fraud.net Open in urlscan Pro
199.16.172.83 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://fraud.net/
Submission: On January 10 via api (January 10th 2022, 6:50:23 am UTC) from US — Scanned from DE

Summary HTTP 232 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 62 IPs in 5 countries across 48 domains to perform 232 HTTP transactions. The main IP is 199.16.172.83, located in United States and belongs to AUTOMATTIC, US. The main domain is fraud.net. The Cisco Umbrella rank of the primary domain is 148875.
TLS certificate: Issued by R3 on November 20th 2021. Valid for: 3 months.

This is the only time fraud.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
27	199.16.172.83 199.16.172.83	2635 (AUTOMATTIC) (AUTOMATTIC)
74	192.0.77.39 192.0.77.39	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
3	151.101.64.217 151.101.64.217	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6811:ba49	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	151.101.0.176 151.101.0.176	54113 (FASTLY) (FASTLY)
7	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba18	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.225.80.89 13.225.80.89	16509 (AMAZON-02) (AMAZON-02)
2 13	2600:9000:20e... 2600:9000:20eb:be00:6:9280:1080:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:d5cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.224.193.127 13.224.193.127	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700::68... 2606:4700::6810:a852	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.224.193.121 13.224.193.121	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6810:5805	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	108.174.10.14 108.174.10.14	14413 (LINKEDIN) (LINKEDIN)
2	54.172.53.5 54.172.53.5	14618 (AMAZON-AES) (AMAZON-AES)
3	54.187.159.182 54.187.159.182	16509 (AMAZON-02) (AMAZON-02)
1	13.224.193.91 13.224.193.91	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:82ab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:15bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:46b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:edcc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:eacc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.70.137.221 52.70.137.221	14618 (AMAZON-AES) (AMAZON-AES)
3	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
7	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
5	151.101.114.109 151.101.114.109	54113 (FASTLY) (FASTLY)
13 17	99.80.81.12 99.80.81.12	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:20e... 2600:9000:20eb:aa00:19:7d10:bd80:93a1	16509 (AMAZON-02) (AMAZON-02)
9	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	20.84.22.197 20.84.22.197	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	52.142.114.2 52.142.114.2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
8	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	151.101.128.217 151.101.128.217	54113 (FASTLY) (FASTLY)
2	34.120.202.204 34.120.202.204	15169 (GOOGLE) (GOOGLE)
1	52.17.53.90 52.17.53.90	16509 (AMAZON-02) (AMAZON-02)
1	13.225.80.119 13.225.80.119	16509 (AMAZON-02) (AMAZON-02)
1	34.211.243.235 34.211.243.235	16509 (AMAZON-02) (AMAZON-02)
1	44.240.107.9 44.240.107.9	16509 (AMAZON-02) (AMAZON-02)
1 2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	18.157.252.145 18.157.252.145	16509 (AMAZON-02) (AMAZON-02)
1	64.202.112.31 64.202.112.31	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1 2	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1288:80:... 2a00:1288:80:800::7001	203220 (YAHOO-DEB) (YAHOO-DEB)
1 2	18.198.172.5 18.198.172.5	16509 (AMAZON-02) (AMAZON-02)
1 2	185.33.221.13 185.33.221.13	29990 (ASN-APPNEX) (ASN-APPNEX)
1	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1 1	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
5	2606:4700::68... 2606:4700::6811:7d2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6811:f4cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	162.247.242.20 162.247.242.20	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
232	62

27 199.16.172.83 (United States)

ASN2635 (AUTOMATTIC, US)

fraud.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

74 192.0.77.39 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

149360532.v2.pressablecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.64.217 (United States)

ASN54113 (FASTLY, US)

player.vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:ba49 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.0.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:ba18 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.80.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-80-89.fra2.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2600:9000:20eb:be00:6:9280:1080:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d5cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.193.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-127.fra2.r.cloudfront.net

media.fraud.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a852 (United States)

ASN13335 (CLOUDFLARENET, US)

ws.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.193.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-121.fra2.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:5805 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
perf.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.172.53.5 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-172-53-5.compute-1.amazonaws.com

secure.gaug.es	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.187.159.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-159-182.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.193.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-91.fra2.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:82ab (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:15bf (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:46b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:edcc (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:eacc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.70.137.221 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-70-137-221.compute-1.amazonaws.com

device.fraud.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.114.109 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

i.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
f.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 99.80.81.12 (Dublin, Ireland) 13 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-81-12.eu-west-1.compute.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:20eb:aa00:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.84.22.197 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

f.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.142.114.2 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.128.217 (United States)

ASN54113 (FASTLY, US)

vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.202.204 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 204.202.120.34.bc.googleusercontent.com

fresnel.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.53.90 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-53-90.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.80.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-80-119.fra2.r.cloudfront.net

s.dca0.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.211.243.235 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-211-243-235.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.240.107.9 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-240-107-9.us-west-2.compute.amazonaws.com

11b557cb-155c-0033-f06a-24a191181ec8.z1.dca0.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.157.252.145 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-252-145.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.31 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:800::7001 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.198.172.5 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-172-5.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.221.13 (Amsterdam, Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.226 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6811:7d2 (United States)

ASN13335 (CLOUDFLARENET, US)

static.hsappstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:f4cc (United States)

ASN13335 (CLOUDFLARENET, US)

cdn2.hubspot.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.242.20 (United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-8.nr-data.net

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
74	pressablecdn.com 149360532.v2.pressablecdn.com	3 MB
30	adroll.com 15 redirects s.adroll.com — Cisco Umbrella Rank: 2208 d.adroll.com — Cisco Umbrella Rank: 1320	142 KB
30	fraud.net fraud.net — Cisco Umbrella Rank: 148875 media.fraud.net — Cisco Umbrella Rank: 170953 device.fraud.net — Cisco Umbrella Rank: 284115	195 KB
15	gstatic.com fonts.gstatic.com www.gstatic.com	788 KB
9	hubspot.com api.hubspot.com — Cisco Umbrella Rank: 4757 forms.hubspot.com — Cisco Umbrella Rank: 3131 app.hubspot.com — Cisco Umbrella Rank: 6245 track.hubspot.com — Cisco Umbrella Rank: 2119	25 KB
7	vimeocdn.com i.vimeocdn.com — Cisco Umbrella Rank: 2769 f.vimeocdn.com — Cisco Umbrella Rank: 2893 fresnel.vimeocdn.com — Cisco Umbrella Rank: 2807	214 KB
7	google.com www.google.com — Cisco Umbrella Rank: 8	74 KB
7	stripe.com js.stripe.com — Cisco Umbrella Rank: 1032 q.stripe.com — Cisco Umbrella Rank: 6927 m.stripe.com — Cisco Umbrella Rank: 993	67 KB
5	hsappstatic.net static.hsappstatic.net — Cisco Umbrella Rank: 7267	258 KB
5	clarity.ms 1 redirects f.clarity.ms — Cisco Umbrella Rank: 2200 c.clarity.ms — Cisco Umbrella Rank: 998	24 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 433 www.linkedin.com — Cisco Umbrella Rank: 624 px4.ads.linkedin.com — Cisco Umbrella Rank: 5443	3 KB
4	hsforms.com forms.hsforms.com — Cisco Umbrella Rank: 4472 perf.hsforms.com — Cisco Umbrella Rank: 9551	3 KB
4	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 573 script.hotjar.com — Cisco Umbrella Rank: 719 vars.hotjar.com — Cisco Umbrella Rank: 857 in.hotjar.com — Cisco Umbrella Rank: 1592	64 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 332 c.bing.com — Cisco Umbrella Rank: 239	12 KB
4	vimeo.com player.vimeo.com — Cisco Umbrella Rank: 1730 vimeo.com — Cisco Umbrella Rank: 1608	17 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 88	511 B
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 126	201 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 33	57 KB
2	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 590	504 B
2	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 210	2 KB
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 254	1 KB
2	3lift.com 1 redirects eb2.3lift.com — Cisco Umbrella Rank: 355	736 B
2	advertising.com 1 redirects pixel.advertising.com — Cisco Umbrella Rank: 293	522 B
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 496	2 KB
2	dca0.com s.dca0.com — Cisco Umbrella Rank: 3961 11b557cb-155c-0033-f06a-24a191181ec8.z1.dca0.com	2 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1082	16 KB
2	gaug.es secure.gaug.es — Cisco Umbrella Rank: 30185	4 KB
2	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 44 cm.g.doubleclick.net — Cisco Umbrella Rank: 169	2 KB
1	hubspot.net cdn2.hubspot.net — Cisco Umbrella Rank: 6360	3 KB
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 320	15 KB
1	openx.net us-u.openx.net — Cisco Umbrella Rank: 316	274 B
1	yahoo.com ads.yahoo.com — Cisco Umbrella Rank: 722	445 B
1	taboola.com sync.taboola.com — Cisco Umbrella Rank: 726	221 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 481	548 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 695	477 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 270	239 B
1	google.de www.google.de — Cisco Umbrella Rank: 6151	548 B
1	hsleadflows.net js.hsleadflows.net — Cisco Umbrella Rank: 4117	87 KB
1	usemessages.com js.usemessages.com — Cisco Umbrella Rank: 5021	21 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2025	20 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2039	16 KB
1	hscollectedforms.net js.hscollectedforms.net — Cisco Umbrella Rank: 5069	26 KB
1	zoominfo.com ws.zoominfo.com — Cisco Umbrella Rank: 7683	1 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2190	1020 B
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 828	2 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 97	15 KB
1	hsforms.net js.hsforms.net — Cisco Umbrella Rank: 6523	144 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	64 KB
232	48

	Domain	Requested by
74	149360532.v2.pressablecdn.com	fraud.net
27	fraud.net	fraud.net 149360532.v2.pressablecdn.com
17	d.adroll.com	13 redirects s.adroll.com fraud.net
13	s.adroll.com	2 redirects www.googletagmanager.com fraud.net s.adroll.com d.adroll.com
8	www.gstatic.com	www.google.com www.gstatic.com
7	www.google.com	fraud.net js.hsforms.net www.gstatic.com
7	fonts.gstatic.com	fraud.net
5	static.hsappstatic.net	app.hubspot.com
4	api.hubspot.com	js.usemessages.com static.hsappstatic.net app.hubspot.com
3	f.clarity.ms	bat.bing.com f.clarity.ms
3	f.vimeocdn.com	player.vimeo.com
3	www.facebook.com	fraud.net
3	q.stripe.com	fraud.net
3	forms.hsforms.com	js.hsforms.net fraud.net
3	connect.facebook.net	fraud.net connect.facebook.net
3	bat.bing.com	www.googletagmanager.com bat.bing.com fraud.net
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	js.stripe.com	fraud.net js.stripe.com
3	player.vimeo.com	fraud.net
2	bam.nr-data.net	app.hubspot.com
2	track.hubspot.com
2	ib.adnxs.com	1 redirects fraud.net
2	x.bidswitch.net	1 redirects fraud.net
2	eb2.3lift.com	1 redirects fraud.net
2	pixel.advertising.com	1 redirects fraud.net
2	dsum-sec.casalemedia.com	1 redirects fraud.net
2	fresnel.vimeocdn.com	f.vimeocdn.com
2	forms.hubspot.com	js.hscollectedforms.net js.hsleadflows.net
2	c.clarity.ms	1 redirects fraud.net
2	m.stripe.network	js.stripe.com m.stripe.network
2	i.vimeocdn.com	player.vimeo.com
2	device.fraud.net	media.fraud.net
2	secure.gaug.es	fraud.net
2	px.ads.linkedin.com	2 redirects
1	cdn2.hubspot.net
1	js-agent.newrelic.com	app.hubspot.com
1	cm.g.doubleclick.net	1 redirects
1	us-u.openx.net	fraud.net
1	ads.yahoo.com	fraud.net
1	sync.taboola.com	fraud.net
1	simage2.pubmatic.com	fraud.net
1	sync.outbrain.com	fraud.net
1	pixel.rubiconproject.com	fraud.net
1	11b557cb-155c-0033-f06a-24a191181ec8.z1.dca0.com	s.dca0.com
1	m.stripe.com	m.stripe.network
1	app.hubspot.com	js.usemessages.com
1	perf.hsforms.com	fraud.net
1	s.dca0.com	s.adroll.com
1	in.hotjar.com	script.hotjar.com
1	vimeo.com	f.vimeocdn.com
1	c.bing.com	1 redirects
1	www.google.de	fraud.net
1	js.hsleadflows.net	js.hs-scripts.com
1	js.usemessages.com	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hscollectedforms.net	js.hs-scripts.com
1	vars.hotjar.com	static.hotjar.com
1	px4.ads.linkedin.com	fraud.net
1	www.linkedin.com	1 redirects
1	googleads.g.doubleclick.net	www.googleadservices.com
1	script.hotjar.com	static.hotjar.com
1	ws.zoominfo.com	fraud.net
1	media.fraud.net	www.googletagmanager.com
1	js.hs-scripts.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	js.hsforms.net	fraud.net
1	www.googletagmanager.com	fraud.net
232	70

This site contains links to these domains. Also see Links.

Domain
api-docs.fraud.net
portal.fraud.net
www.linkedin.com
www.facebook.com

Subject Issuer	Validity	Valid
tls.automattic.com R3	`2021-11-20` - `2022-02-18`	3 months	crt.sh
*.v2.pressablecdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.vimeo.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-09-15` - `2022-10-17`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-16` - `2022-07-15`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2021-10-21` - `2022-02-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2021-12-22` - `2022-06-22`	6 months	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
s.adroll.com Amazon	`2021-08-02` - `2022-08-31`	a year	crt.sh
*.fraud.net Amazon	`2021-10-11` - `2022-11-09`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-10-19` - `2022-01-17`	3 months	crt.sh
zoominfo.com Cloudflare Inc ECC CA-3	`2021-06-04` - `2022-06-03`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.gaug.es Sectigo RSA Domain Validation Secure Server CA	`2021-01-18` - `2022-02-17`	a year	crt.sh
*.stripe.com DigiCert SHA2 Secure Server CA	`2021-09-08` - `2022-09-07`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.vimeocdn.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-05-18` - `2022-06-19`	a year	crt.sh
adroll.mgr.consensu.org Amazon	`2021-09-09` - `2022-10-08`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2021-06-26` - `2022-06-25`	a year	crt.sh
a.clarity.ms Microsoft RSA TLS CA 01	`2021-07-27` - `2022-07-27`	a year	crt.sh
fresnel.vimeocdn.com GTS CA 1D4	`2021-12-16` - `2022-03-16`	3 months	crt.sh
dca0.com Amazon	`2021-09-13` - `2022-10-12`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-02-02`	3 months	crt.sh
*.z1.dca0.com Amazon	`2021-03-10` - `2022-04-08`	a year	crt.sh
hsappstatic.net Cloudflare Inc ECC CA-3	`2021-06-10` - `2022-06-09`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-10-06` - `2022-11-07`	a year	crt.sh
hubspot.net Cloudflare Inc ECC CA-3	`2021-06-04` - `2022-06-03`	a year	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh

This page contains 9 frames:

Primary Page: https://fraud.net/
Frame ID: E2CE2AC5F5B864417F9027DF082C26B9
Requests: 187 HTTP requests in this frame

Frame: https://player.vimeo.com/video/235637953
Frame ID: 66230146AFBA8F50FA1CA3320897B71E
Requests: 10 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-fd3c67f2efa9f22f2ecd16b13f2a7fb3.html
Frame ID: 5255150EE962755EF6E95B4D92696C93
Requests: 3 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-a1ae2079824d1c48aa9ce06efb256f18.html
Frame ID: 96CAE18702CD303E000BA31059258193
Requests: 1 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: CD344A69FD33893B556F9B3756B60A6B
Requests: 5 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9mcmF1ZC5uZXQ6NDQz&hl=de&v=-FJgYf1d3dZ_QPcZP7bd85hc&size=invisible&badge=inline&cb=2t604gtff5v0
Frame ID: EBA99D56EDA2ADF284BDCAD68EB46375
Requests: 4 HTTP requests in this frame

Frame: https://app.hubspot.com/conversations-visitor/2113031/threads/utk/24a15c8a572247388b522f40e329cfe0?uuid=19be3e1fdbdc40dbaf6f52a50c2881c1&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=fraud.net&inApp53=false&messagesUtk=24a15c8a572247388b522f40e329cfe0&url=https%3A%2F%2Ffraud.net%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
Frame ID: B5322A33B43A60643508FD8D78E25CDB
Requests: 12 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 01D21B16D6DFDAACDBA3080A1FA99EFF
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/bframe?hl=de&v=-FJgYf1d3dZ_QPcZP7bd85hc&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Frame ID: 2FD294601C0F136EDB4B587EDAA66718
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Fraud.net | AI Fraud Detection and Prevention for Enterprises

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

Backbone.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

backbone.*\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:a|s)\.adroll\.com

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Underscore.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

underscore.*\.js(?:\?ver=([\d.]+))?

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

232
Requests

93 %
HTTPS

43 %
IPv6

48
Domains

70
Subdomains

62
IPs

5
Countries

5556 kB
Transfer

12358 kB
Size

75
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://api-docs.fraud.net/
Title: Developers

Search URL Search Domain Scan URL

URL: https://portal.fraud.net/login
Title: Login

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/fraud-net/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Fraudnet/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 119

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=186217&time=1641797416652&url=https%3A%2F%2Ffraud.net%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D186217%26time%3D1641797416652%26url%3Dhttps%253A%252F%252Ffraud.net%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=186217&time=1641797416652&url=https%3A%2F%2Ffraud.net%2F&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=186217&time=1641797416652&url=https%3A%2F%2Ffraud.net%2F&liSync=true&e_ipv6=AQKGQO4P_wAysQAAAX5CwHiHmPuys8McDRs13B2XpSOOMxfAXoTwORMlpHVaayDTpiPXHnuPQQ

Request Chain 123

https://s.adroll.com/j/exp/HVT2SOYWOBESJB535C7MUS/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 124

https://s.adroll.com/j/pre/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM/fpconsent.js HTTP 302
https://s.adroll.com/j/pre/index.js

Request Chain 153

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=ADC2EFD60A2640AB95013D364EA5FAC6&RedC=c.clarity.ms&MXFR=11DEAAFB6639622C0DB8BBD362396CA2 HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=ADC2EFD60A2640AB95013D364EA5FAC6&MUID=1FD0E000915961C001F8F128908B60ED

Request Chain 168

https://d.adroll.com/pixel/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM?adroll_fpc=74e3b0e77b3dcfd54bfeed848eacb765-1641797417368&arrfrr=https%3A%2F%2Ffraud.net%2F&pv=82154171122.43019&cookie=&adroll_s_ref=&keyw= HTTP 302
https://s.adroll.com/pixel/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM/6SMH2DHXINFNDD52UNEEKG.js

Request Chain 188

https://d.adroll.com/cm/index/out?adroll_fpc=74e3b0e77b3dcfd54bfeed848eacb765-1641797417368&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NzUxNDQzMmJkMWZiOGI1MDdmMDBhZWUwZmUwNmMzM2I&expiration=1673333417 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NzUxNDQzMmJkMWZiOGI1MDdmMDBhZWUwZmUwNmMzM2I&expiration=1673333417&C=1

Request Chain 189

https://d.adroll.com/cm/n/out?adroll_fpc=74e3b0e77b3dcfd54bfeed848eacb765-1641797417368&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS HTTP 302
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NzUxNDQzMmJkMWZiOGI1MDdmMDBhZWUwZmUwNmMzM2I&expires=365

Request Chain 190

https://d.adroll.com/cm/onevideo/out?adroll_fpc=74e3b0e77b3dcfd54bfeed848eacb765-1641797417368&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS HTTP 302
https://pixel.advertising.com/ups/55980/sync?uid=NzUxNDQzMmJkMWZiOGI1MDdmMDBhZWUwZmUwNmMzM2I&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA HTTP 302
https://pixel.advertising.com/ups/55980/sync?uid=NzUxNDQzMmJkMWZiOGI1MDdmMDBhZWUwZmUwNmMzM2I&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true

Request Chain 191

https://d.adroll.com/cm/outbrain/out?adroll_fpc=74e3b0e77b3dcfd54bfeed848eacb765-1641797417368&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS HTTP 302
https://sync.outbrain.com/cookie-sync?p=adroll&uid=NzUxNDQzMmJkMWZiOGI1MDdmMDBhZWUwZmUwNmMzM2I

Request Chain 192

https://d.adroll.com/cm/pubmatic/out?adroll_fpc=74e3b0e77b3dcfd54bfeed848eacb765-1641797417368&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=NzUxNDQzMmJkMWZiOGI1MDdmMDBhZWUwZmUwNmMzM2I&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA

Request Chain 193

https://d.adroll.com/cm/taboola/out?adroll_fpc=74e3b0e77b3dcfd54bfeed848eacb765-1641797417368&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS HTTP 302
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=NzUxNDQzMmJkMWZiOGI1MDdmMDBhZWUwZmUwNmMzM2I

Request Chain 194

https://d.adroll.com/cm/triplelift/out?adroll_fpc=74e3b0e77b3dcfd54bfeed848eacb765-1641797417368&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS HTTP 302
https://eb2.3lift.com/xuid?mid=4714&xuid=NzUxNDQzMmJkMWZiOGI1MDdmMDBhZWUwZmUwNmMzM2I&dongle=c85e HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=NzUxNDQzMmJkMWZiOGI1MDdmMDBhZWUwZmUwNmMzM2I&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=

Request Chain 195

https://d.adroll.com/cm/r/out?adroll_fpc=74e3b0e77b3dcfd54bfeed848eacb765-1641797417368&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS HTTP 302
https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Request Chain 196

https://d.adroll.com/cm/b/out?adroll_fpc=74e3b0e77b3dcfd54bfeed848eacb765-1641797417368&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS HTTP 302
https://x.bidswitch.net/sync?dsp_id=44&user_id=NzUxNDQzMmJkMWZiOGI1MDdmMDBhZWUwZmUwNmMzM2I HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NzUxNDQzMmJkMWZiOGI1MDdmMDBhZWUwZmUwNmMzM2I

Request Chain 197

https://d.adroll.com/cm/x/out?adroll_fpc=74e3b0e77b3dcfd54bfeed848eacb765-1641797417368&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS HTTP 302
https://ib.adnxs.com/setuid?entity=172&code=NzUxNDQzMmJkMWZiOGI1MDdmMDBhZWUwZmUwNmMzM2I HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DNzUxNDQzMmJkMWZiOGI1MDdmMDBhZWUwZmUwNmMzM2I

Request Chain 199

https://d.adroll.com/cm/o/out?adroll_fpc=74e3b0e77b3dcfd54bfeed848eacb765-1641797417368&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537103138&val=7514432bd1fb8b507f00aee0fe06c33b

Request Chain 200

https://d.adroll.com/cm/g/out?adroll_fpc=74e3b0e77b3dcfd54bfeed848eacb765-1641797417368&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS&google_nid=adroll5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=dRRDK9H7i1B_AK7g_gbDOw HTTP 302
https://d.adroll.com/cm/g/in

232 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
fraud.net/ 143 KB
23 KB 1225ms
1197ms Document
text/html 199.16.172.83
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.172.83 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

4e1e38de7c0dba99b8bdc8d2f018a01de1eb11f76ee09f29ca860e472d845592

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx
date: Mon, 10 Jan 2022 06:50:15 GMT
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=31536000
vary: Accept-Encoding Cookie
host-header: Pressable
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
access-control-allow-credentials: false
link: <https://fraud.net/wp-json/>; rel="https://api.w.org/" <https://fraud.net/wp-json/wp/v2/pages/89913>; rel="alternate"; type="application/json" <https://fraud.net/>; rel=shortlink
content-encoding: br
x-ac: 4.ams _atomic_ams

GET
H2 200 1641558570-css80e66bc6923a9831599ff5e9787d413655ff9aa61af9abfedbad13a0ae3db.css
fraud.net/wp-content/cache/fvm/min/ 79 KB
11 KB 117ms
116ms Stylesheet
text/css 199.16.172.83
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-content/cache/fvm/min/1641558570-css80e66bc6923a9831599ff5e9787d413655ff9aa61af9abfedbad13a0ae3db.css

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.172.83 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

dc5643794fd698330f5773e0a07119b91e1b493f688e865b0f8b82eb69efcb59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Fri, 07 Jan 2022 12:30:52 GMT
server: nginx
etag: W/"61d8327c-13b14"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
date: Mon, 10 Jan 2022 06:50:16 GMT
x-ac: 4.ams _atomic_ams
expires: Mon, 17 Jan 2022 06:50:16 GMT

GET
H2 200 1641558570-css2426629b2cfb90ac2df568b333c9ae2d96c34d3cd2f04f14388292b25362c.css
fraud.net/wp-content/cache/fvm/min/ 5 KB
745 B 115ms
113ms Stylesheet
text/css 199.16.172.83
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-content/cache/fvm/min/1641558570-css2426629b2cfb90ac2df568b333c9ae2d96c34d3cd2f04f14388292b25362c.css

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.172.83 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

1fc8f7ecbe0e498fcad93065be830a33fc09dd1d28f96cee6e77c6d3647f1601

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Fri, 07 Jan 2022 12:30:52 GMT
server: nginx
etag: W/"61d8327c-142d"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
date: Mon, 10 Jan 2022 06:50:16 GMT
x-ac: 4.ams _atomic_ams
expires: Mon, 17 Jan 2022 06:50:16 GMT

GET
H2 200 1641558570-css7304cbf85f786c1fcfc76bc77dd16d47fc024e9c9688a6f0f1bdecfad2f96.css
fraud.net/wp-content/cache/fvm/min/ 7 KB
1 KB 116ms
114ms Stylesheet
text/css 199.16.172.83
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-content/cache/fvm/min/1641558570-css7304cbf85f786c1fcfc76bc77dd16d47fc024e9c9688a6f0f1bdecfad2f96.css

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.172.83 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

2fe655c898388b97cdfed98b7fb9dfc89e2235224189821fdf747cbdb4b150db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Fri, 07 Jan 2022 12:30:52 GMT
server: nginx
etag: W/"61d8327c-1ca2"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
date: Mon, 10 Jan 2022 06:50:16 GMT
x-ac: 4.ams _atomic_ams
expires: Mon, 17 Jan 2022 06:50:16 GMT

GET
H2 200 1641558570-csse2a6d63940d3c4f4917a62f1726021b441fc6f6158b35be4162aa5c2dfdae.css
fraud.net/wp-content/cache/fvm/min/ 7 KB
1015 B 124ms
122ms Stylesheet
text/css 199.16.172.83
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-content/cache/fvm/min/1641558570-csse2a6d63940d3c4f4917a62f1726021b441fc6f6158b35be4162aa5c2dfdae.css

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.172.83 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

e155502c2591053a9bebb7d642781a48c66c1193d32f3b6814c7fb7b6a28c590

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Fri, 07 Jan 2022 12:30:52 GMT
server: nginx
etag: W/"61d8327c-1c97"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
date: Mon, 10 Jan 2022 06:50:16 GMT
x-ac: 4.ams _atomic_ams
expires: Mon, 17 Jan 2022 06:50:16 GMT

GET
H2 200 1641558570-css1b8fc2bd4f28dbb76a5fc15761db6d8ad5a4b10444da1509d8fe509f3a7e8.css
fraud.net/wp-content/cache/fvm/min/ 4 KB
720 B 116ms
113ms Stylesheet
text/css 199.16.172.83
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-content/cache/fvm/min/1641558570-css1b8fc2bd4f28dbb76a5fc15761db6d8ad5a4b10444da1509d8fe509f3a7e8.css

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.172.83 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

da9d386dd83051678ba4c5268c783452f5ee3ff99c0eb7fe0e5036419bf33a4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Fri, 07 Jan 2022 12:30:52 GMT
server: nginx
etag: W/"61d8327c-ecc"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
date: Mon, 10 Jan 2022 06:50:16 GMT
x-ac: 4.ams _atomic_ams
expires: Mon, 17 Jan 2022 06:50:16 GMT

GET
H2 200 1641558570-css1f6fd4febedc74a599651b784c5d6d50c5347404d78770b5c96fbfb27443b.css
fraud.net/wp-content/cache/fvm/min/ 1 KB
573 B 213ms
211ms Stylesheet
text/css 199.16.172.83
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-content/cache/fvm/min/1641558570-css1f6fd4febedc74a599651b784c5d6d50c5347404d78770b5c96fbfb27443b.css

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.172.83 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

a5ef3ae7cd5711ecc0d6ef6f218e5f48239431e0d2053fa6b096a111cef2264e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Fri, 07 Jan 2022 12:30:52 GMT
server: nginx
etag: W/"61d8327c-43b"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
date: Mon, 10 Jan 2022 06:50:16 GMT
x-ac: 4.ams _atomic_ams
expires: Mon, 17 Jan 2022 06:50:16 GMT

