fraud.net Open in urlscan Pro
199.16.173.27 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://archiescloud.com/
Effective URL:
https://fraud.net/
Submission: On March 05 via manual (March 5th 2024, 1:10:35 am UTC) from CA — Scanned from CA

Summary HTTP 227 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 66 IPs in 6 countries across 52 domains to perform 227 HTTP transactions. The main IP is 199.16.173.27, located in United States and belongs to AUTOMATTIC, US. The main domain is fraud.net. The Cisco Umbrella rank of the primary domain is 159789.
TLS certificate: Issued by R3 on February 4th 2024. Valid for: 3 months.

This is the only time fraud.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	3.33.152.147 3.33.152.147	16509 (AMAZON-02) (AMAZON-02)
15	199.16.173.27 199.16.173.27	2635 (AUTOMATTIC) (AUTOMATTIC)
3	37.19.207.34 37.19.207.34	60068 (CDN77 _) (CDN77 _)
60	192.0.77.39 192.0.77.39	2635 (AUTOMATTIC) (AUTOMATTIC)
2	172.253.63.95 172.253.63.95	15169 (GOOGLE) (GOOGLE)
3	172.253.62.97 172.253.62.97	15169 (GOOGLE) (GOOGLE)
3	162.159.128.61 162.159.128.61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.16.137.206 104.16.137.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	142.251.163.94 142.251.163.94	15169 (GOOGLE) (GOOGLE)
3	104.18.176.125 104.18.176.125	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	23.40.207.227 23.40.207.227	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	13.107.21.200 13.107.21.200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	3.162.3.96 3.162.3.96	16509 (AMAZON-02) (AMAZON-02)
1 11	3.162.3.108 3.162.3.108	16509 (AMAZON-02) (AMAZON-02)
1	104.16.191.89 104.16.191.89	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.67.65.129 18.67.65.129	16509 (AMAZON-02) (AMAZON-02)
2	163.70.128.23 163.70.128.23	32934 (FACEBOOK) (FACEBOOK)
1	104.16.136.15 104.16.136.15	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	148.59.128.196 148.59.128.196	33561 (LUNAVI-WY) (LUNAVI-WY)
1	172.64.144.225 172.64.144.225	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.225.195.24 13.225.195.24	16509 (AMAZON-02) (AMAZON-02)
5	134.122.57.141 134.122.57.141	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	216.239.38.178 216.239.38.178	15169 (GOOGLE) (GOOGLE)
4	146.75.30.109 146.75.30.109	54113 (FASTLY) (FASTLY)
2	54.209.50.46 54.209.50.46	14618 (AMAZON-AES) (AMAZON-AES)
4	151.101.192.217 151.101.192.217	54113 (FASTLY) (FASTLY)
10	172.253.122.147 172.253.122.147	15169 (GOOGLE) (GOOGLE)
5	188.166.193.169 188.166.193.169	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	142.251.163.154 142.251.163.154	15169 (GOOGLE) (GOOGLE)
1	172.253.122.101 172.253.122.101	15169 (GOOGLE) (GOOGLE)
2	172.253.63.155 172.253.63.155	15169 (GOOGLE) (GOOGLE)
3	142.251.16.94 142.251.16.94	15169 (GOOGLE) (GOOGLE)
1	104.16.76.186 104.16.76.186	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	104.19.155.83 104.19.155.83	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.124.12 104.18.124.12	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.17.89.154 104.17.89.154	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.34.229 104.18.34.229	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.162.3.66 3.162.3.66	16509 (AMAZON-02) (AMAZON-02)
1	104.18.192.125 104.18.192.125	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	172.253.62.94 172.253.62.94	15169 (GOOGLE) (GOOGLE)
1	34.120.202.204 34.120.202.204	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
13 15	3.216.203.117 3.216.203.117	14618 (AMAZON-AES) (AMAZON-AES)
12	52.37.152.76 52.37.152.76	16509 (AMAZON-02) (AMAZON-02)
3 5	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.225.195.69 13.225.195.69	16509 (AMAZON-02) (AMAZON-02)
1	104.18.160.125 104.18.160.125	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	163.70.128.35 163.70.128.35	32934 (FACEBOOK) (FACEBOOK)
1 2	35.211.178.172 35.211.178.172	15169 (GOOGLE) (GOOGLE)
1 1	142.251.16.156 142.251.16.156	15169 (GOOGLE) (GOOGLE)
1 2	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	35.244.154.8 35.244.154.8	15169 (GOOGLE) (GOOGLE)
1	107.178.254.65 107.178.254.65	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	64.202.112.127 64.202.112.127	23352 (SERVERCEN...) (SERVERCENTRAL)
1	8.28.7.83 8.28.7.83	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	34.200.65.202 34.200.65.202	14618 (AMAZON-AES) (AMAZON-AES)
1	141.226.224.48 141.226.224.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1 2	52.223.22.214 52.223.22.214	16509 (AMAZON-02) (AMAZON-02)
1 2	68.67.179.87 68.67.179.87	29990 (ASN-APPNEX) (ASN-APPNEX)
1	104.248.194.21 104.248.194.21	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	134.122.60.49 134.122.60.49	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	192.0.77.48 192.0.77.48	2635 (AUTOMATTIC) (AUTOMATTIC)
1 2	44.231.247.170 44.231.247.170	16509 (AMAZON-02) (AMAZON-02)
4	23.44.203.89 23.44.203.89	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	34.117.177.207 34.117.177.207	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	15.197.179.7 15.197.179.7	16509 (AMAZON-02) (AMAZON-02)
2	104.19.154.83 104.19.154.83	13335 (CLOUDFLAR...) (CLOUDFLARENET)
227	66

1 3.33.152.147 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a4ec4c6ea1c92e2e6.awsglobalaccelerator.com

archiescloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 199.16.173.27 (United States)

ASN2635 (AUTOMATTIC, US)

fraud.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.19.207.34 (Ashburn, United States)

ASN60068 (CDN77 _, GB)
PTR: 37-19-207-34.bunnyinfra.net

onsite.optimonk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn-account.optimonk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
gs-cdn.optimonk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

60 192.0.77.39 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

149360532.v2.pressablecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.253.63.95 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.253.62.97 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.159.128.61 (None, )

ASN13335 (CLOUDFLARENET, US)

player.vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.137.206 (None, )

ASN13335 (CLOUDFLARENET, US)

js.hsforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.251.163.94 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.176.125 (None, )

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.40.207.227 (Atlanta, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-40-207-227.deploy.static.akamaitechnologies.com

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.107.21.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.162.3.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-3-96.yul62.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 3.162.3.108 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-3-162-3-108.yul62.r.cloudfront.net

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.191.89 (None, )

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.67.65.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-65-129.iad89.r.cloudfront.net

media.fraud.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 163.70.128.23 (Saint-Denis, France)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-03-cdg4.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.136.15 (None, )

ASN13335 (CLOUDFLARENET, US)

ws.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.59.128.196 (Canada)

ASN33561 (LUNAVI-WY, US)

track.cbdatatracker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.144.225 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

tracking.g2crowd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.195.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-195-24.yul62.r.cloudfront.net

s.opensend.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 134.122.57.141 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

app.convolo.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.leadconnect.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
testpage.convolo.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.239.38.178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 146.75.30.109 (Ashburn, United States)

ASN54113 (FASTLY, US)

f.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.209.50.46 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-209-50-46.compute-1.amazonaws.com

secure.gaug.es	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.192.217 (United States)

ASN54113 (FASTLY, US)

i.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 172.253.122.147 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f147.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 188.166.193.169 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

front.optimonk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.163.154 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f154.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.122.101 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f101.1e100.net

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.253.63.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f155.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.16.94 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f94.1e100.net

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.76.186 (None, )

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.19.155.83 (None, )

ASN13335 (CLOUDFLARENET, US)

js.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cta-service-cms2.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.124.12 (None, )

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.89.154 (None, )

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.34.229 (None, )

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.162.3.66 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-3-66.yul62.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.192.125 (None, )

ASN13335 (CLOUDFLARENET, US)

forms-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 172.253.62.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f94.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.202.204 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 204.202.120.34.bc.googleusercontent.com

fresnel.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 3.216.203.117 (Ashburn, United States) 13 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-216-203-117.compute-1.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 52.37.152.76 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-37-152-76.us-west-2.compute.amazonaws.com

os.aggle.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.107.42.14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.195.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-195-69.yul62.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.160.125 (None, )

ASN13335 (CLOUDFLARENET, US)

perf-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 163.70.128.35 (Saint-Denis, France)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-03-cdg4.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.211.178.172 (North Charleston, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.16.156 (Queens, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: bl-in-f156.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.36.155 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.154.8 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 8.154.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.178.254.65 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.254.178.107.bc.googleusercontent.com

pippio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.127 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.200.65.202 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-65-202.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.48 (United States)

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.22.214 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.67.179.87 (North Bergen, United States) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.248.194.21 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

api.icallback.convolo.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 134.122.60.49 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

api.events.convolo.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.48 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: s.w.org

s.w.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.231.247.170 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-44-231-247-170.us-west-2.compute.amazonaws.com

alocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.44.203.89 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-44-203-89.deploy.static.akamaitechnologies.com

pxdrop.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.177.207 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 207.177.117.34.bc.googleusercontent.com

jfapiprod.optimonk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.179.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: a938864f9581ea3da.awsglobalaccelerator.com

aggle.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.19.154.83 (None, )

