzGrktR88uEZ2JUvdgOY&k=6LdYSfMkAAAAANEsL_lmLaQa22gAnP5tsfPZ3RDx

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Z2JIzJD5VN7OFzki2ye2JQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bagborroworsteal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Z2JIzJD5VN7OFzki2ye2JQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Fri, 04 Oct 2024 01:58:13 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 204
No Content collect Show response
u.clarity.ms/ 0
288 B 393ms
189ms XHR
text/plain 4.227.249.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://u.clarity.ms/collect
Requested by: Host: sec.webeyez.com
URL: https://sec.webeyez.com/js/7c044089-c3f8-4413-81bd-a0e8b978a407/wzbody.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.227.249.197 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://www.bagborroworsteal.com/

Response headers

Request-Context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
Access-Control-Allow-Origin: https://www.bagborroworsteal.com
Date: Fri, 04 Oct 2024 01:58:13 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

GET
H/1.1 200
OK animate.min.css
cdn.listrakbi.com/css/ 5 KB
1 KB 8ms
7ms Stylesheet
text/css 18.66.130.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.listrakbi.com/css/animate.min.css
Requested by: Host: cdn.listrakbi.com
URL: https://cdn.listrakbi.com/scripts/script.js?m=wvUAmMkZKUfn&v=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.130.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-130-11.fra60.r.cloudfront.net
Software: cloudflare /
Resource Hash: bb8fa5f5216fa65fb3b0cfc76de29efaf4e6ff82a281dc540fb568d4767f688e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bagborroworsteal.com/

Response headers

Content-Encoding: br
CF-Cache-Status: DYNAMIC
ETag: W/"2ff9137f7dfd81:0"
Age: 16
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: HyqfQGY_-xlG9_C1cs0d1HGm2yWDaxPkMjjvoTRhQ8gg7XHyxxSafQ==
Date: Fri, 04 Oct 2024 01:58:05 GMT
Content-Type: text/css
Last-Modified: Fri, 14 Oct 2022 18:03:08 GMT
Vary: Accept-Encoding
Transfer-Encoding: chunked
cache-control: no-store
Connection: keep-alive
Via: 1.1 109c7a7f1cf897851e09b16d3030a948.cloudfront.net (CloudFront)
CF-RAY: 8c9153346eb0996c-FRA
X-Amz-Cf-Pop: FRA60-P2
Server: cloudflare

POST
H/1.1 200
OK 1
send.webeyez.com/ 2 B
445 B 115ms
30ms Ping
text/plain 52.214.111.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://send.webeyez.com/1
Requested by: Host: sec.webeyez.com
URL: https://sec.webeyez.com/js/7c044089-c3f8-4413-81bd-a0e8b978a407/wzbody.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.214.111.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-111-170.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.bagborroworsteal.com/

Response headers

timing-allow-origin: *
ETag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: https://www.bagborroworsteal.com
Content-Length: 2
Date: Fri, 04 Oct 2024 01:58:13 GMT
Content-Type: text/plain; charset=utf-8
X-Powered-By: Express
Access-Control-Allow-Headers: Content-Type, X-Requested-With

POST
H/1.1 200
OK 1
send.webeyez.com/ 2 B
445 B 124ms
33ms Ping
text/plain 52.214.111.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://send.webeyez.com/1
Requested by: Host: sec.webeyez.com
URL: https://sec.webeyez.com/js/7c044089-c3f8-4413-81bd-a0e8b978a407/wzbody.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.214.111.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-111-170.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.bagborroworsteal.com/

Response headers

timing-allow-origin: *
ETag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: https://www.bagborroworsteal.com
Content-Length: 2
Date: Fri, 04 Oct 2024 01:58:13 GMT
Content-Type: text/plain; charset=utf-8
X-Powered-By: Express
Access-Control-Allow-Headers: Content-Type, X-Requested-With

POST
H/1.1 200
OK 1
send.webeyez.com/ 2 B
445 B 129ms
34ms Ping
text/plain 52.214.111.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://send.webeyez.com/1
Requested by: Host: sec.webeyez.com
URL: https://sec.webeyez.com/js/7c044089-c3f8-4413-81bd-a0e8b978a407/wzbody.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.214.111.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-111-170.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.bagborroworsteal.com/

Response headers

timing-allow-origin: *
ETag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: https://www.bagborroworsteal.com
Content-Length: 2
Date: Fri, 04 Oct 2024 01:58:13 GMT
Content-Type: text/plain; charset=utf-8
X-Powered-By: Express
Access-Control-Allow-Headers: Content-Type, X-Requested-With

POST
H/1.1 200
OK 1
send.webeyez.com/ 2 B
445 B 133ms
35ms Ping
text/plain 52.214.111.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://send.webeyez.com/1
Requested by: Host: sec.webeyez.com
URL: https://sec.webeyez.com/js/7c044089-c3f8-4413-81bd-a0e8b978a407/wzbody.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.214.111.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-111-170.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.bagborroworsteal.com/

Response headers

timing-allow-origin: *
ETag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: https://www.bagborroworsteal.com
Content-Length: 2
Date: Fri, 04 Oct 2024 01:58:13 GMT
Content-Type: text/plain; charset=utf-8
X-Powered-By: Express
Access-Control-Allow-Headers: Content-Type, X-Requested-With

GET
H2 200 tr
www.facebook.com/ 0
273 B 28ms
8ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=633431863472650&ev=PageView&dl=https%3A%2F%2Fwww.bagborroworsteal.com%2F%2FsigninInput&eid=fd001b6dbadc4264b5c1ef58a60da617

Requested by

Host: www.bagborroworsteal.com
URL: https://www.bagborroworsteal.com//signinInput

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bagborroworsteal.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1328, tbw=2905, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Fri, 04 Oct 2024 01:58:13 GMT
content-type: text/plain
server: proxygen-bolt

POST
H2 204 u Show response
bat.bing.com/p/insights/c/ 0
214 B 101ms
100ms XHR
text/plain 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/insights/c/u

Requested by

Host: sec.webeyez.com
URL: https://sec.webeyez.com/js/7c044089-c3f8-4413-81bd-a0e8b978a407/wzbody.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/x-webinsights-gzip
Referer: https://www.bagborroworsteal.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4AB724EA98B04CEB93656470417FC699 Ref B: FRAEDGE1317 Ref C: 2024-10-04T01:58:13Z
access-control-allow-credentials: true
request-context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
access-control-allow-origin: https://www.bagborroworsteal.com
x-cache: CONFIG_NOCACHE
date: Fri, 04 Oct 2024 01:58:12 GMT
vary: Origin

GET
H2 200 legacy.min.css
seal-blue.bbb.org/ 3 KB
1 KB 37ms
6ms Stylesheet
text/css 68.70.204.1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://seal-blue.bbb.org/legacy.min.css
Requested by: Host: seal-alaskaoregonwesternwashington.bbb.org
URL: https://seal-alaskaoregonwesternwashington.bbb.org/logo/bag-borrow-or-steal-22027217.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.70.204.1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn / ASP.NET
Resource Hash: 687a68a1f30ee3ce6f18f262eb8dec5a69c560cc9dcd7c1ba94572da4420ac32

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bagborroworsteal.com/

Response headers

x-robots-tag: noindex
content-encoding: gzip
etag: "4cc5f26918dda1:0"
expires: Fri, 04 Oct 2024 05:58:13 GMT
x-cache: HIT
date: Fri, 04 Oct 2024 01:58:13 GMT
x-shield: active
content-type: text/css
last-modified: Fri, 12 Apr 2024 17:46:57 GMT
vary: Accept-Encoding
cache-control: max-age=14400
x-edge-location: defr
accept-ranges: bytes
access-control-allow-origin: *
content-length: 878
x-powered-by: ASP.NET
server: keycdn

GET
H2 200 wz_ww.js Show response
sec.webeyez.com/js/7c044089-c3f8-4413-81bd-a0e8b978a407/ 318 KB
97 KB 20ms
7ms Fetch
text/javascript 2600:9000:225e:e800:7:e9e7:15c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sec.webeyez.com/js/7c044089-c3f8-4413-81bd-a0e8b978a407/wz_ww.js

Requested by

Host: sec.webeyez.com
URL: https://sec.webeyez.com/js/7c044089-c3f8-4413-81bd-a0e8b978a407/wzbody.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225e:e800:7:e9e7:15c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

03afc244c48d76a66b9b63040d33059de5b81f74210b735c65dbed85913889c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bagborroworsteal.com/

Response headers

access-control-max-age: 3000
content-encoding: br
etag: W/"62f1086c94645106ebb3fff16ca1a59f"
age: 53533
access-control-allow-methods: GET, HEAD
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: O6WczBTQ2ojec5bTGJmyGzUZapyi13U_swxix5JHW_iR4bQoI9nQBQ==
date: Thu, 03 Oct 2024 11:06:01 GMT
content-type: text/javascript
vary: Accept-Encoding
last-modified: Tue, 01 Oct 2024 15:56:52 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA60-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK I6LJMm0O5dq_YjOO Show response
imgs.signifyd.com/ Frame 7B4B 319 KB
54 KB 25ms
25ms Script
text/javascript 91.235.133.113
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://imgs.signifyd.com/I6LJMm0O5dq_YjOO?42734eb3826b1a6f=5VjADE7Jq-dtIkpjm1WWbeTYltlzy8QrJqBh_zxxtY_aZBB1w-w637POup_qQDIcnu7gZbfXpGNJOuIY-t1O9qVso-PLzmhC0vE0jTaQ2a5fZIRf5T-mtivErxETk9Ahw_ZV7KA569OjimcwMQ1gguYLEBeG96NsezF2-4m2FjOkX481PzhrweVQa-u2AcHXntdGrxFMpTafeU6t&jb=3532262468716f77354e6b6e75702668716d354e6b6c757024687362753d436a7a6f6d65266873603f416870676f6725323831303b