GET
H2 200 1641558570-csse4fc62df10e0eab8419c68deea7922c614466483a077098ed1e29b4e26d20.css
fraud.net/wp-content/cache/fvm/min/ 16 KB
3 KB 130ms
128ms Stylesheet
text/css 199.16.172.83
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-content/cache/fvm/min/1641558570-csse4fc62df10e0eab8419c68deea7922c614466483a077098ed1e29b4e26d20.css

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.172.83 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

9376a04b152f80647751262ccecde76737c5b493ab478cbd5b05e3735770a137

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Fri, 07 Jan 2022 12:30:52 GMT
server: nginx
etag: W/"61d8327c-4147"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
date: Mon, 10 Jan 2022 06:50:16 GMT
x-ac: 4.ams _atomic_ams
expires: Mon, 17 Jan 2022 06:50:16 GMT

GET
H2 200 1641558570-cssc8b884a22868422a6908b100f30f49141c7738062f11471556b60b5a15483.css
fraud.net/wp-content/cache/fvm/min/ 4 KB
918 B 122ms
120ms Stylesheet
text/css 199.16.172.83
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-content/cache/fvm/min/1641558570-cssc8b884a22868422a6908b100f30f49141c7738062f11471556b60b5a15483.css

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.172.83 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

8e1b75b9eee6808698b9f632964effaffd1b3fd6d6cff0cedf5f8f45bd9bbb0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Fri, 07 Jan 2022 12:30:52 GMT
server: nginx
etag: W/"61d8327c-1136"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
date: Mon, 10 Jan 2022 06:50:16 GMT
x-ac: 4.ams _atomic_ams
expires: Mon, 17 Jan 2022 06:50:16 GMT

GET
H2 200 1641558570-css3faec774ec9f2a220435dd94f8ca21dd95601cf3de8594af4a65c204e457d.css
fraud.net/wp-content/cache/fvm/min/ 490 KB
69 KB 142ms
140ms Stylesheet
text/css 199.16.172.83
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-content/cache/fvm/min/1641558570-css3faec774ec9f2a220435dd94f8ca21dd95601cf3de8594af4a65c204e457d.css

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.172.83 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

2c7b80158a47189a1ac736799d5bc0b93a6bc23b56bc793eaa48043a100698d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Fri, 07 Jan 2022 12:30:54 GMT
server: nginx
etag: W/"61d8327e-7a6e2"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
date: Mon, 10 Jan 2022 06:50:16 GMT
x-ac: 4.ams _atomic_ams
expires: Mon, 17 Jan 2022 06:50:16 GMT

GET
H2 200 1641558570-css3038bff3483d88b1e21cc21310a27b2153d5b8c53fedd9aeb7460d1fbd718.css
fraud.net/wp-content/cache/fvm/min/ 60 KB
12 KB 120ms
118ms Stylesheet
text/css 199.16.172.83
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-content/cache/fvm/min/1641558570-css3038bff3483d88b1e21cc21310a27b2153d5b8c53fedd9aeb7460d1fbd718.css

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.172.83 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

53980dec65aa0766875e758fdee2d1cacca5635158a40638afafde8bcb9c8e7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Fri, 07 Jan 2022 12:30:54 GMT
server: nginx
etag: W/"61d8327e-f0cf"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
date: Mon, 10 Jan 2022 06:50:16 GMT
x-ac: 4.ams _atomic_ams
expires: Mon, 17 Jan 2022 06:50:16 GMT

GET
H2 200 1641558570-css92059d3865e39cf335f76530b61fd438558e905633300c7187686d7981407.css
fraud.net/wp-content/cache/fvm/min/ 246 KB
24 KB 153ms
151ms Stylesheet
text/css 199.16.172.83
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-content/cache/fvm/min/1641558570-css92059d3865e39cf335f76530b61fd438558e905633300c7187686d7981407.css

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.172.83 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

c84cc10b06050e18543d073c0b24fb8cbd32fb4d663e7a0983430f81b4d65296

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Fri, 07 Jan 2022 12:30:55 GMT
server: nginx
etag: W/"61d8327f-3d8e1"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
date: Mon, 10 Jan 2022 06:50:16 GMT
x-ac: 4.ams _atomic_ams
expires: Mon, 17 Jan 2022 06:50:16 GMT

GET
H2 200 1641558570-csscf67ed279bb47f20cc1b10da50bd2cf1f3e511f31ff69eba83e6cac23a322.css
fraud.net/wp-content/cache/fvm/min/ 16 KB
5 KB 131ms
129ms Stylesheet
text/css 199.16.172.83
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-content/cache/fvm/min/1641558570-csscf67ed279bb47f20cc1b10da50bd2cf1f3e511f31ff69eba83e6cac23a322.css

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.172.83 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

580c9a8aca41bf9933253374d42859fa356c75e12381dbe75cfabe1e9b6941d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Fri, 07 Jan 2022 12:30:55 GMT
server: nginx
etag: W/"61d8327f-40f0"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
date: Mon, 10 Jan 2022 06:50:16 GMT
x-ac: 4.ams _atomic_ams
expires: Mon, 17 Jan 2022 06:50:16 GMT

GET
H2 200 jquery.min.js Show response
149360532.v2.pressablecdn.com/wp-includes/js/jquery/ 87 KB
31 KB 31ms
6ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 10 Jan 2022 06:50:16 GMT
content-encoding: br
last-modified: Wed, 10 Mar 2021 15:07:24 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-ac: 1.hhn _atomic_ams
strict-transport-security: max-age=15552000
link: <http://fraud.net/wp-includes/js/jquery/jquery.min.js>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery-migrate.min.js Show response
149360532.v2.pressablecdn.com/wp-includes/js/jquery/ 11 KB
4 KB 31ms
7ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 10 Jan 2022 06:50:16 GMT
content-encoding: br
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-ac: 2.hhn _atomic_ams
strict-transport-security: max-age=15552000
link: <http://fraud.net/wp-includes/js/jquery/jquery-migrate.min.js>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ai-uncode.min.js Show response
fraud.net/wp-content/themes/uncode/library/js/ 4 KB
1 KB 130ms
129ms Script
application/javascript 199.16.172.83
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-content/themes/uncode/library/js/ai-uncode.min.js

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.172.83 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

254eb6b34064b344d643ff7f75101721a3a536d9f77799558b160c2130f8e9a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Fri, 03 Dec 2021 12:53:14 GMT
server: nginx
etag: W/"61aa133a-e27"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
date: Mon, 10 Jan 2022 06:50:16 GMT
x-ac: 4.ams _atomic_ams
expires: Mon, 17 Jan 2022 06:50:16 GMT

GET
H2 200 init.min.js Show response
149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/ 114 KB
25 KB 31ms
7ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/init.min.js

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

e5c7b4ae3317862b3a5428b50ef2b1db2ac54c9eafc9aa7757f1b51c5e302bc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 10 Jan 2022 06:50:16 GMT
content-encoding: br
last-modified: Fri, 03 Dec 2021 12:53:23 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-ac: 2.hhn _atomic_ams
strict-transport-security: max-age=15552000
link: <http://fraud.net/wp-content/themes/uncode-for-fraud/library/js/init.min.js>; rel="canonical"
expires: Mon, 17 Jan 2022 06:50:16 GMT

GET
H2 200 fnlogo-e1559250900846.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2018/09/ 5 KB
5 KB 19ms
13ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2018/09/fnlogo-e1559250900846.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

9a360fc3b255d7c649ffdd07ab330df23d0018ed8f71c4c619660f97bec81f0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 10 Jan 2022 06:50:16 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Thu, 26 Sep 2019 10:46:54 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2018/09/fnlogo-e1559250900846.png>; rel="canonical"
content-length: 4859
expires: Mon, 17 Jan 2022 06:50:16 GMT

GET
H2 200 fnlogo-white.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2018/09/ 2 KB
2 KB 19ms
13ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2018/09/fnlogo-white.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

e2310cdd13a9432e8234e690dd787286e1daf5603559a8d4eab22d38d4085899

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 10 Jan 2022 06:50:16 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Thu, 26 Sep 2019 10:52:24 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2018/09/fnlogo-white.png>; rel="canonical"
content-length: 2249
expires: Mon, 17 Jan 2022 06:50:16 GMT

GET
H2 200 1280px-Gartner_logo.svg.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 3 KB
3 KB 137ms
132ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/1280px-Gartner_logo.svg.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

89192623f01907db9e2db2a307ae59c0dd5170e1cbbd1f7854e4b5485f24a530

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc: EXPIRED hhn 1
date: Mon, 10 Jan 2022 06:50:16 GMT
x-ac: 1.hhn _atomic_ams
last-modified: Fri, 03 Sep 2021 16:15:20 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/1280px-Gartner_logo.svg.png>; rel="canonical"
content-length: 2561
expires: Mon, 17 Jan 2022 06:50:16 GMT

GET
H2 200 Arvato_Logo_2016.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 4 KB
4 KB 134ms
129ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Arvato_Logo_2016.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

faaf63b94b9756fc1891adaddce76acddd0be07b78a00c03ac6c60d6a577a684

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc: EXPIRED hhn 1
date: Mon, 10 Jan 2022 06:50:16 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Fri, 03 Sep 2021 16:15:22 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Arvato_Logo_2016.png>; rel="canonical"
content-length: 3779
expires: Mon, 17 Jan 2022 06:50:16 GMT

GET
H2 200 download-uai-258x74.jpeg
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 8 KB
8 KB 18ms
14ms Image
image/jpeg 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/download-uai-258x74.jpeg

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

654325663f600c925cd64f27cbd3b104bfbd7c731b0f11389d83a3bc1ba40cd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 10 Jan 2022 06:50:16 GMT
x-ac: 1.hhn _atomic_ams
last-modified: Fri, 03 Dec 2021 13:09:11 GMT
server: nginx
strict-transport-security: max-age=15552000
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/download-uai-258x74.jpeg>; rel="canonical"
content-length: 8164
expires: Mon, 17 Jan 2022 06:50:16 GMT

GET
H2 200 icba-logo-blue-uai-258x116.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 7 KB
7 KB 18ms
14ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/icba-logo-blue-uai-258x116.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

44d5486ab2f70ac86114bbe3ba75cca3ec5b407845f08215e0f7c8bf0c75c7a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 10 Jan 2022 06:50:16 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Fri, 03 Dec 2021 13:09:11 GMT
server: nginx
strict-transport-security: max-age=15552000
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/icba-logo-blue-uai-258x116.png>; rel="canonical"
content-length: 7262
expires: Mon, 17 Jan 2022 06:50:16 GMT

GET
H2 200 1200px-AmazonWebservices_Logo.svg.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 4 KB
4 KB 124ms
120ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/1200px-AmazonWebservices_Logo.svg.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

4bffb0db717d36ea70b90a0d672647a3cc8797a93061be9b863d831fa93a9831

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc: EXPIRED hhn 1
date: Mon, 10 Jan 2022 06:50:16 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Fri, 03 Sep 2021 16:15:29 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/1200px-AmazonWebservices_Logo.svg.png>; rel="canonical"
content-length: 4152
expires: Mon, 17 Jan 2022 06:50:16 GMT

GET
H2 200 microsoft_PNG4.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 3 KB
3 KB 130ms
125ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/microsoft_PNG4.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

725a72e4c7e67bec83f0504963f37d2d0ca9bb7869b6da94749a812c04a23c42

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc: EXPIRED hhn 1
date: Mon, 10 Jan 2022 06:50:16 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Fri, 03 Sep 2021 16:15:26 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/microsoft_PNG4.png>; rel="canonical"
content-length: 2756
expires: Mon, 17 Jan 2022 06:50:16 GMT

GET
H2 200 mastercard_hrz_pos_300px_2x-e1634923002359-uai-258x47.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 4 KB
4 KB 18ms
14ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/mastercard_hrz_pos_300px_2x-e1634923002359-uai-258x47.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

4752d6ebb987080a0caca87a76e9e159836fc8b63214fa9bdb36a2c335c767c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 10 Jan 2022 06:50:16 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Fri, 03 Dec 2021 13:09:11 GMT
server: nginx
strict-transport-security: max-age=15552000
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/mastercard_hrz_pos_300px_2x-e1634923002359-uai-258x47.png>; rel="canonical"
content-length: 4235
expires: Mon, 17 Jan 2022 06:50:16 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 178 KB
64 KB 65ms
23ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WVZ4N9X

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4e781090bce70f22acc68b9d10929c504c0c56b4440b8fc185956941c9b4eafe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 06:50:16 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64631
x-xss-protection: 0
last-modified: Mon, 10 Jan 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 10 Jan 2022 06:50:16 GMT

GET
H/1.1 200
OK player.js Show response
player.vimeo.com/api/ 20 KB
7 KB 43ms
13ms Script
application/javascript 151.101.64.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/api/player.js

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.64.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

81d1eeb980b09409744568d2ed3ca7ff1ee763d6aeb9dc6c66bc845dd3d3bb96

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

X-Varnish-Cache: 1
Content-Security-Policy: default-src 'none'; style-src 'unsafe-inline'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 1028
X-Cache: HIT
P3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
Connection: keep-alive
X-VServer: infra-playproxy-b-3
Content-Length: 5996
X-Xss-Protection: 1; mode=block
X-Served-By: cache-hhn4041-HHN
X-Player-Backend: p
Expires: Mon, 10 Jan 2022 07:03:08 GMT
Server: nginx
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-Timer: S1641797416.226438,VS0,VE0
Date: Mon, 10 Jan 2022 06:50:16 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript;charset=utf-8
Via: 1.1 varnish, 1.1 varnish
Vary: Accept-Encoding
X-Vimeo-DC: ge
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Cache-Hits: 1842

GET
H2 200 Infographic_ApplicationAi.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 7 KB
7 KB 18ms
14ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Infographic_ApplicationAi.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

20428f93f2673efc5b14ddbb8488222dabf85da17bce338c6b791071f1cf597a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 10 Jan 2022 06:50:16 GMT
x-ac: 1.hhn _atomic_ams
last-modified: Fri, 03 Sep 2021 16:15:05 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Infographic_ApplicationAi.png>; rel="canonical"
content-length: 6704
expires: Mon, 17 Jan 2022 06:50:16 GMT

GET
H2 200 Infographic_TransactionAi.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 8 KB
8 KB 18ms
14ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Infographic_TransactionAi.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

234d8bdcdbe8ad7ad55b9dc05062cbba29a8aad1cdae054ac36c77ac0ceca285

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 10 Jan 2022 06:50:16 GMT
x-ac: 1.hhn _atomic_ams
last-modified: Fri, 03 Sep 2021 16:14:54 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Infographic_TransactionAi.png>; rel="canonical"
content-length: 7756
expires: Mon, 17 Jan 2022 06:50:16 GMT

GET
H2 200 Infographic_LoginAi.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 7 KB
7 KB 23ms
19ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Infographic_LoginAi.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

e83dc119745c93e5eb29ffac21b9809af235d091f3d55f909d4e74758a0cd090

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 10 Jan 2022 06:50:16 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Fri, 03 Sep 2021 16:14:52 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Infographic_LoginAi.png>; rel="canonical"
content-length: 7114
expires: Mon, 17 Jan 2022 06:50:16 GMT

GET
H2 200 Infographic_AccountAi.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 7 KB
7 KB 24ms
19ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Infographic_AccountAi.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

b5aae3b92b530b0b751a307b0205461da8993bf520abf775b206004e9cd10108

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 10 Jan 2022 06:50:16 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Fri, 03 Sep 2021 16:14:49 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Infographic_AccountAi.png>; rel="canonical"
content-length: 7022
expires: Mon, 17 Jan 2022 06:50:16 GMT

GET
H2 200 Infographic_DeviceAi.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 7 KB
7 KB 24ms
19ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Infographic_DeviceAi.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

8024acec341dcc8141dd3175d206cbb1c81d8141254363751ad0ab5f91af3e12

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 10 Jan 2022 06:50:16 GMT
x-ac: 1.hhn _atomic_ams
last-modified: Fri, 03 Sep 2021 16:14:47 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Infographic_DeviceAi.png>; rel="canonical"
content-length: 6746
expires: Mon, 17 Jan 2022 06:50:16 GMT

GET
H2 200 Infographic_EmailAi.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 7 KB
7 KB 24ms
20ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Infographic_EmailAi.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

4b3b00234df4da1f9594dd6d05252c7529bfb37548078fc9ecf41c1811df3711

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 10 Jan 2022 06:50:16 GMT
x-ac: 1.hhn _atomic_ams
last-modified: Fri, 03 Sep 2021 16:14:45 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Infographic_EmailAi.png>; rel="canonical"
content-length: 7027
expires: Mon, 17 Jan 2022 06:50:16 GMT

GET
H2 200 Computer-Appstore-e1628881087778-uai-258x160.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 20 KB
20 KB 24ms
20ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Computer-Appstore-e1628881087778-uai-258x160.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

e16e05db60d88b2b5e1866fddf94b16071ac8b61c5dd5028cf401d91f8d6f2c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 10 Jan 2022 06:50:16 GMT
x-ac: 1.hhn _atomic_ams
last-modified: Fri, 03 Dec 2021 13:09:12 GMT
server: nginx
strict-transport-security: max-age=15552000
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Computer-Appstore-e1628881087778-uai-258x160.png>; rel="canonical"
content-length: 20075
expires: Mon, 17 Jan 2022 06:50:16 GMT

GET
H2 200 internet-of-things.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 4 KB
4 KB 24ms
20ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/internet-of-things.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

f93c8551f65ba377f486fa012b49c4fdfbb3247cb0fa9aa1f7f084ea2cb36edf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 10 Jan 2022 06:50:16 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Fri, 03 Sep 2021 16:15:52 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/internet-of-things.png>; rel="canonical"
content-length: 4067
expires: Mon, 17 Jan 2022 06:50:16 GMT

GET
H2 200 money-making.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 3 KB
4 KB 24ms
20ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/money-making.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

b0c5713b0404676e491cdfba01ffd6aaf0dce9227bde577b4178afde264c9841

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 10 Jan 2022 06:50:16 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Fri, 03 Sep 2021 16:15:59 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/money-making.png>; rel="canonical"
content-length: 3493
expires: Mon, 17 Jan 2022 06:50:16 GMT

GET
H2 200 growth.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 2 KB
2 KB 24ms
20ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/growth.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

e3dcd1c22c0109630f06bb782eddd1db4910dbedc483193a7276dcd07e6d4651

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 10 Jan 2022 06:50:16 GMT
x-ac: 1.hhn _atomic_ams
last-modified: Fri, 03 Sep 2021 16:16:01 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/growth.png>; rel="canonical"
content-length: 1789
expires: Mon, 17 Jan 2022 06:50:16 GMT

GET
H2 200 secure.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 3 KB
3 KB 24ms
20ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/secure.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

de599393ee2636d282e2724a638bd0bcb77bef4dad10207b5beb406df96e9847

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 10 Jan 2022 06:50:16 GMT
x-ac: 1.hhn _atomic_ams
last-modified: Fri, 03 Sep 2021 16:16:05 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/secure.png>; rel="canonical"
content-length: 3029
expires: Mon, 17 Jan 2022 06:50:16 GMT

GET
H2 200 Group-370.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 385 B
511 B 24ms
21ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Group-370.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

af40864cb09a9463e558472afa4cb4d935d2bff2fad08e4db4cf33fcd5ccf9de

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 10 Jan 2022 06:50:16 GMT
x-ac: 1.hhn _atomic_ams
last-modified: Mon, 13 Sep 2021 15:45:26 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Group-370.png>; rel="canonical"
content-length: 385
expires: Mon, 17 Jan 2022 06:50:16 GMT

GET
H2 200 fc_logo_black.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 3 KB
4 KB 24ms
21ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/fc_logo_black.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

78db323b8f312a012fdf5334e519215a80f6fce268f6402cf24c71deeacecc11

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 10 Jan 2022 06:50:16 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Fri, 03 Sep 2021 16:13:39 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/fc_logo_black.png>; rel="canonical"
content-length: 3529
expires: Mon, 17 Jan 2022 06:50:16 GMT

GET
H2 200 download.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 2 KB
2 KB 24ms
21ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/download.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

1c2a6b17b7269caec4d6d7243cb0c1eaca335d4e50c01611955f6b7df5b6946e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 10 Jan 2022 06:50:16 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Fri, 03 Sep 2021 16:13:43 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/download.png>; rel="canonical"
content-length: 2146
expires: Mon, 17 Jan 2022 06:50:16 GMT

GET
H2 200 Best-ROI-Fall-2021-uai-258x335.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 17 KB
17 KB 24ms
21ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Best-ROI-Fall-2021-uai-258x335.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

d00d4b4807a747b899bb0285ba0de2861d84d91cf0083302f5a61ed22b040630

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 10 Jan 2022 06:50:16 GMT
x-ac: 1.hhn _atomic_ams
last-modified: Fri, 03 Dec 2021 13:09:12 GMT
server: nginx
strict-transport-security: max-age=15552000
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Best-ROI-Fall-2021-uai-258x335.png>; rel="canonical"
content-length: 17047
expires: Mon, 17 Jan 2022 06:50:16 GMT

GET
H2 200 Group-450.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 4 KB
4 KB 24ms
21ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Group-450.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

203328f6942da243b123abfc41902926c35cf46924598e8d8541461162334131

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 10 Jan 2022 06:50:16 GMT
x-ac: 1.hhn _atomic_ams
last-modified: Fri, 03 Sep 2021 16:13:46 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Group-450.png>; rel="canonical"
content-length: 4263
expires: Mon, 17 Jan 2022 06:50:16 GMT

GET
H2 200 Group-452.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 3 KB
3 KB 24ms
21ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Group-452.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

c93bdee62de8340babd9a01dfdfe0e88172993b7f5dcd247f1d796f214226cb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 10 Jan 2022 06:50:16 GMT
x-ac: 1.hhn _atomic_ams
last-modified: Fri, 03 Sep 2021 16:13:49 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Group-452.png>; rel="canonical"
content-length: 3037
expires: Mon, 17 Jan 2022 06:50:16 GMT

GET
H2 200 MicrosoftTeams-image-3-1.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 4 KB
4 KB 25ms
22ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/MicrosoftTeams-image-3-1.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

f11407450582f04c771643bb680467814bc6ac5cb0627ae3f9b5de0d8c5fa835

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 10 Jan 2022 06:50:16 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Fri, 03 Sep 2021 16:13:50 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/MicrosoftTeams-image-3-1.png>; rel="canonical"
content-length: 4139
expires: Mon, 17 Jan 2022 06:50:16 GMT

GET
H2 200 Group-448.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 3 KB
3 KB 25ms
22ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Group-448.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

41b1c7d6af05be020550025a5e45f94ea6f122654d5c783ce4abddbf66197776

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 10 Jan 2022 06:50:16 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Fri, 03 Sep 2021 16:13:52 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Group-448.png>; rel="canonical"
content-length: 3105
expires: Mon, 17 Jan 2022 06:50:16 GMT

GET
H2 200 MicrosoftTeams-image-e1639171557390-uai-258x151.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 18 KB
18 KB 25ms
22ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/MicrosoftTeams-image-e1639171557390-uai-258x151.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

50f30f17edf34c786da5768216ee9290c0a77ac00fcff05a11f79ab514bef17e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 10 Jan 2022 06:50:16 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Fri, 10 Dec 2021 21:26:11 GMT
server: nginx
strict-transport-security: max-age=15552000
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/MicrosoftTeams-image-e1639171557390-uai-258x151.png>; rel="canonical"
content-length: 18076
expires: Mon, 17 Jan 2022 06:50:16 GMT

GET
H2 200 G2-Fall-2021-High-Performer-uai-258x335.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 16 KB
16 KB 25ms
22ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/G2-Fall-2021-High-Performer-uai-258x335.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

2111b138a2eb8e110c396e6b154d289891f1f6d978ab5315a4807ad4e9a45adc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 10 Jan 2022 06:50:16 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Fri, 03 Dec 2021 13:09:12 GMT
server: nginx
strict-transport-security: max-age=15552000
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/G2-Fall-2021-High-Performer-uai-258x335.png>; rel="canonical"
content-length: 16615
expires: Mon, 17 Jan 2022 06:50:16 GMT

GET
H2 200 v2.js Show response
js.hsforms.net/forms/ 565 KB
144 KB 93ms
36ms Script
application/javascript 2606:4700::6811:ba49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/v2.js

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:ba49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

adfaf54621f479fda0fa70f3235cb7e8dc5c30a6b896e5e2c025ea0e8971d06d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 06:50:16 GMT
via: 1.1 126bc2e5c4c1b9ac0ffa004edc6f02c4.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 245
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 06 Jan 2022 04:47:31 UTC
server: cloudflare
etag: W/"49987de4bcbe452bcfd1007cc2d781f9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6IomjT%2BZ6p7r7XNHEyliOB80mk%2FU4AbfNPb5yXkizi6ruHs0tPQAWzZLtYgXxHPKEqx2KyC3HcWOSgKocD1rdLn3yc9ruv5OMtzg%2FdUCPD6X77CVO7wztr6VMWegJ6BEgPdqhtXBpuKINmwD"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: IVTpif2flqawbiKKXO54iMstAlvYfdsT
access-control-allow-origin: *
cache-control: s-maxage=600, max-age=0
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-P1
cf-ray: 6cb3f85bc9f083a0-MXP
x-amz-cf-id: pJYYKa2W51Q8C_iQvVPD9nRW8Ay7RUwAqsq1WNDkBqZvU42J7yFGnA==
x-hs-target-asset: FormsNext/static-5.432/bundles/project_with_deps.js

GET
H2 200 tooltipster.bundle.min.js Show response
149360532.v2.pressablecdn.com/wp-content/plugins/encyclopedia-pro/assets/js/ 39 KB
10 KB 13ms
5ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/plugins/encyclopedia-pro/assets/js/tooltipster.bundle.min.js?ver=4.2.6

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

8250a1bc2682e8826ae3d7647ee94059def19643f0034144c9d8e18cf0629ed0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 10 Jan 2022 06:50:16 GMT
content-encoding: br
last-modified: Mon, 09 Mar 2020 08:30:56 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-ac: 1.hhn _atomic_ams
strict-transport-security: max-age=15552000
link: <http://fraud.net/wp-content/plugins/encyclopedia-pro/assets/js/tooltipster.bundle.min.js>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 tooltips.js Show response
149360532.v2.pressablecdn.com/wp-content/plugins/encyclopedia-pro/assets/js/ 1 KB
738 B 15ms
6ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/plugins/encyclopedia-pro/assets/js/tooltips.js

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

7a5b0199c6fb4de2cc1f6f1b1e69ed74fd456472c187b18e88804bae3f82dfc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 10 Jan 2022 06:50:16 GMT
content-encoding: br
last-modified: Mon, 09 Mar 2020 08:30:56 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-ac: 2.hhn _atomic_ams
strict-transport-security: max-age=15552000
link: <http://fraud.net/wp-content/plugins/encyclopedia-pro/assets/js/tooltips.js>; rel="canonical"
expires: Mon, 17 Jan 2022 06:50:16 GMT

GET
H2 200 / Show response
js.stripe.com/v3/ 270 KB
65 KB 71ms
9ms Script
application/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

d859f7e02c2cc2d708a00728582934623d9af3c79b06e6441e1360244134eedb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 59
x-cache: HIT
content-length: 66315
etag: "5882a81360213d849f9a631bfb8b30ff"
x-request-id: 7372090a-5103-4f8a-bdbb-34a2d272577e
x-served-by: cache-hhn4047-HHN
access-control-allow-origin: *
last-modified: Fri, 07 Jan 2022 17:34:58 GMT
server: Fastly
date: Mon, 10 Jan 2022 06:50:16 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 19

GET
H2 200 accounting.min.js Show response
149360532.v2.pressablecdn.com/wp-content/plugins/stripe/includes/core/assets/js/vendor/ 3 KB
1 KB 15ms
7ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/plugins/stripe/includes/core/assets/js/vendor/accounting.min.js?ver=4.4.0

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

de4945bf8c32247c3570f1945b4af05f3efb440b46c93c18d2f428ae9162c8ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 10 Jan 2022 06:50:16 GMT
content-encoding: br
last-modified: Mon, 20 Dec 2021 14:33:16 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-ac: 1.hhn _atomic_ams
strict-transport-security: max-age=15552000
link: <http://fraud.net/wp-content/plugins/stripe/includes/core/assets/js/vendor/accounting.min.js>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 simpay-public-shared.min.js Show response
149360532.v2.pressablecdn.com/wp-content/plugins/stripe/includes/core/assets/js/ 2 KB
1 KB 15ms
7ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/plugins/stripe/includes/core/assets/js/simpay-public-shared.min.js?ver=4.4.0

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

042743ebddf738d0ff8c888fbdc7412f96323661d5a5c0d9784c445601f9863f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 10 Jan 2022 06:50:16 GMT
content-encoding: br
last-modified: Mon, 20 Dec 2021 14:33:17 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-ac: 1.hhn _atomic_ams
strict-transport-security: max-age=15552000
link: <http://fraud.net/wp-content/plugins/stripe/includes/core/assets/js/simpay-public-shared.min.js>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 underscore.min.js Show response
149360532.v2.pressablecdn.com/wp-includes/js/ 19 KB
8 KB 15ms
7ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-includes/js/underscore.min.js?ver=1.13.1