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
60	pressablecdn.com 149360532.v2.pressablecdn.com	2 MB
26	adroll.com 14 redirects s.adroll.com — Cisco Umbrella Rank: 3362 d.adroll.com — Cisco Umbrella Rank: 1480	153 KB
17	gstatic.com fonts.gstatic.com www.gstatic.com	789 KB
16	fraud.net fraud.net — Cisco Umbrella Rank: 159789 media.fraud.net — Cisco Umbrella Rank: 182672 device.fraud.net Failed	73 KB
13	aggle.net os.aggle.net — Cisco Umbrella Rank: 68911 aggle.net — Cisco Umbrella Rank: 11457	5 KB
11	google.com www.google.com — Cisco Umbrella Rank: 2 analytics.google.com — Cisco Umbrella Rank: 148	107 KB
9	vimeocdn.com f.vimeocdn.com — Cisco Umbrella Rank: 3556 i.vimeocdn.com — Cisco Umbrella Rank: 3394 fresnel.vimeocdn.com — Cisco Umbrella Rank: 3474	327 KB
9	optimonk.com onsite.optimonk.com — Cisco Umbrella Rank: 39076 front.optimonk.com — Cisco Umbrella Rank: 25413 cdn-account.optimonk.com — Cisco Umbrella Rank: 39328 gs-cdn.optimonk.com — Cisco Umbrella Rank: 31599 jfapiprod.optimonk.com — Cisco Umbrella Rank: 28065	110 KB
5	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 353 www.linkedin.com — Cisco Umbrella Rank: 629	2 KB
5	hubspot.com js.hubspot.com — Cisco Umbrella Rank: 4543 cta-service-cms2.hubspot.com — Cisco Umbrella Rank: 4466 track.hubspot.com — Cisco Umbrella Rank: 2406 forms.hubspot.com — Cisco Umbrella Rank: 5395	29 KB
5	convolo.ai app.convolo.ai api.icallback.convolo.ai api.events.convolo.ai testpage.convolo.ai	53 KB
5	hsforms.com forms.hsforms.com — Cisco Umbrella Rank: 4386 forms-na1.hsforms.com — Cisco Umbrella Rank: 7028 perf-na1.hsforms.com — Cisco Umbrella Rank: 4886	6 KB
4	lijit.com pxdrop.lijit.com — Cisco Umbrella Rank: 4410	12 KB
4	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 stats.g.doubleclick.net — Cisco Umbrella Rank: 84 cm.g.doubleclick.net — Cisco Umbrella Rank: 271	3 KB
3	leadconnect.cc app.leadconnect.cc	431 KB
3	google.ca www.google.ca — Cisco Umbrella Rank: 9781	669 B
3	bing.com bat.bing.com — Cisco Umbrella Rank: 375	14 KB
3	vimeo.com player.vimeo.com — Cisco Umbrella Rank: 1999 vimeo.com — Cisco Umbrella Rank: 1929	22 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	259 KB
2	alocdn.com 1 redirects alocdn.com — Cisco Umbrella Rank: 6771	700 B
2	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 256	2 KB
2	3lift.com 1 redirects eb2.3lift.com — Cisco Umbrella Rank: 426	742 B
2	yahoo.com 1 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 428	559 B
2	openx.net 1 redirects us-u.openx.net — Cisco Umbrella Rank: 546	515 B
2	rlcdn.com 2 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 483	830 B
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 631	1 KB
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 383	1 KB
2	hscollectedforms.net js.hscollectedforms.net — Cisco Umbrella Rank: 4679 forms.hscollectedforms.net — Cisco Umbrella Rank: 4787	26 KB
2	gaug.es secure.gaug.es — Cisco Umbrella Rank: 26603	4 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29	21 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	71 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 703 script.hotjar.com — Cisco Umbrella Rank: 882	60 KB
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 781	18 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	4 KB
1	w.org s.w.org — Cisco Umbrella Rank: 3340	703 B
1	taboola.com sync.taboola.com — Cisco Umbrella Rank: 1340	365 B
1	pubmatic.com image2.pubmatic.com — Cisco Umbrella Rank: 928	539 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 873	360 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 388	977 B
1	pippio.com pippio.com — Cisco Umbrella Rank: 817	568 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	185 B
1	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 2643	233 B
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2237	23 KB
1	hsleadflows.net js.hsleadflows.net — Cisco Umbrella Rank: 5142	88 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2220	21 KB
1	opensend.com s.opensend.com — Cisco Umbrella Rank: 82980	4 KB
1	g2crowd.com tracking.g2crowd.com — Cisco Umbrella Rank: 8327	1 KB
1	cbdatatracker.com track.cbdatatracker.com — Cisco Umbrella Rank: 142007	180 B
1	zoominfo.com ws.zoominfo.com — Cisco Umbrella Rank: 4571	2 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2484	1 KB
1	hsforms.net js.hsforms.net — Cisco Umbrella Rank: 6775	154 KB
1	archiescloud.com 1 redirects archiescloud.com	276 B
227	52

	Domain	Requested by
60	149360532.v2.pressablecdn.com	fraud.net 149360532.v2.pressablecdn.com
15	d.adroll.com	13 redirects s.adroll.com fraud.net
15	fraud.net	fraud.net 149360532.v2.pressablecdn.com
12	os.aggle.net	s.opensend.com
11	www.gstatic.com	f.vimeocdn.com www.google.com www.gstatic.com
11	s.adroll.com	1 redirects www.googletagmanager.com fraud.net s.adroll.com d.adroll.com
10	www.google.com	js.hsforms.net fraud.net www.gstatic.com www.google.com
6	fonts.gstatic.com	fonts.googleapis.com fraud.net
5	front.optimonk.com	fraud.net front.optimonk.com
4	pxdrop.lijit.com	fraud.net pxdrop.lijit.com
4	px.ads.linkedin.com	2 redirects fraud.net snap.licdn.com
4	i.vimeocdn.com	player.vimeo.com fraud.net f.vimeocdn.com
4	f.vimeocdn.com	player.vimeo.com
3	app.leadconnect.cc	app.convolo.ai fraud.net
3	www.google.ca	fraud.net
3	bat.bing.com	www.googletagmanager.com bat.bing.com fraud.net
3	forms.hsforms.com	js.hsforms.net fraud.net
3	www.googletagmanager.com	fraud.net www.googletagmanager.com
2	track.hubspot.com
2	alocdn.com	1 redirects fraud.net
2	api.events.convolo.ai	app.leadconnect.cc
2	ib.adnxs.com	1 redirects fraud.net
2	eb2.3lift.com	1 redirects fraud.net
2	ups.analytics.yahoo.com	1 redirects fraud.net
2	us-u.openx.net	1 redirects fraud.net
2	idsync.rlcdn.com	2 redirects
2	dsum-sec.casalemedia.com	1 redirects fraud.net
2	x.bidswitch.net	1 redirects fraud.net
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	secure.gaug.es	fraud.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	connect.facebook.net	fraud.net connect.facebook.net
2	snap.licdn.com	www.googletagmanager.com snap.licdn.com
2	player.vimeo.com	fraud.net
2	fonts.googleapis.com	fraud.net app.leadconnect.cc
1	forms.hubspot.com	js.hsleadflows.net
1	aggle.net	fraud.net
1	jfapiprod.optimonk.com	gs-cdn.optimonk.com
1	s.w.org	fraud.net
1	testpage.convolo.ai	fraud.net
1	api.icallback.convolo.ai	app.leadconnect.cc
1	sync.taboola.com	fraud.net
1	image2.pubmatic.com	fraud.net
1	sync.outbrain.com	fraud.net
1	pixel.rubiconproject.com	fraud.net
1	pippio.com	fraud.net
1	cm.g.doubleclick.net	1 redirects
1	www.facebook.com	fraud.net
1	perf-na1.hsforms.com	fraud.net
1	vc.hotjar.io	script.hotjar.com
1	forms.hscollectedforms.net	js.hscollectedforms.net
1	vimeo.com	f.vimeocdn.com
1	cta-service-cms2.hubspot.com	js.hubspot.com
1	www.linkedin.com	1 redirects
1	fresnel.vimeocdn.com	f.vimeocdn.com
1	gs-cdn.optimonk.com	fraud.net
1	forms-na1.hsforms.com	fraud.net
1	script.hotjar.com	static.hotjar.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hscollectedforms.net	js.hs-scripts.com
1	js.hsleadflows.net	js.hs-scripts.com
1	js.hubspot.com	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	analytics.google.com	www.googletagmanager.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	cdn-account.optimonk.com	fraud.net
1	app.convolo.ai	fraud.net
1	s.opensend.com	fraud.net
1	tracking.g2crowd.com	fraud.net
1	track.cbdatatracker.com	fraud.net
1	ws.zoominfo.com	fraud.net
1	media.fraud.net	www.googletagmanager.com
1	js.hs-scripts.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	js.hsforms.net	fraud.net
1	onsite.optimonk.com	fraud.net
1	archiescloud.com	1 redirects
0	device.fraud.net Failed	media.fraud.net
227	78

This site contains links to these domains. Also see Links.

Domain
api-docs.fraud.net
releasenotes.fraud.net
portal.fraud.net
www.linkedin.com
www.facebook.com
convolo.ai

Subject Issuer	Validity	Valid
tls.automattic.com R3	`2024-02-04` - `2024-05-04`	3 months	crt.sh
onsite.optimonk.com R3	`2024-01-25` - `2024-04-24`	3 months	crt.sh
*.v2.pressablecdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-08-02` - `2024-09-01`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
player.vimeo.com E1	`2024-01-30` - `2024-04-29`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-16` - `2024-05-15`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 02	`2024-01-21` - `2024-06-27`	5 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M03	`2024-02-07` - `2025-03-08`	a year	crt.sh
s.adroll.com Amazon RSA 2048 M01	`2023-06-03` - `2024-07-01`	a year	crt.sh
*.fraud.net Amazon RSA 2048 M02	`2023-10-11` - `2024-11-08`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-12-13` - `2024-03-12`	3 months	crt.sh
zoominfo.com E1	`2024-02-20` - `2024-05-20`	3 months	crt.sh
track.cbdatatracker.com RapidSSL TLS RSA CA G1	`2023-04-05` - `2024-04-04`	a year	crt.sh
opensend.com Amazon RSA 2048 M01	`2023-09-29` - `2024-10-27`	a year	crt.sh
api.leads.convolo.ai R3	`2024-01-27` - `2024-04-26`	3 months	crt.sh
*.vimeocdn.com GlobalSign Atlas R3 DV TLS CA 2023 Q4	`2023-11-22` - `2024-12-23`	a year	crt.sh
*.gaug.es Sectigo RSA Domain Validation Secure Server CA	`2024-03-03` - `2025-04-03`	a year	crt.sh
*.vimeo.com GlobalSign Atlas R3 DV TLS CA 2023 Q4	`2023-10-19` - `2024-11-19`	a year	crt.sh
www.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.optimonk.com AlphaSSL CA - SHA256 - G4	`2023-06-12` - `2024-07-13`	a year	crt.sh
cdn-account.optimonk.com R3	`2024-01-25` - `2024-04-24`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2024-01-06` - `2024-12-31`	a year	crt.sh
gs-cdn.optimonk.com R3	`2024-02-25` - `2024-05-25`	3 months	crt.sh
fresnel.vimeocdn.com GTS CA 1D4	`2024-02-25` - `2024-05-25`	3 months	crt.sh
d.adroll.com Amazon RSA 2048 M01	`2023-10-09` - `2024-11-06`	a year	crt.sh
aggle.net Amazon RSA 2048 M01	`2023-07-30` - `2024-08-27`	a year	crt.sh
vimeo.com Cloudflare Inc ECC CA-3	`2023-08-23` - `2024-08-21`	a year	crt.sh
*.hotjar.io Amazon ECDSA 256 M02	`2024-02-07` - `2025-03-08`	a year	crt.sh
docker.leadcm.com R3	`2024-01-16` - `2024-04-15`	3 months	crt.sh
api.events.convolo.ai R3	`2024-02-11` - `2024-05-11`	3 months	crt.sh
*.w.org Sectigo ECC Domain Validation Secure Server CA	`2023-12-18` - `2025-01-17`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-01-30` - `2024-07-30`	6 months	crt.sh
cert2-prod.aut.a24365.net R3	`2024-02-27` - `2024-05-27`	3 months	crt.sh
jfapiprod.optimonk.com GTS CA 1D4	`2024-01-09` - `2024-04-08`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://fraud.net/
Frame ID: 8E3CDC63BB0D54DBAE2397C8EE23505C
Requests: 191 HTTP requests in this frame