Requested by

Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/7f410yxvc49ewien.js?newsfcemcwvrtz5g=w2txo5aa&9o4hy9il1nx2b81g=afd662d7-67da-4c6c-b76a-2214d05c8a50

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

c5d203ad116190c0c68cdfc669690b55abf5b4d465642d5b6e948fd1d0e82799

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bagborroworsteal.com/

Response headers

X-Robots-Tag: noindex, nofollow
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=99
Date: Fri, 04 Oct 2024 01:58:13 GMT
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
tmx-nonce: df6d618dffe2a34e
X-XSS-Protection: 1; mode=block
Server: Apache

GET
H/1.1 200
OK x8F5GhEktNLGNe9f
imgs.signifyd.com/ Frame 7B4B 81 B
475 B 40ms
13ms Image
image/png 91.235.133.113
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imgs.signifyd.com/x8F5GhEktNLGNe9f?2cf8506b5197736e=nkt6Xp0Na2_Y2RtR7xG1nel3YpZrl3SLEJCdWYMpKoA1NN1vDaDPcTr7IjGoPW6Bb8n1Xp1A0fXT-Qvqsg_REb5TgN0HPceyFqPbkMDmsVJ1ifBexhEMFvAF8yeBALQ4dOMYBQvREHF74mVfdoeuhGBgappBfH0LoSFvEr0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bagborroworsteal.com/

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive
X-Content-Type-Options: nosniff
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 81
Keep-Alive: timeout=2, max=100
Date: Fri, 04 Oct 2024 01:58:13 GMT
X-XSS-Protection: 1; mode=block
Content-Type: image/png
Server: Apache

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame B974 170 B
409 B 52ms
16ms Image
image/png 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-grVYMSpJcI4WrhmDPvOGrmewo3YR8PzCuL9vzQ&google_cm&google_hm=ay1nclZZTVNwSmNJNFdyaG1EUHZPR3JtZXdvM1lSOFB6Q3VMOXZ6UQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
date: Fri, 04 Oct 2024 01:58:13 GMT
x-xss-protection: 0
content-type: image/png
server: HTTP server (unknown)

GET
H2 200 sync
x.bidswitch.net/ Frame B974 43 B
183 B 61ms
16ms Image
image/gif 35.214.136.108
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-lFimfypJcI4WrhmDPvOGrmewo3b0XzgQVHCTTg&expires=30
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.214.136.108 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS: 108.136.214.35.bc.googleusercontent.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

via: 1.1 google
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
date: Fri, 04 Oct 2024 01:58:13 GMT
content-type: image/gif

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame B974
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6597276482756212730

43 B
369 B

14ms
14ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6597276482756212730

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: no-cache
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 861206
expires: Mon, 26 Jul 1997 05:00:00 GMT
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
date: Fri, 04 Oct 2024 01:58:13 GMT
content-type: image/gif
server: Kestrel

Redirect headers

cache-control: no-store, no-cache, private
location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6597276482756212730
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 45.141.152.75; 45.141.152.75; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: *
an-x-request-uuid: 1ba574f7-7e22-48da-b173-b3394fc1477c
content-length: 0
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Fri, 04 Oct 2024 01:58:13 GMT
x-xss-protection: 0
content-type: text/html; charset=utf-8
server: nginx/1.23.4

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame B974 43 B
163 B 62ms
14ms Image
image/gif 81.17.55.173
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-xbT2ESpJcI4WrhmDPvOGrmewo3aSUCn5dt40Pw
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.173 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

transfer-encoding: chunked
date: Fri, 04 Oct 2024 01:58:13 GMT
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame B974 0
99 B 58ms
15ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-7dK3hSpJcI4WrhmDPvOGrmewo3YESuQbzVsltQ
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-fastly-to-nlb-rtt: 12822
date: Fri, 04 Oct 2024 01:58:13 GMT
server: nginx
access-control-allow-credentials: true

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame B974 49 B
342 B 66ms
18ms Image
image/gif 185.255.84.153
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-sMWiJSpJcI4WrhmDPvOGrmewo3Z0h-hYnTCH-Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.153 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
x-envoy-upstream-service-time: 2
x-content-type-options: nosniff
expires: 0
p3p: CP="CAO PSA OUR"
content-length: 49
date: Fri, 04 Oct 2024 01:58:13 GMT
content-type: image/gif
vary: Accept-Encoding
server: ayl-lb-fra02

GET
H2

200

rum
r.casalemedia.com/ Frame B974
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-QfYdQipJcI4WrhmDPvOGrmewo3bwDvqpm4XCvA
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-QfYdQipJcI4WrhmDPvOGrmewo3bwDvqpm4XCvA&C=1

43 B
565 B

21ms
21ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-QfYdQipJcI4WrhmDPvOGrmewo3bwDvqpm4XCvA&C=1
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TQDfA6fHlj5JgwqdxLjCpSOLGZWmvOqRwxGFkwJl9LKEiL856A9ESLlN8LENRj9m9jJzMXQa4RykF4wVhdC7Jr9tUFehglpqfPChLKXFyHJvofctsvt25KigsQ6KFQ2Nvr7N"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cd190d1bda23647-FRA
expires: 0
alt-svc: h3=":443"; ma=86400
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date: Fri, 04 Oct 2024 01:58:14 GMT
content-type: image/gif
vary: Accept-Encoding
server: cloudflare

Redirect headers

cache-control: no-cache
location: /rum?cm_dsp_id=20&external_user_id=k-QfYdQipJcI4WrhmDPvOGrmewo3bwDvqpm4XCvA&C=1
cf-cache-status: DYNAMIC
pragma: no-cache
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OLZmsU5W2ysR2a7ghL%2BIbFAakHvSCdSFRSg%2FmbwBUkQj6DltQhopdF3SkmBDADdXfZb0cW4uhiIv8XBCczJUzM4P1bJ1KixXnBlmnimxbTv8lZsstYrGAP9YW%2Bz%2Fvec9i4i%2B"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cd190d11d553647-FRA
expires: 0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date: Fri, 04 Oct 2024 01:58:13 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2

200

demconf.jpg
dpm.demdex.net/ Frame B974
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=TFxCwGm6WrcUJ7E17brCBb9GLiMTASWH
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=TFxCwGm6WrcUJ7E17brCBb9GLiMTASWH

42 B
716 B

33ms
33ms

Image
image/gif

52.31.23.243
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=TFxCwGm6WrcUJ7E17brCBb9GLiMTASWH

Protocol

Server

52.31.23.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-23-243.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
dcs: dcs-prod-irl1-2-v065-0eedddf35.edge-irl1.demdex.com 2 ms
content-encoding: gzip
pragma: no-cache
x-content-type-options: nosniff
x-tid: bTyG+cxwTY8=
expires: Thu, 01 Jan 1970 00:00:00 UTC
content-length: 59
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date: Fri, 04 Oct 2024 01:58:14 GMT
content-type: image/gif

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=TFxCwGm6WrcUJ7E17brCBb9GLiMTASWH
dcs: dcs-prod-irl1-2-v065-029541a7d.edge-irl1.demdex.com 0 ms
pragma: no-cache
x-tid: ajuPrNCzTOU=
expires: Thu, 01 Jan 1970 00:00:00 UTC
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date: Fri, 04 Oct 2024 01:58:14 GMT

GET
H2 200 9.gif
id5-sync.com/s/966/ Frame B974 43 B
1 KB 29ms
8ms Image
image/gif 141.95.33.120
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/966/9.gif?puid=k-Ql1x1CpJcI4WrhmDPvOGrmewo3Zf2mmwiL4k0A

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.120 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203256.ip-141-95-33.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
p3p: CP="CAO PSA OUR"
date: Fri, 04 Oct 2024 01:58:13 GMT
content-type: image/gif;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H2 200 match
ad.360yield.com/ Frame B974 43 B
199 B 123ms
32ms Image
image/gif 108.128.221.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-jGW5GipJcI4WrhmDPvOGrmewo3awTvXl7fluAA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.128.221.62 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-221-62.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-allow-origin: *
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
date: Fri, 04 Oct 2024 01:58:14 GMT
content-type: image/gif

GET
H2 200 sync
matching.ivitrack.com/ Frame B974 42 B
265 B 48ms
16ms Image
image/gif 34.117.157.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-5QndkipJcI4WrhmDPvOGrmewo3bRBnHnFMvy-w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.157.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
date: Fri, 04 Oct 2024 01:58:13 GMT
content-type: image/gif
server: istio-envoy

GET
H2 200 cksync.php
contextual.media.net/ Frame B974 61 B
817 B 92ms
50ms Image
image/gif 184.30.20.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-nf-oBSpJcI4WrhmDPvOGrmewo3ZrX6k-vfDm1Q

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.20.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-20-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

14c847e283cde4999e0d4ba2b30bc61e64217110eb8f08f24751d0fdeb3ba8e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
expires: Fri, 04 Oct 2024 01:58:14 GMT
x-mnet-hl2: E
alt-svc: h3=":443"; ma=93600
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-length: 61
date: Fri, 04 Oct 2024 01:58:14 GMT
content-type: image/gif
server: Apache

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame B974 0
882 B 31ms
9ms Image
text/html 18.195.28.232
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-U1F6OSpJcI4WrhmDPvOGrmewo3a71OCWJjA99w
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.28.232 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-28-232.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control: private, no-cache
content-encoding: gzip
date: Fri, 04 Oct 2024 01:58:13 GMT
content-type: text/html; charset=utf-8
vary: Origin, Accept-Encoding
access-control-allow-credentials: true