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

5dacc86b8a64742e60d70192353e5643da219a3f84c0b26cf6116b06b67fff32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 10 Jan 2022 06:50:16 GMT
content-encoding: br
last-modified: Thu, 27 May 2021 19:33:19 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-ac: 2.hhn _atomic_ams
strict-transport-security: max-age=15552000
link: <http://fraud.net/wp-includes/js/underscore.min.js>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wp-util.min.js Show response
149360532.v2.pressablecdn.com/wp-includes/js/ 1 KB
796 B 15ms
7ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-includes/js/wp-util.min.js?ver=8cbf36e5ff3f91a20a87bac1e7d0e980

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

b8e78b48acc08ce31457aff168d6fb2c814d51a8739a97693cdba585d60f5b35

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 10 Jan 2022 06:50:16 GMT
content-encoding: br
last-modified: Fri, 25 Jun 2021 14:50:58 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-ac: 1.hhn _atomic_ams
strict-transport-security: max-age=15552000
link: <http://fraud.net/wp-includes/js/wp-util.min.js>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 backbone.min.js Show response
149360532.v2.pressablecdn.com/wp-includes/js/ 23 KB
8 KB 15ms
7ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-includes/js/backbone.min.js?ver=1.4.0

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

bfa9441fac08fbebcfc65e202a788744aab8e4b1f634eaaf800256dce5012813

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 10 Jan 2022 06:50:16 GMT
content-encoding: br
last-modified: Thu, 18 Mar 2021 17:48:23 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-ac: 1.hhn _atomic_ams
strict-transport-security: max-age=15552000
link: <http://fraud.net/wp-includes/js/backbone.min.js>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 api-request.min.js Show response
149360532.v2.pressablecdn.com/wp-includes/js/ 1 KB
673 B 15ms
7ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-includes/js/api-request.min.js?ver=8cbf36e5ff3f91a20a87bac1e7d0e980

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

243d0318292081b26db69dad7403b07a4f8c302076bad5ff2f51ce135e19390e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 10 Jan 2022 06:50:16 GMT
content-encoding: br
last-modified: Wed, 06 Jan 2021 15:29:24 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-ac: 2.hhn _atomic_ams
strict-transport-security: max-age=15552000
link: <http://fraud.net/wp-includes/js/api-request.min.js>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wp-api.min.js Show response
149360532.v2.pressablecdn.com/wp-includes/js/ 14 KB
4 KB 16ms
8ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-includes/js/wp-api.min.js?ver=8cbf36e5ff3f91a20a87bac1e7d0e980

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

bdd9517fdb9df0b1631029d96536adb3a35cbdef273de0e877411c47af444f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 10 Jan 2022 06:50:16 GMT
content-encoding: br
last-modified: Thu, 18 Mar 2021 17:48:23 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-ac: 1.hhn _atomic_ams
strict-transport-security: max-age=15552000
link: <http://fraud.net/wp-includes/js/wp-api.min.js>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 regenerator-runtime.min.js Show response
149360532.v2.pressablecdn.com/wp-includes/js/dist/vendor/ 6 KB
3 KB 16ms
8ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.7

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

e87a1c5e24f9a7c7dcb437417f0b05b0a3c12947ce32d65c990c988a8b5ed4d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 10 Jan 2022 06:50:16 GMT
content-encoding: br
last-modified: Wed, 23 Jun 2021 00:06:13 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-ac: 1.hhn _atomic_ams
strict-transport-security: max-age=15552000
link: <http://fraud.net/wp-includes/js/dist/vendor/regenerator-runtime.min.js>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wp-polyfill.min.js Show response
149360532.v2.pressablecdn.com/wp-includes/js/dist/vendor/ 16 KB
6 KB 18ms
10ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 10 Jan 2022 06:50:16 GMT
content-encoding: br
last-modified: Mon, 14 Jun 2021 23:18:11 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-ac: 2.hhn _atomic_ams
strict-transport-security: max-age=15552000
link: <http://fraud.net/wp-includes/js/dist/vendor/wp-polyfill.min.js>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 dom-ready.min.js Show response
149360532.v2.pressablecdn.com/wp-includes/js/dist/ 1 KB
693 B 18ms
11ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-includes/js/dist/dom-ready.min.js?ver=71883072590656bf22c74c7b887df3dd

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

e127aead57cd6625f795f8c41d8b7c463c2c50158e3a3dc398424db2b16bd5db

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 10 Jan 2022 06:50:16 GMT
content-encoding: br
last-modified: Thu, 27 May 2021 00:17:06 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-ac: 2.hhn _atomic_ams
strict-transport-security: max-age=15552000
link: <http://fraud.net/wp-includes/js/dist/dom-ready.min.js>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 hooks.min.js Show response
149360532.v2.pressablecdn.com/wp-includes/js/dist/ 5 KB
2 KB 18ms
11ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-includes/js/dist/hooks.min.js?ver=a7edae857aab69d69fa10d5aef23a5de

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

04e6fb814fccce3a0aecb83be0bc24665cf3e6a5e993f296471a63708f63e138

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 10 Jan 2022 06:50:16 GMT
content-encoding: br
last-modified: Thu, 27 May 2021 00:17:06 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-ac: 1.hhn _atomic_ams
strict-transport-security: max-age=15552000
link: <http://fraud.net/wp-includes/js/dist/hooks.min.js>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 i18n.min.js Show response
149360532.v2.pressablecdn.com/wp-includes/js/dist/ 10 KB
4 KB 18ms
11ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-includes/js/dist/i18n.min.js?ver=5f1269854226b4dd90450db411a12b79

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

dceda745a0fb58233a95eff6d10796026df6792cb960cdf675eb7b8a6750a2d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 10 Jan 2022 06:50:16 GMT
content-encoding: br
last-modified: Thu, 27 May 2021 00:17:06 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-ac: 1.hhn _atomic_ams
strict-transport-security: max-age=15552000
link: <http://fraud.net/wp-includes/js/dist/i18n.min.js>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 a11y.min.js Show response
149360532.v2.pressablecdn.com/wp-includes/js/dist/ 3 KB
1 KB 18ms
11ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-includes/js/dist/a11y.min.js?ver=0ac8327cc1c40dcfdf29716affd7ac63

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

edc988f9162131dfa6d20d122013987468254662e7cdbc7565c39a5789edb6ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 10 Jan 2022 06:50:16 GMT
content-encoding: br
last-modified: Thu, 27 May 2021 00:17:06 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-ac: 2.hhn _atomic_ams
strict-transport-security: max-age=15552000
link: <http://fraud.net/wp-includes/js/dist/a11y.min.js>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 simpay-public.min.js Show response
149360532.v2.pressablecdn.com/wp-content/plugins/stripe/includes/core/assets/js/ 39 KB
11 KB 18ms
11ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/plugins/stripe/includes/core/assets/js/simpay-public.min.js?ver=4.4.0

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

d78cfa26ca35c024abf3d952072abeb210d76b2616c23c0892db3f92459911ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 10 Jan 2022 06:50:16 GMT
content-encoding: br
last-modified: Mon, 20 Dec 2021 14:33:17 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-ac: 1.hhn _atomic_ams
strict-transport-security: max-age=15552000
link: <http://fraud.net/wp-content/plugins/stripe/includes/core/assets/js/simpay-public.min.js>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js-cookie.min.js Show response
149360532.v2.pressablecdn.com/wp-content/plugins/uncode-privacy/assets/js/ 3 KB
1 KB 18ms
12ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/plugins/uncode-privacy/assets/js/js-cookie.min.js?ver=2.2.0

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

1b63af7a02c46c6968431dcba892f98a347ad60453f3a6eb801528a1adaf32e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 10 Jan 2022 06:50:16 GMT
content-encoding: br
last-modified: Fri, 03 Dec 2021 12:54:00 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-ac: 2.hhn _atomic_ams
strict-transport-security: max-age=15552000
link: <http://fraud.net/wp-content/plugins/uncode-privacy/assets/js/js-cookie.min.js>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 uncode-privacy-public.min.js Show response
149360532.v2.pressablecdn.com/wp-content/plugins/uncode-privacy/assets/js/ 4 KB
1 KB 18ms
12ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/plugins/uncode-privacy/assets/js/uncode-privacy-public.min.js?ver=2.2.1

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

3ecaf7a3e204b75b122c215abe539ee5e93a5e25fff818a5916760d6f03ea824

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 10 Jan 2022 06:50:16 GMT
content-encoding: br
last-modified: Mon, 20 Dec 2021 14:32:06 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-ac: 1.hhn _atomic_ams
strict-transport-security: max-age=15552000
link: <http://fraud.net/wp-content/plugins/uncode-privacy/assets/js/uncode-privacy-public.min.js>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 mediaelement-and-player.min.js Show response
149360532.v2.pressablecdn.com/wp-includes/js/mediaelement/ 154 KB
38 KB 18ms
12ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.16

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

443ba0af7a7ed827223c7fb3c008c02b9ff1d651b6492e9c270378b07d9f6008

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 10 Jan 2022 06:50:16 GMT
content-encoding: br
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-ac: 2.hhn _atomic_ams
strict-transport-security: max-age=15552000
link: <http://fraud.net/wp-includes/js/mediaelement/mediaelement-and-player.min.js>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 mediaelement-migrate.min.js Show response
149360532.v2.pressablecdn.com/wp-includes/js/mediaelement/ 1 KB
621 B 18ms
12ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=8cbf36e5ff3f91a20a87bac1e7d0e980

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

7f34b768792b90cf0b04fced2470e43d8fab7644f6565d5178fbfb49c4859cee

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 10 Jan 2022 06:50:16 GMT
content-encoding: br
last-modified: Wed, 06 Jan 2021 15:29:24 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-ac: 1.hhn _atomic_ams
strict-transport-security: max-age=15552000
link: <http://fraud.net/wp-includes/js/mediaelement/mediaelement-migrate.min.js>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wp-mediaelement.min.js Show response
149360532.v2.pressablecdn.com/wp-includes/js/mediaelement/ 906 B
566 B 18ms
12ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=8cbf36e5ff3f91a20a87bac1e7d0e980

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

3e6131330963c472b950b8aaf544ba3829735b8ccb103d614ba7793e3a786550

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 10 Jan 2022 06:50:16 GMT
content-encoding: br
last-modified: Wed, 20 Jan 2021 13:35:18 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-ac: 1.hhn _atomic_ams
strict-transport-security: max-age=15552000
link: <http://fraud.net/wp-includes/js/mediaelement/wp-mediaelement.min.js>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 plugins.min.js Show response
149360532.v2.pressablecdn.com/wp-content/themes/uncode/library/js/ 578 KB
160 KB 18ms
12ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/themes/uncode/library/js/plugins.min.js

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

26bb3223df27d9b62025f9e527d9e348f73e77432560c04a1bfc45d449b61c4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 10 Jan 2022 06:50:16 GMT
content-encoding: br
last-modified: Fri, 03 Dec 2021 12:53:14 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-ac: 1.hhn _atomic_ams
strict-transport-security: max-age=15552000
link: <http://fraud.net/wp-content/themes/uncode/library/js/plugins.min.js>; rel="canonical"
expires: Mon, 17 Jan 2022 06:50:16 GMT

GET
H2 200 app.min.js Show response
149360532.v2.pressablecdn.com/wp-content/themes/uncode/library/js/ 175 KB
39 KB 18ms
13ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/themes/uncode/library/js/app.min.js

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

5c4976fe73a786bf224661d57dae28bea5e373d6c2fc8135bdcf51c28f16498b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 10 Jan 2022 06:50:16 GMT
content-encoding: br
last-modified: Fri, 03 Dec 2021 12:53:14 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-ac: 2.hhn _atomic_ams
strict-transport-security: max-age=15552000
link: <http://fraud.net/wp-content/themes/uncode/library/js/app.min.js>; rel="canonical"
expires: Mon, 17 Jan 2022 06:50:16 GMT

GET
H2 200 main.js Show response
149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/static/ 1 KB
605 B 18ms
13ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/static/main.js?ver=1.16.0

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

afb60239152b2ab1e5d44c2376662da21a98e3fe19cebdb891660bfa23bb3d4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 10 Jan 2022 06:50:16 GMT
content-encoding: br
last-modified: Fri, 03 Dec 2021 12:53:23 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-ac: 1.hhn _atomic_ams
strict-transport-security: max-age=15552000
link: <http://fraud.net/wp-content/themes/uncode-for-fraud/static/main.js>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wp-embed.min.js Show response
149360532.v2.pressablecdn.com/wp-includes/js/ 1 KB
793 B 18ms
13ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-includes/js/wp-embed.min.js?ver=8cbf36e5ff3f91a20a87bac1e7d0e980

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 10 Jan 2022 06:50:16 GMT
content-encoding: br
last-modified: Wed, 06 Jan 2021 15:29:24 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-ac: 2.hhn _atomic_ams
strict-transport-security: max-age=15552000
link: <http://fraud.net/wp-includes/js/wp-embed.min.js>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1y4k.woff
fonts.gstatic.com/s/opensans/v27/ 69 KB
70 KB 45ms
8ms Font
font/woff 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1y4k.woff

Requested by

Host: fraud.net
URL: https://fraud.net/wp-content/cache/fvm/min/1641558570-css2426629b2cfb90ac2df568b333c9ae2d96c34d3cd2f04f14388292b25362c.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ba6dbe51aa50e86bff89758bbb0ecb484c2235751b930fbb38ed2bffbc1f24f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fraud.net/
Origin: https://fraud.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 14:02:06 GMT
x-content-type-options: nosniff
age: 492490
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70612
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:48 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 04 Jan 2023 14:02:06 GMT

GET
H2 200 uncode-icons.woff
149360532.v2.pressablecdn.com/wp-content/themes/uncode/library/fonts/ 373 KB
374 KB 33ms
9ms Font
application/font-woff 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/themes/uncode/library/fonts/uncode-icons.woff

Requested by

Host: fraud.net
URL: https://fraud.net/wp-content/cache/fvm/min/1641558570-css3038bff3483d88b1e21cc21310a27b2153d5b8c53fedd9aeb7460d1fbd718.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

59b76a96d782cd0b78b23230e7c44d1773aa8166e3985c96affec9026437aec9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://fraud.net/
Origin: https://fraud.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Mon, 10 Jan 2022 06:50:16 GMT
x-ac: 1.hhn _atomic_ams
last-modified: Fri, 03 Dec 2021 12:53:14 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/themes/uncode/library/fonts/uncode-icons.woff>; rel="canonical"
content-length: 382184
expires: Mon, 17 Jan 2022 06:50:16 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0C4k.woff
fonts.gstatic.com/s/opensans/v27/ 69 KB
69 KB 58ms
21ms Font
font/woff 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0C4k.woff

Requested by

Host: fraud.net
URL: https://fraud.net/wp-content/cache/fvm/min/1641558570-css2426629b2cfb90ac2df568b333c9ae2d96c34d3cd2f04f14388292b25362c.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2e761ea811732b6541a82b3fb15bb5c977a7f16037cae812cc356dd634c2a0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fraud.net/
Origin: https://fraud.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 21:34:25 GMT
x-content-type-options: nosniff
age: 551751
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70772
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:45 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 03 Jan 2023 21:34:25 GMT

GET
H2 200 MicrosoftTeams-image-2-2-uai-258x110.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 32 KB
32 KB 7ms
7ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/MicrosoftTeams-image-2-2-uai-258x110.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

465726c1fc7cd0e6ff5a19fdf03a20d95e13f8e5c255c157df0428e3370cfd99

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 10 Jan 2022 06:50:16 GMT
x-ac: 1.hhn _atomic_ams
last-modified: Fri, 03 Dec 2021 13:09:11 GMT
server: nginx
strict-transport-security: max-age=15552000
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/MicrosoftTeams-image-2-2-uai-258x110.png>; rel="canonical"
content-length: 32700
expires: Mon, 17 Jan 2022 06:50:16 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0C4k.woff
fonts.gstatic.com/s/opensans/v27/ 69 KB
69 KB 26ms
26ms Font
font/woff 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0C4k.woff

Requested by

Host: fraud.net
URL: https://fraud.net/wp-content/cache/fvm/min/1641558570-css2426629b2cfb90ac2df568b333c9ae2d96c34d3cd2f04f14388292b25362c.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d33e109a17c6e6a247120f83770a57802f39f7805cddf6c0cd43ceec7947a21a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fraud.net/
Origin: https://fraud.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 08:34:11 GMT
x-content-type-options: nosniff
age: 339365
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70492
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:45 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 06 Jan 2023 08:34:11 GMT

POST
H2 200 admin-ajax.php Show response
fraud.net/wp-admin/ 280 B
358 B 889ms
888ms XHR
application/json 199.16.172.83
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-admin/admin-ajax.php

Requested by

Host: 149360532.v2.pressablecdn.com
URL: https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/init.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.172.83 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

bf0ba161b0a2ce0c596d6c8a0a2aa4266ee53609f9eb4aa14837faaef0927940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fraud.net/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
x-content-type-options: nosniff
host-header: Pressable
referrer-policy: strict-origin-when-cross-origin
server: nginx
x-frame-options: SAMEORIGIN
date: Mon, 10 Jan 2022 06:50:17 GMT
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://fraud.net
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-ac: 4.ams _atomic_ams
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT

POST
H2 200 admin-ajax.php Show response
fraud.net/wp-admin/ 2 KB
465 B 1042ms
1041ms XHR
application/json 199.16.172.83
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-admin/admin-ajax.php

Requested by

Host: 149360532.v2.pressablecdn.com
URL: https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/init.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.172.83 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

43a1613a216990a619a6c8969185aec5a3774f87fbd1492d7a3c73a4002712ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fraud.net/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
x-content-type-options: nosniff
host-header: Pressable
referrer-policy: strict-origin-when-cross-origin
server: nginx
x-frame-options: SAMEORIGIN
date: Mon, 10 Jan 2022 06:50:17 GMT
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://fraud.net
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-ac: 4.ams _atomic_ams
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1y4k.woff
fonts.gstatic.com/s/opensans/v27/ 67 KB
67 KB 8ms
8ms Font
font/woff 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1y4k.woff

Requested by

Host: fraud.net
URL: https://fraud.net/wp-content/cache/fvm/min/1641558570-css2426629b2cfb90ac2df568b333c9ae2d96c34d3cd2f04f14388292b25362c.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

712c8dce4daa05238ba7b09298254148fe8c2e29228766bf995026b4b43b3651

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fraud.net/
Origin: https://fraud.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 13:47:55 GMT
x-content-type-options: nosniff
age: 234141
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68632
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:47 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 07 Jan 2023 13:47:55 GMT

POST
H2 200 admin-ajax.php Show response
fraud.net/wp-admin/ 266 B
232 B 923ms
922ms XHR
application/json 199.16.172.83
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-admin/admin-ajax.php

Requested by

Host: 149360532.v2.pressablecdn.com
URL: https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/init.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.172.83 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

ec1775536ad468cd80edb990378e706070487a5e5f417e41e9f2d81c2909556a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fraud.net/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
x-content-type-options: nosniff
host-header: Pressable
referrer-policy: strict-origin-when-cross-origin
server: nginx
x-frame-options: SAMEORIGIN
date: Mon, 10 Jan 2022 06:50:17 GMT
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://fraud.net
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-ac: 4.ams _atomic_ams
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 Group-2851-uai-258x81.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 14 KB
14 KB 7ms
7ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Group-2851-uai-258x81.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

8ec10bed3af6096be5743e3e5dce99ea22832a46b86f13e19e68966a52fe63b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 10 Jan 2022 06:50:16 GMT
x-ac: 1.hhn _atomic_ams
last-modified: Fri, 03 Dec 2021 13:09:11 GMT
server: nginx
strict-transport-security: max-age=15552000
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Group-2851-uai-258x81.png>; rel="canonical"
content-length: 14086
expires: Mon, 17 Jan 2022 06:50:16 GMT

GET
H/1.1 200
OK 235637953 Show response
player.vimeo.com/video/ Frame 6623 15 KB
8 KB 392ms
392ms Document
text/html 151.101.64.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/video/235637953?

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.64.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

eeccbabdea759985739ac88f0612fd1c85428e431b13fd9d2d7a8f96ee128a40

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://fonts.googleapis.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://.ci.vimeows.com https://csi.gstatic.com https://fresnel-player-staging.vimeows.com https://fresnel-event-staging.vimeows.com https://player-telemetry.vimeo.com https://.akamaized.net https://.akamaized-staging.net https://.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com https://.wirewax.com https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com; media-src 'self' blob: https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net https://.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net; default-src 'none'; font-src https://edge-assets.wirewax.com https://player.vimeo.com https://fonts.gstatic.com; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com; report-uri /_csp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/

Response headers

Connection: keep-alive
Content-Length: 5095
Server: nginx
Content-Type: text/html; charset=UTF-8
X-Xss-Protection: 1; mode=block
Content-Security-Policy: script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://fonts.googleapis.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel-player-staging.vimeows.com https://fresnel-event-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://*.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com https://*.wirewax.com https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; font-src https://edge-assets.wirewax.com https://player.vimeo.com https://fonts.gstatic.com; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com; report-uri /_csp
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Link: <https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin
P3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
Expires: Fri, 15 Dec 1985 19:30:00 GMT
Via: 1.1 varnish, 1.1 varnish
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-Varnish-Cache: 0
X-VServer: infra-playproxy-b-2
X-Vimeo-DC: ge
Content-Encoding: gzip
Accept-Ranges: bytes
Date: Mon, 10 Jan 2022 06:50:16 GMT
Age: 0
X-Served-By: cache-hhn4041-HHN
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1641797416.427909,VS0,VE386
Vary: Accept-Encoding
X-Player-Backend: p

POST
H2 200 admin-ajax.php Show response
fraud.net/wp-admin/ 1 KB
361 B 857ms
857ms XHR
application/json 199.16.172.83
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-admin/admin-ajax.php

Requested by

Host: 149360532.v2.pressablecdn.com
URL: https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/init.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.172.83 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

ad30c1cf8e54f447b72596dc7cec0147c0b6311e641821ee547a14af3e66d28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fraud.net/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
x-content-type-options: nosniff
host-header: Pressable
referrer-policy: strict-origin-when-cross-origin
server: nginx
x-frame-options: SAMEORIGIN
date: Mon, 10 Jan 2022 06:50:17 GMT
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://fraud.net
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-ac: 4.ams _atomic_ams
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT

POST
H2 200 admin-ajax.php Show response
fraud.net/wp-admin/ 266 B
231 B 891ms
890ms XHR
application/json 199.16.172.83
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-admin/admin-ajax.php

Requested by

Host: 149360532.v2.pressablecdn.com
URL: https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/init.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.172.83 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

b0b68a40558e4971870d6940bf862495d8f91ab85bf4ca6f4980843ee9576d38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fraud.net/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
x-content-type-options: nosniff
host-header: Pressable
referrer-policy: strict-origin-when-cross-origin
server: nginx
x-frame-options: SAMEORIGIN
date: Mon, 10 Jan 2022 06:50:17 GMT
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://fraud.net
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-ac: 4.ams _atomic_ams
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 Group-2859-uai-258x34.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 5 KB
5 KB 9ms
8ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Group-2859-uai-258x34.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

cdbf143856a375cc4f975c8cd17edc52f04ebf0952d96944bf027290fe9ad28e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 10 Jan 2022 06:50:16 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Fri, 03 Dec 2021 13:09:11 GMT
server: nginx
strict-transport-security: max-age=15552000
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Group-2859-uai-258x34.png>; rel="canonical"
content-length: 5270
expires: Mon, 17 Jan 2022 06:50:16 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 29ms
6ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVZ4N9X

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4522
date: Mon, 10 Jan 2022 05:34:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 10 Jan 2022 07:34:54 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 38 KB
15 KB 43ms
19ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVZ4N9X

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e64210bc5df652430818348d474ae4e4339c142d2426a3aaf93d80dff2be5d4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 06:50:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14724
x-xss-protection: 0
server: cafe
etag: 224124413464385116
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 10 Jan 2022 06:50:16 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 5 KB
2 KB 60ms
14ms Script
application/x-javascript 2a02:26f0:6c00::210:ba18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVZ4N9X
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 10 Jan 2022 06:50:16 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Sep 2021 19:17:49 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=21180
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2036

GET
H2 200 bat.js Show response
bat.bing.com/ 36 KB
11 KB 51ms
33ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVZ4N9X
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 06:50:16 GMT
content-encoding: gzip
last-modified: Fri, 03 Dec 2021 01:53:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A4A23B48C18D435F81CF65D4CDA18EF7 Ref B: FRAEDGE1310 Ref C: 2022-01-10T06:50:16Z
etag: "0cb09ee8e7d71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 10468

GET
H2 200 hotjar-2001329.js Show response
static.hotjar.com/c/ 4 KB
2 KB 29ms
10ms Script
application/javascript 13.225.80.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2001329.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVZ4N9X

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.89 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-89.fra2.r.cloudfront.net

Software

Resource Hash

b572ec51d977e38e78d948a9b1a499d8bcb83f4136367521cf300fce6792f336

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 06:49:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 1883
access-control-allow-origin: *
cache-control: max-age=60
etag: W/09ba9484f5854f953975256190999128
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 cc0ab20766d57035422a2c4c69fe0620.cloudfront.net (CloudFront)
x-cache-hit: 1
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: poujmaEEcWezfeftcVaLVZumGwfWmBpssd89_1feW57OWZbLf2ng8A==

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 46 KB
15 KB 61ms
9ms Script
text/javascript 2600:9000:20eb:be00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVZ4N9X
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:be00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e81f9d6c3f99d1c13a914817101b1d502d3ab8d2f0a8366dda70ed2c25c6d8f6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

X-Amz-Version-Id: aWJR4L14W5zuRw5oEsrchczvOFxNdBZA
Content-Encoding: gzip
Etag: W/"374c7836571c698762528c008f16ff7f"
Age: 809
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Vary: Accept-Encoding
Via: 1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
Last-Modified: Wed, 05 Jan 2022 18:54:48 GMT
Server: AmazonS3
Date: Mon, 10 Jan 2022 06:36:52 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA2-C1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: yLWhuqauCyZEb9V9mDqrWAF49eEgmSFlc_PNdrQnsy0Q2p3CYYqKeQ==

GET
H2 200 2113031.js Show response
js.hs-scripts.com/ 2 KB
1020 B 201ms
152ms Script
application/javascript 2606:4700::6811:d5cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/2113031.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVZ4N9X
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:d5cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac5363389926619cf4ade2dda6f1fad90d76496d009d51ba499ae929d7e0e50a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 06:50:16 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: EXPIRED
x-hubspot-correlation-id: ac435581-b48e-4e67-9fc7-52468018ef6f
last-modified: Sun, 09 Jan 2022 18:29:50 GMT
server: cloudflare
x-trace: 2B301912C492DAAF9AE3285D620207510D9B45EC62000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://fraud.net
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 6cb3f85d7a110f52-MXP
expires: Mon, 10 Jan 2022 06:51:16 GMT

GET
H2 200 analytics.js Show response
media.fraud.net/shield/js/v1/ 98 KB
30 KB 60ms
14ms Script
application/javascript 13.224.193.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.fraud.net/shield/js/v1/analytics.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVZ4N9X
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-127.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0f47efcf7e21734e231f323a3d1ecf00c24dee2268687a589042d8de82500dda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 06:50:16 GMT
content-encoding: gzip
last-modified: Thu, 28 Feb 2019 18:42:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: "7479109d61e7cc42fa7496c3a2a11d5e"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 34f50889bc574f1edeb41dd758962a5a.cloudfront.net (CloudFront)
cache-control: max-age=300, no-transform, public
accept-ranges: bytes
content-length: 30572
x-amz-cf-id: O8WaVgY7-j7pnmgAWzo6_b4qUzRhXWF-HLQksSlZqWo4nSQX3X8U2w==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 102 KB
27 KB 24ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c071beeceabb4754bb3115c3079457ba43d83d4137ed1097b282544e90866845

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 26667
x-xss-protection: 0
pragma: public
x-fb-debug: nk+1NtUmKaUwM3od5Nfp3qLBAg6NnJjOxUG5ogFYppbkQ6e+jjlq5RGebOo6vA/J1WsjAdDEiSzqtdfJaWJxBQ==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 10 Jan 2022 06:50:16 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 60e76b46e4c4e9001293ca88 Show response
ws.zoominfo.com/pixel/ 1 KB
1 KB 201ms
174ms Script
text/javascript 2606:4700::6810:a852
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/60e76b46e4c4e9001293ca88

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a852 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

bb3e171bc5d8ff22e18f447e7574678daec73cc1a0e04940a055580295bc9ba0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 06:50:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 6cb3f85d49522c56-FRA
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for
via: 1.1 google