Frame: https://player.vimeo.com/video/235637953
Frame ID: 5F624C4E3FA2817FAF7EE0E299120460
Requests: 14 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9mcmF1ZC5uZXQ6NDQz&hl=en&v=vj7hFxe2iNgbe-u95xTozOXW&size=invisible&badge=inline&cb=w00xducdvla0
Frame ID: 88A95808B43CD27A0DBE0EC85CDA62A2
Requests: 5 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=vj7hFxe2iNgbe-u95xTozOXW&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Frame ID: 69B623F84B2B7436DD061D82D0D16DEE
Requests: 12 HTTP requests in this frame

Frame: https://pxdrop.lijit.com/a/t_.htm?ver=1.1298.699&cid=c026&cls=append
Frame ID: F2E6B6EC52509004E3D474A1C275D655
Requests: 1 HTTP requests in this frame

Frame: https://pxdrop.lijit.com/1.1298.699/a/CA/t_.js?cid=c026&cls=append
Frame ID: 8D29D6CB2E02866AA2772597C6F2B8D5
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

AI Fraud Detection for Enterprises | Fraud.net

Page URL History Show full URLs

http://archiescloud.com/ HTTP 301
https://fraud.net/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Ruby on Rails (Web Frameworks) Expand

Overall confidence: 75%
Detected patterns

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:a|s)\.adroll\.com

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

227
Requests

92 %
HTTPS

0 %
IPv6

52
Domains

78
Subdomains

66
IPs

6
Countries

5261 kB
Transfer

12746 kB
Size

85
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://api-docs.fraud.net/
Title: Developers

Search URL Search Domain Scan URL

URL: https://releasenotes.fraud.net/
Title: Product Release Notes

Search URL Search Domain Scan URL

URL: https://portal.fraud.net/login
Title: Login

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/fraud-net/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Fraudnet/

Search URL Search Domain Scan URL

URL: https://convolo.ai/leads?utm_medium=link&utm_campaign=&utm_source=original%20viral
Title: powered by

Search URL Search Domain Scan URL

URL: https://convolo.ai/leads?utm_medium=link&utm_campaign=fraud.net&utm_source=original%20viral
Title: powered by

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://archiescloud.com/ HTTP 301
https://fraud.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 115

https://s.adroll.com/j/pre/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM/fpconsent.js HTTP 302
https://s.adroll.com/j/pre/index.js

Request Chain 144

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=186217&time=1709601026556&li_adsId=91633759-5b1a-4c43-bf01-4555e17511be&url=https%3A%2F%2Ffraud.net%2F HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=186217&time=1709601026556&li_adsId=91633759-5b1a-4c43-bf01-4555e17511be&url=https%3A%2F%2Ffraud.net%2F&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D186217%26time%3D1709601026556%26li_adsId%3D91633759-5b1a-4c43-bf01-4555e17511be%26url%3Dhttps%253A%252F%252Ffraud.net%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=186217&time=1709601026556&li_adsId=91633759-5b1a-4c43-bf01-4555e17511be&url=https%3A%2F%2Ffraud.net%2F&cookiesTest=true&liSync=true

Request Chain 155

https://d.adroll.com/pixel/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM?adroll_fpc=f5ac016763e9b4862e16cc1390559e63-1709601026759&pv=48267240024.28315&arrfrr=https%3A%2F%2Ffraud.net%2F&cookie=&adroll_s_ref=&keyw=&p0=984 HTTP 302
https://s.adroll.com/pixel/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM/6SMH2DHXINFNDD52UNEEKG.js

Request Chain 166

https://d.adroll.com/cm/b/out?adroll_fpc=f5ac016763e9b4862e16cc1390559e63-1709601026759&pv=48267240024.28315&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS HTTP 302
https://x.bidswitch.net/sync?dsp_id=44&user_id=NTdhNmJhNzM1ZWJhNzBmZDFkYmY1ZWYwZDRkZTA4MDc HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NTdhNmJhNzM1ZWJhNzBmZDFkYmY1ZWYwZDRkZTA4MDc

Request Chain 167

https://d.adroll.com/cm/g/out?adroll_fpc=f5ac016763e9b4862e16cc1390559e63-1709601026759&pv=48267240024.28315&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS HTTP 302
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=V6a6c166cP0dv17w1N4IBw HTTP 302
https://d.adroll.com/cm/g/in

Request Chain 168

https://d.adroll.com/cm/index/out?adroll_fpc=f5ac016763e9b4862e16cc1390559e63-1709601026759&pv=48267240024.28315&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NTdhNmJhNzM1ZWJhNzBmZDFkYmY1ZWYwZDRkZTA4MDc&expiration=1741137026 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NTdhNmJhNzM1ZWJhNzBmZDFkYmY1ZWYwZDRkZTA4MDc&expiration=1741137026&C=1

Request Chain 169

https://d.adroll.com/cm/l/out?adroll_fpc=f5ac016763e9b4862e16cc1390559e63-1709601026759&pv=48267240024.28315&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS HTTP 302
https://idsync.rlcdn.com/377928.gif?partner_uid=57a6ba735eba70fd1dbf5ef0d4de0807 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CMiIFxIrCicIARDqIhogNTdhNmJhNzM1ZWJhNzBmZDFkYmY1ZWYwZDRkZTA4MDcQABoNCIbima8GEgUI6AcQAEIASgA HTTP 307
https://pippio.com/api/sync?pid=5324&it=1&iv=ca1f5ddc5f5547457f0582d3dca14f4252200403994bacf55dc59acb2f8cdf8d791426b5417dce21&_=2

Request Chain 170

https://d.adroll.com/cm/n/out?adroll_fpc=f5ac016763e9b4862e16cc1390559e63-1709601026759&pv=48267240024.28315&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS HTTP 302
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NTdhNmJhNzM1ZWJhNzBmZDFkYmY1ZWYwZDRkZTA4MDc&expires=365

Request Chain 171

https://d.adroll.com/cm/o/out?adroll_fpc=f5ac016763e9b4862e16cc1390559e63-1709601026759&pv=48267240024.28315&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537103138&val=57a6ba735eba70fd1dbf5ef0d4de0807&gdpr=0&gdpr_consent= HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=57a6ba735eba70fd1dbf5ef0d4de0807&gdpr=0&gdpr_consent=

Request Chain 172

https://d.adroll.com/cm/outbrain/out?adroll_fpc=f5ac016763e9b4862e16cc1390559e63-1709601026759&pv=48267240024.28315&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS HTTP 302
https://sync.outbrain.com/cookie-sync?p=adroll&uid=NTdhNmJhNzM1ZWJhNzBmZDFkYmY1ZWYwZDRkZTA4MDc&gdpr=0&gdpr_consent=&us_privacy=1---

Request Chain 173

https://d.adroll.com/cm/pubmatic/out?adroll_fpc=f5ac016763e9b4862e16cc1390559e63-1709601026759&pv=48267240024.28315&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=NTdhNmJhNzM1ZWJhNzBmZDFkYmY1ZWYwZDRkZTA4MDc&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA

Request Chain 174

https://d.adroll.com/cm/r/out?adroll_fpc=f5ac016763e9b4862e16cc1390559e63-1709601026759&pv=48267240024.28315&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS HTTP 302
https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=NTdhNmJhNzM1ZWJhNzBmZDFkYmY1ZWYwZDRkZTA4MDc&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA HTTP 302
https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=NTdhNmJhNzM1ZWJhNzBmZDFkYmY1ZWYwZDRkZTA4MDc&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true

Request Chain 175

https://d.adroll.com/cm/taboola/out?adroll_fpc=f5ac016763e9b4862e16cc1390559e63-1709601026759&pv=48267240024.28315&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS HTTP 302
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=NTdhNmJhNzM1ZWJhNzBmZDFkYmY1ZWYwZDRkZTA4MDc

Request Chain 176

https://d.adroll.com/cm/triplelift/out?adroll_fpc=f5ac016763e9b4862e16cc1390559e63-1709601026759&pv=48267240024.28315&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS HTTP 302
https://eb2.3lift.com/xuid?mid=4714&xuid=NTdhNmJhNzM1ZWJhNzBmZDFkYmY1ZWYwZDRkZTA4MDc&dongle=c85e HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=NTdhNmJhNzM1ZWJhNzBmZDFkYmY1ZWYwZDRkZTA4MDc&dongle=c85e&gdpr=0&cmp_cs=&us_privacy=

Request Chain 177

https://d.adroll.com/cm/x/out?adroll_fpc=f5ac016763e9b4862e16cc1390559e63-1709601026759&pv=48267240024.28315&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS HTTP 302
https://ib.adnxs.com/setuid?entity=172&code=NTdhNmJhNzM1ZWJhNzBmZDFkYmY1ZWYwZDRkZTA4MDc HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DNTdhNmJhNzM1ZWJhNzBmZDFkYmY1ZWYwZDRkZTA4MDc

Request Chain 199

https://alocdn.com/c/9rgi64bf/a/xtarget/p.json HTTP 302
https://alocdn.com/c/9rgi64bf/a/xtarget/p.json?tdc=1&url=https%3A%2F%2Ffraud.net%2F

227 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
fraud.net/
Redirect Chain

http://archiescloud.com/
https://fraud.net/

154 KB
26 KB

1225ms
1182ms

Document
text/html

199.16.173.27
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.173.27 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

2d11d1670725ef460f0c38c42d6bd2b88ecd4d505bbb4a335f74b002bd1eefd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

access-control-allow-credentials: false
access-control-allow-headers: origin
access-control-allow-methods: GET
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 05 Mar 2024 01:10:25 GMT
host-header: Pressable
link: <https://fraud.net/wp-json/>; rel="https://api.w.org/" <https://fraud.net/wp-json/wp/v2/pages/89913>; rel="alternate"; type="application/json" <https://fraud.net/>; rel=shortlink
referrer-policy: no-referrer-when-downgrade
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding Cookie
x-ac: 2.yyz _atomic_dca BYPASS
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 52
Content-Type: text/html; charset=utf-8
Date: Tue, 05 Mar 2024 01:10:23 GMT
Location: https://fraud.net
Server: ip-10-123-123-250.ec2.internal
X-Request-Id: 983ee3b7-697b-4df2-b00b-0312ad04aff2

