Submitted URL: http://fraudschool.com/
Effective URL: https://www.fraudschool.com/
Submission: On March 14 via manual from US — Scanned from DE

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 26 HTTP transactions. The main IP is 52.45.73.248, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.fraudschool.com.
TLS certificate: Issued by Amazon on February 3rd 2022. Valid for: a year.
This is the only time www.fraudschool.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2607:f1c0:100... 8560 (IONOS-AS ...)
16 52.45.73.248 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 65.9.58.15 16509 (AMAZON-02)
26 6
Apex Domain
Subdomains
Transfer
17 fraudschool.com
fraudschool.com
www.fraudschool.com
949 KB
4 gstatic.com
fonts.gstatic.com
175 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
20 KB
2 cloudfront.net
d1vy0qa05cdjr5.cloudfront.net
12 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
1 KB
26 5
Domain Requested by
16 www.fraudschool.com www.fraudschool.com
4 fonts.gstatic.com fonts.googleapis.com
3 www.google-analytics.com www.fraudschool.com
www.google-analytics.com
2 d1vy0qa05cdjr5.cloudfront.net
1 fonts.googleapis.com www.fraudschool.com
1 fraudschool.com 1 redirects
26 6

This site contains no links.

Subject Issuer Validity Valid
*.fraudschool.com
Amazon
2022-02-03 -
2023-03-04
a year crt.sh
upload.video.google.com
GTS CA 1C3
2022-02-17 -
2022-05-12
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-02-17 -
2022-05-12
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2022-02-17 -
2022-05-12
3 months crt.sh
*.cloudfront.net
Amazon
2022-02-01 -
2023-01-31
a year crt.sh

This page contains 1 frames:

Primary Page: https://www.fraudschool.com/
Frame ID: DBB999C62D96B7F7F7E190C7D1BDC4A4
Requests: 27 HTTP requests in this frame

Screenshot

Page Title

Fraud School

Page URL History Show full URLs

  1. http://fraudschool.com/ HTTP 302
    https://www.fraudschool.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

26
Requests

100 %
HTTPS

67 %
IPv6

5
Domains

6
Subdomains

6
IPs

2
Countries

1181 kB
Transfer

4194 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://fraudschool.com/ HTTP 302
    https://www.fraudschool.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.fraudschool.com/
Redirect Chain
  • http://fraudschool.com/
  • https://www.fraudschool.com/
5 KB
4 KB
Document
General
Full URL
https://www.fraudschool.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.73.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-73-248.compute-1.amazonaws.com
Software
/
Resource Hash
f88ee678cd055820648b9343fa60cbdaf27f608081df8fb4363306b93e45f1dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Mon, 14 Mar 2022 12:03:52 GMT
content-type
text/html
content-length
3505
cache-control
no-cache, no-store
pragma
no-cache
content-encoding
gzip
vary
Accept-Encoding
x-absorb-correlation-id
8803ddfd-759b-47d0-9ce9-80f384e91b84
x-frame-options
SAMEORIGIN
x-response-for
/
x-lms-server
USE1-PRD-WEB-BC
x-xss-protection
1; mode=block
x-content-type-options
nosniff
strict-transport-security
max-age=31536000