GET
H2 200 1017
jadserve.postrelease.com/suid/ Frame B974 43 B
422 B 136ms
33ms Image
image/gif 52.16.180.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/suid/1017?vk=k-duFJaSpJcI4WrhmDPvOGrmewo3acCr3n6xqbRg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.16.180.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-16-180-166.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
expires: Mon, 1 Jan 1990 12:00:00 GMT
access-control-allow-origin: *
content-length: 43
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Fri, 04 Oct 2024 01:58:14 GMT
content-type: image/gif
server: nginx

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame B974 0
218 B 282ms
88ms Image
text/plain 64.202.112.159
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-WTozyypJcI4WrhmDPvOGrmewo3aTTYg0zw26NQ&initiator=partner

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.202.112.159 , United States, ASN23352 (SERVERCENTRAL, US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache
content-length: 0
date: Fri, 04 Oct 2024 01:58:14 GMT
x-traceid: 48625b70b1c907d80bcc2942a2422100

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame B974 0
225 B 82ms
19ms Image
text/html 185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-fcaGZCpJcI4WrhmDPvOGrmewo3YrQiujzOPNtg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-store, no-cache, private
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-encoding: gzip
date: Fri, 04 Oct 2024 01:58:14 GMT
content-type: text/html; charset=utf-8
server: nginx

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame B974 0
239 B 54ms
8ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-OwDhTypJcI4WrhmDPvOGrmewo3bYEizmx2OunQ&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
Pragma: no-cache
Content-Type: image/gif

GET
H2 204 v1
match.sharethrough.com/sync/ Frame B974 0
58 B 37ms
7ms Image
text/plain 18.197.30.174
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-EtJy1ypJcI4WrhmDPvOGrmewo3Z49fMONnPEYQ

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.197.30.174 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-197-30-174.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=16000000; includeSubDomains; preload;

GET
H2 200 um
criteo-sync.teads.tv/ Frame B974 23 B
163 B 64ms
31ms Image
image/gif 2.16.97.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-1ETS_CpJcI4WrhmDPvOGrmewo3YydRsdHdZCQA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.1 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

expires: Fri, 04 Oct 2024 01:58:14 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 23
pragma: no-cache
date: Fri, 04 Oct 2024 01:58:14 GMT
content-type: image/gif
server: pekko-http/1.0.1

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame B974 43 B
400 B 288ms
92ms Image
image/gif 2600:1f18:612b:4264:e09b:c511:883e:bd24
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-UmTzpypJcI4WrhmDPvOGrmewo3bZSwT4QcqBpA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4264:e09b:c511:883e:bd24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Fri, 04 Oct 2024 01:58:14 GMT
content-type: image/gif
server: nginx

GET
H2 200 xuid
eb2.3lift.com/ Frame B974 37 B
140 B 29ms
7ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-3zUKxypJcI4WrhmDPvOGrmewo3aWhe2xDndmzw&dongle=013b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
date: Fri, 04 Oct 2024 01:58:14 GMT
content-type: image/gif

GET
H2 200 getusermatch.php
a.twiago.com/rtb/ Frame B974 43 B
153 B 65ms
25ms Image
image/gif 85.215.5.31
CRONON-BERLIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k--AF5uSpJcI4WrhmDPvOGrmewo3ZahYROANb4Vw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.215.5.31 , Germany, ASN6786 (CRONON-BERLIN-AS, DE),
Reverse DNS
Software: Apache / PHP/7.3.29
Resource Hash: 5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-allow-origin: *
content-length: 43
date: Fri, 04 Oct 2024 01:58:14 GMT
content-type: image/gif
x-powered-by: PHP/7.3.29
server: Apache

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame B974 0
235 B 69ms
26ms Image
text/plain 184.30.17.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-I7U2USpJcI4WrhmDPvOGrmewo3bsYDKUzeGwtQ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.17.243 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-243.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Expires: Thu, 03 Oct 2024 01:58:14 GMT
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Pragma: no-cache
Date: Fri, 04 Oct 2024 01:58:14 GMT
Connection: keep-alive

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame B974 0
38 B 125ms
30ms Image
text/plain 54.194.167.115
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-6RV0TCpJcI4WrhmDPvOGrmewo3ZavdWWzKZFdA&pn_id=criteo&ext=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.167.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-167-115.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

date: Fri, 04 Oct 2024 01:58:14 GMT
content-length: 0

GET
H2 204 put
e1.emxdgt.com/ Frame B974 0
44 B 31ms
7ms Image
text/plain 52.58.204.45
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d53&uid=k-r5FM4SpJcI4WrhmDPvOGrmewo3am0120R95znQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.204.45 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-204-45.eu-central-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

date: Fri, 04 Oct 2024 01:58:14 GMT
server: awselb/2.0

GET
H2

200

RX-5f02ccf2-9982-42ed-9954-acf3ddc5e853-003
sync.targeting.unrulymedia.com/csync/ Frame B974
Redirect Chain

https://sync.1rx.io/usersync/criteodsp/k-kh6aqypJcI4WrhmDPvOGrmewo3Y6d1i0VfxkCA
https://sync.1rx.io/usersync/criteodsp/k-kh6aqypJcI4WrhmDPvOGrmewo3Y6d1i0VfxkCA?zcc=1&cb=1728007094130
https://sync.targeting.unrulymedia.com/csync/RX-5f02ccf2-9982-42ed-9954-acf3ddc5e853-003

43 B
378 B

53ms
15ms

Image
image/gif

46.228.174.117
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.targeting.unrulymedia.com/csync/RX-5f02ccf2-9982-42ed-9954-acf3ddc5e853-003
Protocol: H2
Server: 46.228.174.117 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
date: Fri, 04 Oct 2024 01:58:14 GMT
content-length: 43

Redirect headers

expires: 0
cache-control: no-store, no-cache, must-revalidate
location: https://sync.targeting.unrulymedia.com/csync/RX-5f02ccf2-9982-42ed-9954-acf3ddc5e853-003
date: Fri, 04 Oct 2024 01:58:14 GMT
pragma: no-cache
content-type: text/html

GET
H/1.1 200
OK gWXbjyEq4Oc3ktIi
imgs.signifyd.com/ Frame 7B4B 81 B
474 B 13ms
13ms Image
image/png 91.235.133.113
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imgs.signifyd.com/gWXbjyEq4Oc3ktIi?cc08aeb72d0573e2=Gqzr_Ek7nErXdfw8qO-o6usTcME6PQeoFB-BTuj-O1vsTtel2E7wr2eENmrovzKNntJWwrFJPo43h0a4ViWguzkwRKCenJnmeWK507fPe5OU8wlPoAG9nh9JkzqEEniqN_YMeufu7MujfhGBEc967Enq8h8_QhVvIlFA2E0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bagborroworsteal.com/

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive
X-Content-Type-Options: nosniff
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 81
Keep-Alive: timeout=2, max=98
Date: Fri, 04 Oct 2024 01:58:14 GMT
X-XSS-Protection: 1; mode=block
Content-Type: image/png
Server: Apache

POST
H/1.1 200
OK 1
send.webeyez.com/ 2 B
445 B 43ms
42ms Ping
text/plain 52.214.111.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://send.webeyez.com/1
Requested by: Host: sec.webeyez.com
URL: https://sec.webeyez.com/js/7c044089-c3f8-4413-81bd-a0e8b978a407/wzbody.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.214.111.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-111-170.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.bagborroworsteal.com/

Response headers

timing-allow-origin: *
ETag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: https://www.bagborroworsteal.com
Content-Length: 2
Date: Fri, 04 Oct 2024 01:58:14 GMT
Content-Type: text/plain; charset=utf-8
X-Powered-By: Express
Access-Control-Allow-Headers: Content-Type, X-Requested-With

GET
H/1.1 200
OK favicon-32x32.png
www.bagborroworsteal.com/images/ 1 KB
1 KB 94ms
94ms Other
image/png 162.242.193.40
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bagborroworsteal.com/images/favicon-32x32.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

162.242.193.40 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

Software

Apache /

Resource Hash

d1436c4054e0cda6ffadaed5e1e6f327330af9f1eb8354ee72fb2cd85d4a90b2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bagborroworsteal.com//signinInput

Response headers

ETag: "4b7-59627ad9a1300"
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 1207
Keep-Alive: timeout=5, max=484
Date: Fri, 04 Oct 2024 01:58:13 GMT
Last-Modified: Wed, 30 Oct 2019 21:47:24 GMT
Content-Type: image/png
Server: Apache
X-Frame-Options: SAMEORIGIN

GET 56fd08d8-d7a7-4685-bd9c-fee165769568
https://www.bagborroworsteal.com/ Frame 0
0

POST
H2 204 PageBrowse Show response
bl.listrakbi.com/api/ActivityEvents/ 0
114 B 150ms
149ms XHR
text/plain 104.18.41.49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bl.listrakbi.com/api/ActivityEvents/PageBrowse
Requested by: Host: sec.webeyez.com
URL: https://sec.webeyez.com/js/7c044089-c3f8-4413-81bd-a0e8b978a407/wzbody.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.41.49 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.bagborroworsteal.com/

Response headers

cf-ray: 8cd190d1fbb74d5b-FRA
access-control-allow-origin: https://www.bagborroworsteal.com
cf-cache-status: DYNAMIC
date: Fri, 04 Oct 2024 01:58:14 GMT
vary: Origin
server: cloudflare
access-control-allow-credentials: true

OPTIONS
H2 204 PageBrowse
bl.listrakbi.com/api/ActivityEvents/ Frame 0
0 133ms
99ms Preflight 172.64.146.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bl.listrakbi.com/api/ActivityEvents/PageBrowse
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.146.207 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.bagborroworsteal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://www.bagborroworsteal.com
cf-cache-status: DYNAMIC
cf-ray: 8cd190d159eed351-FRA
date: Fri, 04 Oct 2024 01:58:14 GMT
server: cloudflare
vary: Origin