GET
H2 200 script.js Show response
onsite.optimonk.com/ 173 KB
55 KB 365ms
289ms Script
application/javascript 37.19.207.34
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL

https://onsite.optimonk.com/script.js?account=177110

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.19.207.34 Ashburn, United States, ASN60068 (CDN77 _, GB),

Reverse DNS

37-19-207-34.bunnyinfra.net

Software

BunnyCDN-ASB1-925 /

Resource Hash

b4c75349aec71c33e98eedabf73a5b54d8071b1a0eca3d0cf8309a33a8c1b405

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 01:10:25 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-encoding: br
cdn-edgestorageid: 925
x-dns-prefetch-control: off
cdn-cachedat: 03/05/2024 01:10:25
cdn-pullzone: 950289
x-xss-protection: 1; mode=block
server: BunnyCDN-ASB1-925
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"2b291-gFaIQMh2yc5eO6rD5G4q3ralRoE"
x-download-options: noopen
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: EXPIRED
cdn-uid: 03887a3a-e2eb-4f9c-b547-bb29001e27f6
cache-control: public, max-age=180
cdn-requestid: 7501cedd3414abfba5937b8b4e729d02
cdn-requestcountrycode: CA
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 style.css
149360532.v2.pressablecdn.com/wp-content/plugins/gutenberg/build/block-library/ 110 KB
15 KB 59ms
18ms Stylesheet
text/css 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/plugins/gutenberg/build/block-library/style.css?ver=17.8.0

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

480a56bf31ba28d6c22331660770cfda42f682b64767dbc48235f863de01a8c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nc: HIT yyz 1
date: Tue, 05 Mar 2024 01:10:25 GMT
content-encoding: br
x-ac: 1.yyz _atomic_dca BYPASS
strict-transport-security: max-age=15552000
last-modified: Wed, 28 Feb 2024 19:49:20 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
link: <http://fraud.net/wp-content/plugins/gutenberg/build/block-library/style.css>; rel="canonical"
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 uncode-privacy-public.css
149360532.v2.pressablecdn.com/wp-content/plugins/uncode-privacy/assets/css/ 19 KB
3 KB 58ms
18ms Stylesheet
text/css 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/plugins/uncode-privacy/assets/css/uncode-privacy-public.css?ver=2.2.3

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

fa8273933101146ea0678f1d44ffdde8630c02280e33d4ab052d61bfdb7dbb6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nc: HIT yyz 1
date: Tue, 05 Mar 2024 01:10:25 GMT
content-encoding: br
x-ac: 2.yyz _atomic_dca BYPASS
strict-transport-security: max-age=15552000
last-modified: Fri, 29 Sep 2023 14:32:02 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
link: <http://fraud.net/wp-content/plugins/uncode-privacy/assets/css/uncode-privacy-public.css>; rel="canonical"
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 encyclopedia.css
149360532.v2.pressablecdn.com/wp-content/plugins/encyclopedia-pro/assets/css/ 1 KB
822 B 58ms
18ms Stylesheet
text/css 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/plugins/encyclopedia-pro/assets/css/encyclopedia.css?ver=6.4.3

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

0091e95e8c3756b1468ac8063de5c5551df6dfdeda001d0e67271e59507e37f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nc: HIT yyz 1
date: Tue, 05 Mar 2024 01:10:25 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Fri, 29 Sep 2023 14:32:42 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
link: <http://fraud.net/wp-content/plugins/encyclopedia-pro/assets/css/encyclopedia.css>; rel="canonical"
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 tooltips.css
149360532.v2.pressablecdn.com/wp-content/plugins/encyclopedia-pro/assets/css/ 9 KB
2 KB 57ms
17ms Stylesheet
text/css 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/plugins/encyclopedia-pro/assets/css/tooltips.css?ver=6.4.3

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

b08242455ed9e1a61010b2ba7c997877ac599e2520056232e55f5612f2dc5e58

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nc: HIT yyz 1
date: Tue, 05 Mar 2024 01:10:25 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Fri, 29 Sep 2023 14:32:42 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
link: <http://fraud.net/wp-content/plugins/encyclopedia-pro/assets/css/tooltips.css>; rel="canonical"
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 83 KB
3 KB 127ms
50ms Stylesheet
text/css 172.253.63.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C900%2C900italic%7COpen+Sans%3A300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic&subset=greek%2Cvietnamese%2Ccyrillic%2Cgreek-ext%2Clatin%2Ccyrillic-ext%2Clatin-ext&ver=2.7.10

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f95.1e100.net

Software

ESF /

Resource Hash

449a607424de8313b9432f4c9cd1a4c88c68f06d169ce0019540f5886d20d6bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 05 Mar 2024 01:10:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 05 Mar 2024 01:10:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 05 Mar 2024 01:10:25 GMT

GET
H2 200 style.css
149360532.v2.pressablecdn.com/wp-content/plugins/newsletter/ 6 KB
2 KB 58ms
19ms Stylesheet
text/css 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/plugins/newsletter/style.css?ver=7.9.5

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

b628ff95829edd2fcb3fc5e787206ff4c9f5a0ef262f05ec2349575de01ed8fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nc: HIT yyz 1
date: Tue, 05 Mar 2024 01:10:25 GMT
content-encoding: br
x-ac: 2.yyz _atomic_dca BYPASS
strict-transport-security: max-age=15552000
last-modified: Fri, 29 Sep 2023 14:30:53 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
link: <http://fraud.net/wp-content/plugins/newsletter/style.css>; rel="canonical"
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.css
149360532.v2.pressablecdn.com/wp-content/themes/uncode/library/css/ 889 KB
104 KB 58ms
19ms Stylesheet
text/css 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/themes/uncode/library/css/style.css

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

4de50d0f0563103a9a51080cd303fa3c61b059189411435bf36a884bcc7ddd86

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nc: HIT yyz 1
date: Tue, 05 Mar 2024 01:10:25 GMT
content-encoding: br
x-ac: 2.yyz _atomic_dca BYPASS
strict-transport-security: max-age=15552000
last-modified: Tue, 27 Feb 2024 16:38:17 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
link: <http://fraud.net/wp-content/themes/uncode/library/css/style.css>; rel="canonical"
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Tue, 12 Mar 2024 01:10:25 GMT

GET
H2 200 uncode-icons.css
149360532.v2.pressablecdn.com/wp-content/themes/uncode/library/css/ 60 KB
13 KB 58ms
19ms Stylesheet
text/css 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/themes/uncode/library/css/uncode-icons.css

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

1054650aaad2b126aa97e4b6f2a4caf3d996a87707100dfbe77819b65f0f005c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nc: HIT yyz 1
date: Tue, 05 Mar 2024 01:10:25 GMT
content-encoding: br
x-ac: 2.yyz _atomic_dca BYPASS
strict-transport-security: max-age=15552000
last-modified: Tue, 27 Feb 2024 16:38:17 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
link: <http://fraud.net/wp-content/themes/uncode/library/css/uncode-icons.css>; rel="canonical"
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Tue, 12 Mar 2024 01:10:25 GMT

GET
H2 200 style-custom2.css
149360532.v2.pressablecdn.com/wp-content/themes/uncode/library/css/ 320 KB
29 KB 104ms
66ms Stylesheet
text/css 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/themes/uncode/library/css/style-custom2.css

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

9801c8c01f4b6f9a836df270946d8eeffe8f2d0db88013654b38d4a1c6ab6fe9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nc: HIT yyz 1
date: Tue, 05 Mar 2024 01:10:25 GMT
content-encoding: br
x-ac: 2.yyz _atomic_dca BYPASS
strict-transport-security: max-age=15552000
last-modified: Tue, 27 Feb 2024 16:38:24 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
link: <http://fraud.net/wp-content/themes/uncode/library/css/style-custom2.css>; rel="canonical"
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Tue, 12 Mar 2024 01:10:25 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 269 KB
94 KB 159ms
77ms Script
application/javascript 172.253.62.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WVZ4N9X

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

ceec890d5bd5186e78bad7f451885f1603fc4d64d793554d26889a60aad73ef0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 01:10:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 96080
x-xss-protection: 0
last-modified: Tue, 05 Mar 2024 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 05 Mar 2024 01:10:25 GMT

GET
BLOB 200
OK 24a84d16-3f81-4120-80ac-0d44818a8605
https://fraud.net/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://fraud.net/24a84d16-3f81-4120-80ac-0d44818a8605
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 main.css
149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/static/ 16 KB
5 KB 34ms
20ms Stylesheet
text/css 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/static/main.css?ver=1.19.0

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

c87f1cddf8a77ad8523529962263fb03e587a1c998fedb7961bb195a12aaa711

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nc: HIT yyz 1
date: Tue, 05 Mar 2024 01:10:25 GMT
content-encoding: br
x-ac: 1.yyz _atomic_dca BYPASS
strict-transport-security: max-age=15552000
last-modified: Tue, 23 May 2023 11:27:19 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
link: <http://fraud.net/wp-content/themes/uncode-for-fraud/static/main.css>; rel="canonical"
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.min.js Show response
149360532.v2.pressablecdn.com/wp-includes/js/jquery/ 86 KB
31 KB 82ms
67ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nc: HIT yyz 1
date: Tue, 05 Mar 2024 01:10:25 GMT
content-encoding: br
x-ac: 2.yyz _atomic_dca BYPASS
strict-transport-security: max-age=15552000
last-modified: Mon, 28 Aug 2023 17:14:23 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
link: <http://fraud.net/wp-includes/js/jquery/jquery.min.js>; rel="canonical"
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery-migrate.min.js Show response
149360532.v2.pressablecdn.com/wp-includes/js/jquery/ 13 KB
5 KB 80ms
67ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nc: HIT yyz 1
date: Tue, 05 Mar 2024 01:10:25 GMT
content-encoding: br
x-ac: 2.yyz _atomic_dca BYPASS
strict-transport-security: max-age=15552000
last-modified: Fri, 09 Jun 2023 05:49:24 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
link: <http://fraud.net/wp-includes/js/jquery/jquery-migrate.min.js>; rel="canonical"
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ai-uncode.min.js Show response
fraud.net/wp-content/themes/uncode/library/js/ 4 KB
2 KB 49ms
48ms Script
application/javascript 199.16.173.27
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-content/themes/uncode/library/js/ai-uncode.min.js

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.173.27 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