Redirect headers

Content-Type
text/html
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=15
Date
Mon, 14 Mar 2022 12:03:52 GMT
Server
Apache
Cache-Control
no-cache
Location
https://www.fraudschool.com/
vendor.31b2525cf3d8a7b37af5.css
www.fraudschool.com/learner/
13 KB
3 KB
Stylesheet
General
Full URL
https://www.fraudschool.com/learner/vendor.31b2525cf3d8a7b37af5.css
Requested by
Host: www.fraudschool.com
URL: https://www.fraudschool.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.73.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-73-248.compute-1.amazonaws.com
Software
/
Resource Hash
fe6eacff0195a622f89a294af552d3345e1be812c12a3ada9217574ae562f180
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.fraudschool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 12:03:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 13 Mar 2022 15:59:34 GMT
x-response-for
/learner/vendor.31b2525cf3d8a7b37af5.css
etag
"0b71755f336d81:0"
x-frame-options
SAMEORIGIN
content-type
text/css
x-lms-server
USE1-PRD-WEB-BG
accept-ranges
bytes
vary
Accept-Encoding
content-length
2962
x-xss-protection
1; mode=block
styles.d11376885894f034e086.css
www.fraudschool.com/learner/
655 KB
158 KB
Stylesheet
General
Full URL
https://www.fraudschool.com/learner/styles.d11376885894f034e086.css
Requested by
Host: www.fraudschool.com
URL: https://www.fraudschool.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.73.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-73-248.compute-1.amazonaws.com
Software
/
Resource Hash
cff0e1bbc9a642f9f63cbc3087a4a37b9ab4c613c0d64f18abf83ad29151f6ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.fraudschool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 12:03:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 13 Mar 2022 15:59:33 GMT
x-response-for
/learner/styles.d11376885894f034e086.css
etag
"80207f54f336d81:0"
x-frame-options
SAMEORIGIN
content-type
text/css
x-lms-server
USE1-PRD-WEB-B6
accept-ranges
bytes
vary
Accept-Encoding
content-length
160887
x-xss-protection
1; mode=block
vendor.6a3dc9dff47191285228.js
www.fraudschool.com/learner/
1 MB
320 KB
Script
General
Full URL
https://www.fraudschool.com/learner/vendor.6a3dc9dff47191285228.js
Requested by
Host: www.fraudschool.com
URL: https://www.fraudschool.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.73.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-73-248.compute-1.amazonaws.com
Software
/
Resource Hash
b80e76f9a150144fb7daeed5128f6d1ab9a7b2516cf6dea1f1638fa48b131e50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.fraudschool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 12:03:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 13 Mar 2022 15:59:34 GMT
x-response-for
/learner/vendor.6a3dc9dff47191285228.js
etag
"0b71755f336d81:0"
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-lms-server
USE1-PRD-WEB-BN
accept-ranges
bytes
vary
Accept-Encoding
content-length
327204
x-xss-protection
1; mode=block
styles.cff318b3e5ee35649df6.js
www.fraudschool.com/learner/
224 KB
47 KB
Script
General
Full URL
https://www.fraudschool.com/learner/styles.cff318b3e5ee35649df6.js
Requested by
Host: www.fraudschool.com
URL: https://www.fraudschool.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.73.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-73-248.compute-1.amazonaws.com
Software
/
Resource Hash
4d0e44cd1e50cf6373ecd9fbbd86eae0cd23815879e09c5bb7156f68432b70a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.fraudschool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 12:03:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 13 Mar 2022 15:59:33 GMT
x-response-for
/learner/styles.cff318b3e5ee35649df6.js
etag
"80207f54f336d81:0"
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-lms-server
USE1-PRD-WEB-B4
accept-ranges
bytes
vary
Accept-Encoding
content-length
48076
x-xss-protection
1; mode=block
main.08ec2b352decbb05d8d5.js
www.fraudschool.com/learner/
1 MB
211 KB
Script
General
Full URL
https://www.fraudschool.com/learner/main.08ec2b352decbb05d8d5.js
Requested by
Host: www.fraudschool.com
URL: https://www.fraudschool.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.73.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-73-248.compute-1.amazonaws.com
Software
/
Resource Hash
bc496c450c747158fb8bcdd466f96ef9347ae00447f9913c09bfe85d43be1d7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.fraudschool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 12:03:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 13 Mar 2022 15:59:33 GMT
x-response-for
/learner/main.08ec2b352decbb05d8d5.js
etag
"80207f54f336d81:0"
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-lms-server