GET
H2 200 wvUAmMkZKUfn Show response
at1.listrakbi.com/activity/ 111 B
614 B 407ms
390ms Script
text/javascript 104.18.41.49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://at1.listrakbi.com/activity/wvUAmMkZKUfn
Requested by: Host: cdn.listrakbi.com
URL: https://cdn.listrakbi.com/scripts/script.js?m=wvUAmMkZKUfn&v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.41.49 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61c32f7c432905e464e06e55e9398fbfb53b781cb60afaa2c9ff0adfc3922ac6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bagborroworsteal.com/

Response headers

cf-ray: 8cd190d24bdf4d5b-FRA
cache-control: private
content-encoding: gzip
cf-cache-status: DYNAMIC
date: Fri, 04 Oct 2024 01:58:14 GMT
content-type: text/javascript; charset=utf-8
server: cloudflare

GET
H/1.1 200
OK clear.png Show response
imgs.signifyd.com/fp/ Frame 7B4B 81 B
540 B 38ms
12ms XHR
image/png 91.235.133.113
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://imgs.signifyd.com/fp/clear.png

Requested by

Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/I6LJMm0O5dq_YjOO?42734eb3826b1a6f=5VjADE7Jq-dtIkpjm1WWbeTYltlzy8QrJqBh_zxxtY_aZBB1w-w637POup_qQDIcnu7gZbfXpGNJOuIY-t1O9qVso-PLzmhC0vE0jTaQ2a5fZIRf5T-mtivErxETk9Ahw_ZV7KA569OjimcwMQ1gguYLEBeG96NsezF2-4m2FjOkX481PzhrweVQa-u2AcHXntdGrxFMpTafeU6t&jb=3532262468716f77354e6b6e75702668716d354e6b6c757024687362753d436a7a6f6d65266873603f416870676f6725323831303b

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: */*, w2txo5aa/df6d618dffe2a34eafd662d7-67da-4c6c-b76a-2214d05c8a50
Referer: https://www.bagborroworsteal.com/

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: private, must-revalidate, max-age=0
Etag: aeafd913b05848499b8f6c724b757b46
Connection: Keep-Alive
Expires: Wed, 03 Oct 2029 01:58:13 GMT
Access-Control-Allow-Origin: https://www.bagborroworsteal.com
Content-Length: 81
Keep-Alive: timeout=2, max=100
Date: Fri, 04 Oct 2024 01:58:13 GMT
Last-Modified: Fri, 04 Oct 2024 01:58:13 GMT
Content-Type: image/png
Server: Apache

GET
H/1.1 200
OK 6iW4n0w8w3Erh9fT
imgs.signifyd.com/ Frame 9F27 0
0 39ms
16ms Document
text/html 91.235.133.113
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://imgs.signifyd.com/6iW4n0w8w3Erh9fT?79fcfe13efebbfef=3xzAx4wJ6_lKqVTZolz2cZkWzIxHIwZ1LGA5SCgFhPtRo_Jxfs0qpsr6W2_8OqpeKHbDFkpfzHf8UoHOzTQmF5FCNDb9xOHFm9mI7Ayb5YscCpNkX2nOFX867NV8RN-lV0V2bJAM4BN4NSSicEidlz78Un09zHPvaaKrQuoiMdYzNYWak3yDQs8vlPXkJ9-1f-HEM11ZUW4_-15lrKw

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bagborroworsteal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Fri, 04 Oct 2024 01:58:14 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=100
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK 39SLpiHG2tI1t4vI Show response
imgs.signifyd.com/ Frame 7B4B 0
398 B 13ms
13ms Script
text/javascript 91.235.133.113
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bagborroworsteal.com/

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive
X-Content-Type-Options: nosniff
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 0
Keep-Alive: timeout=2, max=99
Date: Fri, 04 Oct 2024 01:58:14 GMT
X-XSS-Protection: 1; mode=block
Content-Type: text/javascript
Server: Apache

GET
H/1.1 200
OK 1S_AspiKr5qiG4ih Show response
imgs.signifyd.com/ Frame 7B4B 134 B
652 B 13ms
13ms Script
text/javascript 91.235.133.113
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://imgs.signifyd.com/1S_AspiKr5qiG4ih?b9ce9e283a4d2373=nMjNWweXHxMIfRCH-7Lrx_OHSgXQr0jTlRSRRFOl9Pt6IohsvRg7lLXgeKWVavAsCQpnxK7rVhPIgwRJfDdcRe9n7xpMY7CNZ8o3EoUfW13SRL0If6RwwlA8m5r9OENuzy8sPTAbiDrMrEDF2e3OVg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

643acf99c797e91fc77bf9b5d58cba071ba24f1335657f9b16864e22b096fdf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bagborroworsteal.com/

Response headers

Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=97
Date: Fri, 04 Oct 2024 01:58:14 GMT
X-XSS-Protection: 1; mode=block
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Server: Apache

GET
H/1.1 200
OK 3RQk_P0rO72JXExt
h.online-metrix.net/ Frame 4E3A 0
0 50ms
16ms Document
text/html 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/3RQk_P0rO72JXExt?bb5fa346a6618607=S-3cubTvl89TSR0RWiFLt7YlehOFnKHQYY_KH4osABm8b-CQh1pwFYXGUVhzWwEg8oZy0KKK3yx4hWB5x3MtgFuFnftdpe3wOuSs00QOOvPL3hYMONofqTYyyJqy51rUI_mWggRAsi-VZpoe4gYeGA2W6vOfxbsrhd_vmawl78jJ6xzEY9DSRyraKA3_CdBhAA8mgHXQsjEqUr7MdWwp

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bagborroworsteal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Fri, 04 Oct 2024 01:58:14 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=100
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK b-4Icy_duJjv6KUh
imgs.signifyd.com/ Frame 602C 0
0 42ms
16ms Document
text/html 91.235.133.113
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://imgs.signifyd.com/b-4Icy_duJjv6KUh?bd6117fd6f361598=hclDMWxLuMF46_i1euFgcTMIVFFRYH8tH0_7_mNLj2E2X7HXBBIil93SjTYhdG8KzBpQjDoVTAQQeKG95f5ijd0PVa0tUIO0zyYX8MzTuLte3jy19n4xnmrdR5VFyMpaD77gHWNaokAQix7bkBpW8ShVP4TCtbH3d_KkHZdggjeGHfXdNFQ_zi2P0sYn-YUQqD8D37LYUiwvYYgV6Z5k

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bagborroworsteal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Fri, 04 Oct 2024 01:58:14 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=100
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK R6Fy6xXz3gyYYJJS Show response
h64.online-metrix.net/ Frame 7B4B 0
399 B 483ms
158ms Script
text/javascript 2620:f3:0:14:b401:8ee8:4321:ad82
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h64.online-metrix.net/R6Fy6xXz3gyYYJJS?ef93950d98812e52=nSZMzUBhvpE60nasaYcw8jNNpdKBAwEKSfj8UiH0q1PJjilF7IbLLD1bK68poSc0BJqww_JIpZGgc005nQC6jLSmsild7raFWIRGyksdx2i_7j7zEx2nbp6_jj_OuN8JFkh2pEydhZ1C6Q-7A5uZFGgdieVPO9Ki

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2620:f3:0:14:b401:8ee8:4321:ad82 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bagborroworsteal.com/

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive
X-Content-Type-Options: nosniff
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 0
Keep-Alive: timeout=2, max=100
Date: Fri, 04 Oct 2024 01:58:14 GMT
X-XSS-Protection: 1; mode=block
Content-Type: text/javascript
Server: Apache