254eb6b34064b344d643ff7f75101721a3a536d9f77799558b160c2130f8e9a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 01:10:25 GMT
strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 27 Feb 2024 16:38:17 GMT
server: nginx
x-ac: 2.yyz _atomic_dca BYPASS
etag: W/"65de0ff9-e27"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
alt-svc: h3=":443"; ma=86400
expires: Tue, 12 Mar 2024 01:10:25 GMT

GET
H2 200 init.min.js Show response
149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/ 118 KB
26 KB 79ms
67ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/init.min.js

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

598649c9ca160b89e08546ab2394ff428128645ab0432d430a55b66f1728e601

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nc: HIT yyz 1
date: Tue, 05 Mar 2024 01:10:25 GMT
content-encoding: br
x-ac: 1.yyz _atomic_dca BYPASS
strict-transport-security: max-age=15552000
last-modified: Tue, 23 May 2023 11:27:19 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
link: <http://fraud.net/wp-content/themes/uncode-for-fraud/library/js/init.min.js>; rel="canonical"
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Tue, 12 Mar 2024 01:10:25 GMT

GET
H2 200 fnlogo-e1559250900846.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2018/09/ 5 KB
5 KB 55ms
55ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2018/09/fnlogo-e1559250900846.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

9a360fc3b255d7c649ffdd07ab330df23d0018ed8f71c4c619660f97bec81f0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nc: HIT yyz 1
date: Tue, 05 Mar 2024 01:10:25 GMT
x-ac: 1.yyz _atomic_dca BYPASS
strict-transport-security: max-age=15552000
last-modified: Thu, 26 Sep 2019 10:46:54 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2018/09/fnlogo-e1559250900846.png>; rel="canonical"
content-length: 4859
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Tue, 12 Mar 2024 01:10:25 GMT

GET
H2 200 fnlogo-white.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2018/09/ 2 KB
3 KB 55ms
55ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2018/09/fnlogo-white.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

e2310cdd13a9432e8234e690dd787286e1daf5603559a8d4eab22d38d4085899

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nc: HIT yyz 1
date: Tue, 05 Mar 2024 01:10:25 GMT
x-ac: 1.yyz _atomic_dca BYPASS
strict-transport-security: max-age=15552000
last-modified: Thu, 26 Sep 2019 10:52:24 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2018/09/fnlogo-white.png>; rel="canonical"
content-length: 2249
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Tue, 12 Mar 2024 01:10:25 GMT

GET
H3 200 Arvato_Logo_2016.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 4 KB
4 KB 29ms
24ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Arvato_Logo_2016.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

faaf63b94b9756fc1891adaddce76acddd0be07b78a00c03ac6c60d6a577a684

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Tue, 05 Mar 2024 01:10:25 GMT
x-ac: 2.yyz _atomic_dca BYPASS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Sep 2021 16:15:22 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Arvato_Logo_2016.png>; rel="canonical"
content-length: 3779
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Tue, 12 Mar 2024 01:10:25 GMT

GET
H3 200 download-uai-258x74.jpeg
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 8 KB
8 KB 17ms
17ms Image
image/jpeg 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/download-uai-258x74.jpeg

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

654325663f600c925cd64f27cbd3b104bfbd7c731b0f11389d83a3bc1ba40cd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Tue, 05 Mar 2024 01:10:25 GMT
x-ac: 1.yyz _atomic_dca BYPASS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Dec 2021 13:09:11 GMT
server: nginx
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/download-uai-258x74.jpeg>; rel="canonical"
content-length: 8164
alt-svc: h3=":443"; ma=86400
expires: Tue, 12 Mar 2024 01:10:25 GMT

GET
H3 200 1200px-AmazonWebservices_Logo.svg.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 4 KB
4 KB 29ms
24ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/1200px-AmazonWebservices_Logo.svg.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

4bffb0db717d36ea70b90a0d672647a3cc8797a93061be9b863d831fa93a9831

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Tue, 05 Mar 2024 01:10:25 GMT
x-ac: 1.yyz _atomic_dca BYPASS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Sep 2021 16:15:29 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/1200px-AmazonWebservices_Logo.svg.png>; rel="canonical"
content-length: 4152
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Tue, 12 Mar 2024 01:10:25 GMT

GET
H3 200 microsoft_PNG4.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 3 KB
3 KB 35ms
31ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/microsoft_PNG4.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

725a72e4c7e67bec83f0504963f37d2d0ca9bb7869b6da94749a812c04a23c42

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Tue, 05 Mar 2024 01:10:25 GMT
x-ac: 1.yyz _atomic_dca BYPASS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Sep 2021 16:15:26 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/microsoft_PNG4.png>; rel="canonical"
content-length: 2756
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Tue, 12 Mar 2024 01:10:25 GMT

GET
H3 200 mastercard_hrz_pos_300px_2x-e1634923002359-uai-258x47.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 4 KB
4 KB 18ms
17ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/mastercard_hrz_pos_300px_2x-e1634923002359-uai-258x47.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

4752d6ebb987080a0caca87a76e9e159836fc8b63214fa9bdb36a2c335c767c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Tue, 05 Mar 2024 01:10:25 GMT
x-ac: 2.yyz _atomic_dca BYPASS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Dec 2021 13:09:11 GMT
server: nginx
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/mastercard_hrz_pos_300px_2x-e1634923002359-uai-258x47.png>; rel="canonical"
content-length: 4235
alt-svc: h3=":443"; ma=86400
expires: Tue, 12 Mar 2024 01:10:25 GMT

GET
H3 200 afterpay_logo-transp-uai-258x51.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2022/04/ 5 KB
5 KB 17ms
17ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2022/04/afterpay_logo-transp-uai-258x51.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

5d27d33568e57bb634250ad5fd29627bc444e1fab180d870f755013cf524ad28

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Tue, 05 Mar 2024 01:10:25 GMT
x-ac: 2.yyz _atomic_dca BYPASS
strict-transport-security: max-age=15552000
last-modified: Wed, 27 Apr 2022 21:46:10 GMT
server: nginx
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2022/04/afterpay_logo-transp-uai-258x51.png>; rel="canonical"
content-length: 5149
alt-svc: h3=":443"; ma=86400
expires: Tue, 12 Mar 2024 01:10:25 GMT

GET
H/1.1 200
OK player.js Show response
player.vimeo.com/api/ 37 KB
12 KB 96ms
51ms Script
application/javascript 162.159.128.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/api/player.js

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.159.128.61 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e6e797fdd37f20f47b0150c3287d7cc0745533bc839426ae0d47532fd2703be5

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

expires: Mon, 04 Mar 2024 20:29:42 GMT
Date: Tue, 05 Mar 2024 01:10:25 GMT
content-security-policy: default-src 'none'; style-src 'unsafe-inline'
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Via: 1.1 varnish
Age: 643
X-Cache: HIT
Connection: keep-alive
x-backend-server: player-backend-edge-entry
Content-Length: 11228
X-Served-By: cache-yyz4542-YYZ
x-player-backend: g
Server: cloudflare
X-Timer: S1709601025.409985,VS0,VE0
Vary: Accept-Encoding
Content-Type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=1800
x-bapp-server
Accept-Ranges: bytes
CF-RAY: 85f639e89ef6542b-YYZ
X-Cache-Hits: 288

GET
H3 200 Infographic_ApplicationAi.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 7 KB
7 KB 36ms
31ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Infographic_ApplicationAi.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

20428f93f2673efc5b14ddbb8488222dabf85da17bce338c6b791071f1cf597a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Tue, 05 Mar 2024 01:10:25 GMT
x-ac: 2.yyz _atomic_dca BYPASS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Sep 2021 16:15:05 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Infographic_ApplicationAi.png>; rel="canonical"
content-length: 6704
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Tue, 12 Mar 2024 01:10:25 GMT

GET
H3 200 Infographic_TransactionAi.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 8 KB
8 KB 36ms
32ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Infographic_TransactionAi.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

234d8bdcdbe8ad7ad55b9dc05062cbba29a8aad1cdae054ac36c77ac0ceca285

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Tue, 05 Mar 2024 01:10:25 GMT
x-ac: 2.yyz _atomic_dca BYPASS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Sep 2021 16:14:54 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Infographic_TransactionAi.png>; rel="canonical"
content-length: 7756
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Tue, 12 Mar 2024 01:10:25 GMT

GET
H3 200 Infographic_LoginAi.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 7 KB
7 KB 37ms
32ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Infographic_LoginAi.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

e83dc119745c93e5eb29ffac21b9809af235d091f3d55f909d4e74758a0cd090

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Tue, 05 Mar 2024 01:10:25 GMT
x-ac: 1.yyz _atomic_dca BYPASS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Sep 2021 16:14:52 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Infographic_LoginAi.png>; rel="canonical"
content-length: 7114
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Tue, 12 Mar 2024 01:10:25 GMT

GET
H3 200 Infographic_AccountAi.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 7 KB
7 KB 38ms
34ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Infographic_AccountAi.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

b5aae3b92b530b0b751a307b0205461da8993bf520abf775b206004e9cd10108

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Tue, 05 Mar 2024 01:10:25 GMT
x-ac: 1.yyz _atomic_dca BYPASS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Sep 2021 16:14:49 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Infographic_AccountAi.png>; rel="canonical"
content-length: 7022
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Tue, 12 Mar 2024 01:10:25 GMT

GET
H3 200 Infographic_DeviceAi.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 7 KB
7 KB 38ms
34ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Infographic_DeviceAi.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

8024acec341dcc8141dd3175d206cbb1c81d8141254363751ad0ab5f91af3e12

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Tue, 05 Mar 2024 01:10:25 GMT
x-ac: 2.yyz _atomic_dca BYPASS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Sep 2021 16:14:47 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Infographic_DeviceAi.png>; rel="canonical"
content-length: 6746
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Tue, 12 Mar 2024 01:10:25 GMT

GET
H3 200 Infographic_EmailAi.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 7 KB
7 KB 38ms
34ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Infographic_EmailAi.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

4b3b00234df4da1f9594dd6d05252c7529bfb37548078fc9ecf41c1811df3711

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Tue, 05 Mar 2024 01:10:25 GMT
x-ac: 2.yyz _atomic_dca BYPASS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Sep 2021 16:14:45 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Infographic_EmailAi.png>; rel="canonical"
content-length: 7027
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Tue, 12 Mar 2024 01:10:25 GMT

GET
H3 200 Computer-Appstore-e1628881087778-uai-258x160.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 20 KB
20 KB 38ms
35ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Computer-Appstore-e1628881087778-uai-258x160.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

e16e05db60d88b2b5e1866fddf94b16071ac8b61c5dd5028cf401d91f8d6f2c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Tue, 05 Mar 2024 01:10:25 GMT
x-ac: 1.yyz _atomic_dca BYPASS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Dec 2021 13:09:12 GMT
server: nginx
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Computer-Appstore-e1628881087778-uai-258x160.png>; rel="canonical"
content-length: 20075
alt-svc: h3=":443"; ma=86400
expires: Tue, 12 Mar 2024 01:10:25 GMT