GET
H2 200 Group-2858-uai-258x306.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 139 KB
139 KB 7ms
7ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Group-2858-uai-258x306.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

53327d1c55cd5f6aec4c686f3ba84c17c8fdcea1d62760bb61f3d45ef504566d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 10 Jan 2022 06:50:16 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Fri, 03 Dec 2021 13:09:11 GMT
server: nginx
strict-transport-security: max-age=15552000
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Group-2858-uai-258x306.png>; rel="canonical"
content-length: 142152
expires: Mon, 17 Jan 2022 06:50:16 GMT

POST
H2 200 admin-ajax.php Show response
fraud.net/wp-admin/ 265 B
239 B 959ms
958ms XHR
application/json 199.16.172.83
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-admin/admin-ajax.php

Requested by

Host: 149360532.v2.pressablecdn.com
URL: https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/init.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.172.83 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

9127552b155071e4a28d3006c9ddf212df99dac2a1042ad9a226c28002d8d4de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fraud.net/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
x-content-type-options: nosniff
host-header: Pressable
referrer-policy: strict-origin-when-cross-origin
server: nginx
x-frame-options: SAMEORIGIN
date: Mon, 10 Jan 2022 06:50:17 GMT
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://fraud.net
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-ac: 4.ams _atomic_ams
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT

POST
H2 200 admin-ajax.php Show response
fraud.net/wp-admin/ 296 B
259 B 849ms
849ms XHR
application/json 199.16.172.83
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-admin/admin-ajax.php

Requested by

Host: 149360532.v2.pressablecdn.com
URL: https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/init.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.172.83 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

5b02717518ca02258b2e6f6420745033c2ce3202694783fc08861a37b43d4e8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fraud.net/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
x-content-type-options: nosniff
host-header: Pressable
referrer-policy: strict-origin-when-cross-origin
server: nginx
x-frame-options: SAMEORIGIN
date: Mon, 10 Jan 2022 06:50:17 GMT
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://fraud.net
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-ac: 4.ams _atomic_ams
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT

POST
H2 200 admin-ajax.php Show response
fraud.net/wp-admin/ 266 B
233 B 964ms
964ms XHR
application/json 199.16.172.83
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-admin/admin-ajax.php

Requested by

Host: 149360532.v2.pressablecdn.com
URL: https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/init.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.172.83 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

0990ab76e0b0b56703fddd6a5ff8d7a0fd346cc39daa893b7690751bf449fb81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fraud.net/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
x-content-type-options: nosniff
host-header: Pressable
referrer-policy: strict-origin-when-cross-origin
server: nginx
x-frame-options: SAMEORIGIN
date: Mon, 10 Jan 2022 06:50:17 GMT
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://fraud.net
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-ac: 4.ams _atomic_ams
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT

POST
H2 200 admin-ajax.php Show response
fraud.net/wp-admin/ 266 B
232 B 955ms
955ms XHR
application/json 199.16.172.83
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-admin/admin-ajax.php

Requested by

Host: 149360532.v2.pressablecdn.com
URL: https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/init.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.172.83 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

75303914ac67157fa5b828cae7b782b84da5734f33fde9fdb163613c368f89a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fraud.net/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
x-content-type-options: nosniff
host-header: Pressable
referrer-policy: strict-origin-when-cross-origin
server: nginx
x-frame-options: SAMEORIGIN
date: Mon, 10 Jan 2022 06:50:17 GMT
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://fraud.net
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-ac: 4.ams _atomic_ams
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4f3d35c6c4f11dcb2d162feb950a605448fa97de5c9b8d58109ef52eb167d566

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Group-2854-uai-258x74.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 21 KB
21 KB 7ms
6ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Group-2854-uai-258x74.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

97894d5d517bdace45e5737e6288178fe70c289d2b8e326ac82f3fa88ec92c58

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 10 Jan 2022 06:50:16 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Fri, 03 Dec 2021 13:09:12 GMT
server: nginx
strict-transport-security: max-age=15552000
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Group-2854-uai-258x74.png>; rel="canonical"
content-length: 21518
expires: Mon, 17 Jan 2022 06:50:16 GMT

POST
H2 200 admin-ajax.php Show response
fraud.net/wp-admin/ 2 KB
466 B 953ms
953ms XHR
application/json 199.16.172.83
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-admin/admin-ajax.php

Requested by

Host: 149360532.v2.pressablecdn.com
URL: https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/init.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.172.83 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

d869d1f8a92019c18d9844d7b102c1710caf1776ccb360b2e1ab71a2554a1a35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fraud.net/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
x-content-type-options: nosniff
host-header: Pressable
referrer-policy: strict-origin-when-cross-origin
server: nginx
x-frame-options: SAMEORIGIN
date: Mon, 10 Jan 2022 06:50:17 GMT
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://fraud.net
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-ac: 4.ams _atomic_ams
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT

POST
H2 200 admin-ajax.php Show response
fraud.net/wp-admin/ 282 B
244 B 915ms
914ms XHR
application/json 199.16.172.83
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-admin/admin-ajax.php

Requested by

Host: 149360532.v2.pressablecdn.com
URL: https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/init.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.172.83 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

fc09f7bc556c6c39c27d4e416e2ef674150fb7e4387b2f8edd4885794f1c29ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fraud.net/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
x-content-type-options: nosniff
host-header: Pressable
referrer-policy: strict-origin-when-cross-origin
server: nginx
x-frame-options: SAMEORIGIN
date: Mon, 10 Jan 2022 06:50:17 GMT
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://fraud.net
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-ac: 4.ams _atomic_ams
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 Group-2851@2x-uai-258x81.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 14 KB
14 KB 7ms
6ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Group-2851@2x-uai-258x81.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

d23369096b16514e42ec85aa9495bebeed9569aee7d01e2feb52c2fff4e626b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 10 Jan 2022 06:50:16 GMT
x-ac: 1.hhn _atomic_ams
last-modified: Fri, 03 Dec 2021 13:09:12 GMT
server: nginx
strict-transport-security: max-age=15552000
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Group-2851@2x-uai-258x81.png>; rel="canonical"
content-length: 14643
expires: Mon, 17 Jan 2022 06:50:16 GMT

GET
H2 200 modules.2cec256bd961a22ae708.js Show response
script.hotjar.com/ 227 KB
60 KB 25ms
8ms Script
application/javascript 13.224.193.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.2cec256bd961a22ae708.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2001329.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-121.fra2.r.cloudfront.net

Software

Resource Hash

ea2f014468a380dc5df1c1d3d7cf09a9202ac27b502b2e4c35d3c8b92a0d5dfe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 16:23:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 311230
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 60962
access-control-allow-origin: *
last-modified: Thu, 06 Jan 2022 16:22:19 GMT
etag: "fec35cd2e9a39968eda98ed1f6a8493e"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: uIqoUOVsezD3JcgycetpGk01zzhQB4VMXhcRKIFuWN-lRF-wV5WZzw==

GET
H2 200 fraud-dot-net-background-dots-bottom-sm-uai-258x194.jpg
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2018/10/ 7 KB
7 KB 7ms
7ms Image
image/jpeg 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2018/10/fraud-dot-net-background-dots-bottom-sm-uai-258x194.jpg

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

be5349d4081fecf915783ec56264da71a51dc0e8171fd4556d1c7ea43ba1ba30

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 10 Jan 2022 06:50:16 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Fri, 03 Dec 2021 13:08:55 GMT
server: nginx
strict-transport-security: max-age=15552000
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2018/10/fraud-dot-net-background-dots-bottom-sm-uai-258x194.jpg>; rel="canonical"
content-length: 7103
expires: Mon, 17 Jan 2022 06:50:16 GMT

GET
H3 200 js Show response
www.google-analytics.com/gtm/ 97 KB
37 KB 33ms
18ms Script
application/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-PGJR3MN&t=gtm4&cid=1061495219.1641797417

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0d91e64b56363e060206c692f026f1bbca8a92ac351033b8085d6292f1627e21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 06:50:16 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38336
x-xss-protection: 0
expires: Mon, 10 Jan 2022 06:50:16 GMT

GET
H3 200 1567786626743241 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 64ms
55ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1567786626743241?v=next&r=canary

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

961c5ca2275ba5b14cc932fcdcd7936c29a42da99f25a09f626cf511d8f58193

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: FOF0tFct0r9wlk5y4LwXnLbsGL4YJYLPzwCeKwHYemHSuCTLPXvP+Z66AiAy/6IvdE8RQ/KQuiUTkTFY3e006w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 10 Jan 2022 06:50:16 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/998743206/ 2 KB
2 KB 41ms
18ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/998743206/?random=1641797416605&cv=9&fst=1641797416605&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg150&sendb=1&ig=1&frm=0&url=https%3A%2F%2Ffraud.net%2F&tiba=Fraud.net%20%7C%20AI%20Fraud%20Detection%20and%20Prevention%20for%20Enterprises&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b8f5e4bb4a9f2e6924a3092c4f7e40524b22c31575a38dbbbed2b25b56f6d68f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 06:50:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1027
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 e7da54a7-2f38-4f6a-9f57-178fe485ef3c Show response
forms.hsforms.com/embed/v3/form/2113031/ 4 KB
2 KB 182ms
135ms Script
application/javascript 2606:4700::6810:5805
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/2113031/e7da54a7-2f38-4f6a-9f57-178fe485ef3c?callback=hs_reqwest_0&hutk=

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5805 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7da0b6a7d383ffe63de53bea69cc7a1239ae8f4c2c9e43431eedcca5cd585074

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 06:50:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-hubspot-correlation-id: 9091d79c-3f43-4cb8-919c-4728f170dcca
cf-ray: 6cb3f85e681a3749-MXP
content-disposition: attachment; filename=no-rfd.txt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare
x-trace: 2B54C8D1B4BCDA25386F0BE7923336778F724948AF000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none

POST
H2 200 admin-ajax.php Show response
fraud.net/wp-admin/ 296 B
253 B 864ms
864ms XHR
application/json 199.16.172.83
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-admin/admin-ajax.php

Requested by

Host: 149360532.v2.pressablecdn.com
URL: https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/init.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.172.83 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

7484caa5b2b7861e7425f4ee65a91b814b1fa699c56cbfd0d787e2622631cf11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fraud.net/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
x-content-type-options: nosniff
host-header: Pressable
referrer-policy: strict-origin-when-cross-origin
server: nginx
x-frame-options: SAMEORIGIN
date: Mon, 10 Jan 2022 06:50:17 GMT
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://fraud.net
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-ac: 4.ams _atomic_ams
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=186217&time=1641797416652&url=https%3A%2F%2Ffraud.net%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D186217%26time%3D1641797416652%26url%3Dhttps%253A%252F%252Ffraud.net%252F%26liSync...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=186217&time=1641797416652&url=https%3A%2F%2Ffraud.net%2F&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=186217&time=1641797416652&url=https%3A%2F%2Ffraud.net%2F&liSync=true&e_ipv6=AQKGQO4P_wAysQAAAX5CwHiHmPuys8McDRs13B2XpSOOMxfAXoTwORMlpHVaayDTpiPXH...

0
155 B

330ms
126ms

Image
application/javascript

108.174.10.14
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=186217&time=1641797416652&url=https%3A%2F%2Ffraud.net%2F&liSync=true&e_ipv6=AQKGQO4P_wAysQAAAX5CwHiHmPuys8McDRs13B2XpSOOMxfAXoTwORMlpHVaayDTpiPXHnuPQQ
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: H2
Server: 108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS: 108-174-10-14.fwd.linkedin.com
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 06:50:17 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-proto: http/2
x-li-pop: prod-lva1
content-type: application/javascript
content-length: 0
x-li-uuid: oO/sew3WyBYgw0Xd2ioAAA==

Redirect headers

date: Mon, 10 Jan 2022 06:50:17 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: B0AEF9F38B2E4DAFB5A8399493568DF6 Ref B: FRAEDGE1109 Ref C: 2022-01-10T06:50:17Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=186217&time=1641797416652&url=https%3A%2F%2Ffraud.net%2F&liSync=true&e_ipv6=AQKGQO4P_wAysQAAAX5CwHiHmPuys8McDRs13B2XpSOOMxfAXoTwORMlpHVaayDTpiPXHnuPQQ
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXVNL/Wl35gMXERxsaCxg==

GET
H2 200 / Show response
fraud.net/wp-json/wp/v2/ 164 KB
8 KB 142ms
142ms XHR
application/json 199.16.172.83
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-json/wp/v2/

Requested by

Host: 149360532.v2.pressablecdn.com
URL: https://149360532.v2.pressablecdn.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.172.83 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

33d5e69839694f93e8b2837ccc78240af393ea4f5060e1597daf67e2b8567ed3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://fraud.net/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nananana: Batcache-Hit
strict-transport-security: max-age=31536000
content-encoding: br
x-content-type-options: nosniff
host-header: Pressable
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
allow: GET
last-modified: Mon, 10 Jan 2022 06:45:23 GMT
server: nginx
date: Mon, 10 Jan 2022 06:50:16 GMT
vary: Accept-Encoding, Cookie, Origin
content-type: application/json; charset=UTF-8
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
cache-control: max-age=7, must-revalidate
access-control-allow-credentials: false
x-ac: 4.ams _atomic_ams
x-robots-tag: noindex
link: <https://fraud.net/wp-json/>; rel="https://api.w.org/"

GET
H/1.1 200
OK track.js Show response
secure.gaug.es/ 4 KB
4 KB 405ms
97ms Script
application/javascript 54.172.53.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gaug.es/track.js
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.172.53.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-172-53-5.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: df2698e6cf74ed890afa92da10051f880df2ce0b3257b73c5d9ae2f6bea82d3c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 10 Jan 2022 06:50:17 GMT
Last-Modified: Wed, 15 Dec 2021 05:45:49 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "61b9810d-ef5"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3829

GET
H2 200 m-outer-fd3c67f2efa9f22f2ecd16b13f2a7fb3.html Show response
js.stripe.com/v3/ Frame 5255 240 B
514 B 7ms
6ms Document
text/html 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-fd3c67f2efa9f22f2ecd16b13f2a7fb3.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f5b3f1b9deff0b138c2506741a71c40f93ac85a02d45f017eac6fb92b3ff5b50

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/

Response headers

last-modified: Thu, 23 Dec 2021 18:50:06 GMT
etag: "fd3c67f2efa9f22f2ecd16b13f2a7fb3"
content-type: text/html; charset=utf-8
content-security-policy: default-src 'self'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
server: Fastly
content-encoding: br
accept-ranges: bytes
date: Mon, 10 Jan 2022 06:50:16 GMT
via: 1.1 varnish
age: 35
x-request-id: c28da035-f01a-446b-9858-cebef1fc0730
x-served-by: cache-hhn4047-HHN
x-cache: HIT
x-cache-hits: 47
vary: Accept-Encoding
timing-allow-origin: *
cache-control: max-age=60
content-length: 140

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/exp/
Redirect Chain

https://s.adroll.com/j/exp/HVT2SOYWOBESJB535C7MUS/index.js
https://s.adroll.com/j/exp/index.js

28 B
761 B

10ms
9ms

Script
application/javascript

2600:9000:20eb:be00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: HTTP/1.1
Server: 2600:9000:20eb:be00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

X-Amz-Version-Id: VxC0v7SN4NsT_sJxZYoy27yA4ALlRfhC
Via: 1.1 0b9e85cfe8fe19b385db56d32b4ce802.cloudfront.net (CloudFront)
Etag: "5816cced8568d223aa09d889f300692b"
Age: 42073
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 28
Last-Modified: Mon, 18 Oct 2021 21:07:54 GMT
Server: AmazonS3
Date: Mon, 10 Jan 2022 01:30:38 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: dRfoLQLz8XY_0nrbKWmKYj52kuLROrRpA6MgoBLy1AqGOqfO2eThKA==

Redirect headers

Date: Sun, 09 Jan 2022 07:29:11 GMT
Via: 1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
Age: 84065
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA2-C1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: UojUSYXhe3RD4Cr_n8kwHwp7gNjOPeDB2Mb7T12vrPOPwO8qgpddpg==

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/pre/
Redirect Chain

https://s.adroll.com/j/pre/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM/fpconsent.js
https://s.adroll.com/j/pre/index.js

0
732 B

8ms
8ms

Script
application/javascript

2600:9000:20eb:be00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/index.js
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: HTTP/1.1
Server: 2600:9000:20eb:be00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

X-Amz-Version-Id: nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Via: 1.1 0b9e85cfe8fe19b385db56d32b4ce802.cloudfront.net (CloudFront)
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Age: 66201
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Wed, 15 Jan 2020 23:54:18 GMT
Server: AmazonS3
Date: Mon, 10 Jan 2022 01:38:35 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: fs1s4zeGkB89x5iP3MD18LGUzJkgyCZCo9TIZ2IIvIPFlRRfKH0JQg==

Redirect headers

Date: Sun, 09 Jan 2022 07:29:13 GMT
Via: 1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
Age: 84062
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Location: https://s.adroll.com/j/pre/index.js
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA2-C1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: ivhbod7--EgUEglrZJtZaCzEsq30KLLLMrlvGXPQ8IxdILP1jbdqEg==

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM/ 0
783 B 31ms
16ms Script
text/javascript 2600:9000:20eb:be00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:be00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

X-Amz-Version-Id: jwit3WKDHC_wEtASyp0WCYWCsyAT4JUo
Via: 1.1 0b9e85cfe8fe19b385db56d32b4ce802.cloudfront.net (CloudFront)
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Age: 17
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Mon, 10 Jan 2022 00:21:37 GMT
Server: AmazonS3
Date: Mon, 10 Jan 2022 06:50:00 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: VVlEuUQmUXt3oY-hwK8_GN-wyMvebQwZWRxdvWHnH0UDzKRUevE83Q==

POST
H/1.1 204
No Content _csp
player.vimeo.com/ Frame 6623 0
888 B 154ms
153ms Other
text/html 151.101.64.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/_csp

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.64.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' https://f.vimeocdn.com; style-src 'self' https://f.vimeocdn.com; img-src 'self' https://i.vimeocdn.com https://f.vimeocdn.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://player.vimeo.com/video/235637953?
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/csp-report

Response headers

Content-Security-Policy: default-src 'self'; script-src 'self' https://f.vimeocdn.com; style-src 'self' https://f.vimeocdn.com; img-src 'self' https://i.vimeocdn.com https://f.vimeocdn.com
Via: 1.1 varnish
X-Content-Type-Options: nosniff
X-Cache: MISS
P3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
X-Host: player-v947-szcrg
Connection: keep-alive
Vary: Accept-Encoding
X-Xss-Protection: 1; mode=block
X-Served-By: cache-hhn4041-HHN
X-Vimeo-DC: ge
X-Player-Backend: p
Server: nginx
X-Timer: S1641797417.859179,VS0,VE147
Date: Mon, 10 Jan 2022 06:50:17 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: text/html; charset=UTF-8
Expires: Fri, 15 Dec 1985 19:30:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Accept-Ranges: bytes
X-Cache-Hits: 0

GET
H2 200 4000327.js Show response
bat.bing.com/p/action/ 683 B
737 B 160ms
159ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/4000327.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 294c081f8e7d951821883538a40755fda7f328b0eeedd2633ce3511f8690cb28

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 06:50:16 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 66E5F5ADDC4140FDA983013B121E2C3D Ref B: FRAEDGE1310 Ref C: 2022-01-10T06:50:16Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store,no-cache
content-length: 586

GET
H2 204 0
bat.bing.com/action/ 0
149 B 31ms
30ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=4000327&tm=gtm002&Ver=2&mid=f3d71bb4-f1f2-4db0-b944-9d23fe749a10&sid=91c179e071e111ec8e9f9569c86b7308&vid=91c195d071e111ecb6fcc1eed51aa0ce&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Fraud.net%20%7C%20AI%20Fraud%20Detection%20and%20Prevention%20for%20Enterprises&p=https%3A%2F%2Ffraud.net%2F&r=&lt=2094&evt=pageLoad&msclkid=N&sv=1&rn=196548
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 06:50:16 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4DBBE9F74E1040C9A945498642285A80 Ref B: FRAEDGE1310 Ref C: 2022-01-10T06:50:16Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame 5255 0
347 B 489ms
158ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://q.stripe.com/csp-report
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 10 Jan 2022 06:50:17 GMT
server: nginx
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
x-envoy-upstream-service-time: 0
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
content-length: 0

GET
H2 200 box-a1ae2079824d1c48aa9ce06efb256f18.html Show response
vars.hotjar.com/ Frame 96CA 2 KB
1 KB 26ms
7ms Document
text/html 13.224.193.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-a1ae2079824d1c48aa9ce06efb256f18.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2001329.js?sv=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-91.fra2.r.cloudfront.net
Software: /
Resource Hash: d39c7ff4103007338040282460b2eb0e5adadd9fb80f986fb4c8a3d41785a6ca

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/

Response headers

content-type: text/html
content-length: 1044
date: Thu, 02 Dec 2021 15:53:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "6215abf691a11c2f451680e635d30daa"
last-modified: Thu, 02 Dec 2021 15:52:57 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 24c299c0a6423c6f96984a85fb014108.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: gh2MXBsDInAvmUMaM5GYCJvQQbbjCM6vsFmCggxNOm-d5Vl8kebrgg==
age: 3337030

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 82 KB
26 KB 70ms
32ms Script
application/javascript 2606:4700::6811:82ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hscollectedforms.net/collectedforms.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2113031.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:82ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23d1cb06ace0ff3e399d3c53bb02c3a8c386cd97dc01081b376c34785c92e4f3

Request headers

Referer: https://fraud.net/
Origin: https://fraud.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 06:50:16 GMT
via: 1.1 349b149961d8d2361c29d4be4b5847f2.cloudfront.net (CloudFront)
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
age: 46551
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.260/bundles/project.js&cfRay=6caf87dd2fe25386-IAD
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-encoding: br
cf-ray: 6cb3f85fdf4be8eb-MXP
last-modified: Tue, 07 Dec 2021 01:47:22 UTC
server: cloudflare
etag: W/"6a87c3fbb201ae0e1e27682863544b27"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: MgiHycm2IQFcF7nscbJ1l6RorgU5R2aj
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=0
x-hs-cache-status: MISS
x-amz-cf-pop: IAD89-P1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: fGGQpIe43e5CNyxRjkwpUOFs-qJ2DS98FMqDvHkoJskHbNsXd_nROg==
x-hs-target-asset: collected-forms-embed-js/static-1.260/bundles/project.js

GET
H2 200 2113031.js Show response
js.hs-banner.com/ 60 KB
16 KB 54ms
25ms Script
text/javascript 2606:4700::6812:15bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/2113031.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2113031.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:15bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8545132e3cb981a9964c4773891ee0e1b9c9eee72ca40f462f560350659e0f47

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 06:50:16 GMT
content-encoding: br
cf-cache-status: HIT
age: 18
x-amz-server-side-encryption: AES256
content-type: text/javascript; charset=UTF-8
access-control-max-age: 604800
x-amz-request-id: VN6GA64Q3K378G07
x-amz-id-2: x/14PZtP0vVOSXkGs1qrDEZSEBwskPXs6rQm+wjHt04mtHWGmVtHirrE/5ZuOksPhzhEm72FQEI=
timing-allow-origin: *
last-modified: Fri, 03 Sep 2021 19:33:30 GMT
server: cloudflare
etag: W/"c6647e2c475af6bc267046354ffa7130"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id: 0hGZDI5oR1pywfmwaym.IUhzsddqfp06
access-control-allow-origin: https://fraud.net
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
cf-ray: 6cb3f85fcc765b3e-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Mon, 10 Jan 2022 06:54:58 GMT

GET
H2 200 2113031.js Show response
js.hs-analytics.net/analytics/1641797400000/ 62 KB
20 KB 186ms
158ms Script
text/javascript 2606:4700::6811:46b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1641797400000/2113031.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2113031.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:46b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6430c91bc6bd0be0fcd4c34882f762b4267625d738b0ad19c77ae5a20d368b3e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 06:50:17 GMT
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: PW29NSMY9EQCN6K6
x-amz-server-side-encryption: AES256
cf-ray: 6cb3f85fbd368be7-FRA
x-amz-id-2: fhkjTGaDWHeactglNJBRwT0LxUPvQK6FEe88ISuwItXo+8bFF1cafUrjKPdHEKF1LOXna55Sx0Y=
last-modified: Mon, 19 Jul 2021 14:20:15 GMT
server: cloudflare
etag: W/"57624c3065379878b363a9b35b9fa184"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: max-age=300, public
access-control-allow-credentials: false
content-type: text/javascript
expires: Mon, 10 Jan 2022 06:55:17 GMT

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 80 KB
21 KB 78ms
30ms Script
application/javascript 2606:4700::6811:edcc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.usemessages.com/conversations-embed.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2113031.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:edcc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2aa1a9367c26524b108fea96ec61c982bc0948904192959e26e8871479046551

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 06:50:16 GMT
via: 1.1 5148e372b4ab17878741ea92be548472.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 455
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-embed/static-1.9535/bundles/project.js&cfRay=6cb3ed3fa8ca59a7-IAD
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
last-modified: Fri, 07 Jan 2022 07:06:18 UTC
server: cloudflare
etag: W/"952a1e374efcf8d00457d0d23d58c968"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: ll3fFO8ZaGn_KIEP5aa9gQO28br5bcxF
cache-control: max-age=600
x-hs-cache-status: EXPIRED
x-amz-cf-pop: IAD89-P1
cf-ray: 6cb3f85feb3a83be-MXP
x-amz-cf-id: 68yS7CcxivMrzy62E_zH1ketKokFMtUg3g1Au5tSNqT3_WA2wgheOg==
x-hs-target-asset: conversations-embed/static-1.9535/bundles/project.js

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 537 KB
87 KB 82ms
35ms Script
application/javascript 2606:4700::6811:eacc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsleadflows.net/leadflows.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2113031.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:eacc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb54934c45f4c74ce2c3d2cc7b8b08b49b5c75d1dc0a64dd5071bf2b452c69ea

Request headers

Referer: https://fraud.net/
Origin: https://fraud.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 06:50:16 GMT
via: 1.1 5e1f849553b1d58615d0d8f7c044078e.cloudfront.net (CloudFront)
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
age: 32797
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=lead-flows-js/static-1.1066/bundle/main/lead-flows-release.js&cfRay=6cb0d7a8acb683b2-IAD
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-encoding: br
cf-ray: 6cb3f85fec0f59dd-MXP
last-modified: Fri, 10 Dec 2021 01:08:50 UTC
server: cloudflare
etag: W/"a20da5f3327ff62c3dfbc71571e4fc6d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: L5EK4Wtvn0GVRD3yODp9CC_dzIEEuKk.
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=0
x-hs-cache-status: MISS
x-amz-cf-pop: IAD89-P1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: a3ZpVPC6yEwAnKKOXHvvPcT9vxsTKbdtx8FyxXaj-wQbzPda93PQ5Q==
x-hs-target-asset: lead-flows-js/static-1.1066/bundle/main/lead-flows-release.js

OPTIONS
H2 200 tp2
device.fraud.net/com.snowplowanalytics.snowplow/ Frame 0
0 319ms
97ms Preflight 52.70.137.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://device.fraud.net/com.snowplowanalytics.snowplow/tp2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.137.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-137-221.compute-1.amazonaws.com
Software: akka-http/10.2.7 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://fraud.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 10 Jan 2022 06:50:17 GMT
content-length: 0
access-control-allow-origin: https://fraud.net
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-max-age: 5
server: akka-http/10.2.7

POST
H2 200 tp2 Show response
device.fraud.net/com.snowplowanalytics.snowplow/ 2 B
331 B 294ms
98ms XHR
text/plain 52.70.137.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://device.fraud.net/com.snowplowanalytics.snowplow/tp2
Requested by: Host: media.fraud.net
URL: https://media.fraud.net/shield/js/v1/analytics.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.137.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-137-221.compute-1.amazonaws.com
Software: akka-http/10.2.7 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://fraud.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

access-control-allow-origin: https://fraud.net
date: Mon, 10 Jan 2022 06:50:17 GMT
access-control-allow-credentials: true
server: akka-http/10.2.7
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
content-length: 2
content-type: text/plain; charset=UTF-8

GET
H2 200 /
www.facebook.com/tr/ 44 B
406 B 22ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1567786626743241&ev=PageView&dl=https%3A%2F%2Ffraud.net%2F&rl=&if=false&ts=1641797416912&sw=1600&sh=1200&v=next&r=canary&ec=0&o=30&ttf=2181.5&tts=1865.3999996185303&ttse=2180.199998855591&fbp=fb.1.1641797416911.688582531&it=1641797416598&coo=false&rqm=GET

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 06:50:16 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Mon, 10 Jan 2022 06:50:16 GMT

GET
H2 200 m-outer-35486fb0f96ff904df60da905ccd0cda.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 5255 1 KB
774 B 8ms
7ms Script
application/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-35486fb0f96ff904df60da905ccd0cda.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-fd3c67f2efa9f22f2ecd16b13f2a7fb3.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