GET
H/1.1 204
204 39SLpiHG2tI1t4vI Show response
imgs.signifyd.com/ Frame 7B4B 0
218 B 14ms
14ms Script
text/javascript 91.235.133.113
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://imgs.signifyd.com/39SLpiHG2tI1t4vI?244e77245728c512=BQ23nj1A9GxDilxkhc2-EGvK0ms0nXIxosWEYp8PyHqI7JIe1_bWmn1UBTbZrWaqT0ACIoF7BborbXzvzVTP30QHYTJ2qJTzPQa20HRDHFyQrLL_3MXF0Fuk-5TbFc1o0Cto5tXdAQRwxzMf_kSCEGyozBo&ja=3232343b2424633f3e32247a3d3e3024643f3934323278393032302661663d333e303078313030322471787b353337373070313335322e6672703d392e333630302c313038302c313632302e3330303224333430302431303232243334323024333038352c313535382c31313732266f763f32356e3733643339343b67346a643032396a3434626433383760386166336336266f6c3f32247b61663d323c266e6a3f60767672732d31432532462532447f77772e626367606d70726d7f6d7073746d616e2c61676f2730462d30447369676e696c416e70757424706e3f372672603f6738303a646463373d37333b336e36676265383939316d623461393b323b3266266a603f3733323c31356431313a3a61336c32313665383763343b33303361353967306426687b6d3f4c6966757a24687b603f41687a6d6f65253230313031266a736f773d4e6b6c757a2e6871627535436a706d6567246c686b3f3334266e646d3f30266e6d74723d3224767a66354777726f78652730444a67706e6966246f617468723d363830336431613260676130306d346163353e30323a3069663337353c323366643435383a39343164366761633036646131366366626c373031333b333b34612e66703d68747470712d334125324425304475777526606367626772706d756770717665696e2c636f6d2532442d32467369656e6b6c4b6e727d7624703d786c77656b665d646e617b6a27354566616c716d21706c7565696c5d75696c6c6d75735f6565666b6357726e63796d7027354566616c716d21706c7565696c5d63646d6a675d61637a6f6063762d3747646164716721706c75676b665f717569616b766b6f65273d4764616c7b6523726e7d656b6c5f7b6a6d636b776176672d354566616e736723726c776f6b6c5f726d616e726e697b6770253d4764616c73652172647567696e5d766e615d706e697b6772253d4564636e7b6723726c7d656b6e5f6465766364767225354766636e716523786e776769665f71746557746b67776d7027354566616c716d21706c7565696c5d6861746927374566696c7167246f6e5d613d7f6760676c5765624544253230312c30273032284d78676c474c2d323247512d3032302e382730304368726f6f61756d29576762454e2732324f4e514c253a304751273a32332c302d3032284f70656e45442532304551253032454c5144273030455b2530323326322730304b6a706f6d69756d2b5f65624b69765767604969762d303257656a474e434c4f4e475d69667176616e6365645d6972726179712531402732324d5a565f6264656c665d656b6c6f6170273142253230455a5c5f636c69725f616d6c7470676e2733422d3232475a5c5d616d6c67705d6275666665705768616c665d666e6d6374273b402732304d58565d666d72766a5f6b6e636d70253342273a304558545d666e6d63745d6a6e676e642d3340273038475a565f6e7063675f6465707660253342253030475a565f72676e7b676f665f6d64647b67765d6364636f702533422530384558545f7168636667725d7c677a74757a655d6e6d6c273140253a324758545f74657a7c7572655f616f6f727065717b6b6d6e5f6a707661273b402730304d5a565f74657874777a655f636f6f70706771736b676c5d72677c632731402d303247585c5d766578747572675766696c7467725d636c69716776706f7061632731402d303247585c5d76657874757267576d6972726d725d616e616f785d766f5f6d646567273b402730304d5a565f73524742273b422532304d45515d676c6765676c745f616e66677a57776b6c742d31402532304f45515766626f5f70656c6667725d656b726d6178253140273a324d4753577176616e6461726657646572697461766b7465712d31402532384f47515d7c677a76757a675d666c6f6174273b422532304d45515d76657a7c7770655f6e6c6d6376576e6b6c6569702733422532304d4d535f74657a747770675f6a696e645f66646f6376273b402730304747515f74657874777a655f68616e665d646e6f637c5d6e696e6d617027314a2730324f4d515d76657274657a57617272617b5f6d606865617c273142253a305547404f4e5d616f646d705f62756666677a5f666c6f637427314025303855474247445f616d6f78706771736d665d7465787475706d5f617374612531402732325f4740474c57636d6f727a677171656c5d766578747572675765746325314227303257474a454e5f63676d7270677b7167665f7c677a747572655f677c63312533402530325545404f4e5d636f65707067717b67665d746d7a767572655f73317c6325334227323255474245445d616f6d78726771716d665d766570767772655f7333766b5f737267602531402732325f4740474c57646760776f5d70676e6c677065725f696e6467253342253030554740474e57666762756f5f716a636c677071253b4027323057454245445f64657076685d766778767d706725334a253032554d40454e5f6c7063775f627566646d72732533402530325545404f4e5d6c6f7b655d616d6676677a742d31402532305745404f4c5f6d756e746b5d6672637f273142253a305547404f4e5d726f647b656f6e5f6d6f666d313626676e5f6a3f3a36643b613a3461303733603630676366383c343b6164346137603d63363038603863663735333e2475676c7e3d4b6c766d6e273030416c612e2677676c7035496e74656e2530324b726b7b2730304f78656c454e2d3032476e6f6b6c6526676c685d603d386534313030346736316e613635653d333063606c303a60656c67643462636237353a3031343933&jb=313134246e733d4f67786b6c6c69253044372632273030205a33312533422530384c696e757a2530327a383457343629253a304372726467556762436b7625324635333526333625323228494a564d4e2d30412532386c6b69672d303245656b696d29253230436a7a6f6d6525304633303b2e3226322c30253a3051636469706b27324e3731372e3336

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bagborroworsteal.com/

Response headers

Strict-Transport-Security: max-age=31536000
Keep-Alive: timeout=2, max=98
Date: Fri, 04 Oct 2024 01:58:14 GMT
Content-Type: text/javascript;charset=UTF-8
Server: Apache
Connection: Keep-Alive

GET
H/1.1 200
OK F6K4Hz4UK7D8QnPi
w2txo5aa6buwvntnnzsu3imknluhqrwstmon2d6odf6d618dffe2a34eam1.e.aa.online-metrix.net/ Frame 7B4B 81 B
438 B 73ms
13ms Image
image/png 91.235.134.131
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://w2txo5aa6buwvntnnzsu3imknluhqrwstmon2d6odf6d618dffe2a34eam1.e.aa.online-metrix.net/F6K4Hz4UK7D8QnPi?f1f2c92613ca5a8d=YYdldLlOs4d5MLaX0hLsbKO1UKvWYaIOMguH51V22hx99RZG-EB_WlJJcza2sivrS8Bo0LN4DuuU7YEq--0NOhtHB-T28FjYpHWOhl9h9yRFS76dVZVjeaFgdapRuXJoFHQS0ZMnGisZ6ulvEnLmYl7sgqtQmYEdQKKA

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.134.131 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bagborroworsteal.com/

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: close
X-Content-Type-Options: nosniff
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 81
Date: Fri, 04 Oct 2024 01:58:14 GMT
X-XSS-Protection: 1; mode=block
Content-Type: image/png
Server: Apache

POST
H/1.1 200
OK 1
send.webeyez.com/ 2 B
445 B 34ms
33ms Ping
text/plain 52.214.111.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://send.webeyez.com/1
Requested by: Host: sec.webeyez.com
URL: https://sec.webeyez.com/js/7c044089-c3f8-4413-81bd-a0e8b978a407/wzbody.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.214.111.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-111-170.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.bagborroworsteal.com/

Response headers

timing-allow-origin: *
ETag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: https://www.bagborroworsteal.com
Content-Length: 2
Date: Fri, 04 Oct 2024 01:58:14 GMT
Content-Type: text/plain; charset=utf-8
X-Powered-By: Express
Access-Control-Allow-Headers: Content-Type, X-Requested-With

OPTIONS
H/1.1 200
OK get-sr-storage-token
send.webeyez.com/ Frame 0
0 37ms
36ms Preflight
text/html 52.214.111.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://send.webeyez.com/get-sr-storage-token
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.214.111.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-111-170.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.bagborroworsteal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type, X-Requested-With
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: https://www.bagborroworsteal.com
Allow: POST
Connection: keep-alive
Content-Length: 4
Content-Type: text/html; charset=utf-8
Date: Fri, 04 Oct 2024 01:58:14 GMT
ETag: W/"4-Yf+Bwwqjx254r+pisuO9HfpJ6FQ"
X-Powered-By: Express
timing-allow-origin: *

GET
H2 200 setuid
ib.adnxs.com/ Frame B974 43 B
1 KB 11ms
11ms Image
image/gif 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=52&code=k-YDflSypJcI4WrhmDPvOGrmewo3Ygvag7oQzCtw

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-store, no-cache, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
x-proxy-origin: 45.141.152.75; 45.141.152.75; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
an-x-request-uuid: 6775a814-8cea-4388-9df4-04a1f3fb82e7
content-length: 43
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Fri, 04 Oct 2024 01:58:14 GMT
x-xss-protection: 0
content-type: image/gif
server: nginx/1.23.4

GET
H/1.1 204
204 CuT8XMR3KrhVfXfW Show response
imgs.signifyd.com/ Frame 7B4B 0
218 B 14ms
14ms Script
text/javascript 91.235.133.113
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://imgs.signifyd.com/CuT8XMR3KrhVfXfW?b8c00b4f9dbeb3b2=bt0_VNgrH1THMu08Z5b4tOswzOvN0CF25z1OvTRY3m70czQTMki0or7f-u0JTo4Eh03ufxaAPosw8aZWel9TVmO9G24W_ZM-yUHRcs92CfczaFPDtFjdXxQ8vCt7G_ac154oKIMAwbU9zcChz_ZltUEO5J1IjqDEQ2uYBkpmrmmqajA9YPqwudpsXKlLDSMQB6LeZK5ARuB8Nv-4KOY&jac=1&je=383626246f67646a352a3125324b312730413b273041653134676432346137323066663366616233663361323c666134646e653664303a323737343b32676363336135603e6435383734373b363761323e606736333f29

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bagborroworsteal.com/

Response headers

Strict-Transport-Security: max-age=31536000
Keep-Alive: timeout=2, max=97
Date: Fri, 04 Oct 2024 01:58:14 GMT
Content-Type: text/javascript;charset=UTF-8
Server: Apache
Connection: Keep-Alive

GET
H/1.1 204
204 xDkoLjTWDlHmS74J
imgs.signifyd.com/ Frame 7B4B 0
400 B 15ms
15ms Image
image/png 91.235.133.113
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imgs.signifyd.com/xDkoLjTWDlHmS74J?2d7d4585e9c1368d=0kgRUyBXM_-mBBIxEyadF3NBOkKjgb5unb97t1isMHb2a-0SB07DhOuwE_U8LCqG8SNUdWaRwuXkAu7EwtaMbTz6T_p3YKWdEuzeY_VhXyOlpvLHZTXnETKwubtjliXDi32e9jBtR9mbG-sox3O0ToKNndXaBt6HddPG9z6RVYEac316ly-f0HZV7tKpyZMSHwWQPIaIIEIpK3Ai0ug&jf=34333624716b645d7a6c663d746c725d447b5e645073635a575845565679514a2e7369645f666176673f31353a3a323037383936247161665d767978673f7765623a65616c736126736b645d6967793f3b32373933383131323438353063383e363a63653364303038313036303a32633a34343a6b673164303b3033323538313630303832366635373665313f323939323a303a673431346a306464323d646764366e3a6734356a61356164346164363038613336323636633331606d343b65333c316063663f606066633a32346539393061673a653363343038333464303b303430346231623167636a606660666935363030396639346d64323461646266333b613b69342473696c5f716b6535313236353830303130306436373137396539366436373161326c606633636d64313b326c363b66333a3a3632616333396438376265663b373b363334333c60673637393163323a30353232323a323433373565613b3a38356231673667346431343d3a34636530333330346d363030646d3a333461393165666935356336663737313766376a3a3b653539376732247b6b64703d38