GET
H3 200 internet-of-things.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 4 KB
4 KB 40ms
36ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/internet-of-things.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

f93c8551f65ba377f486fa012b49c4fdfbb3247cb0fa9aa1f7f084ea2cb36edf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Tue, 05 Mar 2024 01:10:25 GMT
x-ac: 1.yyz _atomic_dca BYPASS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Sep 2021 16:15:52 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/internet-of-things.png>; rel="canonical"
content-length: 4067
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Tue, 12 Mar 2024 01:10:25 GMT

GET
H3 200 money-making.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 3 KB
4 KB 40ms
37ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/money-making.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

b0c5713b0404676e491cdfba01ffd6aaf0dce9227bde577b4178afde264c9841

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Tue, 05 Mar 2024 01:10:25 GMT
x-ac: 1.yyz _atomic_dca BYPASS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Sep 2021 16:15:59 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/money-making.png>; rel="canonical"
content-length: 3493
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Tue, 12 Mar 2024 01:10:25 GMT

GET
H3 200 growth.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 2 KB
2 KB 40ms
37ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/growth.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

e3dcd1c22c0109630f06bb782eddd1db4910dbedc483193a7276dcd07e6d4651

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Tue, 05 Mar 2024 01:10:25 GMT
x-ac: 2.yyz _atomic_dca BYPASS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Sep 2021 16:16:01 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/growth.png>; rel="canonical"
content-length: 1789
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Tue, 12 Mar 2024 01:10:25 GMT

GET
H3 200 secure.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 3 KB
3 KB 40ms
37ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/secure.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

de599393ee2636d282e2724a638bd0bcb77bef4dad10207b5beb406df96e9847

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Tue, 05 Mar 2024 01:10:25 GMT
x-ac: 2.yyz _atomic_dca BYPASS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Sep 2021 16:16:05 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/secure.png>; rel="canonical"
content-length: 3029
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Tue, 12 Mar 2024 01:10:25 GMT

GET
H3 200 Group-370.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 385 B
778 B 41ms
38ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Group-370.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

af40864cb09a9463e558472afa4cb4d935d2bff2fad08e4db4cf33fcd5ccf9de

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Tue, 05 Mar 2024 01:10:25 GMT
x-ac: 2.yyz _atomic_dca BYPASS
strict-transport-security: max-age=15552000
last-modified: Mon, 13 Sep 2021 15:45:26 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Group-370.png>; rel="canonical"
content-length: 385
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Tue, 12 Mar 2024 01:10:25 GMT

GET
H3 200 featuredcustomers_logo_stars-e1646751392635.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2019/11/ 10 KB
10 KB 41ms
38ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2019/11/featuredcustomers_logo_stars-e1646751392635.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

fef32ae82d6491d9f226abb4babbc2e31abcff70ee4cb29ea2fbf91bd81ed402

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Tue, 05 Mar 2024 01:10:25 GMT
x-ac: 1.yyz _atomic_dca BYPASS
strict-transport-security: max-age=15552000
last-modified: Tue, 08 Mar 2022 14:56:32 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2019/11/featuredcustomers_logo_stars-e1646751392635.png>; rel="canonical"
content-length: 10025
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Tue, 12 Mar 2024 01:10:25 GMT

GET
H3 200 Juniper_award-uai-258x172.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2022/03/ 37 KB
38 KB 41ms
38ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2022/03/Juniper_award-uai-258x172.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

487edb5b8568e3b54881c2ba7f8b1295c78908f5c53dbe8ef8e6fc737f3e7ca4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Tue, 05 Mar 2024 01:10:25 GMT
x-ac: 1.yyz _atomic_dca BYPASS
strict-transport-security: max-age=15552000
last-modified: Mon, 07 Mar 2022 22:40:58 GMT
server: nginx
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2022/03/Juniper_award-uai-258x172.png>; rel="canonical"
content-length: 38348
alt-svc: h3=":443"; ma=86400
expires: Tue, 12 Mar 2024 01:10:25 GMT

GET
H3 200 Group-448.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 3 KB
3 KB 44ms
41ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Group-448.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

41b1c7d6af05be020550025a5e45f94ea6f122654d5c783ce4abddbf66197776

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Tue, 05 Mar 2024 01:10:25 GMT
x-ac: 2.yyz _atomic_dca BYPASS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Sep 2021 16:13:52 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Group-448.png>; rel="canonical"
content-length: 3105
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Tue, 12 Mar 2024 01:10:25 GMT

GET
H3 200 Capterra_stars.jpg
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2019/11/ 9 KB
9 KB 44ms
41ms Image
image/jpeg 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2019/11/Capterra_stars.jpg

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

27bb1c46f69b49a4dceb4993432295bdea3769aae7a806b059add3b525def50d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Tue, 05 Mar 2024 01:10:25 GMT
x-ac: 1.yyz _atomic_dca BYPASS
strict-transport-security: max-age=15552000
last-modified: Wed, 20 Nov 2019 21:35:31 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2019/11/Capterra_stars.jpg>; rel="canonical"
content-length: 9072
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Tue, 12 Mar 2024 01:10:25 GMT

GET
H3 200 MicrosoftTeams-image-e1646750843390-uai-258x122.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 17 KB
17 KB 45ms
43ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/MicrosoftTeams-image-e1646750843390-uai-258x122.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

97f5bc236e0957f97b1cd816c850e067d38d794990644cf0100be692fe47f276

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Tue, 05 Mar 2024 01:10:25 GMT
x-ac: 1.yyz _atomic_dca BYPASS
strict-transport-security: max-age=15552000
last-modified: Tue, 08 Mar 2022 14:47:54 GMT
server: nginx
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/MicrosoftTeams-image-e1646750843390-uai-258x122.png>; rel="canonical"
content-length: 17007
alt-svc: h3=":443"; ma=86400
expires: Tue, 12 Mar 2024 01:10:25 GMT

GET
H3 200 g2-new2.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2022/03/ 2 KB
3 KB 46ms
43ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2022/03/g2-new2.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

5d3a9547f3ac1a0f55d23965a04ce04c7abf2caa2cb7e0eb411002e672f1130b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Tue, 05 Mar 2024 01:10:25 GMT
x-ac: 2.yyz _atomic_dca BYPASS
strict-transport-security: max-age=15552000
last-modified: Mon, 07 Mar 2022 23:10:02 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2022/03/g2-new2.png>; rel="canonical"
content-length: 2471
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Tue, 12 Mar 2024 01:10:25 GMT

GET
H3 200 accenture_new.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2022/03/ 3 KB
3 KB 48ms
46ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2022/03/accenture_new.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

d8e8e121a8ec7359a4284eca6a2f38e711d7c8792436cc0da4dd30275cec0a6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Tue, 05 Mar 2024 01:10:25 GMT
x-ac: 2.yyz _atomic_dca BYPASS
strict-transport-security: max-age=15552000
last-modified: Tue, 08 Mar 2022 14:46:15 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2022/03/accenture_new.png>; rel="canonical"
content-length: 3109
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Tue, 12 Mar 2024 01:10:25 GMT

GET
H2 200 v2.js Show response
js.hsforms.net/forms/ 481 KB
154 KB 126ms
67ms Script
application/javascript 104.16.137.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/v2.js

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.137.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b715034010b1479e7a4a2e5d571689fd05142a6a765fa341fb8f61e9ce576329

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-encoding: br
age: 339
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.4774/bundles/project-v2.js&cfRay=85f631a4ccdb398d-YYZ
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"9485dc4b1fa9efefba4862f8a0581794"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=600, max-age=300
x-hs-target-asset: forms-embed/static-1.4774/bundles/project-v2.js
date: Tue, 05 Mar 2024 01:10:25 GMT
x-amz-version-id: 9d7EqS.wP16C3hZhn1hsKrzc1cSTV7NB
via: 1.1 1f1067e4f193aaabd2c24b99bcdc4e88.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: f5d84917-0f5f-4008-a68b-db46c3f27122
x-cache: Hit from cloudfront
cache-tag: staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 3
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: f5d84917-0f5f-4008-a68b-db46c3f27122
last-modified: Thu, 29 Feb 2024 15:14:22 UTC
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p9KO6oAzI8QuCfYb74GgQT5sDvMytJhmpVh8v1GMtAtmETVOADLQ1sHUv1dwl%2Bil1V5QnIdRRygysv6Gh1lehuVMzzi%2Bd9Xnj288ViVuXXvELBrc9iOtlbJaT%2BNNT6rL"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-576f9d768-zx9hx
cf-ray: 85f639e8efd93a00-YYZ
x-amz-cf-id: aG7tJkwSR3W-anO4u7PAUAw2ADK5yqkHHuTPuUUa4_W3GWlIuEUv8w==

GET
H3 200 js-cookie.min.js Show response
149360532.v2.pressablecdn.com/wp-content/plugins/uncode-privacy/assets/js/ 3 KB
1 KB 20ms
19ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/plugins/uncode-privacy/assets/js/js-cookie.min.js?ver=2.2.0

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

1b63af7a02c46c6968431dcba892f98a347ad60453f3a6eb801528a1adaf32e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Tue, 05 Mar 2024 01:10:25 GMT
content-encoding: br
x-ac: 2.yyz _atomic_dca BYPASS
strict-transport-security: max-age=15552000
last-modified: Tue, 23 May 2023 11:28:28 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
link: <http://fraud.net/wp-content/plugins/uncode-privacy/assets/js/js-cookie.min.js>; rel="canonical"
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 uncode-privacy-public.min.js Show response
149360532.v2.pressablecdn.com/wp-content/plugins/uncode-privacy/assets/js/ 4 KB
1 KB 21ms
18ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/plugins/uncode-privacy/assets/js/uncode-privacy-public.min.js?ver=2.2.3

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

7ee31a17e8c32a3aaf1747906ddcb9fa29586f247f0d61658ab1981694a61d19

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Tue, 05 Mar 2024 01:10:25 GMT
content-encoding: br
x-ac: 1.yyz _atomic_dca BYPASS
strict-transport-security: max-age=15552000
last-modified: Fri, 29 Sep 2023 14:32:02 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
link: <http://fraud.net/wp-content/plugins/uncode-privacy/assets/js/uncode-privacy-public.min.js>; rel="canonical"
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 tooltipster.bundle.min.js Show response
149360532.v2.pressablecdn.com/wp-content/plugins/encyclopedia-pro/assets/js/ 39 KB
11 KB 22ms
17ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/plugins/encyclopedia-pro/assets/js/tooltipster.bundle.min.js?ver=4.2.6