USE1-PRD-WEB-BK
accept-ranges
bytes
vary
Accept-Encoding
content-length
215135
x-xss-protection
1; mode=block
learner
www.fraudschool.com/api/rest/v2/
648 B
965 B
XHR
General
Full URL
https://www.fraudschool.com/api/rest/v2/learner
Requested by
Host: www.fraudschool.com
URL: https://www.fraudschool.com/learner/vendor.6a3dc9dff47191285228.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.73.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-73-248.compute-1.amazonaws.com
Software
/
Resource Hash
7d88f466bfa12148b460a8f30a2f5292b77fd67ccfb8f66d988cb0eae7af730d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/hal+json
Referer
https://www.fraudschool.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Mar 2022 12:03:54 GMT
x-content-type-options
nosniff
x-response-for
/api/rest/v2/learner
x-absorb-correlation-id
42f13f3b-a4a0-4a53-aff7-01af00a353b5
x-frame-options
SAMEORIGIN
content-type
application/hal+json
x-lms-server
USE1-PRD-WEB-B7
cache-control
no-cache
strict-transport-security
max-age=31536000
content-length
648
x-xss-protection
1; mode=block
expires
-1
client-public
www.fraudschool.com/api/rest/v2/profiles/
13 KB
14 KB
XHR
General
Full URL
https://www.fraudschool.com/api/rest/v2/profiles/client-public
Requested by
Host: www.fraudschool.com
URL: https://www.fraudschool.com/learner/vendor.6a3dc9dff47191285228.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.73.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-73-248.compute-1.amazonaws.com
Software
/
Resource Hash
fc8262fbaf602601aff49bfcfb431688af322570d2fea629f3a98cd38d942505
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/hal+json
Referer
https://www.fraudschool.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Mar 2022 12:03:54 GMT
x-content-type-options
nosniff
x-response-for
/api/rest/v2/profiles/client-public
x-absorb-correlation-id
beefabb8-8e1b-4b8d-ab62-8d7dc62405e2
x-frame-options
SAMEORIGIN
content-type
application/hal+json
x-lms-server
USE1-PRD-WEB-B3
cache-control
no-cache
strict-transport-security
max-age=31536000
content-length
13735
x-xss-protection
1; mode=block
expires
-1
features
www.fraudschool.com/api/rest/v2/
499 B
817 B
XHR
General
Full URL
https://www.fraudschool.com/api/rest/v2/features
Requested by
Host: www.fraudschool.com
URL: https://www.fraudschool.com/learner/vendor.6a3dc9dff47191285228.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.73.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-73-248.compute-1.amazonaws.com
Software
/
Resource Hash
f2b921a9853d2ea1bdf09c602650c1afadc83af8a407dbaa43f54f1826aa74cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/hal+json
Referer
https://www.fraudschool.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Mar 2022 12:03:54 GMT
x-content-type-options
nosniff
x-response-for
/api/rest/v2/features
x-absorb-correlation-id
75fa490e-af4e-43d4-8361-1f79125af602
x-frame-options
SAMEORIGIN
content-type
application/hal+json
x-lms-server
USE1-PRD-WEB-BJ
cache-control
no-cache
strict-transport-security
max-age=31536000
content-length
499
x-xss-protection
1; mode=block
expires
-1
my-profile
www.fraudschool.com/api/rest/v2/
61 B
381 B
XHR
General
Full URL
https://www.fraudschool.com/api/rest/v2/my-profile
Requested by
Host: www.fraudschool.com
URL: https://www.fraudschool.com/learner/vendor.6a3dc9dff47191285228.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.73.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-73-248.compute-1.amazonaws.com
Software
/
Resource Hash
5267b8f152b81ed1e4dcbf760722f41139fad9f737b0c92a734ea35e022aa7bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/hal+json
Referer
https://www.fraudschool.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Mar 2022 12:03:56 GMT
www-authenticate
Bearer realm="api/rest/v2"
x-response-for
/api/rest/v2/my-profile
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
x-lms-server
USE1-PRD-WEB-BI
x-xss-protection
1; mode=block
cache-control
no-cache
strict-transport-security
max-age=31536000
content-length
61
x-content-type-options
nosniff
expires
-1
ui5
www.fraudschool.com/api/rest/v2/absorb-analytics/
132 B
457 B
XHR
General
Full URL
https://www.fraudschool.com/api/rest/v2/absorb-analytics/ui5
Requested by
Host: www.fraudschool.com
URL: https://www.fraudschool.com/learner/vendor.6a3dc9dff47191285228.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.73.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-73-248.compute-1.amazonaws.com
Software
/
Resource Hash
a3bd794d8dcf8ffc0f2158163d5b503ba7c0cf569217ec5f4ac4877141e16436
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/hal+json
Referer