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bagborroworsteal.com/

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=96
Date: Fri, 04 Oct 2024 01:58:14 GMT
X-XSS-Protection: 1; mode=block
Content-Type: image/png;charset=UTF-8
Server: Apache

GET
H2 200 wvUAmMkZKUfn Show response
at1.listrakbi.com/activity/ 111 B
487 B 392ms
392ms Script
text/javascript 104.18.41.49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://at1.listrakbi.com/activity/wvUAmMkZKUfn?vuid=a915ef54-10b5-4074-9fde-cc35c442b174&uid=7F00581A-6B13-4CB4-B223-AB6C3A2151D2&gsid=156399b3-d0c2-4861-8cf1-dbbdb4d2f301&sid=57ed09cd-dcd3-4279-bbf1-9131358eac6d&_t_0=at&t_0=PageBrowse&k_0=https%3A%2F%2Fwww.bagborroworsteal.com%2F%2FsigninInput
Requested by: Host: cdn.listrakbi.com
URL: https://cdn.listrakbi.com/scripts/script.js?m=wvUAmMkZKUfn&v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.41.49 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61c32f7c432905e464e06e55e9398fbfb53b781cb60afaa2c9ff0adfc3922ac6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bagborroworsteal.com/

Response headers

cf-ray: 8cd190d4bd254d5b-FRA
cache-control: private
content-encoding: gzip
cf-cache-status: DYNAMIC
date: Fri, 04 Oct 2024 01:58:14 GMT
content-type: text/javascript; charset=utf-8
server: cloudflare

GET
H2 200 wvUAmMkZKUfn Show response
at1.listrakbi.com/activity/ 111 B
485 B 120ms
120ms Script
text/javascript 104.18.41.49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://at1.listrakbi.com/activity/wvUAmMkZKUfn?vuid=a915ef54-10b5-4074-9fde-cc35c442b174&uid=EC88F1E1-BCB9-42BF-9E49-D75E5A521F30&gsid=156399b3-d0c2-4861-8cf1-dbbdb4d2f301&sid=57ed09cd-dcd3-4279-bbf1-9131358eac6d&_t_0=at&t_0=Identification&k_0=3&_t_1=at&t_1=Identification&k_1=4&_t_2=at&t_2=Identification&k_2=5
Requested by: Host: cdn.listrakbi.com
URL: https://cdn.listrakbi.com/scripts/script.js?m=wvUAmMkZKUfn&v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.41.49 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61c32f7c432905e464e06e55e9398fbfb53b781cb60afaa2c9ff0adfc3922ac6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bagborroworsteal.com/

Response headers

cf-ray: 8cd190d4bd274d5b-FRA
cache-control: private
content-encoding: gzip
cf-cache-status: DYNAMIC
date: Fri, 04 Oct 2024 01:58:14 GMT
content-type: text/javascript; charset=utf-8
server: cloudflare

GET
H/1.1 200
OK 39SLpiHG2tI1t4vI Show response
imgs.signifyd.com/ Frame 7B4B 0
398 B 14ms
14ms Script
text/javascript 91.235.133.113
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.133.113 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bagborroworsteal.com/

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive
X-Content-Type-Options: nosniff
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 0
Keep-Alive: timeout=2, max=95
Date: Fri, 04 Oct 2024 01:58:14 GMT
X-XSS-Protection: 1; mode=block
Content-Type: text/javascript
Server: Apache

POST
H/1.1 204
No Content collect Show response
u.clarity.ms/ 0
288 B 97ms
96ms XHR
text/plain 4.227.249.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://u.clarity.ms/collect
Requested by: Host: sec.webeyez.com
URL: https://sec.webeyez.com/js/7c044089-c3f8-4413-81bd-a0e8b978a407/wzbody.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.227.249.197 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://www.bagborroworsteal.com/

Response headers

Request-Context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
Access-Control-Allow-Origin: https://www.bagborroworsteal.com
Date: Fri, 04 Oct 2024 01:58:14 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

OPTIONS
H2 200 o
storage.googleapis.com/upload/storage/v1/b/wz-session-recordings/ Frame 0
0 55ms
20ms Preflight
application/octet-stream 2a00:1450:4001:82f::201b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/upload/storage/v1/b/wz-session-recordings/o?uploadType=media&name=1640%2FUb2rNCWljX2L6gsavGFTtUKcKepGwHdYR0r%2F1728007095595.json
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://www.bagborroworsteal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,content-type
access-control-allow-methods: DELETE,GET,HEAD,PATCH,POST,PUT
access-control-allow-origin: https://www.bagborroworsteal.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
content-type: application/octet-stream
date: Fri, 04 Oct 2024 01:58:15 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: UploadServer
vary: Origin X-Origin
x-guploader-uploadid: AD-8ljtfMcCpe0sHp-M0Z8yFhZGapyz_H8S6pQExXyNn6I3S7sFSsgZz_9Iehh60MdahH3HAnEpw_qhx

OPTIONS
H3 200 o
storage.googleapis.com/upload/storage/v1/b/wz-session-recordings/ Frame 0
0 11ms
10ms Preflight
application/octet-stream 2a00:1450:4001:82f::201b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/upload/storage/v1/b/wz-session-recordings/o?uploadType=media&name=1640%2FUb2rNCWljX2L6gsavGFTtUKcKepGwHdYR0r%2F1728007095703.json
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://www.bagborroworsteal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,content-type
access-control-allow-methods: DELETE,GET,HEAD,PATCH,POST,PUT
access-control-allow-origin: https://www.bagborroworsteal.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
content-type: application/octet-stream
date: Fri, 04 Oct 2024 01:58:15 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: UploadServer
vary: Origin X-Origin
x-guploader-uploadid: AD-8ljtS8kWg1fsgjfnWFgkVSH8vn18ePqINbC65GK5ZKMiFNbKDEd8VxWeUL7WIH0XzH_1ITnkNvylJ

OPTIONS
H3 200 o
storage.googleapis.com/upload/storage/v1/b/wz-session-recordings/ Frame 0
0 9ms
8ms Preflight
application/octet-stream 2a00:1450:4001:82f::201b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/upload/storage/v1/b/wz-session-recordings/o?uploadType=media&name=1640%2FUb2rNCWljX2L6gsavGFTtUKcKepGwHdYR0r%2F1728007097588.json
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://www.bagborroworsteal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,content-type
access-control-allow-methods: DELETE,GET,HEAD,PATCH,POST,PUT
access-control-allow-origin: https://www.bagborroworsteal.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
content-type: application/octet-stream
date: Fri, 04 Oct 2024 01:58:17 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: UploadServer
vary: Origin X-Origin
x-guploader-uploadid: AD-8ljuPetMi8pXs73JfqW6_xSKZ0ghgOp3Ug501Y1NvG6IkYTv_RR_4uYia_qCjz2PHRzzf7J6wpMqe

POST
H/1.1 204
No Content collect Show response
u.clarity.ms/ 0
288 B 96ms
95ms XHR
text/plain 4.227.249.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://u.clarity.ms/collect
Requested by: Host: sec.webeyez.com
URL: https://sec.webeyez.com/js/7c044089-c3f8-4413-81bd-a0e8b978a407/wzbody.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.227.249.197 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://www.bagborroworsteal.com/

Response headers

Request-Context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
Access-Control-Allow-Origin: https://www.bagborroworsteal.com
Date: Fri, 04 Oct 2024 01:58:17 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

POST
H2 204 collect Show response
region1.analytics.google.com/g/ 0
57 B 15ms
15ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-LB9EL787KX&gtm=45je4a20v899829517za200zb9105512630&_p=1728007093061&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101671035~101747727&cid=824013684.1728007093&ecid=820578024&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1728007093&sct=1&seg=0&dl=https%3A%2F%2Fwww.bagborroworsteal.com%2F%2FsigninInput&dt=Account%20Sign%20In&en=scroll&epn.percent_scrolled=90&_et=16&tfd=5761
Requested by: Host: sec.webeyez.com
URL: https://sec.webeyez.com/js/7c044089-c3f8-4413-81bd-a0e8b978a407/wzbody.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bagborroworsteal.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.bagborroworsteal.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 04 Oct 2024 01:58:18 GMT
content-type: text/plain
server: Golfe2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.bagborroworsteal.com
URL: blob:https://www.bagborroworsteal.com/56fd08d8-d7a7-4685-bd9c-fee165769568