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

8250a1bc2682e8826ae3d7647ee94059def19643f0034144c9d8e18cf0629ed0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Tue, 05 Mar 2024 01:10:25 GMT
content-encoding: br
x-ac: 2.yyz _atomic_dca BYPASS
strict-transport-security: max-age=15552000
last-modified: Fri, 16 Jun 2023 06:19:18 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
link: <http://fraud.net/wp-content/plugins/encyclopedia-pro/assets/js/tooltipster.bundle.min.js>; rel="canonical"
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 tooltips.js Show response
149360532.v2.pressablecdn.com/wp-content/plugins/encyclopedia-pro/assets/js/ 2 KB
1 KB 23ms
18ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/plugins/encyclopedia-pro/assets/js/tooltips.js

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

70ceba313631a8887328812e871ea50456c5afb1f58f0989a1fc039d673b2f74

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Tue, 05 Mar 2024 01:10:25 GMT
content-encoding: br
x-ac: 1.yyz _atomic_dca BYPASS
strict-transport-security: max-age=15552000
last-modified: Fri, 29 Sep 2023 14:32:42 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
link: <http://fraud.net/wp-content/plugins/encyclopedia-pro/assets/js/tooltips.js>; rel="canonical"
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Tue, 12 Mar 2024 01:10:25 GMT

GET
H3 200 plugins.min.js Show response
149360532.v2.pressablecdn.com/wp-content/themes/uncode/library/js/ 777 KB
210 KB 24ms
19ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/themes/uncode/library/js/plugins.min.js

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

aec9f4f7455da97df0df620ef3773a19089cd36b9af30fc0fc90f79eb8e7f869

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Tue, 05 Mar 2024 01:10:25 GMT
content-encoding: br
x-ac: 2.yyz _atomic_dca BYPASS
strict-transport-security: max-age=15552000
last-modified: Tue, 27 Feb 2024 16:38:17 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
link: <http://fraud.net/wp-content/themes/uncode/library/js/plugins.min.js>; rel="canonical"
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Tue, 12 Mar 2024 01:10:25 GMT

GET
H3 200 app.min.js Show response
149360532.v2.pressablecdn.com/wp-content/themes/uncode/library/js/ 270 KB
59 KB 25ms
20ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/themes/uncode/library/js/app.min.js

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

15c15643141bd4c8fb383b7e2c4d8406a7bdf5d31d2e648126c0f6d5a9a85f24

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Tue, 05 Mar 2024 01:10:25 GMT
content-encoding: br
x-ac: 1.yyz _atomic_dca BYPASS
strict-transport-security: max-age=15552000
last-modified: Tue, 27 Feb 2024 16:38:17 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
link: <http://fraud.net/wp-content/themes/uncode/library/js/app.min.js>; rel="canonical"
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Tue, 12 Mar 2024 01:10:25 GMT

GET
H3 200 main.js Show response
149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/static/ 1 KB
903 B 29ms
24ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/static/main.js?ver=1.19.0

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

afb60239152b2ab1e5d44c2376662da21a98e3fe19cebdb891660bfa23bb3d4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Tue, 05 Mar 2024 01:10:25 GMT
content-encoding: br
x-ac: 1.yyz _atomic_dca BYPASS
strict-transport-security: max-age=15552000
last-modified: Tue, 23 May 2023 11:27:19 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
link: <http://fraud.net/wp-content/themes/uncode-for-fraud/static/main.js>; rel="canonical"
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
48 KB 107ms
35ms Font
font/woff2 142.251.163.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C900%2C900italic%7COpen+Sans%3A300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic&subset=greek%2Cvietnamese%2Ccyrillic%2Cgreek-ext%2Clatin%2Ccyrillic-ext%2Clatin-ext&ver=2.7.10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f94.1e100.net

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fraud.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 07:45:04 GMT
x-content-type-options: nosniff
age: 62721
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Mar 2025 07:45:04 GMT

GET
H3 200 uncode-icons.woff2
149360532.v2.pressablecdn.com/wp-content/themes/uncode/library/fonts/ 145 KB
146 KB 57ms
18ms Font
application/font-woff2 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/themes/uncode/library/fonts/uncode-icons.woff2

Requested by

Host: 149360532.v2.pressablecdn.com
URL: https://149360532.v2.pressablecdn.com/wp-content/themes/uncode/library/css/uncode-icons.css

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

6972b66b95853b03c2bc72665973cc84fc1228c191d43e911ed6aa8e43331b91

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://149360532.v2.pressablecdn.com/wp-content/themes/uncode/library/css/uncode-icons.css
Origin: https://fraud.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nc: HIT yyz 1
date: Tue, 05 Mar 2024 01:10:25 GMT
x-ac: 1.yyz _atomic_dca BYPASS
strict-transport-security: max-age=15552000
last-modified: Tue, 27 Feb 2024 16:38:17 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/themes/uncode/library/fonts/uncode-icons.woff2>; rel="canonical"
content-length: 148848
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Tue, 12 Mar 2024 01:10:25 GMT

POST
H3 200 admin-ajax.php Show response
fraud.net/wp-admin/ 280 B
686 B 851ms
848ms XHR
application/json 199.16.173.27
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-admin/admin-ajax.php

Requested by

Host: 149360532.v2.pressablecdn.com
URL: https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/init.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

199.16.173.27 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

c08008fb0ee7a04923cca99b60b2421a77dd409ac8942ed02731107c594f6da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fraud.net/
X-Requested-With: XMLHttpRequest
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 05 Mar 2024 01:10:26 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
x-ac: 2.yyz _atomic_dca BYPASS
host-header: Pressable
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://fraud.net
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
cache-control: no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
access-control-allow-headers: origin
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 200 MicrosoftTeams-image-2-2-uai-258x110.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 32 KB
32 KB 28ms
26ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/MicrosoftTeams-image-2-2-uai-258x110.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

465726c1fc7cd0e6ff5a19fdf03a20d95e13f8e5c255c157df0428e3370cfd99

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Tue, 05 Mar 2024 01:10:25 GMT
x-ac: 1.yyz _atomic_dca BYPASS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Dec 2021 13:09:11 GMT
server: nginx
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/MicrosoftTeams-image-2-2-uai-258x110.png>; rel="canonical"
content-length: 32700
alt-svc: h3=":443"; ma=86400
expires: Tue, 12 Mar 2024 01:10:25 GMT

POST
H3 200 admin-ajax.php Show response
fraud.net/wp-admin/ 1 KB
902 B 745ms
744ms XHR
application/json 199.16.173.27
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-admin/admin-ajax.php

Requested by

Host: 149360532.v2.pressablecdn.com
URL: https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/init.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

199.16.173.27 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

bcd0c5706a71257dc4726833b8dbccf0bade6d725fa058700e3c3e9415c0cd0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fraud.net/
X-Requested-With: XMLHttpRequest
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 05 Mar 2024 01:10:26 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
x-ac: 2.yyz _atomic_dca BYPASS
host-header: Pressable
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://fraud.net
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
cache-control: no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
access-control-allow-headers: origin
expires: Wed, 11 Jan 1984 05:00:00 GMT

POST
H3 200 admin-ajax.php Show response
fraud.net/wp-admin/ 266 B
676 B 864ms
864ms XHR
application/json 199.16.173.27
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-admin/admin-ajax.php

Requested by

Host: 149360532.v2.pressablecdn.com
URL: https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/init.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

199.16.173.27 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

daee12829489482aa26dec2daf699ffbbf1635fa4c5341348b28582ed0330e31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fraud.net/
X-Requested-With: XMLHttpRequest
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 05 Mar 2024 01:10:26 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
x-ac: 2.yyz _atomic_dca BYPASS
host-header: Pressable
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://fraud.net
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
cache-control: no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
access-control-allow-headers: origin
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 200 Group-2851-uai-258x81.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 14 KB
14 KB 17ms
17ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Group-2851-uai-258x81.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

8ec10bed3af6096be5743e3e5dce99ea22832a46b86f13e19e68966a52fe63b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Tue, 05 Mar 2024 01:10:25 GMT
x-ac: 2.yyz _atomic_dca BYPASS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Dec 2021 13:09:11 GMT
server: nginx
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Group-2851-uai-258x81.png>; rel="canonical"
content-length: 14086
alt-svc: h3=":443"; ma=86400
expires: Tue, 12 Mar 2024 01:10:25 GMT

GET
H/1.1 200
OK 235637953 Show response
player.vimeo.com/video/ Frame 5F62 19 KB
9 KB 238ms
238ms Document
text/html 162.159.128.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/video/235637953?

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.159.128.61 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

712e285c3d25c47a89f84c5c692ae865dca2669b508d86c7ce4f23f53d8ef23c

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-inline' https://.vimeocdn.com 'unsafe-eval' resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://edge-player5.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://player-telemetry.vimeo.com https://.akamaized.net https://.akamaized-staging.net https://.vimeocdn.com https://drm-gke.vhx.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://.kollective.app https://.kollective.app:31015 https://.kollectivecd.com https://.hivestreaming.com https://mimir.cloud.vimeo.com https://vimeo.magisto.com https://stage-proxy.vimeo.magisto.com https://.wirewax.com https://.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; font-src data: https://edge-assets.wirewax.com https://branding.cdn.magisto.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://i.vimeocdn.com https://duysrfiajusdh.cloudfront.net https://d263mgllkjh2k2.cloudfront.net https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com android-webview-video-poster:; object-src 'self' https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net; media-src 'self' blob: https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net https://.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://*; report-uri /_csp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fraud.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 85f639e9685f542b-YYZ
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Tue, 05 Mar 2024 01:10:25 GMT
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
Via: 1.1 varnish
X-Cache: MISS
X-Cache-Hits: 0
X-Served-By: cache-yyz4526-YYZ
X-Timer: S1709601026.538474,VS0,VE165
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-inline' https://*.vimeocdn.com 'unsafe-eval' resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://*.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://edge-player5.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://drm-gke.vhx.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.kollective.app https://*.kollective.app:31015 https://*.kollectivecd.com https://*.hivestreaming.com https://mimir.cloud.vimeo.com https://vimeo.magisto.com https://stage-proxy.vimeo.magisto.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; font-src data: https://edge-assets.wirewax.com https://branding.cdn.magisto.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://*.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://i.vimeocdn.com https://duysrfiajusdh.cloudfront.net https://d263mgllkjh2k2.cloudfront.net https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com android-webview-video-poster:; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://*; report-uri /_csp
expires: Fri, 15 Dec 1985 19:30:00 GMT
link: <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin <https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-backend-server: player-backend-edge-entry
x-bapp-server: player-backend-75d6d875c7-b8swq
x-content-type-options: nosniff
x-host: player-backend-75d6d875c7-b8swq
x-player-backend: g
x-xss-protection: 1; mode=block