https://www.fraudschool.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Mar 2022 12:03:54 GMT
x-content-type-options
nosniff
x-response-for
/api/rest/v2/absorb-analytics/ui5
x-absorb-correlation-id
ee678e0a-867b-41a3-a060-d4ae4fc3272e
x-frame-options
SAMEORIGIN
content-type
application/hal+json
x-lms-server
USE1-PRD-WEB-B5
cache-control
no-cache
strict-transport-security
max-age=31536000
content-length
132
x-xss-protection
1; mode=block
expires
-1
en
www.fraudschool.com/api/rest/v2/terms/
167 KB
168 KB
XHR
General
Full URL
https://www.fraudschool.com/api/rest/v2/terms/en?version=5.105.0.356
Requested by
Host: www.fraudschool.com
URL: https://www.fraudschool.com/learner/vendor.6a3dc9dff47191285228.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.73.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-73-248.compute-1.amazonaws.com
Software
/
Resource Hash
033aede0345c13c7e775dc29c68e2dea7e82c5f9772023b7200a75947f8c1e02
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/hal+json
Referer
https://www.fraudschool.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-absorb-correlation-id
f98f40bb-7f12-4f33-8d17-c15942f5bf93
pragma
no-cache
date
Mon, 14 Mar 2022 12:03:56 GMT
x-content-type-options
nosniff
x-response-for
/api/rest/v2/terms/en
etag
"5.105.0.356 "
x-frame-options
SAMEORIGIN
content-type
application/hal+json
x-lms-server
USE1-PRD-WEB-B1
cache-control
no-cache
strict-transport-security
max-age=31536000
content-length
171513
x-xss-protection
1; mode=block
expires
-1
branding
www.fraudschool.com/api/rest/v2/
4 KB
4 KB
XHR
General
Full URL
https://www.fraudschool.com/api/rest/v2/branding?languageAbbreviation=en
Requested by
Host: www.fraudschool.com
URL: https://www.fraudschool.com/learner/vendor.6a3dc9dff47191285228.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.73.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-73-248.compute-1.amazonaws.com
Software
/
Resource Hash
166096991c0bfa97e333cb03165f5fd3bba9f38bd5ec4c68a9340c763ec98fcd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/hal+json
Referer
https://www.fraudschool.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Mar 2022 12:03:56 GMT
x-content-type-options
nosniff
x-response-for
/api/rest/v2/branding
x-absorb-correlation-id
8503292e-0b17-4244-8f09-3f9347094e69
x-frame-options
SAMEORIGIN
content-type
application/hal+json
x-lms-server
USE1-PRD-WEB-BD
cache-control
no-cache
strict-transport-security
max-age=31536000
content-length
4010
x-xss-protection
1; mode=block
expires
-1
css
fonts.googleapis.com/
10 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&subset=latin-ext
Requested by
Host: www.fraudschool.com
URL: https://www.fraudschool.com/learner/vendor.6a3dc9dff47191285228.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d69c01432ebe21bfd72cba936738c1ab831ce461de00e229dea799e6f932d510
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.fraudschool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 10:18:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 14 Mar 2022 12:03:56 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 14 Mar 2022 12:03:56 GMT
department-theme
www.fraudschool.com/api/rest/v2/branding/
4 KB
4 KB
XHR
General
Full URL
https://www.fraudschool.com/api/rest/v2/branding/department-theme
Requested by
Host: www.fraudschool.com
URL: https://www.fraudschool.com/learner/vendor.6a3dc9dff47191285228.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.73.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-73-248.compute-1.amazonaws.com
Software
/
Resource Hash
36f562668b03de286c41e99020e17e27980528539c3599e7614da54a00f254db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/hal+json
Referer
https://www.fraudschool.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Mar 2022 12:03:56 GMT
x-content-type-options
nosniff
x-response-for
/api/rest/v2/branding/department-theme
x-absorb-correlation-id
6ccd5d2e-62ff-462c-bb4a-2a2e10d881c8
x-frame-options
SAMEORIGIN
content-type
application/hal+json
x-lms-server
USE1-PRD-WEB-B8
cache-control
no-cache
strict-transport-security
max-age=31536000
content-length
4152
x-xss-protection
1; mode=block
expires
-1
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v28/
44 KB
44 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.fraudschool.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 08 Mar 2022 22:45:30 GMT
x-content-type-options
nosniff
age
479906
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 22:03:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Mar 2023 22:45:30 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v28/
44 KB
44 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.fraudschool.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 08 Mar 2022 22:45:30 GMT