Verdicts & Comments Add Verdict or Comment

192 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

54 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
recommender.scarabresearch.com/merchants/1A5CD7799B61CC35	1969-12-31 23:59:59	Name: s Value: 5E1A18CF7B7E1C15
.at1.listrakbi.com/activity/wvUAmMkZKUfn	1970-01-21 00:00:10	Name: _vuid Value: a915ef54-10b5-4074-9fde-cc35c442b174
.listrakbi.com/wvUAmMkZKUfn	1970-01-21 09:36:07	Name: gsid Value: yMSaGyhjvYug74XPO7FKKuNvEewuVYFAFadT5QuOmNX9gQuzHlUQTUbmG9qNSpFQIprq1S1Mg84%3d
.listrakbi.com/wvUAmMkZKUfn	1970-01-21 08:45:43	Name: scasid Value: 57ed09cd-dcd3-4279-bbf1-9131358eac6d
www.google.com/recaptcha	1970-01-21 04:19:19	Name: _GRECAPTCHA Value: 09AGteOyrI6yjPy3qbc_WPPWc7pA3LuTK-cSnJ7oNgpgzAyMDqS2xAh45vg7S4elpISlr6cnKpHtEHrDyG6fO5f0U
www.bagborroworsteal.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: E706621DBD68E9D5B3BA6DAE8B3BAF86.workerA
.bagborroworsteal.com/	1970-01-21 09:36:07	Name: UBID Value:
.bagborroworsteal.com/	1969-12-31 23:59:59	Name: SESSION Value: afd662d7-67da-4c6c-b76a-2214d05c8a50
.bagborroworsteal.com/	1969-12-31 23:59:59	Name: adTrackId Value: null
.bagborroworsteal.com/	1970-01-21 00:01:33	Name: _gid Value: GA1.2.1236007369.1728007093
.bagborroworsteal.com/	1970-01-21 00:00:07	Name: _gat Value: 1
.criteo.com/	1970-01-21 09:21:43	Name: uid Value: 7a488e24-d074-4573-8a0a-ec3b023b1be9
.criteo.com/	1970-01-21 09:21:43	Name: receive-cookie-deprecation Value: 1
.bagborroworsteal.com/	1970-01-21 09:29:31	Name: cto_bundle Value: 4-yCgF9NNVFqZmtxbGNIbThIYnElMkZURzN5Y3RZN0VtS0N6SkpsbDIyWGQzY0x3Z3laOTdscndvdXk3WHhZNm5zN2tPc1ZaUGlUVzNMNG10Y0daYTJacjFBOUljbGQ3bldHbWpKb2laREpNWjZ2VTBXQTc2WDl5ZVZsUEJJJTJGSjM5TG5FTTFiQVgyYzVzSG1UNjNIbmc1aTlucTB2djJBcmhYQTJpYU9jJTJGR3RPdE9GV28lM0Q
.doubleclick.net/	1970-01-21 09:21:43	Name: IDE Value: AHWqTUk-JYnp4vXIaW_5FStQwX03BN11Q-yBn4kqUjNl0cSXeJbhTa3xIM0j28BO
.bagborroworsteal.com/	1970-01-21 09:36:07	Name: _ga Value: GA1.1.824013684.1728007093
.www.bagborroworsteal.com/	1970-01-21 08:45:43	Name: igCountry Value: DE
.www.bagborroworsteal.com/	1970-01-21 00:10:11	Name: igSplash Value: igSplash
recommender.scarabresearch.com/	1970-01-21 08:46:04	Name: cdv Value: 27023DD61F1BE3BA
.bagborroworsteal.com/	1970-01-21 09:36:07	Name: _ga_LB9EL787KX Value: GS1.1.1728007093.1.0.1728007093.60.0.820578024
imgs.signifyd.com/	1970-01-21 09:36:07	Name: thx_guid Value: 0227324441f90dd70aab88499f5240ff
imgs.signifyd.com/	1970-01-21 09:36:07	Name: tmx_guid Value: AAxQcapU4j3W2_bQMEC2XW2KXvxKYn8UBBtzXpG2SghLdiO4koBQzcGHhdmxHN84PjV_t0flJyJ7nUnZss1B-9yE0TltAw
.bagborroworsteal.com/	1969-12-31 23:59:59	Name: scarab.visitor Value: %2227023DD61F1BE3BA%22
.bagborroworsteal.com/	1969-12-31 23:59:59	Name: ltkpopup-session-depth Value: 1-2
s1.listrakbi.com/	1970-01-21 00:10:11	Name: AWSALBCORS Value: klN18fliMjY/kIEwkyidnLEGpgmulqqDDM+0wEGUUZFqvcQ8/wzuNs21iHT2ZBGtEqt5cXFhUlNxS9ZkV/O1uqU6vrcvXC6x/jZwfGij3wBjMiUVUHg/sDYordUJ
.listrakbi.com/	1970-01-21 02:09:43	Name: usid Value: 50980cff529448868a87a5d407bdfd62
.bagborroworsteal.com/	1970-01-21 09:36:07	Name: GSIDwvUAmMkZKUfn Value: 156399b3-d0c2-4861-8cf1-dbbdb4d2f301
.bagborroworsteal.com/	1970-01-21 08:45:43	Name: STSIDwvUAmMkZKUfn Value: 57ed09cd-dcd3-4279-bbf1-9131358eac6d
.adnxs.com/	1970-01-21 02:09:43	Name: XANDR_PANID Value: i7Omm_midx-ocWfKAuAyx8vibXSwV96-AKL7JzfllZ0H23K_Vl95ofs5LL8deJflHUSLOkyXdbukazbOw9kOIXHGvggDvckwEVPsihRcORQ.
.adnxs.com/	1970-01-21 09:36:07	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-21 02:09:43	Name: uuid2 Value: 6597276482756212730
.criteo.com/	1970-01-21 09:21:43	Name: cto_bundle Value: Z3tPV192TTV6QVpDTWF6UlQ1TSUyQmlyTnduWHJnc2RXbWxNWXB6Y2RMYzVLeHJEYnJ5UkpyamlYaVREZUFQNEFVU2VUdzM4JTJCRWY4JTJGOE5kbm1jMFJDUlc0MmRSQUNnOTllaGxrckJLOVNHbEZVTFFmamg1QWRMWDVmMk1xOWpPNDNFeiUyQkhP
.casalemedia.com/	1970-01-21 08:45:43	Name: CMID Value: Zv9LtbmqPLkAAAoOAVB2MgAA
.casalemedia.com/	1970-01-21 02:09:43	Name: CMPS Value: 2154
.casalemedia.com/	1970-01-21 02:09:43	Name: CMPRO Value: 2154
.omnitagjs.com/	1970-01-21 00:43:19	Name: ayl_visitor Value: fcd5f564690e3fba74eb2f5d97c28510
exchange.mediavine.com/	1970-01-21 00:20:16	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%221d91ea40-81f4-11ef-87cf-85c61cf3465a%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-21 00:20:16	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%221d91ea40-81f4-11ef-87cf-85c61cf3465a%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-21 00:20:16	Name: am_tokens Value: %7B%22mv_uuid%22%3A%221d91ea40-81f4-11ef-87cf-85c61cf3465a%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-21 00:20:16	Name: am_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%221d91ea40-81f4-11ef-87cf-85c61cf3465a%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-21 00:20:16	Name: criteo Value: %7B%22id%22%3A%22k-U1F6OSpJcI4WrhmDPvOGrmewo3a71OCWJjA99w%22%2C%22version%22%3A%22criteo%22%7D
.media.net/	1970-01-21 08:45:43	Name: visitor-id Value: 3710086945428320000V10
.media.net/	1970-01-21 00:43:19	Name: data-c-ts Value: 1728007094
.media.net/	1970-01-21 00:43:19	Name: data-c Value: k-nf-oBSpJcI4WrhmDPvOGrmewo3ZrX6k-vfDm1Q~~3
.postrelease.com/	1970-01-21 08:45:43	Name: opt_out Value: 1
.1rx.io/	1970-01-21 08:45:43	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-5f02ccf2-9982-42ed-9954-acf3ddc5e853-003%22%7D
.demdex.net/	1970-01-21 04:19:19	Name: demdex Value: 01117208731049178124060876712844559181
.adnxs.com/	1970-01-21 02:09:43	Name: anj Value: dTM7k!M4/rCxrEQF']wIg2Ilcm99U<!]tbPl@/D!9hy6]/Cr.X/vYPW_K<!Hio5VW/Q.9:gmu+c5rpi-6(<2z4$7wZ^kfQTB`_A^c^DIjbpRzqF1`*bfTr-F7%!
.dpm.demdex.net/	1970-01-21 04:19:19	Name: dpm Value: 01117208731049178124060876712844559181
.targeting.unrulymedia.com/	1970-01-21 08:45:43	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-5f02ccf2-9982-42ed-9954-acf3ddc5e853-003%22%7D
.tremorhub.com/	1970-01-21 08:46:03	Name: tvid Value: 74e71d39d4af433a95f2fe1d0bdfbf3d
.tremorhub.com/	1970-01-21 00:43:19	Name: tv_UICR Value: k-UmTzpypJcI4WrhmDPvOGrmewo3bZSwT4QcqBpA
www.bagborroworsteal.com/	1970-01-21 00:00:10	Name: _vuid Value: a915ef54-10b5-4074-9fde-cc35c442b174
at1.listrakbi.com/	1970-01-21 00:10:11	Name: AWSALBCORS Value: PD/kAGnhd2L9AVjyCtSxqyKhNLgHoPbexAp0XdxSOhz7lnSXQf+F5Dj81mHOITuCHkTo/Uu/71rU1oMltUVL7GqbGVVZz5ihO23Py7a2fw/CpdhL7lXJdJLUnZ7Q