6b5402ff8932ed835d39a31b75c6bc737a80f6ddcd6269a1fa53556485ca3ad8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-fd3c67f2efa9f22f2ecd16b13f2a7fb3.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 29
x-cache: HIT
content-length: 645
etag: "5213886b88cd72e6d0aebc89868e5d13"
x-request-id: 5e65169d-57d6-4371-a04f-fc5a6b562c0f
x-served-by: cache-hhn4047-HHN
access-control-allow-origin: *
last-modified: Thu, 23 Dec 2021 18:49:59 GMT
server: Fastly
date: Mon, 10 Jan 2022 06:50:16 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 37

GET
H2 200 /
www.google.com/pagead/1p-user-list/998743206/ 42 B
548 B 43ms
20ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/998743206/?random=1641797416605&cv=9&fst=1641794400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg150&sendb=1&frm=0&url=https%3A%2F%2Ffraud.net%2F&tiba=Fraud.net%20%7C%20AI%20Fraud%20Detection%20and%20Prevention%20for%20Enterprises&async=1&fmt=3&is_vtc=1&random=1381107556&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 06:50:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/998743206/ 42 B
548 B 40ms
18ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/998743206/?random=1641797416605&cv=9&fst=1641794400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg150&sendb=1&frm=0&url=https%3A%2F%2Ffraud.net%2F&tiba=Fraud.net%20%7C%20AI%20Fraud%20Detection%20and%20Prevention%20for%20Enterprises&async=1&fmt=3&is_vtc=1&random=1381107556&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 06:50:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 761269575-6c5f8c54d48457c4a582eb93d22363f05ec10d47e9829dffd8598b02a20ddb61-d.jpg
i.vimeocdn.com/video/ Frame 6623 2 KB
2 KB 35ms
7ms Image
image/jpeg 151.101.114.109
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/761269575-6c5f8c54d48457c4a582eb93d22363f05ec10d47e9829dffd8598b02a20ddb61-d.jpg?mw=80&q=85
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/235637953?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cb39bcc4746538b77cf5c6bae6378d52a1d81b240a9c39472439733871c04106

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 06:50:16 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 840233
x-viewmaster-lossless-format: false
x-cache: miss, HIT, HIT
x-backend-server: varnish
content-length: 1661
viewmaster-server: viewmaster-us-central1-469t
x-served-by: cache-dfw18657-DFW, cache-hhn4022-HHN
x-timer: S1641797417.972598,VS0,VE1
etag: ec9eb928a8e7f27b07d9960eb3beee91
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 player.de-DE.js Show response
f.vimeocdn.com/p/3.48.2/js/ Frame 6623 699 KB
164 KB 40ms
8ms Script
application/javascript 151.101.114.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/3.48.2/js/player.de-DE.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/235637953?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: fd3b63d368fb079d73b139c458df9f915996bcab6489b9a071a18d74928acc22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 06:50:16 GMT
via: 1.1 varnish, 1.1 varnish
age: 215924
x-guploader-uploadid: ADPycduz5oA5Y4QhuHHXO8nXbpiBCPd60WZ7w1F_TJc5ubYe41rXMTUxt9-3pYoxishX_DvQOF5rmroSwgpelFwX4Ng1pKc7Ig
x-cache: MISS, HIT
content-encoding: br
content-length: 167311
x-served-by: cache-iad-kcgs7200049-IAD, cache-hhn4034-HHN
last-modified: Fri, 07 Jan 2022 18:35:13 GMT
server: UploadServer
x-timer: S1641797417.979137,VS0,VE0
etag: "2a0278ca1d186eb9fd20b29dd10083e2"
vary: Accept-Encoding,x-http-method-override
content-type: application/javascript
cache-control: max-age=1209600
accept-ranges: bytes
x-cache-hits: 0, 58734

GET
H2 200 player.css
f.vimeocdn.com/p/3.48.2/css/ Frame 6623 198 KB
19 KB 38ms
6ms Stylesheet
text/css 151.101.114.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/3.48.2/css/player.css
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/235637953?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 93e7d369cf4bf71c225abafa2d0654fecd5e89c8fe0c187fc0ef903b0c3af222

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 06:50:16 GMT
via: 1.1 varnish, 1.1 varnish
age: 215925
x-guploader-uploadid: ADPycdvvt_TOzAxiGPBHBMIJ7ANoPPi-dhSk-7VKpyRWEcmiaHPBvOH0cbqVx5g0vnQTrWrRUAYjVmJ13dsiZZHGTT0
x-cache: MISS, HIT
content-encoding: br
content-length: 19518
x-served-by: cache-iad-kcgs7200163-IAD, cache-hhn4034-HHN
last-modified: Fri, 07 Jan 2022 18:35:15 GMT
server: UploadServer
x-timer: S1641797417.979064,VS0,VE0
etag: "75e1ad46dfd07a3d794f46eb0a3999d9"
vary: Accept-Encoding,x-http-method-override
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
x-cache-hits: 0, 196029

GET
H2 200 vuid.min.js Show response
f.vimeocdn.com/js_opt/modules/utils/ Frame 6623 3 KB
1 KB 39ms
8ms Script
text/javascript 151.101.114.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/235637953?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: d7d00e88ba46fbfafd5c03c54553c1146fd850e7128fc85ae6d6e52b171837f4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 06:50:16 GMT
content-encoding: gzip
age: 8812105
x-cache: HIT, HIT
content-length: 1238
x-served-by: cache-bwi5125-BWI, cache-hhn4034-HHN
last-modified: Thu, 30 Sep 2021 05:42:18 GMT
server: Apache
cache-control: max-age=315360000
x-timer: S1641797417.979176,VS0,VE0
etag: "a68-5cd2fe8e48280-gzip"
vary: Accept-Encoding,x-http-method-override
content-type: text/javascript; charset=utf-8
via: 1.1 varnish, 1.1 varnish
expires: Sun, 28 Sep 2031 07:01:52 GMT
x-vimeo-dc: ge
x-bapp-server: assets-v3244-jqhzs
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 3, 2206380

GET
H2 200 enterprise.js Show response
www.google.com/recaptcha/ 1008 B
805 B 16ms
16ms Script
text/javascript 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit&isolated=true

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0acdd6c6111be4bb190ac9745cc3a4ecc1bcf1d2f5996c364ff295295e319226

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 06:50:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 613
x-xss-protection: 1; mode=block
expires: Mon, 10 Jan 2022 06:50:16 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 14ms
13ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=441995173&t=pageview&_s=1&dl=https%3A%2F%2Ffraud.net%2F&ul=en-us&de=UTF-8&dt=Fraud.net%20%7C%20AI%20Fraud%20Detection%20and%20Prevention%20for%20Enterprises&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEADQAAAAC~&jid=1433610274&gjid=1589686238&cid=1061495219.1641797417&tid=UA-35675858-1&_gid=2008241038.1641797417&_r=1&gtm=2wg150WVZ4N9X&z=1568524176

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://fraud.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 06:50:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fraud.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 HVT2SOYWOBESJB535C7MUS Show response
d.adroll.com/consent/check/ 395 B
864 B 102ms
29ms Script
application/javascript 99.80.81.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/HVT2SOYWOBESJB535C7MUS?arrfrr=https%3A%2F%2Ffraud.net%2F&_s=1335a90b3d8ccb0174b4888616ef9ee7&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.81.12 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-81-12.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: 28ee393ecddd1316769c14c464beecb0dec1450bbf93ee0ac7aca95a259b04de

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 06:50:17 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.20.0
content-type: application/javascript
content-length: 395
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2 200 inner.html Show response
m.stripe.network/ Frame CD34 932 B
2 KB 52ms
9ms Document
text/html 2600:9000:20eb:aa00:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-35486fb0f96ff904df60da905ccd0cda.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20eb:aa00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

ed34a59f182c66e2b25c602f3c9b0f21435a8f475d5dbc9e6830ff4c7929f5cd

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://m.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; media-src 'none'; object-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/

Response headers

content-type: text/html; charset=utf-8
content-length: 932
last-modified: Thu, 04 Nov 2021 19:04:57 GMT
accept-ranges: bytes
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
x-content-type-options: nosniff
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://m.stripe.com; default-src 'none'; font-src 'self'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; script-src 'self' 'sha256-Qj6AdMOUjZkBBUTjGW/OORBoqx2Pohcq8Bg/ZvZzgYw='; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy: connect-src 'self' https://m.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; media-src 'none'; object-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
date: Mon, 10 Jan 2022 06:48:17 GMT
cache-control: max-age=300, public
etag: "f6254e6dd0cb06228801a1c8baf0939f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0e75d8f2d484ce463fc04f5c422aa178.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: hq2wpBe-R4Oxj2p9Oeey3orbj-pgxE685wlbEa6fpSuEPaxDJYdlOg==
age: 120

GET
H3 200 public Show response
api.hubspot.com/livechat-public/v1/message/ 3 KB
3 KB 190ms
167ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=2113031&conversations-embed=static-1.9535&mobile=false&messagesUtk=24a15c8a572247388b522f40e329cfe0&traceId=24a15c8a572247388b522f40e329cfe0

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b9772b16e0768da02295daf252e53b482c9c054dfddf57037e4d683c8c136e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Referer: https://fraud.net/
Accept-Language: de-DE,de;q=0.9
X-HubSpot-Messages-Uri: https://fraud.net/

Response headers

date: Mon, 10 Jan 2022 06:50:17 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 5814cd65-135b-468c-92e0-297d3aaf15c0
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1431
server: cloudflare
x-trace: 2B8D91BA06ACA773FC25F26CC726587AA6BDBE3694000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BvepOiyr87dYZOn%2FJmj%2Fmm7pl2kjhnGQWZBwSzZ13b7NM9fvCz0LfsyyjhthAfOyV7FevHlKEmGrGPolNlhOy8ffm9%2FIYWhHv0uW9BNmULW4kkEZzUxYV%2BO9mYnIfRA%2Fu%2Bo%2BK9EA8PHN%2B5%2B8HQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://fraud.net
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
cf-ray: 6cb3f8620c5a59ad-MXP
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

OPTIONS
H2 200 public
api.hubspot.com/livechat-public/v1/message/ Frame 0
0 183ms
134ms Preflight
text/plain 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-hubspot-messages-uri
Origin: https://fraud.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 10 Jan 2022 06:50:17 GMT
content-type: text/plain; charset=utf-8
content-length: 18
cf-ray: 6cb3f861086f3745-MXP
access-control-allow-origin: https://fraud.net
allow: HEAD,GET,OPTIONS
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: DYNAMIC
access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-hubspot-correlation-id: c496f36d-2649-486a-abeb-bd1fb9212724
x-trace: 2B67FE66E2D0F5317F2D98F8DD6CCBA282512038FD000000000000000000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n7whIcJ0ZZ0avZbi3kBOlX0NJbSEAMCc5g5Ut59vAJiMZMfdXaUejZwgr4Oyx%2Bf1QQRWJ2zDPQbnAuNGG7QlkG6kK%2FeyK%2BmIFg9YpDDQ2uB0rWC2L71GkwfLRMQ8AosFtX1kLHMjZqFQHt11LQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 clarity.js Show response
f.clarity.ms/s/0.6.31/ 52 KB
23 KB 289ms
92ms Script
application/javascript 20.84.22.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://f.clarity.ms/s/0.6.31/clarity.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/4000327.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.84.22.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b2d2f11eb78159e31bce4355ffd5e696717de4270a77ba1d2038e066462008ad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 06:50:17 GMT
content-encoding: br
etag: "1d7ffcbff747e00"
last-modified: Sun, 02 Jan 2022 11:29:26 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
accept-ranges: bytes
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=ADC2EFD60A2640AB95013D364EA5FAC6&RedC=c.clarity.ms&MXFR=11DEAAFB6639622C0DB8BBD362396CA2
https://c.clarity.ms/c.gif?CtsSyncId=ADC2EFD60A2640AB95013D364EA5FAC6&MUID=1FD0E000915961C001F8F128908B60ED

42 B
391 B

30ms
27ms

Image
image/gif

52.142.114.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=ADC2EFD60A2640AB95013D364EA5FAC6&MUID=1FD0E000915961C001F8F128908B60ED
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: H2
Server: 52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 06:50:17 GMT
last-modified: Fri, 05 Nov 2021 17:19:23 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "f95a3e4769d2d71:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Mon, 10 Jan 2022 06:50:17 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 69C9DDF9B7844ED59E4BB43AC91EB3C7 Ref B: FRAEDGE1310 Ref C: 2022-01-10T06:50:17Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=ADC2EFD60A2640AB95013D364EA5FAC6&MUID=1FD0E000915961C001F8F128908B60ED
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

POST
H2 200 csp-report
q.stripe.com/ Frame CD34 0
120 B 225ms
158ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://m.stripe.network/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 10 Jan 2022 06:50:17 GMT
x-envoy-upstream-service-time: 1
server: nginx
content-length: 0
strict-transport-security: max-age=31556926; includeSubDomains; preload

POST
H2 200 csp-report
q.stripe.com/ Frame CD34 0
120 B 225ms
159ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://m.stripe.network/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 10 Jan 2022 06:50:17 GMT
x-envoy-upstream-service-time: 1
server: nginx
content-length: 0
strict-transport-security: max-age=31556926; includeSubDomains; preload

GET
H2 200 json Show response
forms.hubspot.com/collected-forms/v1/config/ 115 B
676 B 152ms
141ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/collected-forms/v1/config/json?portalId=2113031&utk=

Requested by

Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4df654661d6a1770cd4d647cf1a16adc085a300d1e521e9bc9f2c133d4e22a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://fraud.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 06:50:17 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: d73e4d3d-528b-42d7-addf-677a46bfc8e2
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8d1mk2pr%2FvIuryMTqcjB9XKth%2Bs2rVH1EPvl6Z8FUnTqFudFdNM6aCpO3L6jluKv7goIAYh4%2B6v8zRYg25zVF5qByAig3sNHBjXQYduuIcMMkag%2FzeSrUaBKXvlIjq6Na8JpgSbV1oeIb7l2ii1k"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://fraud.net
x-robots-tag: none
access-control-allow-credentials: false
cf-ray: 6cb3f86138aa3745-MXP
access-control-allow-headers: *

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/-FJgYf1d3dZ_QPcZP7bd85hc/ 352 KB
140 KB 29ms
6ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-FJgYf1d3dZ_QPcZP7bd85hc/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit&isolated=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1328fdb36a1c8ca148d68a0093772adbf73d4e3bd10698836366c558150b32bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fraud.net/
Origin: https://fraud.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 18:25:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44665
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 142561
x-xss-protection: 0
last-modified: Mon, 03 Jan 2022 05:02:35 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 09 Jan 2023 18:25:52 GMT

POST
H/1.1 204
No Content vuid
vimeo.com/ablincoln/ Frame 6623 0
799 B 163ms
124ms Ping
text/plain 151.101.128.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://vimeo.com/ablincoln/vuid?pid=0db8901ea5a6d707ea70e940122da37c5104eeff1641797416

Requested by

Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.128.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://player.vimeo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Via: 1.1 varnish, 1.1 varnish
X-Content-Type-Options: nosniff
Content-Security-Policy-Report-Only: default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /_csp
X-Cache: MISS, MISS
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Served-By: cache-iad-kiad7000176-IAD, cache-cdg20752-CDG
X-Vimeo-DC: ge
Server: nginx
X-Timer: S1641797417.181696,VS0,VE109
X-Frame-Options: sameorigin
Date: Mon, 10 Jan 2022 06:50:17 GMT
Vary: User-Agent
Expires: Sun, 09 Jan 2022 18:50:17 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-BApp-Server: pweb-v18922-qnncx
X-UA-Compatible: IE=edge
Accept-Ranges: bytes
X-Cache-Hits: 0, 0

POST
H2 200 player-test-impression
fresnel.vimeocdn.com/add/ Frame 6623 0
110 B 126ms
104ms Ping
text/plain 34.120.202.204
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fresnel.vimeocdn.com/add/player-test-impression?beacon=1
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/3.48.2/js/player.de-DE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Mon, 10 Jan 2022 06:50:17 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

GET
H2 200 761269575-6c5f8c54d48457c4a582eb93d22363f05ec10d47e9829dffd8598b02a20ddb61-d
i.vimeocdn.com/video/ Frame 6623 27 KB
27 KB 17ms
16ms Image
image/avif 151.101.114.109
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/761269575-6c5f8c54d48457c4a582eb93d22363f05ec10d47e9829dffd8598b02a20ddb61-d?mw=700&mh=394
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/235637953?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 21c7dc1c2db40284c640890ee1fbe06389610827e8d5fc5a90be00199485cba6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 06:50:17 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 1743806
x-viewmaster-lossless-format: automatic
x-cache: miss, HIT, HIT
access-control-max-age: 86400
x-backend-server: varnish
content-length: 27283
viewmaster-server: viewmaster-us-central1-c1nz
x-served-by: cache-dfw18639-DFW, cache-hhn4022-HHN
x-timer: S1641797417.210677,VS0,VE1
etag: b1622480d09dc92e2ec5b059cfbe2ef2
vary: Accept
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 1, 1

POST
H2 200 player-stats
fresnel.vimeocdn.com/add/ Frame 6623 0
40 B 121ms
107ms Ping
text/plain 34.120.202.204
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=0db8901ea5a6d707ea70e940122da37c5104eeff1641797416
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/3.48.2/js/player.de-DE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Mon, 10 Jan 2022 06:50:17 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

GET
H2 200 MicrosoftTeams-image-2-2.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 192 KB
192 KB 7ms
7ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/MicrosoftTeams-image-2-2.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

bde3b71f93b22cd94edb3a80c7ca8dc84e6e90f0609084d6254c7b82a1f59fb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 10 Jan 2022 06:50:17 GMT
x-ac: 1.hhn _atomic_ams
last-modified: Fri, 03 Sep 2021 16:33:05 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/MicrosoftTeams-image-2-2.png>; rel="canonical"
content-length: 196542
expires: Mon, 17 Jan 2022 06:50:17 GMT

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/2001329/ 146 B
321 B 105ms
36ms XHR
application/json 52.17.53.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/2001329/visit-data?sv=7
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.2cec256bd961a22ae708.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.53.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-53-90.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 30886bcaa4bc9292431c9ae196c0b6bbcc4e4311b4839780c91a09c771c76c6e

Request headers

Referer: https://fraud.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Mon, 10 Jan 2022 06:50:17 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H2 200 Group-2851.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 304 KB
305 KB 8ms
8ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Group-2851.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

2d94d3066a34b525976103a941c069e16f5ed11534466b0070d88f83a63c9ef7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 10 Jan 2022 06:50:17 GMT
x-ac: 1.hhn _atomic_ams
last-modified: Fri, 03 Sep 2021 16:15:11 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Group-2851.png>; rel="canonical"
content-length: 311451
expires: Mon, 17 Jan 2022 06:50:17 GMT

GET
H3 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
495 B 181ms
158ms Image
image/gif 2606:4700::6810:5805
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=2

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5805 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 06:50:17 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-hubspot-correlation-id: f231f0b0-625e-44cb-8519-96b9213e9220
x-trace: 2BA764C7710F53D84489626368FF317CFE8D683621000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6cb3f862b9ce83ae-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 35
x-robots-tag: none

GET
H2 200 out-4.5.41.js Show response
m.stripe.network/ Frame CD34 85 KB
14 KB 10ms
10ms Script
text/javascript 2600:9000:20eb:aa00:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.41.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20eb:aa00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

a2f6b81396ab1150effea054efbf1623212ea0419976389ce8f10e909d39e4c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 228
x-cache: Hit from cloudfront
date: Mon, 10 Jan 2022 06:46:40 GMT
last-modified: Thu, 04 Nov 2021 19:04:57 GMT
server: Cloudfront
etag: W/"2db385faf28cf5f9393cf01a0a1edfa2"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 0e75d8f2d484ce463fc04f5c422aa178.cloudfront.net (CloudFront)
cache-control: max-age=300, public
x-amz-cf-pop: FRA2-C1
timing-allow-origin: *
x-amz-cf-id: T53FfpiHBWtMjOj8tHWLzYCcH8NsgXHbB24oggYpcVOIl8eLKJGA2Q==

GET
H2 200 ctx.v1.1.min.js Show response
s.dca0.com/ 6 KB
2 KB 48ms
10ms Script
application/javascript 13.225.80.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.dca0.com/ctx.v1.1.min.js?1635953272
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.80.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-80-119.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 14a3a7e077c77e3180a74584291e139dd0301b610fe5ec6888fdba19e7e8781c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 06:50:17 GMT
content-encoding: gzip
last-modified: Wed, 20 Oct 2021 16:48:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: W/"1ef4dd0ba87baa7e952ed9b8e839b84e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 182ef5a8d12abb5df1553676864737b0.cloudfront.net (CloudFront)
x-amz-cf-id: hYN0yrom1QLxhkgT4YhK4goN648KuL-zgVSyjtO-JyoMwIa-8RuvMg==

GET
H/1.1

200
OK

6SMH2DHXINFNDD52UNEEKG.js Show response
s.adroll.com/pixel/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM/
Redirect Chain

https://d.adroll.com/pixel/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM?adroll_fpc=74e3b0e77b3dcfd54bfeed848eacb765-1641797417368&arrfrr=https%3A%2F%2Ffraud.net%2F&pv=82154171122.43019&cookie=&adr...
https://s.adroll.com/pixel/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM/6SMH2DHXINFNDD52UNEEKG.js

5 KB
2 KB

12ms
12ms

Script
text/javascript

2600:9000:20eb:be00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/pixel/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM/6SMH2DHXINFNDD52UNEEKG.js
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: HTTP/1.1
Server: 2600:9000:20eb:be00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8409097810be7150a9e804cfc8e430a219a60d28afc5ae443ec992c320540d79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

X-Amz-Version-Id: oa1FzQjeu3VuDDAjc8pW4PZuLPXcCIvn
Content-Encoding: gzip
Etag: W/"53491973916f3f557000134edf135605"
Age: 18
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Vary: Accept-Encoding
Via: 1.1 0b9e85cfe8fe19b385db56d32b4ce802.cloudfront.net (CloudFront)
Last-Modified: Fri, 20 Aug 2021 19:59:50 GMT
Server: AmazonS3
Date: Mon, 10 Jan 2022 06:50:00 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA2-C1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: M5TrM9655sZPmsV9Vdvw3O8x_t277uv0151cBBxqTNCRxuKnflYiFQ==

Redirect headers

pragma: no-cache
x-conversion-value: 0.00
server: nginx/1.20.0
x-rule: *fraud.net/*
date: Mon, 10 Jan 2022 06:50:17 GMT
x-segment-eid: 6SMH2DHXINFNDD52UNEEKG
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://s.adroll.com/pixel/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM/6SMH2DHXINFNDD52UNEEKG.js
cache-control: no-store, no-cache, must-revalidate
x-segment-display-name: FN Homepage
x-pixel-eid: ML43PNVWLZH6BAVX2UYHRM
x-segment-name: d1dcd5e9
x-advertisable-eid: HVT2SOYWOBESJB535C7MUS
content-length: 0
x-conversion-currency

GET
H2 200 Group-2859.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 84 KB
84 KB 10ms
8ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Group-2859.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

8a5b549f97ff7e1523fed10f7de1b2bd371e1d07a9a5ffb748520609b348bb5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 10 Jan 2022 06:50:17 GMT
x-ac: 1.hhn _atomic_ams
last-modified: Fri, 03 Sep 2021 16:14:37 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Group-2859.png>; rel="canonical"
content-length: 85846
expires: Mon, 17 Jan 2022 06:50:17 GMT

GET
H/1.1 200
OK track.gif
secure.gaug.es/ 35 B
389 B 104ms
104ms Image
image/gif 54.172.53.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.gaug.es/track.gif?h[site_id]=5d2ff78cc994471481492bdc&h[resource]=https%3A%2F%2Ffraud.net%2F&h[referrer]=&h[title]=Fraud.net%20%7C%20AI%20Fraud%20Detection%20and%20Prevention%20for%20Enterprises&h[user_agent]=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F97.0.4692.71%20Safari%2F537.36&h[unique]=1&h[unique_hour]=1&h[unique_day]=1&h[unique_month]=1&h[unique_year]=1&h[screenx]=1600&h[browserx]=1600&h[browsery]=1200&timestamp=1641797417381

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.172.53.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-172-53-5.compute-1.amazonaws.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 10 Jan 2022 06:50:17 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 10 Jan 2022 06:50:17 GMT
Server: nginx/1.10.3 (Ubuntu)
Content-Type: image/gif
Cache-Control: no-store, no-cache, must-revalidate, private
Connection: keep-alive
Content-Length: 35
Expires: Sat, 25 Nov 2000 05:00:00 GMT

GET
H2 200 Computer-Appstore-e1628881087778-uai-1032x638.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 191 KB
191 KB 8ms
6ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Computer-Appstore-e1628881087778-uai-1032x638.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

d34714f028b8a056625c6cc214a4a2456052e03cee9bac45c19b138f4560b368

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 10 Jan 2022 06:50:17 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Fri, 03 Dec 2021 13:48:14 GMT
server: nginx
strict-transport-security: max-age=15552000
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Computer-Appstore-e1628881087778-uai-1032x638.png>; rel="canonical"
content-length: 195680
expires: Mon, 17 Jan 2022 06:50:17 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/enterprise/ Frame EBA9 40 KB
20 KB 41ms
23ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9mcmF1ZC5uZXQ6NDQz&hl=de&v=-FJgYf1d3dZ_QPcZP7bd85hc&size=invisible&badge=inline&cb=2t604gtff5v0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-FJgYf1d3dZ_QPcZP7bd85hc/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4b633d904db4f65f682d956f679c7df93f034e6d06d654cf1fd733bd15fb1c1e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-VS3442LWd2/8gI4TF8IkXA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 10 Jan 2022 06:50:17 GMT
content-security-policy: script-src 'report-sample' 'nonce-VS3442LWd2/8gI4TF8IkXA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 20896
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 counters.gif
perf.hsforms.com/embed/v3/ 35 B
239 B 145ms
144ms Image
image/gif 2606:4700::6810:5805
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf.hsforms.com/embed/v3/counters.gif?key=forms-next-recaptcha-viewed&count=1&portalId=2113031

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5805 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 06:50:17 GMT
vary: Accept-Encoding
cf-cache-status: MISS
x-hubspot-correlation-id: 0658b4f5-49a6-46b7-9df2-edb360f1f07e
cf-ray: 6cb3f862ecf73749-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 35
last-modified: Mon, 10 Jan 2022 06:50:17 GMT
server: cloudflare
x-trace: 2B3B54FA732FB44AA6231FC681CBBB09D78A5D7789000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
accept-ranges: bytes
x-robots-tag: none

GET
H3 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
460 B 147ms
147ms Image
image/gif 2606:4700::6810:5805
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5805 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 06:50:17 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-hubspot-correlation-id: 89c84fb3-57f3-4eba-b6a9-198c816f50d9
x-trace: 2B6E6D380CC9733B9B83C9EC47BF67CE7C7D8E10D6000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6cb3f8637b1a83ae-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 35
x-robots-tag: none

GET
H2 200 24a15c8a572247388b522f40e329cfe0 Show response
app.hubspot.com/conversations-visitor/2113031/threads/utk/ Frame B532 45 KB
17 KB 217ms
170ms Document
text/html 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/conversations-visitor/2113031/threads/utk/24a15c8a572247388b522f40e329cfe0?uuid=19be3e1fdbdc40dbaf6f52a50c2881c1&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=fraud.net&inApp53=false&messagesUtk=24a15c8a572247388b522f40e329cfe0&url=https%3A%2F%2Ffraud.net%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5bf6606879f5989c3741d12fb53dde2ce79eb61b90013b8f9b80f32b3e6242c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/