x-content-type-options
nosniff
age
479906
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 22:03:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Mar 2023 22:45:30 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v28/
44 KB
44 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.fraudschool.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 08 Mar 2022 22:45:30 GMT
x-content-type-options
nosniff
age
479906
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 22:03:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Mar 2023 22:45:30 GMT
department-theme
www.fraudschool.com/api/rest/v2/branding/
48 KB
12 KB
XHR
General
Full URL
https://www.fraudschool.com/api/rest/v2/branding/department-theme
Requested by
Host: www.fraudschool.com
URL: https://www.fraudschool.com/learner/vendor.6a3dc9dff47191285228.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.73.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-73-248.compute-1.amazonaws.com
Software
/
Resource Hash
35c46486921678e5244d86af730286babadfb47ecf0acd4aa999a0dfe5b1215a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
text/css
Referer
https://www.fraudschool.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Mar 2022 12:03:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-response-for
/api/rest/v2/branding/department-theme
x-absorb-correlation-id
4c37e351-4ed1-4dbe-ba79-ddee027364fc
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
x-lms-server
USE1-PRD-WEB-BF
cache-control
no-cache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
content-length
11575
x-xss-protection
1; mode=block
expires
-1
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.fraudschool.com
URL: https://www.fraudschool.com/learner/main.08ec2b352decbb05d8d5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.fraudschool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
7145
date
Mon, 14 Mar 2022 10:04:52 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 14 Mar 2022 12:04:52 GMT
login.cea61481b3ed200ee8f0.js
www.fraudschool.com/learner/
2 KB
1 KB
Script
General
Full URL
https://www.fraudschool.com/learner/login.cea61481b3ed200ee8f0.js
Requested by
Host: www.fraudschool.com
URL: https://www.fraudschool.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.73.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-73-248.compute-1.amazonaws.com
Software
/
Resource Hash
96516f08d377eb29c692657e85b24d14d3d4aa65680fbb54103f6d0101eb530a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.fraudschool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 12:03:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 13 Mar 2022 15:59:33 GMT
x-response-for
/learner/login.cea61481b3ed200ee8f0.js
etag
"fc52a454f336d81:0"
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-lms-server
USE1-PRD-WEB-BL
accept-ranges
bytes
vary
Accept-Encoding
content-length
1142
x-xss-protection
1; mode=block
NATG%20Absorb%20Logo.png
d1vy0qa05cdjr5.cloudfront.net/7d27ed0c-a4db-4ca5-983d-48f949e811eb/DepartmentTemplates/3b53d05e-8c71-491c-86ad-80c2334c07d5/
12 KB
12 KB
Image
General
Full URL
https://d1vy0qa05cdjr5.cloudfront.net/7d27ed0c-a4db-4ca5-983d-48f949e811eb/DepartmentTemplates/3b53d05e-8c71-491c-86ad-80c2334c07d5/NATG%20Absorb%20Logo.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.58.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-58-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5a3ec29b2174ba8bd26fbef1659c310f2d35aece96e78e26bb70c11f4deb2bcf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.fraudschool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 14 Mar 2022 12:03:58 GMT
via
1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
content-type
image/png
last-modified
Tue, 26 Jan 2021 12:26:42 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
"4d0a1a29f27cf5282e859c7d85b0fc2f"
x-cache
Miss from cloudfront
x-amz-version-id
uJ6UeHnWZtwEg1h_mfMPinfzqGx8v4aE
x-amz-replication-status
COMPLETED
accept-ranges
bytes
x-amz-meta-created-by-user-id
2339d24b-ddb4-4827-9c58-67bc7395e63b
content-length
12030
x-amz-cf-id
AJRqm_MtNoM08KsvRiK77MmVYv8hFrNqN1HgGywVB73pA2rR6cNsNQ==
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v28/
44 KB
44 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.fraudschool.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 08 Mar 2022 22:45:30 GMT
x-content-type-options
nosniff
age
479906
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 22:03:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Mar 2023 22:45:30 GMT
truncated
/
24 KB
24 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1ac406f633d9311cd40bd2a393664dbd7018e69817e6629f48e14309e384e1bf