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://www.bagborroworsteal.com//signinInput(Line 606) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://seal-alaskaoregonwesternwashington.bbb.org/logo/bag-borrow-or-steal-22027217.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.bagborroworsteal.com//signinInput(Line 606) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://seal-alaskaoregonwesternwashington.bbb.org/logo/bag-borrow-or-steal-22027217.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
recommendation	verbose	URL: https://www.bagborroworsteal.com//signinInput Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
security	warning	Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.twiago.com
ad.360yield.com
ad.yieldlab.net
assets.bagborroworsteal.com
at1.listrakbi.com
bat.bing.com
bl.listrakbi.com
cdn-scripts.signifyd.com
cdn.listrakbi.com
cdn.scarabresearch.com
checkout.iglobalstores.com
cm.g.doubleclick.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
d1vyngmisxigjx.cloudfront.net
dis.criteo.com
dpm.demdex.net
dynamic.criteo.com
e1.emxdgt.com
eb2.3lift.com
exchange.mediavine.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
h.online-metrix.net
h64.online-metrix.net
ib.adnxs.com
id5-sync.com
imgs.signifyd.com
iprecon.iglobalstores.com
jadserve.postrelease.com
match.sharethrough.com
matching.ivitrack.com
pixel.rubiconproject.com
r.casalemedia.com
recommender.scarabresearch.com
region1.analytics.google.com
rtb-csync.smartadserver.com
s1.listrakbi.com
seal-alaskaoregonwesternwashington.bbb.org
seal-blue.bbb.org
sec.webeyez.com
send.webeyez.com
simage2.pubmatic.com
sslwidget.criteo.com
stats.g.doubleclick.net
storage.googleapis.com
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.1rx.io
sync.outbrain.com
sync.targeting.unrulymedia.com
u.clarity.ms
visitor.omnitagjs.com
w2txo5aa6buwvntnnzsu3imknluhqrwstmon2d6odf6d618dffe2a34eam1.e.aa.online-metrix.net
widget.us.criteo.com
www.bagborroworsteal.com
www.clarity.ms
www.dwin1.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
x.bidswitch.net
www.bagborroworsteal.com
104.18.36.155
104.18.41.49
108.128.221.62
13.35.58.65
141.226.228.48
141.95.33.120
142.250.185.226
162.242.193.40
172.217.18.2
172.64.146.207
178.250.1.9
18.184.118.166
18.195.28.232
18.197.30.174
18.66.112.91
18.66.130.11
184.30.17.243
184.30.20.22
185.255.84.153
185.64.191.210
2.16.97.41
2001:4860:4802:34::36
2600:1f18:612b:4264:e09b:c511:883e:bd24
2600:9000:214f:7800:f:8ce2:fb80:93a1
2600:9000:225e:e800:7:e9e7:15c0:93a1
2600:9000:2359:c000:0:43cc:80:93a1
2620:1ec:33:1::10
2620:1ec:bdf::64
2620:f3:0:14:b401:8ee8:4321:ad82
2a00:1450:4001:806::200a
2a00:1450:4001:80f::2002
2a00:1450:4001:813::200e
2a00:1450:4001:828::2003
2a00:1450:4001:828::2004
2a00:1450:4001:829::2003
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::201b
2a00:1450:4001:831::2008
2a00:1450:400c:c04::9b
2a02:2638:3::c
2a02:2638:3::e
2a03:2880:f176:181:face:b00c:0:25de
34.117.157.22
35.214.136.108
37.252.172.123
4.227.249.197
46.228.174.117
52.16.180.166
52.214.111.170
52.222.236.121
52.23.10.46
52.31.23.243
52.58.204.45
54.194.167.115
64.202.112.159
68.70.204.1
69.173.144.165
74.119.117.16
76.223.111.18
81.17.55.173
85.215.5.31
91.235.132.130
91.235.133.113
91.235.134.131
93.184.220.121
01708dc7992dc288a868c11571d919e7d474d4936cac11735c2f7d363f3d2d6f
03afc244c48d76a66b9b63040d33059de5b81f74210b735c65dbed85913889c3
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
12f2afb6e3d298d3a71abb732ddc6966fa0b2a07f73302fda93d8be88a1ac953
1319095e503185318684b65d6a8eda0cf1efb19028b35d3f966c154019df9c69
14c847e283cde4999e0d4ba2b30bc61e64217110eb8f08f24751d0fdeb3ba8e2
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1fa823896b863bc6bf90a0e3b122db129a337a98b16364fd72018549e1184600
25f746f65a5420d72ff207dd74daa798139d3063835488f4fe542c30fffdde8f
28b2bfdf91199a7761c4ecec8f056f3dc3228fd72fd3bdfb27bb681b654aca86
29527df360190a1acb385a4221db9e308e34945f775cc718fcfd5c9adcefd4d5
30adbc7e799238c336b56a1e20db67910f2a114fc3bc6ced6c550b4c873318aa
3276b3d1db11c0bf2d0115055682512dc39716d2f1dccf07f529ddae440e3317
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3bab32ceca79e24492efb8a84a23643fefbe791c30d5a3bc70cd77cd848eb245
3d295db1746c0ef762e4bce102b65cc4145de246a7c5227f4273ac8ee731b83b
4389239d90f66985ca942fc833a14f1f2269581a37b804843846954e056f8036
4406332ec7167767030f8f3f0561af1bc97ce03b13b86370736f1654e742c09b
44a26a47e44838547ca41d1512abbc056edf9b818fefcb7d27295dd0260e617e
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4be5ee1bd6cc9a6e6a8f8b7baafbc4e46201e85f2b047747952f2990e4cc6a40
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
51c8eae79bf05bbcc1811da8cb56ff69d87d40bafdce8282fea8a43259b4afcb
52be2a3c0ff84d6dd0c627008c8c8c992eec48e996bb625b8fe6a981e2baffd7
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
56f9b2160d7519c225d7455901a249f231349ee1ab51ba38377370f098d9f46d
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
58cdce9d9fa5d1b29625c051c2976d9914d2ddb70fdc6c83bc5c543816453720
5cb8a40eae3b0022c4133f51b943d34299e6d35922b4ee96bf9a07b6b34f32f2
6082597f3871c77c9b31aa1383577f8c0e54cb5ff09275dc817bc70d96e6217d
61c32f7c432905e464e06e55e9398fbfb53b781cb60afaa2c9ff0adfc3922ac6
63302d1db7161aa5add476568458cccf5d85ed30a615b8a29df686deb5d42245
643acf99c797e91fc77bf9b5d58cba071ba24f1335657f9b16864e22b096fdf3
65dafcdaae3b766bb4cf47d6ff72f49eeda9af3363a7efae97d48ef76cc22d01
687a68a1f30ee3ce6f18f262eb8dec5a69c560cc9dcd7c1ba94572da4420ac32
73aaa4e6bfc1dbed5f3f934710d1ada545f4068742235e59d0cb74f0eaf0a3c4
7446767437b0174b01820e3eb0d2202fa8e67f1753296ab5c97c21bc2dd20147
75a081d1520d6e6d5638795a176b459b1b45dd7a408fc7bfcf3f3ed7f613b22b
77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6
7c10d0d4f2ba5026639d7921c8ae1c06dc90f1fedd1fd384fa62b8efdec07bc2
8298a27e03f69f1cfff40560fc76145634a29ab8ce310c953d4dcbdaa52bcaf3
8635cb1f53e720094ad3494627fd904246c714272f0aaa563117f2688deaee24
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a4abb5036a3d41d296a67f613cf72313b272e6a39ef12eb7aefc46a646c0d37
8cf47ea8985768c9c6480425d9792931ad69674444f109fe0b778031d0b9c093
91ddf1744d48128e8279b661f1c36bcae9eed12b542c420ae8de883a6d2002c9
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
a02b3ffbb8805d295bb9ef2b5676ac97189736203b6779ab848ceb7b9008e67c
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a19adeed4244be9e3307b2c361623e712784bd38a6bcab4982704ec1049ba044
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1dadbdf36d4d5b0eaed6313d9d135ee9d31bf3bea5cf4be9197781120bde0da
b4f43b7b43bb756bad35eb1878d75596d375cc71007ea757c400645a110dc36e
b822c70596e9e9f6566f712e55cc7639d581eee52f48e434fcde5116e4f8afdc
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb8fa5f5216fa65fb3b0cfc76de29efaf4e6ff82a281dc540fb568d4767f688e
c4a749be78ebdf7a12353556c362cd7a5b63fdfdb0b65306e8968576ed1ffe87
c5d203ad116190c0c68cdfc669690b55abf5b4d465642d5b6e948fd1d0e82799
ce9997dc998f0b50a404083001471d3bde1f92ba16b7884b13e8caae2fc8ba36
ceffae1993d2324451784eeccc918d5c032efe2af2d67fef2e14a92953ea93c5
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d1436c4054e0cda6ffadaed5e1e6f327330af9f1eb8354ee72fb2cd85d4a90b2
d61f1e577b16aefc5029d0642694c25da422759e1ba766ca6d675dcc47d02ddc
d7a363f752524fb545c3b2eb48a56d163cb659bc427d5215800ee7781d92c2ca
d99633e45b1f45b030abf8ebcf6bf2b10cf089e202c46c8546939feb776c06e7
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de6198ebfb4c6f439366c804fa711983cfcbb0c694432d2e5fb1f8e541ecd804
df095f2eeccde5bd77d3d845d3c1a077d9f72f2c757d7a77bd2ef540af9c234f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e89c3fe7566e94fed85640030b6fe52b19529b717cc89577a9e7245ba7f67a5c
e8a13a599b5072ef253a6366eb2143323aa39b353c028816636fed63c9b1fd38
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2f9dc26b39abfa9ac387ecae488834ac78043c2069aa43b2f7abd5258345234

www.bagborroworsteal.com Open in urlscan Pro 162.242.193.40 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

130 Requests

95 %HTTPS

32 %IPv6

48 Domains

69 Subdomains

66 IPs

9 Countries

1227 kBTransfer

3044 kBSize

54 Cookies

5 Outgoing links

Page URL History

Redirected requests

130 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.bagborroworsteal.com Open in urlscan Pro
162.242.193.40 Public Scan

Screenshot
Live screenshot

Full Image

130
Requests

95 %
HTTPS

32 %
IPv6

48
Domains

69
Subdomains

66
IPs

9
Countries

1227 kB
Transfer

3044 kB
Size

54
Cookies

130 HTTP transactions
0 data transactions