Response headers

date: Mon, 10 Jan 2022 06:50:17 GMT
content-type: text/html; charset=utf-8
cf-ray: 6cb3f863c8e70f6e-MXP
age: 1260
cache-control: max-age=600
etag: W/"154e4d6b2851789445425e4debdd40e7"
last-modified: Fri, 07 Jan 2022 07:06:18 UTC
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 4a050b98a443ca2d3af477f9b4dc39ae.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
access-control-allow-credentials: false
content-security-policy-report-only: script-src data: 'self' www.hubspot.com *.hs-analytics.net *.hsappstatic.net *.hs-banner.com *.hsforms.net *.hsleadflows.net *.hs-scripts.com js.hubspotfeedback.com *.usemessages.com js.hubspot.com js.hsadspixel.net *.hscollectedforms.net js-agent.newrelic.com bam.nr-data.net www.google.com www.gstatic.com apis.google.com maps.googleapis.com www.googleadservices.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagmanager.com *.google-analytics.com static.hotjar.com script.hotjar.com *.fullstory.com fullstory.com *.convertexperiments.com cdn.pdst.fm d.impactradius-event.com cdn.getambassador.com mbsy.co pixel.cdnwidget.com snap.licdn.com connect.facebook.net js.stripe.com checkout.stripe.com survey.survicate.com surveys-static.survicate.com sdk.canva.com www.dropbox.com static.ads-twitter.com analytics.twitter.com play.vidyard.com app.vidyard.com s.yimg.jp www.redditstatic.com 'unsafe-inline' 'unsafe-eval'; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-visitor-ui/static-1.11994/html/index.html&cfRay=6cb3f863c8e70f6e&reqUrl=https%3A%2F%2Fapp.hubspot.com%2Fconversations-visitor%2F2113031%2Fthreads%2Futk%2F24a15c8a572247388b522f40e329cfe0%3Fuuid%3D19be3e1fdbdc40dbaf6f52a50c2881c1%26mobile%3Dfalse%26mobileSafari%3Dfalse%26hideWelcomeMessage%3Dfalse%26hstc%3Dnull%26domain%3Dfraud.net%26inApp53%3Dfalse%26messagesUtk%3D24a15c8a572247388b522f40e329cfe0%26url%3Dhttps%253A%252F%252Ffraud.net%252F%26inline%3Dfalse%26isFullscreen%3Dfalse%26globalCookieOptOut%3Dnull%26isFirstVisitorSession%3Dtrue%26isAttachmentDisabled%3Dfalse%26enableWidgetCookieBanner%3Dfalse%26isInCMS%3Dfalse&referrer=https%3A%2F%2Ffraud.net%2F&cfenv=prod&csp=ro
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://exceptions.hubspot.com/csp/reports"}]}
x-amz-cf-id: 0QMIDbogD8_MiN-jSrBPtL2jlB1OBUwnTfTKeyjstzTnlpNvut5nbw==
x-amz-cf-pop: IAD89-P1
x-amz-replication-status: COMPLETED
x-amz-server-side-encryption: AES256
x-amz-version-id: .TtPAaY_t0loLyaEMC2OS2phFOOTddQt
x-cache: Hit from cloudfront
x-hs-cache-status: MISS
x-hs-worker-debug-mode: false
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 Group-2858.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 235 KB
236 KB 7ms
7ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Group-2858.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

f557768dc0c8791b80b0d6415b9c5d292503431d5c48f155e23f335883c7fe4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 10 Jan 2022 06:50:17 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Fri, 03 Sep 2021 16:14:30 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Group-2858.png>; rel="canonical"
content-length: 241112
expires: Mon, 17 Jan 2022 06:50:17 GMT

GET
H2 200 Group-2851@2x-uai-2064x645.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 500 KB
501 KB 14ms
14ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Group-2851@2x-uai-2064x645.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

c7d26650e92cefe3dca2d12dbc1524fbbed818e854aa3a18a7c74520873f8441

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 10 Jan 2022 06:50:17 GMT
x-ac: 1.hhn _atomic_ams
last-modified: Fri, 03 Dec 2021 13:48:15 GMT
server: nginx
strict-transport-security: max-age=15552000
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Group-2851@2x-uai-2064x645.png>; rel="canonical"
content-length: 512361
expires: Mon, 17 Jan 2022 06:50:17 GMT

GET
H2 200 Group-2854.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 265 KB
265 KB 7ms
7ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Group-2854.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

78cada0d0ef4f1560d0bf4022a53790fad68297d09099dbbb3628d8dc62c9275

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 10 Jan 2022 06:50:17 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Fri, 03 Sep 2021 16:14:08 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Group-2854.png>; rel="canonical"
content-length: 271391
expires: Mon, 17 Jan 2022 06:50:17 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 01D2 0
17 B 18ms
7ms Document
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://fraud.net
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/

Response headers

content-type: text/plain
access-control-allow-origin: https://fraud.net
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
date: Mon, 10 Jan 2022 06:50:17 GMT

POST
H2 200 6 Show response
m.stripe.com/ Frame CD34 156 B
522 B 478ms
159ms XHR
application/json 34.211.243.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.41.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.211.243.235 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-211-243-235.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

9ab240edb0085d34e4690568134340865bea04f2a9a84fa6ec952ef1ed83205d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 10 Jan 2022 06:50:17 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/json;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 fraud-dot-net-background-dots-bottom-sm.jpg
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2018/10/ 45 KB
45 KB 7ms
6ms Image
image/jpeg 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2018/10/fraud-dot-net-background-dots-bottom-sm.jpg

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

445d907172a2bf29b119fecb54a2c2cad1a2eda934f9c887e4c1c923789108d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 10 Jan 2022 06:50:17 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Thu, 26 Sep 2019 11:05:29 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2018/10/fraud-dot-net-background-dots-bottom-sm.jpg>; rel="canonical"
content-length: 45696
expires: Mon, 17 Jan 2022 06:50:17 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/-FJgYf1d3dZ_QPcZP7bd85hc/ Frame EBA9 51 KB
24 KB 22ms
7ms Stylesheet
text/css 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-FJgYf1d3dZ_QPcZP7bd85hc/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9mcmF1ZC5uZXQ6NDQz&hl=de&v=-FJgYf1d3dZ_QPcZP7bd85hc&size=invisible&badge=inline&cb=2t604gtff5v0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bcd1f7e49f79b765f936bdae5a06d5a63529d8b21a588011146de94f927524

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 17:13:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 481033
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24158
x-xss-protection: 0
last-modified: Mon, 03 Jan 2022 05:02:35 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Wed, 04 Jan 2023 17:13:04 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/-FJgYf1d3dZ_QPcZP7bd85hc/ Frame EBA9 352 KB
139 KB 21ms
6ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-FJgYf1d3dZ_QPcZP7bd85hc/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1328fdb36a1c8ca148d68a0093772adbf73d4e3bd10698836366c558150b32bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 18:25:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44665
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 142561
x-xss-protection: 0
last-modified: Mon, 03 Jan 2022 05:02:35 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 09 Jan 2023 18:25:52 GMT

GET
H2 200 cluster-id Show response
11b557cb-155c-0033-f06a-24a191181ec8.z1.dca0.com/api/ 15 B
115 B 736ms
157ms XHR
text/plain 44.240.107.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://11b557cb-155c-0033-f06a-24a191181ec8.z1.dca0.com/api/cluster-id?uid=c3b40e1f-05ba-688d-17cc-8222705ced1f
Requested by: Host: s.dca0.com
URL: https://s.dca0.com/ctx.v1.1.min.js?1635953272
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.240.107.9 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-240-107-9.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 7f7abd8586836be0bc4589b65f90c593b3585d3f4c81c8b573fcd37fbc3d0a58

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 10 Jan 2022 06:50:18 GMT
content-length: 15
content-type: text/plain; charset=utf-8

GET
H/1.1 200
OK onsiteloader.js Show response
s.adroll.com/onsite_personalization/production/0.1/loader/ 2 KB
2 KB 11ms
11ms Script
application/javascript 2600:9000:20eb:be00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/onsite_personalization/production/0.1/loader/onsiteloader.js
Requested by: Host: d.adroll.com
URL: https://d.adroll.com/pixel/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM?adroll_fpc=74e3b0e77b3dcfd54bfeed848eacb765-1641797417368&arrfrr=https%3A%2F%2Ffraud.net%2F&pv=82154171122.43019&cookie=&adroll_s_ref=&keyw=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:be00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 61e6bb7dc98f8adb836fc72a8fdd38c6cfb48a0e71d3c58ffc2943217764ef40

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

X-Amz-Version-Id: jCG0Y9XUUOQKBmsnFB0TVFtRkjlhb5c.
Content-Encoding: gzip
Etag: W/"73534cc70057d4d96ec3c5a56ad5d4ef"
X-Amz-Cf-Pop: FRA2-C1
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Access-Control-Max-Age: 600
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Thu, 09 Dec 2021 21:03:21 GMT
Server: AmazonS3
Date: Mon, 10 Jan 2022 06:50:17 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Via: 1.1 0b9e85cfe8fe19b385db56d32b4ce802.cloudfront.net (CloudFront)
Cache-Control: no-cache
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: cJiB9LUEbo5tD-O1uMLHvfmMLGklNXt84fnMCY9tmgSqvAMkJ2ZDlg==

GET
H/1.1 200
OK sendrolling.js Show response
s.adroll.com/j/ 11 KB
3 KB 8ms
8ms Script
text/javascript 2600:9000:20eb:be00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/sendrolling.js
Requested by: Host: d.adroll.com
URL: https://d.adroll.com/pixel/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM?adroll_fpc=74e3b0e77b3dcfd54bfeed848eacb765-1641797417368&arrfrr=https%3A%2F%2Ffraud.net%2F&pv=82154171122.43019&cookie=&adroll_s_ref=&keyw=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:be00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 134568be83d33ab28a55e78e8e8ac638ac6a57ff1bfc62bb5bc4e93fee39e20f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

X-Amz-Version-Id: DLOa5tGCke52IWxtoULDgOXUT1UyTr6F
Content-Encoding: gzip
Etag: W/"c317a5be7d65fa0c4d68d9735af020e4"
Age: 1568
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Vary: Accept-Encoding
Via: 1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
Last-Modified: Wed, 22 Dec 2021 22:53:06 GMT
Server: AmazonS3
Date: Mon, 10 Jan 2022 06:25:51 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA2-C1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: fC3R00CFn3A1r-XbRMP_nD-vrkxFNlyFn9-b90HIs1wpOBNf4h-A1A==

GET
H3 200 411617989444864 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 56ms
56ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/411617989444864?v=next&r=canary

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8d102cf18d379c071517dead5a8965835fb77b16016c28022363c9832e4b71bd

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: mqG2475tbdhku/wleBoLZ2fy0t9jQnS5z8pir+nSAILqQXHKuhpkZoxEbA0pMrySm6XuVLlBpoA0jSceTKbRYQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 10 Jan 2022 06:50:17 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/
Redirect Chain

https://d.adroll.com/cm/index/out?adroll_fpc=74e3b0e77b3dcfd54bfeed848eacb765-1641797417368&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NzUxNDQzMmJkMWZiOGI1MDdmMDBhZWUwZmUwNmMzM2I&expiration=1673333417
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NzUxNDQzMmJkMWZiOGI1MDdmMDBhZWUwZmUwNmMzM2I&expiration=1673333417&C=1

43 B
1 KB

32ms
32ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NzUxNDQzMmJkMWZiOGI1MDdmMDBhZWUwZmUwNmMzM2I&expiration=1673333417&C=1
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 10 Jan 2022 06:50:17 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 10 Jan 2022 06:50:17 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 10 Jan 2022 06:50:17 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NzUxNDQzMmJkMWZiOGI1MDdmMDBhZWUwZmUwNmMzM2I&expiration=1673333417&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 333
Expires: Mon, 10 Jan 2022 06:50:17 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://d.adroll.com/cm/n/out?adroll_fpc=74e3b0e77b3dcfd54bfeed848eacb765-1641797417368&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NzUxNDQzMmJkMWZiOGI1MDdmMDBhZWUwZmUwNmMzM2I&expires=365

0
239 B

33ms
10ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NzUxNDQzMmJkMWZiOGI1MDdmMDBhZWUwZmUwNmMzM2I&expires=365
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Content-Type: image/gif

Redirect headers

location: https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NzUxNDQzMmJkMWZiOGI1MDdmMDBhZWUwZmUwNmMzM2I&expires=365
pragma: no-cache
date: Mon, 10 Jan 2022 06:50:17 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.20.0
content-length: 124
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

204

sync
pixel.advertising.com/ups/55980/
Redirect Chain

https://d.adroll.com/cm/onevideo/out?adroll_fpc=74e3b0e77b3dcfd54bfeed848eacb765-1641797417368&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS
https://pixel.advertising.com/ups/55980/sync?uid=NzUxNDQzMmJkMWZiOGI1MDdmMDBhZWUwZmUwNmMzM2I&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
https://pixel.advertising.com/ups/55980/sync?uid=NzUxNDQzMmJkMWZiOGI1MDdmMDBhZWUwZmUwNmMzM2I&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true

0
124 B

9ms
8ms

Image
text/plain

18.157.252.145
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.advertising.com/ups/55980/sync?uid=NzUxNDQzMmJkMWZiOGI1MDdmMDBhZWUwZmUwNmMzM2I&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Server

18.157.252.145 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-157-252-145.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 06:50:17 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://pixel.advertising.com/ups/55980/sync?uid=NzUxNDQzMmJkMWZiOGI1MDdmMDBhZWUwZmUwNmMzM2I&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true
date: Mon, 10 Jan 2022 06:50:17 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/
Redirect Chain

https://d.adroll.com/cm/outbrain/out?adroll_fpc=74e3b0e77b3dcfd54bfeed848eacb765-1641797417368&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS
https://sync.outbrain.com/cookie-sync?p=adroll&uid=NzUxNDQzMmJkMWZiOGI1MDdmMDBhZWUwZmUwNmMzM2I

0
477 B

346ms
88ms

Image
text/plain

64.202.112.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=adroll&uid=NzUxNDQzMmJkMWZiOGI1MDdmMDBhZWUwZmUwNmMzM2I
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: HTTP/1.1
Server: 64.202.112.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 10 Jan 2022 06:50:17 GMT
Cache-Control: no-cache
X-TraceId: 1cc9d32dc4a381efaa2c3e05da2f2064
Content-Length: 0

Redirect headers

location: https://sync.outbrain.com/cookie-sync?p=adroll&uid=NzUxNDQzMmJkMWZiOGI1MDdmMDBhZWUwZmUwNmMzM2I
pragma: no-cache
date: Mon, 10 Jan 2022 06:50:17 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.20.0
content-length: 100
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/
Redirect Chain

https://d.adroll.com/cm/pubmatic/out?adroll_fpc=74e3b0e77b3dcfd54bfeed848eacb765-1641797417368&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=NzUxNDQzMmJkMWZiOGI1MDdmMDBhZWUwZmUwNmMzM2I&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENA...

1 B
548 B

56ms
19ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=NzUxNDQzMmJkMWZiOGI1MDdmMDBhZWUwZmUwNmMzM2I&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 06:50:17 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug019:0:609
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=NzUxNDQzMmJkMWZiOGI1MDdmMDBhZWUwZmUwNmMzM2I&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
pragma: no-cache
date: Mon, 10 Jan 2022 06:50:17 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.20.0
content-length: 220
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

204

rtb-h
sync.taboola.com/sg/adroll-network/1/
Redirect Chain

https://d.adroll.com/cm/taboola/out?adroll_fpc=74e3b0e77b3dcfd54bfeed848eacb765-1641797417368&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=NzUxNDQzMmJkMWZiOGI1MDdmMDBhZWUwZmUwNmMzM2I

0
221 B

50ms
15ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=NzUxNDQzMmJkMWZiOGI1MDdmMDBhZWUwZmUwNmMzM2I
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 06:50:17 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13662

Redirect headers

location: https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=NzUxNDQzMmJkMWZiOGI1MDdmMDBhZWUwZmUwNmMzM2I
pragma: no-cache
date: Mon, 10 Jan 2022 06:50:17 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.20.0
content-length: 111
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

200

xuid
eb2.3lift.com/
Redirect Chain

https://d.adroll.com/cm/triplelift/out?adroll_fpc=74e3b0e77b3dcfd54bfeed848eacb765-1641797417368&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS
https://eb2.3lift.com/xuid?mid=4714&xuid=NzUxNDQzMmJkMWZiOGI1MDdmMDBhZWUwZmUwNmMzM2I&dongle=c85e
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=NzUxNDQzMmJkMWZiOGI1MDdmMDBhZWUwZmUwNmMzM2I&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=

37 B
351 B

37ms
37ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=NzUxNDQzMmJkMWZiOGI1MDdmMDBhZWUwZmUwNmMzM2I&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 06:50:17 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=4714&xuid=NzUxNDQzMmJkMWZiOGI1MDdmMDBhZWUwZmUwNmMzM2I&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=
date: Mon, 10 Jan 2022 06:50:17 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

204

v1
ads.yahoo.com/cms/
Redirect Chain

https://d.adroll.com/cm/r/out?adroll_fpc=74e3b0e77b3dcfd54bfeed848eacb765-1641797417368&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS
https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

0
445 B

24ms
7ms

Image
text/plain

2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Server

2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 06:50:17 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

location: https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
pragma: no-cache
date: Mon, 10 Jan 2022 06:50:17 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.20.0
content-length: 165
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/
Redirect Chain

https://d.adroll.com/cm/b/out?adroll_fpc=74e3b0e77b3dcfd54bfeed848eacb765-1641797417368&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS
https://x.bidswitch.net/sync?dsp_id=44&user_id=NzUxNDQzMmJkMWZiOGI1MDdmMDBhZWUwZmUwNmMzM2I
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NzUxNDQzMmJkMWZiOGI1MDdmMDBhZWUwZmUwNmMzM2I

43 B
495 B

9ms
9ms

Image
image/gif

18.198.172.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NzUxNDQzMmJkMWZiOGI1MDdmMDBhZWUwZmUwNmMzM2I
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: HTTP/1.1
Server: 18.198.172.5 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-172-5.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 10 Jan 2022 06:50:17 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NzUxNDQzMmJkMWZiOGI1MDdmMDBhZWUwZmUwNmMzM2I
Date: Mon, 10 Jan 2022 06:50:17 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

bounce
ib.adnxs.com/
Redirect Chain

https://d.adroll.com/cm/x/out?adroll_fpc=74e3b0e77b3dcfd54bfeed848eacb765-1641797417368&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS
https://ib.adnxs.com/setuid?entity=172&code=NzUxNDQzMmJkMWZiOGI1MDdmMDBhZWUwZmUwNmMzM2I
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DNzUxNDQzMmJkMWZiOGI1MDdmMDBhZWUwZmUwNmMzM2I

43 B
1 KB

13ms
13ms

Image
image/gif

185.33.221.13
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DNzUxNDQzMmJkMWZiOGI1MDdmMDBhZWUwZmUwNmMzM2I

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

HTTP/1.1

Server

185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 10 Jan 2022 06:50:17 GMT
X-Proxy-Origin: 193.27.14.40; 193.27.14.40; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: a8d9f696-a4e4-4b52-b53d-ec0ee3dd91f9
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 10 Jan 2022 06:50:17 GMT
X-Proxy-Origin: 193.27.14.40; 193.27.14.40; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: fc87ea81-bc0d-45f6-99b1-2c61692e2ccd
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DNzUxNDQzMmJkMWZiOGI1MDdmMDBhZWUwZmUwNmMzM2I
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 out
d.adroll.com/cm/l/ 42 B
180 B 57ms
56ms Image
image/gif 99.80.81.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/l/out?adroll_fpc=74e3b0e77b3dcfd54bfeed848eacb765-1641797417368&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.81.12 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-81-12.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 06:50:17 GMT
cache-control: no-transform,public,max-age=300,s-maxage=900
server: nginx/1.20.0
content-length: 42
vary: Cookie
content-type: image/gif

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://d.adroll.com/cm/o/out?adroll_fpc=74e3b0e77b3dcfd54bfeed848eacb765-1641797417368&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS
https://us-u.openx.net/w/1.0/sd?id=537103138&val=7514432bd1fb8b507f00aee0fe06c33b

43 B
274 B

33ms
16ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537103138&val=7514432bd1fb8b507f00aee0fe06c33b
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 06:50:17 GMT
via: 1.1 google
server: OXGW/17.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?id=537103138&val=7514432bd1fb8b507f00aee0fe06c33b
pragma: no-cache
date: Mon, 10 Jan 2022 06:50:17 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.20.0
content-length: 87
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

200

in
d.adroll.com/cm/g/
Redirect Chain

https://d.adroll.com/cm/g/out?adroll_fpc=74e3b0e77b3dcfd54bfeed848eacb765-1641797417368&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS&google_nid=adroll5
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=dRRDK9H7i1B_AK7g_gbDOw
https://d.adroll.com/cm/g/in

42 B
537 B

29ms
29ms

Image
image/gif

99.80.81.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/g/in
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: H2
Server: 99.80.81.12 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-81-12.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 06:50:17 GMT
server: nginx/1.20.0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-store, no-cache, must-revalidate
content-type: image/gif
content-length: 42
x-result: g.-1.-1.-1

Redirect headers

pragma: no-cache
date: Mon, 10 Jan 2022 06:50:17 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://d.adroll.com/cm/g/in
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 225
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect Show response
f.clarity.ms/ 0
66 B 95ms
94ms XHR
text/plain 20.84.22.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://f.clarity.ms/collect
Requested by: Host: f.clarity.ms
URL: https://f.clarity.ms/s/0.6.31/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.84.22.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://fraud.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: https://fraud.net
date: Mon, 10 Jan 2022 06:50:17 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H3 200 webworker.js
www.google.com/recaptcha/enterprise/ Frame EBA9 102 B
134 B 16ms
16ms Other
text/javascript 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/webworker.js?hl=de&v=-FJgYf1d3dZ_QPcZP7bd85hc

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cbecd7098b07528fa43facb46bb3c5bda20951f7129c506f3d910fbe9ab9fd9c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9mcmF1ZC5uZXQ6NDQz&hl=de&v=-FJgYf1d3dZ_QPcZP7bd85hc&size=invisible&badge=inline&cb=2t604gtff5v0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 06:50:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Mon, 10 Jan 2022 06:50:17 GMT

GET
H/1.1 200
OK main.39c29e42.js Show response
s.adroll.com/onsite_personalization/production/0.1/static/js/ 336 KB
100 KB 25ms
9ms Script
application/javascript 2600:9000:20eb:be00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/onsite_personalization/production/0.1/static/js/main.39c29e42.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/onsite_personalization/production/0.1/loader/onsiteloader.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:be00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 07db2104bff88b827b7d0dc6c06ec4b2d6fe59c2633680546dbddb3be400285f

Request headers

Referer: https://fraud.net/
Origin: https://fraud.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

X-Amz-Version-Id: VbMgk_gXghimoZRhj6QFui2WfE6aoopb
Content-Encoding: gzip
Etag: W/"86fbdc8ff56a043dffe520cd42b1e7b9"
Age: 39096
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Access-Control-Max-Age: 600
Connection: keep-alive
Via: 1.1 5076c8187f430eebe5e26fc594d6125a.cloudfront.net (CloudFront)
Last-Modified: Wed, 22 Dec 2021 19:15:34 GMT
Server: AmazonS3
Date: Mon, 10 Jan 2022 01:23:41 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA2-C1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: Ti2Nb6fJOY81LPaXbsWYPKoPR4LrKewn3yKSCVkdwhvbbAI8VdhNHA==

GET
H/1.1 200
OK main.2a90a3dd.css
s.adroll.com/onsite_personalization/production/0.1/static/css/ 25 KB
4 KB 13ms
13ms Stylesheet
text/css 2600:9000:20eb:be00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/onsite_personalization/production/0.1/static/css/main.2a90a3dd.css
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/onsite_personalization/production/0.1/loader/onsiteloader.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:be00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 59c48654847cab7c894b4e49aed73de1a4141c27e501d72dd1117a356ef0f069

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

X-Amz-Version-Id: stG5rI47SkR3xxZTGnejIIBdHw6mvWlq
Content-Encoding: gzip
Etag: W/"3b96be16936102d8935969d4c53c212f"
X-Amz-Cf-Pop: FRA2-C1
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Access-Control-Max-Age: 600
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Thu, 09 Dec 2021 21:03:21 GMT
Server: AmazonS3
Date: Mon, 10 Jan 2022 06:50:17 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/css
Via: 1.1 0b9e85cfe8fe19b385db56d32b4ce802.cloudfront.net (CloudFront)
Cache-Control: no-cache
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: -g9fkKqz_VCQ7WoOVzF0VDeoTihsNdHpbc8W6mFEAW10ZY6MenWlUg==

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=411617989444864&ev=PageView&dl=https%3A%2F%2Ffraud.net%2F&rl=&if=false&ts=1641797417815&cd[segment_eid]=6SMH2DHXINFNDD52UNEEKG&sw=1600&sh=1200&v=next&r=canary&ec=0&o=29&ttf=3085.599998474121&tts=1865.3999996185303&ttse=2184.599998474121&fbp=fb.1.1641797416911.688582531&it=1641797416598&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 06:50:17 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Mon, 10 Jan 2022 06:50:17 GMT

GET
H2 200 bundle.production.js Show response
static.hsappstatic.net/head-dlb/static-1.156/ Frame B532 44 KB
16 KB 72ms
26ms Script
application/javascript 2606:4700::6811:7d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/head-dlb/static-1.156/bundle.production.js

Requested by

Host: app.hubspot.com
URL: https://app.hubspot.com/conversations-visitor/2113031/threads/utk/24a15c8a572247388b522f40e329cfe0?uuid=19be3e1fdbdc40dbaf6f52a50c2881c1&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=fraud.net&inApp53=false&messagesUtk=24a15c8a572247388b522f40e329cfe0&url=https%3A%2F%2Ffraud.net%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:7d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a4651c562bac53f6d33b1d8093551a818571a6b595304ba4813bc7b5d503783

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 06:50:17 GMT
via: 1.1 31806b2c47634ce66d4f41f8f0f3e17d.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 920451
x-amz-server-side-encryption: AES256
cf-ray: 6cb3f86618fd83b5-MXP
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 12 Aug 2021 03:52:03 GMT
server: cloudflare
etag: W/"92f1fce5bc1b104818f7bb3259fa0317"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YCL7vtrTyfISWWp16eIex8WKt71jS4MPVfc4qZjZghMASevXRwdwXb9wrLOCvPvEhGQX8oJnN3qN%2BmqClcZMYltXLwnEF1EDe0BGhY7hunqMYImDijph1O7o8UmyMO0UPqT69nXuXz2eHeUYCUD6Bg7fD3Y%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: jswq3j2Kf9rTWaLEvxg.3d09mCkFqVly
access-control-allow-origin: https://app.hubspot.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: MXP64-C3
content-type: application/javascript
x-amz-cf-id: -u_F9WNVUqCVfVJLZNraOcCsOrF_eezfOuVFOKftdwHdl76MMO3XWA==
expires: Tue, 10 Jan 2023 06:50:17 GMT

GET
H2 200 visitor.css
static.hsappstatic.net/conversations-visitor-ui/static-1.11843/sass/ Frame B532 20 KB
5 KB 88ms
42ms Stylesheet
text/css 2606:4700::6811:7d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.11843/sass/visitor.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:7d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76e2bca54d321dfd4cebf8797b2c9a81ccb1c0619d4da3a7c53d4e6228c5a61d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 06:50:17 GMT
via: 1.1 ac9a9db2e57fbe7ebe7ee8fc2d557857.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 880691
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: text/css
x-amz-replication-status: COMPLETED
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 15 Nov 2021 19:50:41 GMT
server: cloudflare
etag: W/"370a89ea102d7b437eb549729472631f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AUAdgPL2Tcz70ylcNVHip2NMuYG0DdvaJcNj7NFde1M7SlZ%2BeLwaRmWHGKgaZb1KJuBmPb9GdsIZMAYOmce1A0HiRyhojQXBcQynnYoD4UIL%2BNc%2BuPekVOLEUNRZQ15yTvQ%2FNwAS6giDPLb9JsalLU0pYuo%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: LgyvJN0nZOCplqIYlCYJJ1cibXdW_3K_
cache-control: public, max-age=31536000
x-amz-cf-pop: MXP64-C3
cf-ray: 6cb3f8661bad83a3-MXP
x-amz-cf-id: uINNirkA0FL30w58uYsHF2DdmRZuaJe4XX-aTMD5eyAVrgraKMf0ng==
expires: Tue, 10 Jan 2023 06:50:17 GMT

GET
H2 200 bundle.production.js Show response
static.hsappstatic.net/hubspot-dlb/static-1.185/ Frame B532 292 KB
93 KB 71ms
25ms Script
application/javascript 2606:4700::6811:7d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/hubspot-dlb/static-1.185/bundle.production.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:7d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ad6cdc4f9af3ff11fcf08e8bfa971c2eb8e6323cc62c7d26a9d330fd7598692

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 06:50:17 GMT
via: 1.1 a3ae177abd9d9d46a05bd977097eb865.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1079989
x-amz-server-side-encryption: AES256
cf-ray: 6cb3f86618fe83b5-MXP
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 30 Nov 2021 17:16:22 GMT
server: cloudflare
etag: W/"94246df4c07c3ccbcad3f81c6b58b7e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZNDPgrmTyt7v0N80w9NASDfwOOZbjBeCj%2FRN3la%2FZALUbiuJ%2Fw%2BE3GSYC16hN0HrGVq1b1JmoYhImH4WhrFmB864Ha5F6pVLkZ80Fp%2F1DPKVy0Uo9yDizvlMi1g72%2Fi9S%2F2lcCOoXuO1bpksuRdAb3agp%2FQ%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: .P4bnlb8jfh1ei4Sqi2rwb9f4e2YqR7Z
access-control-allow-origin: https://app.hubspot.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: MXP64-C3
content-type: application/javascript
x-amz-cf-id: eaoIUBWFYSkHWWRXbvq7vAm7oWVx0vnmaye6zzLtYZaGyiGJAhqj1g==
expires: Tue, 10 Jan 2023 06:50:17 GMT