Request headers

Referer
Origin
https://www.fraudschool.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
font/woff2
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1067325283&t=pageview&_s=1&dl=https%3A%2F%2Fwww.fraudschool.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Fraud%20School&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=500391431&gjid=2005262763&cid=795862903.1647259437&tid=UA-87042975-5&_gid=560746979.1647259437&_r=1&_slc=1&z=328108841
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.fraudschool.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 14 Mar 2022 12:03:57 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.fraudschool.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1067325283&t=pageview&_s=2&dl=https%3A%2F%2Fwww.fraudschool.com%2F&dp=%2Flogin&ul=en-us&de=UTF-8&dt=Fraud%20School&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=&gjid=&cid=795862903.1647259437&tid=UA-87042975-5&_gid=560746979.1647259437&z=768625078
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.fraudschool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 22:01:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
50525
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
NATG%20LOG%20IN%20IMAGE.png
d1vy0qa05cdjr5.cloudfront.net/7d27ed0c-a4db-4ca5-983d-48f949e811eb/DepartmentTemplates/3b53d05e-8c71-491c-86ad-80c2334c07d5/
511 KB
0
Image
General
Full URL
https://d1vy0qa05cdjr5.cloudfront.net/7d27ed0c-a4db-4ca5-983d-48f949e811eb/DepartmentTemplates/3b53d05e-8c71-491c-86ad-80c2334c07d5/NATG%20LOG%20IN%20IMAGE.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.58.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-58-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.fraudschool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 14 Mar 2022 12:03:58 GMT
via
1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
content-type
image/png
last-modified
Mon, 10 May 2021 18:02:37 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
"09369c7d61323fb57030acbd0331aa06"
x-cache
Miss from cloudfront
x-amz-version-id
aS.um2Sio_k8DF_jwlzYUchMYKGUPHnj
x-amz-replication-status
COMPLETED
accept-ranges
bytes
x-amz-meta-created-by-user-id
2339d24b-ddb4-4827-9c58-67bc7395e63b
content-length
911414
x-amz-cf-id
angi3JT6esGcLIZdd6Yd-frTI5ZNVVHHOt5PhxJu4vgHVkFd3qtpcw==

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored object| webpackJsonp number| 2f1acc6c3a606b082e5eef5e54414ffb string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData

4 Cookies

Domain/Path Name / Value
www.fraudschool.com/ Name: _absorb_ui_session
Value: ENhtE5DN2NQhiW14IRpQCJJt0EgOfjrKj7hM0BwFeXTC0ZUDbc2sfKOGapKAdw9M2m5Lzylubr1-VjXf9PmJITGR0GlYw0rzSUfahRn7s9eju_zx0
.fraudschool.com/ Name: _ga
Value: GA1.2.795862903.1647259437
.fraudschool.com/ Name: _gid
Value: GA1.2.560746979.1647259437
.fraudschool.com/ Name: _gat_absorb
Value: 1

1 Console Messages

Source Level URL
Text
network error URL: https://www.fraudschool.com/api/rest/v2/my-profile
Message:
Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

d1vy0qa05cdjr5.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
fraudschool.com
www.fraudschool.com
www.google-analytics.com
2607:f1c0:100f:f000::21b
2a00:1450:4001:808::200e
2a00:1450:4001:810::2003
2a00:1450:4001:830::200a
52.45.73.248
65.9.58.15
033aede0345c13c7e775dc29c68e2dea7e82c5f9772023b7200a75947f8c1e02
166096991c0bfa97e333cb03165f5fd3bba9f38bd5ec4c68a9340c763ec98fcd
1ac406f633d9311cd40bd2a393664dbd7018e69817e6629f48e14309e384e1bf
35c46486921678e5244d86af730286babadfb47ecf0acd4aa999a0dfe5b1215a
36f562668b03de286c41e99020e17e27980528539c3599e7614da54a00f254db
4d0e44cd1e50cf6373ecd9fbbd86eae0cd23815879e09c5bb7156f68432b70a8
5267b8f152b81ed1e4dcbf760722f41139fad9f737b0c92a734ea35e022aa7bf
5a3ec29b2174ba8bd26fbef1659c310f2d35aece96e78e26bb70c11f4deb2bcf
7d88f466bfa12148b460a8f30a2f5292b77fd67ccfb8f66d988cb0eae7af730d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
96516f08d377eb29c692657e85b24d14d3d4aa65680fbb54103f6d0101eb530a
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3bd794d8dcf8ffc0f2158163d5b503ba7c0cf569217ec5f4ac4877141e16436
b80e76f9a150144fb7daeed5128f6d1ab9a7b2516cf6dea1f1638fa48b131e50
bc496c450c747158fb8bcdd466f96ef9347ae00447f9913c09bfe85d43be1d7a
cff0e1bbc9a642f9f63cbc3087a4a37b9ab4c613c0d64f18abf83ad29151f6ea
d69c01432ebe21bfd72cba936738c1ab831ce461de00e229dea799e6f932d510
f2b921a9853d2ea1bdf09c602650c1afadc83af8a407dbaa43f54f1826aa74cc
f88ee678cd055820648b9343fa60cbdaf27f608081df8fb4363306b93e45f1dc
fc8262fbaf602601aff49bfcfb431688af322570d2fea629f3a98cd38d942505
fe6eacff0195a622f89a294af552d3345e1be812c12a3ada9217574ae562f180