GET
H2 200 visitor.js Show response
static.hsappstatic.net/conversations-visitor-ui/static-1.11994/bundles/ Frame B532 491 KB
144 KB 71ms
26ms Script
application/javascript 2606:4700::6811:7d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.11994/bundles/visitor.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:7d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78f2d51672bd17197327e7fd1c01b548e5d5019623b7fb14ac7461a870b372e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 06:50:17 GMT
via: 1.1 a9eaf6e9a69fa6a7e0ae6b0894db715a.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 215033
x-amz-server-side-encryption: AES256
cf-ray: 6cb3f86618ff83b5-MXP
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 05 Jan 2022 19:34:24 GMT
server: cloudflare
etag: W/"79625616fae80d3efc1a424b564f15a0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N5mpP0o7BTVCzt8tjubh0sNxJ8ecOlxliiYci5Dnj4%2BNPJON7JX6okaVBpitVMpv4g0C9pHgRie8cWzMJq0OSXXjwQDN9cVUV2TLkwDWZyBcjVyx6%2BSdZ67nJhjM26752JVb%2BywkglwuewKiEBJmG1VXfdU%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: iUjH9hMWy7tygUGPZMRq.RebPTwiDVnp
access-control-allow-origin: https://app.hubspot.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: MXP63-P3
content-type: application/javascript
x-amz-cf-id: Vhc-mq__7vazNguxH8nBvY3qmgBGCh99_ic-6qiwmvqfmAcVmFUe1Q==
expires: Tue, 10 Jan 2023 06:50:17 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/enterprise/ Frame 2FD2 7 KB
1 KB 19ms
19ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/bframe?hl=de&v=-FJgYf1d3dZ_QPcZP7bd85hc&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-FJgYf1d3dZ_QPcZP7bd85hc/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

63cb141ca5fdd1ee6b8ba95c870378be2df98f291e22bc078140856a6afb33f2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-nv28vILa2U3fWh//KIMAJw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 10 Jan 2022 06:50:17 GMT
content-security-policy: script-src 'report-sample' 'nonce-nv28vILa2U3fWh//KIMAJw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1117
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK no_builder_customizations.json Show response
s.adroll.com/onsite_personalization/production/advertiser-personalizations/HVT2SOYWOBESJB535C7MUS/ 2 B
751 B 618ms
617ms XHR
binary/octet-stream 2600:9000:20eb:be00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/onsite_personalization/production/advertiser-personalizations/HVT2SOYWOBESJB535C7MUS/no_builder_customizations.json
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/onsite_personalization/production/0.1/static/js/main.39c29e42.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:be00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

X-Amz-Version-Id: Qq4r8F1tiHtgStZBEhtkqfS84yGuBoes
Via: 1.1 5076c8187f430eebe5e26fc594d6125a.cloudfront.net (CloudFront)
Etag: "99914b932bd37a50b983c5e7c90ae93b"
X-Amz-Cf-Pop: FRA2-C1
X-Amz-Server-Side-Encryption: AES256
X-Cache: RefreshHit from cloudfront
Connection: keep-alive
Content-Length: 2
Last-Modified: Tue, 07 Sep 2021 06:39:56 GMT
Server: AmazonS3
Date: Mon, 10 Jan 2022 06:50:19 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: GyCCxwmMG-w77v2u4J1H3BUZHBcrGaB31LfYZIekjWOwBeEa8aojgw==

GET
H/1.1 200
OK config.json Show response
s.adroll.com/onsite_personalization/production/advertiser-personalizations/HVT2SOYWOBESJB535C7MUS/ 2 KB
2 KB 633ms
616ms XHR
binary/octet-stream 2600:9000:20eb:be00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/onsite_personalization/production/advertiser-personalizations/HVT2SOYWOBESJB535C7MUS/config.json
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/onsite_personalization/production/0.1/static/js/main.39c29e42.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:be00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0b7cc6c8b7fefd78a6ae414419fedf7a729897da31dd6a95d350d3cd5633005c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

X-Amz-Version-Id: gdsCJ91e36preZqcIA6RaB5svplwGuhr
Via: 1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
Etag: "04a72a37c10f648fb8263045b284cb6c"
X-Amz-Cf-Pop: FRA2-C1
X-Amz-Server-Side-Encryption: AES256
X-Cache: RefreshHit from cloudfront
Connection: keep-alive
Content-Length: 1697
Last-Modified: Tue, 07 Sep 2021 06:39:56 GMT
Server: AmazonS3
Date: Mon, 10 Jan 2022 06:50:19 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: SXsP2qGElopRPRgCUKG5FHcVTe91NZhuPfe1wMSqMbfXMiPB8xD3YA==

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/-FJgYf1d3dZ_QPcZP7bd85hc/ Frame 2FD2 51 KB
24 KB 7ms
6ms Stylesheet
text/css 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-FJgYf1d3dZ_QPcZP7bd85hc/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/bframe?hl=de&v=-FJgYf1d3dZ_QPcZP7bd85hc&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bcd1f7e49f79b765f936bdae5a06d5a63529d8b21a588011146de94f927524

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 17:13:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 481034
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24158
x-xss-protection: 0
last-modified: Mon, 03 Jan 2022 05:02:35 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Wed, 04 Jan 2023 17:13:04 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/-FJgYf1d3dZ_QPcZP7bd85hc/ Frame 2FD2 352 KB
139 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-FJgYf1d3dZ_QPcZP7bd85hc/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/bframe?hl=de&v=-FJgYf1d3dZ_QPcZP7bd85hc&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1328fdb36a1c8ca148d68a0093772adbf73d4e3bd10698836366c558150b32bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 18:25:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44666
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 142561
x-xss-protection: 0
last-modified: Mon, 03 Jan 2022 05:02:35 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 09 Jan 2023 18:25:52 GMT

GET
H3 200 i18n-data-data-locales-en-us.js Show response
static.hsappstatic.net/conversations-visitor-ui/static-1.11962/ Frame B532 776 B
1 KB 32ms
19ms Script
application/javascript 2606:4700::6811:7d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.11962/i18n-data-data-locales-en-us.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:7d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86427575a0484091067bbe0b287969ef2ad38eb4e82a44abdc08917d544af4a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 06:50:18 GMT
via: 1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 215033
x-amz-server-side-encryption: AES256
cf-ray: 6cb3f8673c9d4eb5-FRA
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 16 Dec 2021 14:49:45 GMT
server: cloudflare
etag: W/"ffbfa66af39c974826952e95a55e9333"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1vi76TQ9yc5ioRxRQJ9eOVSfCcwUh5PRFiFrWF7zn3207IqidwH7MLeeaRv7IBHyNrSEn00bZJfM0nvHFabgI3Hx5VSDXm%2BDtcFf1xiXdtXP4ET%2BwRClonqlF0f05OVq5VzJuzvbMCJY8F4aqkSmVWqxEOo%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: rTI0mt7tJy4qAs7qsCuf0.czO6hSeofI
access-control-allow-origin: https://app.hubspot.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P2
content-type: application/javascript
x-amz-cf-id: X8zG4gXtbkJFS1dYbb_gOQMRuYhE2UuY3d5cjGWs4FWPA4kAeKlA3g==
expires: Tue, 10 Jan 2023 06:50:18 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/enterprise/ Frame 2FD2 35 KB
21 KB 60ms
60ms XHR
application/json 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/reload?k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-FJgYf1d3dZ_QPcZP7bd85hc/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e02ec19708cffa4de2eb4d9e519a39f568f1bc66b9e1854ce73bdc06af972370

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/enterprise/bframe?hl=de&v=-FJgYf1d3dZ_QPcZP7bd85hc&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Mon, 10 Jan 2022 06:50:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21531
x-xss-protection: 1; mode=block
expires: Mon, 10 Jan 2022 06:50:18 GMT

GET
H2 200 nr-spa-1198.min.js Show response
js-agent.newrelic.com/ Frame B532 38 KB
15 KB 29ms
7ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-spa-1198.min.js
Requested by: Host: app.hubspot.com
URL: https://app.hubspot.com/conversations-visitor/2113031/threads/utk/24a15c8a572247388b522f40e329cfe0?uuid=19be3e1fdbdc40dbaf6f52a50c2881c1&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=fraud.net&inApp53=false&messagesUtk=24a15c8a572247388b522f40e329cfe0&url=https%3A%2F%2Ffraud.net%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8ec272b76ebdf8756da8e60cbec342b26e1e314d223b828e34b02aedea5d6d5a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: "498f8d87fcfe5e90fda6a3ae4c47c6b0"
x-amz-request-id: 0R71R4S6DR7Q46VZ
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 14594
x-amz-id-2: jwB4HD1onuM01T+aa9cE0phBQ7JJA6PC23zrI92plfv1mNUuz4btHb5jnz9/c0xF1c4iovoY58c=
x-served-by: cache-hhn4069-HHN
last-modified: Fri, 29 Jan 2021 19:19:10 GMT
server: AmazonS3
x-timer: S1641797418.227819,VS0,VE0
date: Mon, 10 Jan 2022 06:50:18 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 417

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
542 B 149ms
140ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=e7da54a7-2f38-4f6a-9f57-178fe485ef3c&fci=ac02e542-36e9-4c3a-8e34-8e15dfc15f85&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1792297217&v=1.1&a=2113031&rcu=https%3A%2F%2Ffraud.net%2F&pu=https%3A%2F%2Ffraud.net%2F&t=Fraud.net+%7C+AI+Fraud+Detection+and+Prevention+for+Enterprises&cts=1641797418289&vi=e5904a3f40d6fa7d4fa013c2bd22e59b&nc=true&u=57037109.e5904a3f40d6fa7d4fa013c2bd22e59b.1641797418283.1641797418283.1641797418283.1&b=57037109.1.1641797418283&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 06:50:18 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: c83543a4-08d4-4047-b736-8c1c5ee782cf
cf-ray: 6cb3f8686e760f6e-MXP
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vuwaKnryaeemSkUZfi5h5jPrp1xW7%2FVhGLRhwpDfHt18Y1xtVUK%2F3f4sijae%2Bjs%2BW8ziJob%2FQ7DqDp3xjrCu2yzBjJ%2FD2UVGzyHWI6DG1llBrGC84YC36xGMKBnOV6dyyEPrUjehwn%2Fuq2%2F4IzS8"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
451 B 149ms
140ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1792297217&v=1.1&a=2113031&rcu=https%3A%2F%2Ffraud.net%2F&pu=https%3A%2F%2Ffraud.net%2F&t=Fraud.net+%7C+AI+Fraud+Detection+and+Prevention+for+Enterprises&cts=1641797418290&vi=e5904a3f40d6fa7d4fa013c2bd22e59b&nc=true&u=57037109.e5904a3f40d6fa7d4fa013c2bd22e59b.1641797418283.1641797418283.1641797418283.1&b=57037109.1.1641797418283&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 06:50:18 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: c67a2d02-1381-41e4-a949-d0c6df83050f
cf-ray: 6cb3f8686e780f6e-MXP
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SyOD4IeePOYW%2F787XtRw%2FrMBytDGDNQDIeAdTzzxsGnRKHzPT6NB6q9vM%2BbJqoD0BO57coPaOCsYvkTziLjZtfzmSNMy5KXtOd9QETYm6SrldQ%2Bg58rCxt3kI3NZKrHVSQVw8sB74Lf0zrNV1EiW"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 Fraud_net_final_logo_square_500x500.jpg
cdn2.hubspot.net/hub/2113031/hubfs/lead-flow-images/ Frame B532 2 KB
3 KB 73ms
37ms Image
image/webp 2606:4700::6811:f4cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.hubspot.net/hub/2113031/hubfs/lead-flow-images/Fraud_net_final_logo_square_500x500.jpg?width=108&height=108
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:f4cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 647027d64b0b4d0632aebd3bac36db0bb22f6cda29b493af4f091717157a93ca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-methods: GET
date: Mon, 10 Jan 2022 06:50:18 GMT
via: 1.1 5630c5d6ce3870273aaf2ed5fe6c2f14.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 71363
cf-polished: qual=85, origFmt=jpeg, origSize=4151
edge-cache-tag: F-5547817478,FD-5547817466,P-2113031,FLS-ALL
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="Fraud_net_final_logo_square_500x500.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
content-length: 2354
x-amz-server-side-encryption: AES256
last-modified: Mon, 20 Dec 2021 01:10:49 GMT
server: cloudflare
x-cache: RefreshHit from cloudfront
etag: "ab24a82a7e937bfb6f0721c883365861"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y3qXH%2BLBLLly96aDmqHcUfREMt5Vkp8Lr6IgvOVo5wy4cGUX%2Fmkbd4MA7WFEc3ZR%2BhMPj4533cNiBEtOeZdR5DYaAV4qs4ksOHgpAhtx1vgH8wRxjyW%2BT8KBFjK0vj0tRCIfCNI7kSbc8y6VWkA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cf-bgj: imgq:85,h2pri
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-cf-pop: IAD89-P1
accept-ranges: bytes
cf-ray: 6cb3f868eeefe8eb-MXP
x-amz-cf-id: aFHzR3huRqPAeMuJEzBl9DFk4vZHY-i35aqwHdVFZz-3Nk8zQYwU7Q==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

POST
H3 204 rhumb
api.hubspot.com/cartographer/v1/ Frame B532 0
1 KB 150ms
138ms Ping
text/plain 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/cartographer/v1/rhumb?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.11994

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/conversations-visitor-ui/static-1.11994/bundles/visitor.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 10 Jan 2022 06:50:18 GMT
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 57887fbf-9ef7-4c0e-9d22-a5fe15403cb5
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PDtGVuGlnneAwaHeqYvxi95cnRcp2%2Br6wSvdDTUGnGy%2BPBdxUZxP5zM8gXQwBqUU%2FSWxIqLTWaf4TJ3XCvcT1QT3Mx6M53ue%2BQ7l8GOEfpHhvA1Z%2B0m4bzdz%2BHMJIjswqOcgAaMTRTuDMB8pOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://app.hubspot.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-credentials: true
cf-ray: 6cb3f868bd004339-FRA
access-control-allow-headers: Authorization, Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer

GET
H3 200 welcomeMessages Show response
api.hubspot.com/livechat-public/v1/bots/public/bot/120571/ Frame B532 622 B
1 KB 184ms
179ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/bots/public/bot/120571/welcomeMessages?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.11994&conversations-visitor-ui=static-1.11994&traceId=24a15c8a572247388b522f40e329cfe0&sessionId=AMOaWbIyCFXSrxzB8WutoBdBz2KhDzD1OHotsupjqOO-BStGTdDrZegcDYFOE-KwKiSN_-6Z7INcExxHGyu4Ab4u9WwY1SxM9Tu_VMutnqPTtXZHYeB_ImCRV1eJZzyVcEpbcgfCkmFyv4DRIRebu1aBOTMZfz0Nh6TmhGUqIB_Vif5AmE0Q2b4

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec07c0b7790a6a718c348b089f2a9a54ef6313d3907831f11edddcee671434bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://app.hubspot.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 06:50:18 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: fb195954-2f17-417d-a90f-b7d2d060d512
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
server: cloudflare
x-trace: 2B9EB1832589731838E0575A3D70402AE9242F466E000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3%2FK7jvYikwjRMKR0yIOV3gVnugZTzfjoH7uGl7OEwkta699KI5jENhBiBxq4f68XfE7dHtAaMNnpLK5HoJw8VmEDDsq03AyrX1ZdDS7OCcFdShRo2%2BX1VVzy%2BJSh7igTBcmZLtU2mG%2BjyTNGVg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://app.hubspot.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-credentials: true
cf-ray: 6cb3f868bd024339-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

GET
H3 200 refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame 2FD2 600 B
624 B 7ms
7ms Image
image/png 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/refresh_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-FJgYf1d3dZ_QPcZP7bd85hc/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/-FJgYf1d3dZ_QPcZP7bd85hc/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 19:52:10 GMT
x-content-type-options: nosniff
age: 471488
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 600
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Tue, 11 Jan 2022 19:52:10 GMT

GET
H3 200 audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame 2FD2 530 B
554 B 7ms
7ms Image
image/png 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/audio_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-FJgYf1d3dZ_QPcZP7bd85hc/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/-FJgYf1d3dZ_QPcZP7bd85hc/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 05:44:53 GMT
x-content-type-options: nosniff
age: 435925
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 530
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Wed, 12 Jan 2022 05:44:53 GMT

GET
H3 200 info_2x.png
www.gstatic.com/recaptcha/api2/ Frame 2FD2 665 B
689 B 7ms
7ms Image
image/png 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/info_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-FJgYf1d3dZ_QPcZP7bd85hc/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/-FJgYf1d3dZ_QPcZP7bd85hc/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 11:26:47 GMT
x-content-type-options: nosniff
age: 415411
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 665
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Wed, 12 Jan 2022 11:26:47 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 2FD2 15 KB
15 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 17:06:41 GMT
x-content-type-options: nosniff
age: 481417
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 04 Jan 2023 17:06:41 GMT

GET
H3 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 2FD2 15 KB
15 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 21:19:14 GMT
x-content-type-options: nosniff
age: 552664
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15340
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 03 Jan 2023 21:19:14 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 2FD2 15 KB
15 KB 11ms
10ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 14:17:54 GMT
x-content-type-options: nosniff
age: 491544
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 04 Jan 2023 14:17:54 GMT

GET
H3 200 payload
www.google.com/recaptcha/enterprise/ Frame 2FD2 30 KB
30 KB 17ms
16ms Image
image/jpeg 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/recaptcha/enterprise/payload?p=06AGdBq24Cey8kFbJwde7cGiVmoh7H7IWTND8M1ae1sh2J1yccwTitma_yjzEzLnTjv8NMKYSTnZL-vh8pN8jx6h-_s2zM4h8iEcUCjocXL_XXsOZECLrbkf4TIhu_p54q54CJ8pry24iNpbIsmL8m5vso7VF27g-0RKXlLBTaGCBDm5X9j3oAOpharSYTYfiMNswXXvrwZkLoQ8DqeFS-x4lMJOWIhW4RrQ&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cc22853e2ee9c2909e1fb8b1eb432978922c2c3c6f51fa532357cd5a43d60184

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/enterprise/bframe?hl=de&v=-FJgYf1d3dZ_QPcZP7bd85hc&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 06:50:18 GMT
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: private, max-age=30
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30328
x-xss-protection: 1; mode=block
expires: Mon, 10 Jan 2022 06:50:18 GMT

GET
H3 200 json Show response
forms.hubspot.com/lead-flows-config/v1/config/ 167 B
1 KB 150ms
150ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=2113031&utk=e5904a3f40d6fa7d4fa013c2bd22e59b&__hstc=57037109.e5904a3f40d6fa7d4fa013c2bd22e59b.1641797418283.1641797418283.1641797418283.1&__hssc=57037109.1.1641797418283&currentUrl=https%3A%2F%2Ffraud.net%2F

Requested by

Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

afe688a0eb173818851e7922019d4b22ce654dd27d303de5e4e872c4c08de931

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 06:50:18 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 7ecabff9-657c-499b-8e52-9bbc7385a1c2
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-robots-tag: none
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rJCjnma9U7%2BQRRwmUQAiD6LGjzbzYaI3tL%2B52cdFqVxNtst%2BGQg9eSPpHRiv79F4iJo0DGaXqSBmE7OAs4mCZp6DNjOr%2B%2BXF1ZsAnZv%2Fx5MMg4IW6%2FrBLdxI8R9sPD5UsQWKVIY6mNZlIFNoq8Qq"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://fraud.net
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
cf-ray: 6cb3f86939a759ad-MXP
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent

POST
H2 200 ML43PNVWLZH6BAVX2UYHRM
d.adroll.com/pex/HVT2SOYWOBESJB535C7MUS/ 42 B
124 B 31ms
31ms Ping
image/gif 99.80.81.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/pex/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM?adroll_fpc=74e3b0e77b3dcfd54bfeed848eacb765-1641797417368&arrfrr=https%3A%2F%2Ffraud.net%2F&ev=xidctx&es=%7BSrk-kLH-k-SHS%7D&esv=&pv=82154171122.43019
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.81.12 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-81-12.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://fraud.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 10 Jan 2022 06:50:18 GMT
server: nginx/1.20.0
content-length: 42
content-type: image/gif

GET
H/1.1 200
OK f9d051f404 Show response
bam.nr-data.net/1/ Frame B532 57 B
322 B 415ms
103ms Script
text/javascript 162.247.242.20
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/f9d051f404?a=205242107&sa=1&v=1198.fe6ec20&t=Unnamed%20Transaction&rst=952&ck=1&ref=https://app.hubspot.com/conversations-visitor/2113031/threads/utk/24a15c8a572247388b522f40e329cfe0&be=519&fe=689&dc=591&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1641797417514,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:1,%22c%22:1,%22s%22:24,%22ce%22:47,%22rq%22:47,%22rp%22:217,%22rpe%22:220,%22dl%22:253,%22di%22:591,%22ds%22:591,%22de%22:591,%22dc%22:688,%22l%22:688,%22le%22:689%7D,%22navigation%22:%7B%7D%7D&fp=919&fcp=919&ja=%7B%22nrSnippetVersion%22:%221198%22,%22environment%22:%22prod%22,%22deployed%22:true,%22hublet%22:%22na1%22,%22userAgentRaw%22:%22Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/97.0.4692.71%20Safari/537.36%22,%22supportsPromiseRejectionEvent%22:true,%22deviceMemory%22:8,%22cpuCores%22:4,%22downloadSpeedMbps%22:9.9,%22effectiveConnectionType%22:%224g%22,%22networkLatencyMs%22:0,%22conditionalPolyfillsInstalled%22:false,%22portalId%22:2113031,%22package%22:%22conversations-visitor-ui%22,%22packageVersion%22:%221.11994%22,%22template%22:%22html/visitor-index.html.jade%22,%22user-online%22:true,%22visibility%22:%22visible%22,%22currentVisibility%22:%22visible%22,%22isEmbeddedInProduct%22:%22false%22,%22reactRhumbVersion%22:%221.6876%22,%22reaganVersion%22:%22react-rhumb%22,%22route%22:%22/%22,%22numReaganChecksStarted%22:1,%22numPreviousReaganChecksAborted%22:0,%22avgDurationBeforePreviousReaganAborts%22:0,%22numPreviousReaganChecksFailed%22:0,%22numPreviousReaganChecksSuccessful%22:0,%22supportsUserTiming%22:true,%22supportsPerformanceTimeline%22:true,%22supportsHighResolutionTime%22:true%7D&jsonp=NREUM.setToken
Requested by: Host: app.hubspot.com
URL: https://app.hubspot.com/conversations-visitor/2113031/threads/utk/24a15c8a572247388b522f40e329cfe0?uuid=19be3e1fdbdc40dbaf6f52a50c2881c1&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=fraud.net&inApp53=false&messagesUtk=24a15c8a572247388b522f40e329cfe0&url=https%3A%2F%2Ffraud.net%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.20 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-8.nr-data.net
Software: /
Resource Hash: 5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Cross-Origin-Resource-Policy: cross-origin
Content-Type: text/javascript;charset=iso-8859-1
Content-Length: 57
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 204 collect Show response
f.clarity.ms/ 0
48 B 285ms
284ms XHR
text/plain 20.84.22.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://f.clarity.ms/collect
Requested by: Host: f.clarity.ms
URL: https://f.clarity.ms/s/0.6.31/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.84.22.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://fraud.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: https://fraud.net
date: Mon, 10 Jan 2022 06:50:18 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

POST
H/1.1 200
OK f9d051f404 Show response
bam.nr-data.net/events/1/ Frame B532 24 B
182 B 101ms
101ms XHR
image/gif 162.247.242.20
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/f9d051f404?a=205242107&sa=1&v=1198.fe6ec20&t=Unnamed%20Transaction&rst=1373&ck=1&ref=https://app.hubspot.com/conversations-visitor/2113031/threads/utk/24a15c8a572247388b522f40e329cfe0
Requested by: Host: app.hubspot.com
URL: https://app.hubspot.com/conversations-visitor/2113031/threads/utk/24a15c8a572247388b522f40e329cfe0?uuid=19be3e1fdbdc40dbaf6f52a50c2881c1&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=fraud.net&inApp53=false&messagesUtk=24a15c8a572247388b522f40e329cfe0&url=https%3A%2F%2Ffraud.net%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.20 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-8.nr-data.net
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://app.hubspot.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
content-type: text/plain

Response headers

Access-Control-Allow-Origin: https://app.hubspot.com
Access-Control-Allow-Credentials: true
Content-Length: 24
Content-Type: image/gif

Verdicts & Comments Add Verdict or Comment

242 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

75 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 04:22:29	Name: _GRECAPTCHA Value: 09ABBMTcMkvceCP3w6AO59AByydLxzWh-4H5mHPaESI0AIsNEauMmCARPSPkbz-1QutaiBvT9xRbfK6IyZoRgttkU
fraud.net/	1970-01-20 08:48:53	Name: uncode_privacy[consent_types] Value: %5B%5D
.fraud.net/	1970-01-20 02:12:53	Name: _gcl_au Value: 1.1.181002606.1641797416
.bing.com/	1970-01-20 09:24:53	Name: MUID Value: 1FD0E000915961C001F8F128908B60ED
.fraud.net/	1970-01-20 17:34:29	Name: _ga Value: GA1.2.1061495219.1641797417
.fraud.net/	1970-01-20 00:04:43	Name: _gid Value: GA1.2.2008241038.1641797417
.ws.zoominfo.com/	1970-01-20 08:48:53	Name: visitorId Value: c2c519ca89a5268b2ffff01056d25715c570e7171ebe1ff355a0973ba744b7be
.linkedin.com/	1970-01-20 00:46:29	Name: UserMatchHistory Value: AQKlxwesjEZTqgAAAX5CwHcgjqD7OOgX9KKiEbbaUX3ZZqePm9AWPbcCceTm_vzZ7J8GxWOIyd-peQ
.linkedin.com/	1970-01-20 00:46:29	Name: AnalyticsSyncHistory Value: AQKUbLox6GmURAAAAX5CwHcgUJOJvTvMdhvGEzg8VBnVDuuXcLk4sarnFPxcKtuTA_zm8LNf_UjvEZA8lJSCHA
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 17:35:11	Name: bcookie Value: "v=2&dcc2c328-9084-4c65-8b0b-d22f939205dd"
.linkedin.com/	1970-01-20 00:04:43	Name: lidc Value: "b=VGST06:s=V:r=V:a=V:p=V:g=2277:u=1:x=1:i=1641797416:t=1641883816:v=2:sig=AQF3lRbDuV3CkKotikz0lBe2rcVAMNd-"
.fraud.net/	1970-01-20 00:04:43	Name: _uetsid Value: 91c179e071e111ec8e9f9569c86b7308
.fraud.net/	1970-01-20 09:24:53	Name: _uetvid Value: 91c195d071e111ecb6fcc1eed51aa0ce
fraud.net/	1970-01-20 00:03:19	Name: _sp_ses.c750 Value: *
fraud.net/	1970-01-20 17:34:29	Name: _sp_id.c750 Value: 11227823-9f17-45ab-adb9-25bd11a809d9.1641797417.1.1641797417.1641797417.0757620f-c05b-4d79-b8c8-a70378b784e4
.fraud.net/	1970-01-20 02:12:53	Name: _fbp Value: fb.1.1641797416911.688582531
.facebook.com/	1970-01-20 02:12:53	Name: fr Value: 0SOMapbSBsKfHBD3B..Bh29co...1.0.Bh29co.
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 17:35:11	Name: bscookie Value: "v=1&202201100650166969c2d9-2032-4650-8276-cfa3b2f6b66bAQFNL9gRWexjW3piBCIuad3aceChz6eq"
.linkedin.com/	1970-01-20 17:29:32	Name: li_gc Value: MTswOzE2NDE3OTc0MTY7MjswMjEcRtnw/knI8F1KDXohuNlw+V4lHw7J2O5jfyo8lSojTA==
.fraud.net/	1970-01-20 00:03:17	Name: _gat_UA-35675858-1 Value: 1
.vimeo.com/	1970-01-20 17:34:29	Name: vuid Value: pl226423239.421519544
.fraud.net/	1970-01-20 08:48:53	Name: _hjSessionUser_2001329 Value: eyJpZCI6IjVjZTkxNTg3LTYwYzYtNTQyMC1hZjY3LTdlMjBkZDUzNzNiNSIsImNyZWF0ZWQiOjE2NDE3OTc0MTY5MzEsImV4aXN0aW5nIjpmYWxzZX0=
.fraud.net/	1970-01-20 00:03:19	Name: _hjFirstSeen Value: 1
.fraud.net/	1970-01-20 00:03:19	Name: _hjSession_2001329 Value: eyJpZCI6IjNkYzZlZGUwLTQwZDgtNDJhMi04NmUyLTE1ZTQxOGUzYjg2MiIsImNyZWF0ZWQiOjE2NDE3OTc0MTczNDV9
fraud.net/	1970-01-20 00:03:17	Name: _hjIncludedInPageviewSample Value: 1
.fraud.net/	1970-01-20 00:03:19	Name: _hjAbsoluteSessionInProgress Value: 0
fraud.net/	1970-01-20 00:03:17	Name: _hjIncludedInSessionSample Value: 0
.fraud.net/	1970-01-20 08:49:15	Name: __adroll_fpc Value: 74e3b0e77b3dcfd54bfeed848eacb765-1641797417368
.c.bing.com/	1970-01-20 09:24:53	Name: SRM_B Value: 1FD0E000915961C001F8F128908B60ED
fraud.net/	1970-01-20 00:03:21	Name: _gauges_unique_hour Value: 1
fraud.net/	1970-01-20 00:04:43	Name: _gauges_unique_day Value: 1
fraud.net/	1970-01-20 00:47:55	Name: _gauges_unique_month Value: 1
fraud.net/	1970-01-20 08:48:53	Name: _gauges_unique_year Value: 1
fraud.net/	1970-01-20 08:48:53	Name: _gauges_unique Value: 1
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 09:24:53	Name: MUID Value: 1FD0E000915961C001F8F128908B60ED
.c.clarity.ms/	1970-01-20 00:03:18	Name: ANONCHK Value: 0
.fraud.net/	1970-01-20 08:48:53	Name: sp Value: bd11867d-2aad-43d4-8b3a-b71ffb2831af
.fraud.net/	1970-01-20 08:48:53	Name: _clck Value: 11m6tk2\|1\|ey0\|0
.fraud.net/	1970-01-20 08:48:53	Name: __ar_v4 Value: %7CHVT2SOYWOBESJB535C7MUS%3A20220109%3A1%7CML43PNVWLZH6BAVX2UYHRM%3A20220109%3A1%7C6SMH2DHXINFNDD52UNEEKG%3A20220109%3A1
.advertising.com/	1970-01-20 08:50:19	Name: APID Value: UP9241360a-71e1-11ec-8ff8-0275b999303a
.hubspot.com/	1970-01-20 00:03:19	Name: __cf_bm Value: XyfQUYMw0Gxp6aN7A_Cl7toYaZ95XsnBch9W6f2m52o-1641797417-0-AeOJ4F+3bgjfcmn32Dg1vc7GwiwfBTTh88toYJgKtteBWyttAi0bup6ZHVx5r7plhDmZDORT5Lg6K1oYahinTdM=
.pubmatic.com/	1970-01-20 02:12:53	Name: KRTBCOOKIE_10 Value: 22808-NzUxNDQzMmJkMWZiOGI1MDdmMDBhZWUwZmUwNmMzM2I&KRTB&22883-NzUxNDQzMmJkMWZiOGI1MDdmMDBhZWUwZmUwNmMzM2I
.pubmatic.com/	1970-01-20 00:46:29	Name: PugT Value: 1641797417
.pubmatic.com/	1970-01-20 02:12:53	Name: PUBMDCID Value: 3
.yahoo.com/	1970-01-20 08:49:15	Name: A3 Value: d=AQABBCnX22ECEJfzOx3U1I2ALXVspyST7rAFEgEBAQEo3WHlYQAAAAAA_eMAAA&S=AQAAAvqPceU_p39A3BShVAzI3us
.3lift.com/	1970-01-20 02:12:53	Name: tluid Value: 916472562389506194
.bidswitch.net/	1970-01-20 08:48:53	Name: tuuid Value: dc9692a4-5854-4c03-8d1c-55bbc69cd12f
.bidswitch.net/	1970-01-20 08:48:53	Name: c Value: 1641797417
.bidswitch.net/	1970-01-20 08:48:53	Name: tuuid_lu Value: 1641797417
.doubleclick.net/	1970-01-20 09:24:53	Name: IDE Value: AHWqTUniTJt2a0ekFgIwF55Yyu9GVAXV0wsRmtV2QS-MTd6UXsX0lWfJRv0O-2XrnYU
.adnxs.com/	1970-01-20 02:12:53	Name: uuid2 Value: 5068868406179452062
.taboola.com/	1970-01-20 08:48:53	Name: t_gid Value: e27d02e6-2923-47d1-ae28-1e24aa30ccde-tuct8d55ca9
.adnxs.com/	1970-01-20 02:12:53	Name: anj Value: dTM7k!M4/rD>6NRF']wIg2E?fhJugR!]tbPl@/@8$-^=$UfY:%FWI)SD%T_8A46%q@5VJFZpP>j=!8DY?fxe5FV-UuF]vOUHoDQlZslKys/edbpRzqF1`b_K#-@C0C
.casalemedia.com/	1970-01-20 08:48:53	Name: CMID Value: YdvXKRX0N12u1LeWQuPRdwAA
.casalemedia.com/	1970-01-20 02:12:53	Name: CMPS Value: 3234
d.adroll.com/	1970-01-20 09:32:05	Name: __adroll Value: 7514432bd1fb8b507f00aee0fe06c33b-g_1641797417-a_1641797417
.adroll.com/	1970-01-20 09:32:05	Name: __adroll_shared Value: 7514432bd1fb8b507f00aee0fe06c33b-g_1641797417-a_1641797417
.fraud.net/	1970-01-20 00:04:43	Name: _clsk Value: 1juk7ca\|1641797417899\|1\|1\|f.clarity.ms/collect
.casalemedia.com/	1970-01-20 02:12:53	Name: CMPRO Value: 1131
.casalemedia.com/	1970-01-20 00:04:43	Name: CMST Value: YdvXKWHb1ykA
.casalemedia.com/	1970-01-20 08:48:53	Name: CMRUM3 Value: 6961dbd7292760NzUxNDQzMmJkMWZiOGI1MDdmMDBhZWUwZmUwNmMzM2I
.outbrain.com/	1970-01-20 02:12:53	Name: obuid Value: 62677939-7a11-46c6-ba16-94700e77cef3
.outbrain.com/	1970-01-20 00:46:29	Name: adrl Value: NzUxNDQzMmJkMWZiOGI1MDdmMDBhZWUwZmUwNmMzM2I
m.stripe.com/	1970-01-20 17:34:29	Name: m Value: 6ad5c1b3-925d-46b9-bfb0-cd0094aecf914ae1a0
.fraud.net/	1970-01-20 08:48:53	Name: __stripe_mid Value: 9d44a06c-dbc9-4164-99a2-a882088441fefab817
.fraud.net/	1970-01-20 00:03:19	Name: __stripe_sid Value: ef9cc27f-730a-495d-aa37-9ed738aff9ed8533bf
.fraud.net/	1970-01-20 09:24:53	Name: __hstc Value: 57037109.e5904a3f40d6fa7d4fa013c2bd22e59b.1641797418283.1641797418283.1641797418283.1
.fraud.net/	1970-01-20 09:24:53	Name: hubspotutk Value: e5904a3f40d6fa7d4fa013c2bd22e59b
.fraud.net/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.fraud.net/	1970-01-20 00:03:19	Name: __hssc Value: 57037109.1.1641797418283
.fraud.net/	1970-01-20 09:24:53	Name: messagesUtk Value: 24a15c8a572247388b522f40e329cfe0
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: c2336eca4c18fd6b

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://fraud.net/(Line 344) Message: Allow attribute will take precedence over 'allowfullscreen'.
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'sha256-Qj6AdMOUjZkBBUTjGW/OORBoqx2Pohcq8Bg/ZvZzgYw='".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

11b557cb-155c-0033-f06a-24a191181ec8.z1.dca0.com
149360532.v2.pressablecdn.com
ads.yahoo.com
api.hubspot.com
app.hubspot.com
bam.nr-data.net
bat.bing.com
c.bing.com
c.clarity.ms
cdn2.hubspot.net
cm.g.doubleclick.net
connect.facebook.net
d.adroll.com
device.fraud.net
dsum-sec.casalemedia.com
eb2.3lift.com
f.clarity.ms
f.vimeocdn.com
fonts.gstatic.com
forms.hsforms.com
forms.hubspot.com
fraud.net
fresnel.vimeocdn.com
googleads.g.doubleclick.net
i.vimeocdn.com
ib.adnxs.com
in.hotjar.com
js-agent.newrelic.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hscollectedforms.net
js.hsforms.net
js.hsleadflows.net
js.stripe.com
js.usemessages.com
m.stripe.com
m.stripe.network
media.fraud.net
perf.hsforms.com
pixel.advertising.com
pixel.rubiconproject.com
player.vimeo.com
px.ads.linkedin.com
px4.ads.linkedin.com
q.stripe.com
s.adroll.com
s.dca0.com
script.hotjar.com
secure.gaug.es
simage2.pubmatic.com
snap.licdn.com
static.hotjar.com
static.hsappstatic.net
sync.outbrain.com
sync.taboola.com
track.hubspot.com
us-u.openx.net
vars.hotjar.com
vimeo.com
ws.zoominfo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
x.bidswitch.net
108.174.10.14
13.224.193.121
13.224.193.127
13.224.193.91
13.225.80.119
13.225.80.89
141.226.228.48
142.250.185.226
142.250.186.66
151.101.0.176
151.101.114.109
151.101.128.217
151.101.2.137
151.101.64.217
162.247.242.20
18.157.252.145
18.198.172.5
185.33.221.13
185.64.190.80
192.0.77.39
199.16.172.83
2.18.234.21
20.84.22.197
2600:9000:20eb:aa00:19:7d10:bd80:93a1
2600:9000:20eb:be00:6:9280:1080:93a1
2606:4700::6810:5805
2606:4700::6810:a852
2606:4700::6811:46b0
2606:4700::6811:7d2
2606:4700::6811:82ab
2606:4700::6811:ba49
2606:4700::6811:d5cc
2606:4700::6811:eacc
2606:4700::6811:edcc
2606:4700::6811:f4cc
2606:4700::6812:15bf
2606:4700::6813:9a53
2620:1ec:21::14
2620:1ec:c11::200
2a00:1288:80:800::7001
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2008
2a00:1450:4001:80f::200e
2a00:1450:4001:813::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:830::2004
2a02:26f0:6c00::210:ba18
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
34.120.202.204
34.211.243.235
34.98.64.218
44.240.107.9
52.142.114.2
52.17.53.90
52.70.137.221
54.172.53.5
54.187.159.182
64.202.112.31
69.173.144.139
76.223.111.18
99.80.81.12
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
042743ebddf738d0ff8c888fbdc7412f96323661d5a5c0d9784c445601f9863f
04e6fb814fccce3a0aecb83be0bc24665cf3e6a5e993f296471a63708f63e138
07db2104bff88b827b7d0dc6c06ec4b2d6fe59c2633680546dbddb3be400285f
0990ab76e0b0b56703fddd6a5ff8d7a0fd346cc39daa893b7690751bf449fb81
0acdd6c6111be4bb190ac9745cc3a4ecc1bcf1d2f5996c364ff295295e319226
0b7cc6c8b7fefd78a6ae414419fedf7a729897da31dd6a95d350d3cd5633005c
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0d91e64b56363e060206c692f026f1bbca8a92ac351033b8085d6292f1627e21
0f47efcf7e21734e231f323a3d1ecf00c24dee2268687a589042d8de82500dda
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1328fdb36a1c8ca148d68a0093772adbf73d4e3bd10698836366c558150b32bd
134568be83d33ab28a55e78e8e8ac638ac6a57ff1bfc62bb5bc4e93fee39e20f
14a3a7e077c77e3180a74584291e139dd0301b610fe5ec6888fdba19e7e8781c
1a4651c562bac53f6d33b1d8093551a818571a6b595304ba4813bc7b5d503783
1b63af7a02c46c6968431dcba892f98a347ad60453f3a6eb801528a1adaf32e8
1b9772b16e0768da02295daf252e53b482c9c054dfddf57037e4d683c8c136e6
1c2a6b17b7269caec4d6d7243cb0c1eaca335d4e50c01611955f6b7df5b6946e
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
1fc8f7ecbe0e498fcad93065be830a33fc09dd1d28f96cee6e77c6d3647f1601
203328f6942da243b123abfc41902926c35cf46924598e8d8541461162334131
20428f93f2673efc5b14ddbb8488222dabf85da17bce338c6b791071f1cf597a
2111b138a2eb8e110c396e6b154d289891f1f6d978ab5315a4807ad4e9a45adc
21c7dc1c2db40284c640890ee1fbe06389610827e8d5fc5a90be00199485cba6
234d8bdcdbe8ad7ad55b9dc05062cbba29a8aad1cdae054ac36c77ac0ceca285
23d1cb06ace0ff3e399d3c53bb02c3a8c386cd97dc01081b376c34785c92e4f3
243d0318292081b26db69dad7403b07a4f8c302076bad5ff2f51ce135e19390e
254eb6b34064b344d643ff7f75101721a3a536d9f77799558b160c2130f8e9a4
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
26bb3223df27d9b62025f9e527d9e348f73e77432560c04a1bfc45d449b61c4c
28ee393ecddd1316769c14c464beecb0dec1450bbf93ee0ac7aca95a259b04de
293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b
294c081f8e7d951821883538a40755fda7f328b0eeedd2633ce3511f8690cb28
2aa1a9367c26524b108fea96ec61c982bc0948904192959e26e8871479046551
2c7b80158a47189a1ac736799d5bc0b93a6bc23b56bc793eaa48043a100698d3
2d94d3066a34b525976103a941c069e16f5ed11534466b0070d88f83a63c9ef7
2fe655c898388b97cdfed98b7fb9dfc89e2235224189821fdf747cbdb4b150db
30886bcaa4bc9292431c9ae196c0b6bbcc4e4311b4839780c91a09c771c76c6e
33d5e69839694f93e8b2837ccc78240af393ea4f5060e1597daf67e2b8567ed3
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e6131330963c472b950b8aaf544ba3829735b8ccb103d614ba7793e3a786550
3ecaf7a3e204b75b122c215abe539ee5e93a5e25fff818a5916760d6f03ea824
41b1c7d6af05be020550025a5e45f94ea6f122654d5c783ce4abddbf66197776
43a1613a216990a619a6c8969185aec5a3774f87fbd1492d7a3c73a4002712ab
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
443ba0af7a7ed827223c7fb3c008c02b9ff1d651b6492e9c270378b07d9f6008
445d907172a2bf29b119fecb54a2c2cad1a2eda934f9c887e4c1c923789108d7
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
44d5486ab2f70ac86114bbe3ba75cca3ec5b407845f08215e0f7c8bf0c75c7a2
465726c1fc7cd0e6ff5a19fdf03a20d95e13f8e5c255c157df0428e3370cfd99
4752d6ebb987080a0caca87a76e9e159836fc8b63214fa9bdb36a2c335c767c0
4ad6cdc4f9af3ff11fcf08e8bfa971c2eb8e6323cc62c7d26a9d330fd7598692
4b3b00234df4da1f9594dd6d05252c7529bfb37548078fc9ecf41c1811df3711
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b633d904db4f65f682d956f679c7df93f034e6d06d654cf1fd733bd15fb1c1e
4ba6dbe51aa50e86bff89758bbb0ecb484c2235751b930fbb38ed2bffbc1f24f
4bffb0db717d36ea70b90a0d672647a3cc8797a93061be9b863d831fa93a9831
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e1e38de7c0dba99b8bdc8d2f018a01de1eb11f76ee09f29ca860e472d845592
4e781090bce70f22acc68b9d10929c504c0c56b4440b8fc185956941c9b4eafe
4f3d35c6c4f11dcb2d162feb950a605448fa97de5c9b8d58109ef52eb167d566
50f30f17edf34c786da5768216ee9290c0a77ac00fcff05a11f79ab514bef17e
53327d1c55cd5f6aec4c686f3ba84c17c8fdcea1d62760bb61f3d45ef504566d
53980dec65aa0766875e758fdee2d1cacca5635158a40638afafde8bcb9c8e7e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
580c9a8aca41bf9933253374d42859fa356c75e12381dbe75cfabe1e9b6941d2
59b76a96d782cd0b78b23230e7c44d1773aa8166e3985c96affec9026437aec9
59c48654847cab7c894b4e49aed73de1a4141c27e501d72dd1117a356ef0f069
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b02717518ca02258b2e6f6420745033c2ce3202694783fc08861a37b43d4e8e
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5c4976fe73a786bf224661d57dae28bea5e373d6c2fc8135bdcf51c28f16498b
5dacc86b8a64742e60d70192353e5643da219a3f84c0b26cf6116b06b67fff32
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d
61e6bb7dc98f8adb836fc72a8fdd38c6cfb48a0e71d3c58ffc2943217764ef40
63cb141ca5fdd1ee6b8ba95c870378be2df98f291e22bc078140856a6afb33f2
6430c91bc6bd0be0fcd4c34882f762b4267625d738b0ad19c77ae5a20d368b3e
647027d64b0b4d0632aebd3bac36db0bb22f6cda29b493af4f091717157a93ca
654325663f600c925cd64f27cbd3b104bfbd7c731b0f11389d83a3bc1ba40cd7
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b5402ff8932ed835d39a31b75c6bc737a80f6ddcd6269a1fa53556485ca3ad8
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
712c8dce4daa05238ba7b09298254148fe8c2e29228766bf995026b4b43b3651
725a72e4c7e67bec83f0504963f37d2d0ca9bb7869b6da94749a812c04a23c42
7484caa5b2b7861e7425f4ee65a91b814b1fa699c56cbfd0d787e2622631cf11
75303914ac67157fa5b828cae7b782b84da5734f33fde9fdb163613c368f89a3
76e2bca54d321dfd4cebf8797b2c9a81ccb1c0619d4da3a7c53d4e6228c5a61d
78cada0d0ef4f1560d0bf4022a53790fad68297d09099dbbb3628d8dc62c9275
78db323b8f312a012fdf5334e519215a80f6fce268f6402cf24c71deeacecc11
78f2d51672bd17197327e7fd1c01b548e5d5019623b7fb14ac7461a870b372e1
7a5b0199c6fb4de2cc1f6f1b1e69ed74fd456472c187b18e88804bae3f82dfc8
7da0b6a7d383ffe63de53bea69cc7a1239ae8f4c2c9e43431eedcca5cd585074
7f34b768792b90cf0b04fced2470e43d8fab7644f6565d5178fbfb49c4859cee
7f7abd8586836be0bc4589b65f90c593b3585d3f4c81c8b573fcd37fbc3d0a58
8024acec341dcc8141dd3175d206cbb1c81d8141254363751ad0ab5f91af3e12
81d1eeb980b09409744568d2ed3ca7ff1ee763d6aeb9dc6c66bc845dd3d3bb96
8250a1bc2682e8826ae3d7647ee94059def19643f0034144c9d8e18cf0629ed0
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8409097810be7150a9e804cfc8e430a219a60d28afc5ae443ec992c320540d79
8545132e3cb981a9964c4773891ee0e1b9c9eee72ca40f462f560350659e0f47
86427575a0484091067bbe0b287969ef2ad38eb4e82a44abdc08917d544af4a1
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
89192623f01907db9e2db2a307ae59c0dd5170e1cbbd1f7854e4b5485f24a530
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
8a5b549f97ff7e1523fed10f7de1b2bd371e1d07a9a5ffb748520609b348bb5d
8d102cf18d379c071517dead5a8965835fb77b16016c28022363c9832e4b71bd
8e1b75b9eee6808698b9f632964effaffd1b3fd6d6cff0cedf5f8f45bd9bbb0e
8ec10bed3af6096be5743e3e5dce99ea22832a46b86f13e19e68966a52fe63b8
8ec272b76ebdf8756da8e60cbec342b26e1e314d223b828e34b02aedea5d6d5a
9127552b155071e4a28d3006c9ddf212df99dac2a1042ad9a226c28002d8d4de
9376a04b152f80647751262ccecde76737c5b493ab478cbd5b05e3735770a137
93e7d369cf4bf71c225abafa2d0654fecd5e89c8fe0c187fc0ef903b0c3af222
961c5ca2275ba5b14cc932fcdcd7936c29a42da99f25a09f626cf511d8f58193
97894d5d517bdace45e5737e6288178fe70c289d2b8e326ac82f3fa88ec92c58
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a360fc3b255d7c649ffdd07ab330df23d0018ed8f71c4c619660f97bec81f0a
9ab240edb0085d34e4690568134340865bea04f2a9a84fa6ec952ef1ed83205d
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2f6b81396ab1150effea054efbf1623212ea0419976389ce8f10e909d39e4c7
a4df654661d6a1770cd4d647cf1a16adc085a300d1e521e9bc9f2c133d4e22a5
a5ef3ae7cd5711ecc0d6ef6f218e5f48239431e0d2053fa6b096a111cef2264e
ac5363389926619cf4ade2dda6f1fad90d76496d009d51ba499ae929d7e0e50a
ad30c1cf8e54f447b72596dc7cec0147c0b6311e641821ee547a14af3e66d28b
adfaf54621f479fda0fa70f3235cb7e8dc5c30a6b896e5e2c025ea0e8971d06d
af40864cb09a9463e558472afa4cb4d935d2bff2fad08e4db4cf33fcd5ccf9de
afb60239152b2ab1e5d44c2376662da21a98e3fe19cebdb891660bfa23bb3d4b
afe688a0eb173818851e7922019d4b22ce654dd27d303de5e4e872c4c08de931
b0b68a40558e4971870d6940bf862495d8f91ab85bf4ca6f4980843ee9576d38
b0c5713b0404676e491cdfba01ffd6aaf0dce9227bde577b4178afde264c9841
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2d2f11eb78159e31bce4355ffd5e696717de4270a77ba1d2038e066462008ad
b572ec51d977e38e78d948a9b1a499d8bcb83f4136367521cf300fce6792f336
b5aae3b92b530b0b751a307b0205461da8993bf520abf775b206004e9cd10108
b8e78b48acc08ce31457aff168d6fb2c814d51a8739a97693cdba585d60f5b35
b8f5e4bb4a9f2e6924a3092c4f7e40524b22c31575a38dbbbed2b25b56f6d68f
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb3e171bc5d8ff22e18f447e7574678daec73cc1a0e04940a055580295bc9ba0
bb54934c45f4c74ce2c3d2cc7b8b08b49b5c75d1dc0a64dd5071bf2b452c69ea
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bdd9517fdb9df0b1631029d96536adb3a35cbdef273de0e877411c47af444f90
bde3b71f93b22cd94edb3a80c7ca8dc84e6e90f0609084d6254c7b82a1f59fb5
be5349d4081fecf915783ec56264da71a51dc0e8171fd4556d1c7ea43ba1ba30
bf0ba161b0a2ce0c596d6c8a0a2aa4266ee53609f9eb4aa14837faaef0927940
bfa9441fac08fbebcfc65e202a788744aab8e4b1f634eaaf800256dce5012813
c071beeceabb4754bb3115c3079457ba43d83d4137ed1097b282544e90866845
c2e761ea811732b6541a82b3fb15bb5c977a7f16037cae812cc356dd634c2a0d
c7d26650e92cefe3dca2d12dbc1524fbbed818e854aa3a18a7c74520873f8441
c84cc10b06050e18543d073c0b24fb8cbd32fb4d663e7a0983430f81b4d65296
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
c93bdee62de8340babd9a01dfdfe0e88172993b7f5dcd247f1d796f214226cb8
cb39bcc4746538b77cf5c6bae6378d52a1d81b240a9c39472439733871c04106
cbecd7098b07528fa43facb46bb3c5bda20951f7129c506f3d910fbe9ab9fd9c
cc22853e2ee9c2909e1fb8b1eb432978922c2c3c6f51fa532357cd5a43d60184
cdbf143856a375cc4f975c8cd17edc52f04ebf0952d96944bf027290fe9ad28e
d00d4b4807a747b899bb0285ba0de2861d84d91cf0083302f5a61ed22b040630
d0bcd1f7e49f79b765f936bdae5a06d5a63529d8b21a588011146de94f927524
d23369096b16514e42ec85aa9495bebeed9569aee7d01e2feb52c2fff4e626b1
d33e109a17c6e6a247120f83770a57802f39f7805cddf6c0cd43ceec7947a21a
d34714f028b8a056625c6cc214a4a2456052e03cee9bac45c19b138f4560b368
d39c7ff4103007338040282460b2eb0e5adadd9fb80f986fb4c8a3d41785a6ca
d78cfa26ca35c024abf3d952072abeb210d76b2616c23c0892db3f92459911ac
d7d00e88ba46fbfafd5c03c54553c1146fd850e7128fc85ae6d6e52b171837f4
d859f7e02c2cc2d708a00728582934623d9af3c79b06e6441e1360244134eedb
d869d1f8a92019c18d9844d7b102c1710caf1776ccb360b2e1ab71a2554a1a35
da9d386dd83051678ba4c5268c783452f5ee3ff99c0eb7fe0e5036419bf33a4e
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dc5643794fd698330f5773e0a07119b91e1b493f688e865b0f8b82eb69efcb59
dceda745a0fb58233a95eff6d10796026df6792cb960cdf675eb7b8a6750a2d2
de4945bf8c32247c3570f1945b4af05f3efb440b46c93c18d2f428ae9162c8ea
de599393ee2636d282e2724a638bd0bcb77bef4dad10207b5beb406df96e9847
df2698e6cf74ed890afa92da10051f880df2ce0b3257b73c5d9ae2f6bea82d3c
dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994
e02ec19708cffa4de2eb4d9e519a39f568f1bc66b9e1854ce73bdc06af972370
e127aead57cd6625f795f8c41d8b7c463c2c50158e3a3dc398424db2b16bd5db
e155502c2591053a9bebb7d642781a48c66c1193d32f3b6814c7fb7b6a28c590
e16e05db60d88b2b5e1866fddf94b16071ac8b61c5dd5028cf401d91f8d6f2c1
e2310cdd13a9432e8234e690dd787286e1daf5603559a8d4eab22d38d4085899
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3dcd1c22c0109630f06bb782eddd1db4910dbedc483193a7276dcd07e6d4651
e5bf6606879f5989c3741d12fb53dde2ce79eb61b90013b8f9b80f32b3e6242c
e5c7b4ae3317862b3a5428b50ef2b1db2ac54c9eafc9aa7757f1b51c5e302bc5
e64210bc5df652430818348d474ae4e4339c142d2426a3aaf93d80dff2be5d4a
e81f9d6c3f99d1c13a914817101b1d502d3ab8d2f0a8366dda70ed2c25c6d8f6
e83dc119745c93e5eb29ffac21b9809af235d091f3d55f909d4e74758a0cd090
e87a1c5e24f9a7c7dcb437417f0b05b0a3c12947ce32d65c990c988a8b5ed4d7
ea2f014468a380dc5df1c1d3d7cf09a9202ac27b502b2e4c35d3c8b92a0d5dfe
ec07c0b7790a6a718c348b089f2a9a54ef6313d3907831f11edddcee671434bb
ec1775536ad468cd80edb990378e706070487a5e5f417e41e9f2d81c2909556a
ed34a59f182c66e2b25c602f3c9b0f21435a8f475d5dbc9e6830ff4c7929f5cd
edc988f9162131dfa6d20d122013987468254662e7cdbc7565c39a5789edb6ca
eeccbabdea759985739ac88f0612fd1c85428e431b13fd9d2d7a8f96ee128a40
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f11407450582f04c771643bb680467814bc6ac5cb0627ae3f9b5de0d8c5fa835
f557768dc0c8791b80b0d6415b9c5d292503431d5c48f155e23f335883c7fe4c
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f5b3f1b9deff0b138c2506741a71c40f93ac85a02d45f017eac6fb92b3ff5b50
f93c8551f65ba377f486fa012b49c4fdfbb3247cb0fa9aa1f7f084ea2cb36edf
faaf63b94b9756fc1891adaddce76acddd0be07b78a00c03ac6c60d6a577a684
fc09f7bc556c6c39c27d4e416e2ef674150fb7e4387b2f8edd4885794f1c29ef
fd3b63d368fb079d73b139c458df9f915996bcab6489b9a071a18d74928acc22
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

fraud.net Open in urlscan Pro 199.16.172.83 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

232 Requests

93 %HTTPS

43 %IPv6

48 Domains

70 Subdomains

62 IPs

5 Countries

5556 kBTransfer

12358 kBSize

75 Cookies

4 Outgoing links

Redirected requests

232 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

fraud.net Open in urlscan Pro
199.16.172.83 Public Scan

Screenshot
Live screenshot

Full Image

232
Requests

93 %
HTTPS

43 %
IPv6

48
Domains

70
Subdomains

62
IPs

5
Countries

5556 kB
Transfer

12358 kB
Size

75
Cookies

232 HTTP transactions
4 data transactions