POST
H3 200 admin-ajax.php Show response
fraud.net/wp-admin/ 1 KB
806 B 794ms
794ms XHR
application/json 199.16.173.27
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-admin/admin-ajax.php

Requested by

Host: 149360532.v2.pressablecdn.com
URL: https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/init.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

199.16.173.27 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

9ff28263116736c7c7ef73a0fa1420c7add46fe9ff53748a2db0a1f5c8a998b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fraud.net/
X-Requested-With: XMLHttpRequest
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 05 Mar 2024 01:10:26 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
x-ac: 2.yyz _atomic_dca BYPASS
host-header: Pressable
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://fraud.net
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
cache-control: no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
access-control-allow-headers: origin
expires: Wed, 11 Jan 1984 05:00:00 GMT

POST
H3 200 admin-ajax.php Show response
fraud.net/wp-admin/ 266 B
677 B 797ms
797ms XHR
application/json 199.16.173.27
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-admin/admin-ajax.php

Requested by

Host: 149360532.v2.pressablecdn.com
URL: https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/init.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

199.16.173.27 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

f35c2e92888e9c429528a68873eef50cbc4115ecb5cb8376663a71e8c5768ba7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fraud.net/
X-Requested-With: XMLHttpRequest
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 05 Mar 2024 01:10:26 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
x-ac: 2.yyz _atomic_dca BYPASS
host-header: Pressable
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://fraud.net
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
cache-control: no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
access-control-allow-headers: origin
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 200 Group-2859-uai-258x34.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 5 KB
5 KB 18ms
17ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Group-2859-uai-258x34.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

cdbf143856a375cc4f975c8cd17edc52f04ebf0952d96944bf027290fe9ad28e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Tue, 05 Mar 2024 01:10:25 GMT
x-ac: 1.yyz _atomic_dca BYPASS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Dec 2021 13:09:11 GMT
server: nginx
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Group-2859-uai-258x34.png>; rel="canonical"
content-length: 5270
alt-svc: h3=":443"; ma=86400
expires: Tue, 12 Mar 2024 01:10:25 GMT

POST
H3 200 admin-ajax.php Show response
fraud.net/wp-admin/ 265 B
682 B 806ms
806ms XHR
application/json 199.16.173.27
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-admin/admin-ajax.php

Requested by

Host: 149360532.v2.pressablecdn.com
URL: https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/init.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

199.16.173.27 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

38201f49004c4d534c20a9e60afdb583fafdea5ac7daa8cd7bc57f4078f25b83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fraud.net/
X-Requested-With: XMLHttpRequest
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 05 Mar 2024 01:10:26 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
x-ac: 2.yyz _atomic_dca BYPASS
host-header: Pressable
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://fraud.net
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
cache-control: no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
access-control-allow-headers: origin
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 200 Group-2858-uai-258x306.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 139 KB
139 KB 17ms
17ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Group-2858-uai-258x306.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

53327d1c55cd5f6aec4c686f3ba84c17c8fdcea1d62760bb61f3d45ef504566d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Tue, 05 Mar 2024 01:10:25 GMT
x-ac: 1.yyz _atomic_dca BYPASS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Dec 2021 13:09:11 GMT
server: nginx
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Group-2858-uai-258x306.png>; rel="canonical"
content-length: 142152
alt-svc: h3=":443"; ma=86400
expires: Tue, 12 Mar 2024 01:10:25 GMT

POST
H3 200 admin-ajax.php Show response
fraud.net/wp-admin/ 296 B
702 B 815ms
814ms XHR
application/json 199.16.173.27
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-admin/admin-ajax.php

Requested by

Host: 149360532.v2.pressablecdn.com
URL: https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/init.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

199.16.173.27 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

c7cafdd33dddd9b590db1197febe5659f7ca3ff90d968cb30e010245f4ffa4d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fraud.net/
X-Requested-With: XMLHttpRequest
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 05 Mar 2024 01:10:26 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
x-ac: 2.yyz _atomic_dca BYPASS
host-header: Pressable
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://fraud.net
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
cache-control: no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
access-control-allow-headers: origin
expires: Wed, 11 Jan 1984 05:00:00 GMT

POST
H3 200 admin-ajax.php Show response
fraud.net/wp-admin/ 266 B
675 B 751ms
751ms XHR
application/json 199.16.173.27
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-admin/admin-ajax.php

Requested by

Host: 149360532.v2.pressablecdn.com
URL: https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/init.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

199.16.173.27 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

e99c15ba681a7f4008c5c2457c9f376265dd0fb80327141c905dbd83f9ae62d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fraud.net/
X-Requested-With: XMLHttpRequest
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 05 Mar 2024 01:10:26 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
x-ac: 2.yyz _atomic_dca BYPASS
host-header: Pressable
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://fraud.net
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
cache-control: no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
access-control-allow-headers: origin
expires: Wed, 11 Jan 1984 05:00:00 GMT

POST
H3 200 admin-ajax.php Show response
fraud.net/wp-admin/ 266 B
676 B 717ms
716ms XHR
application/json 199.16.173.27
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-admin/admin-ajax.php

Requested by

Host: 149360532.v2.pressablecdn.com
URL: https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/init.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

199.16.173.27 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

de23120c819f0b91203a2ac065e465ae21b0c926d5b93ce7f6709fcc064ebea8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fraud.net/
X-Requested-With: XMLHttpRequest
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 05 Mar 2024 01:10:26 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
x-ac: 2.yyz _atomic_dca BYPASS
host-header: Pressable
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://fraud.net
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
cache-control: no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
access-control-allow-headers: origin
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4f3d35c6c4f11dcb2d162feb950a605448fa97de5c9b8d58109ef52eb167d566

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Group-2854-uai-258x74.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 21 KB
21 KB 17ms
17ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Group-2854-uai-258x74.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

97894d5d517bdace45e5737e6288178fe70c289d2b8e326ac82f3fa88ec92c58

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Tue, 05 Mar 2024 01:10:25 GMT
x-ac: 2.yyz _atomic_dca BYPASS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Dec 2021 13:09:12 GMT
server: nginx
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Group-2854-uai-258x74.png>; rel="canonical"
content-length: 21518
alt-svc: h3=":443"; ma=86400
expires: Tue, 12 Mar 2024 01:10:25 GMT

POST
H3 200 admin-ajax.php Show response
fraud.net/wp-admin/ 2 KB
934 B 683ms
682ms XHR
application/json 199.16.173.27
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-admin/admin-ajax.php

Requested by

Host: 149360532.v2.pressablecdn.com
URL: https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/init.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

199.16.173.27 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

3c2acc19291068a85aa17a541593a525cb4133a2d593770885793757368f8533

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fraud.net/
X-Requested-With: XMLHttpRequest
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 05 Mar 2024 01:10:26 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
x-ac: 2.yyz _atomic_dca BYPASS
host-header: Pressable
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://fraud.net
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
cache-control: no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
access-control-allow-headers: origin
expires: Wed, 11 Jan 1984 05:00:00 GMT

POST
H3 429 admin-ajax.php Show response
fraud.net/wp-admin/ 1 KB
1 KB 45ms
45ms XHR
text/html 199.16.173.27
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-admin/admin-ajax.php

Requested by

Host: 149360532.v2.pressablecdn.com
URL: https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/init.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

199.16.173.27 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

21200fdcf2fb9fb7a01ec311ca3b49dc918347f75cf3c001f5ecd70f69e121c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://fraud.net/
X-Requested-With: XMLHttpRequest
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 05 Mar 2024 01:10:25 GMT
strict-transport-security: max-age=31536000
x-ac: 2.yyz _atomic_dca BYPASS
server: nginx
etag: "62cd98f7-490"
content-type: text/html
alt-svc: h3=":443"; ma=86400
content-length: 1168

GET
H3 200 Group-2851@2x-uai-258x81.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 14 KB
15 KB 20ms
20ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Group-2851@2x-uai-258x81.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

d23369096b16514e42ec85aa9495bebeed9569aee7d01e2feb52c2fff4e626b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Tue, 05 Mar 2024 01:10:25 GMT
x-ac: 1.yyz _atomic_dca BYPASS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Dec 2021 13:09:12 GMT
server: nginx
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Group-2851@2x-uai-258x81.png>; rel="canonical"
content-length: 14643
alt-svc: h3=":443"; ma=86400
expires: Tue, 12 Mar 2024 01:10:25 GMT

GET
H/1.1 200
OK json Show response
forms.hsforms.com/embed/v3/form/2113031/e7da54a7-2f38-4f6a-9f57-178fe485ef3c/ 5 KB
3 KB 124ms
82ms XHR
application/json 104.18.176.125
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/2113031/e7da54a7-2f38-4f6a-9f57-178fe485ef3c/json?hs_static_app=forms-embed&hs_static_app_version=1.4774&X-HubSpot-Static-App-Info=forms-embed-1.4774

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

104.18.176.125 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7aab53c8ee27291e41a23076e60add62a812f1b077e0207df006cb90bbfa71dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://fraud.net/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

X-Origin-Hublet: na1
Date: Tue, 05 Mar 2024 01:10:25 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
Content-Encoding: br
x-evy-trace-route-service-name: envoyset-translator
X-HubSpot-Correlation-Id: 0ca91950-d953-46be-9faa-8ca69b875964
Transfer-Encoding: chunked
x-envoy-upstream-service-time: 9
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 0ca91950-d953-46be-9faa-8ca69b875964
Server: cloudflare
X-Trace: 2BF01681FC6D077231D6905251CEEEBAA92A5D12FD000000000000000000
Vary: origin
Access-Control-Allow-Methods: OPTIONS, GET
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://fraud.net
x-evy-trace-virtual-host: all
Access-Control-Expose-Headers: X-Origin-Hublet
Access-Control-Max-Age: 180
Access-Control-Allow-Credentials: false
Cache-Control: max-age=0, no-cache, no-store
X-Robots-Tag: none
Access-Control-Allow-Headers: *
CF-RAY: 85f639eaacfea1f2-YYZ
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-bfd765d7d-whsvb

POST
H3 429 admin-ajax.php Show response
fraud.net/wp-admin/ 1 KB
1 KB 46ms
45ms XHR
text/html 199.16.173.27
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-admin/admin-ajax.php

Requested by

Host: 149360532.v2.pressablecdn.com
URL: https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/init.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

199.16.173.27 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

21200fdcf2fb9fb7a01ec311ca3b49dc918347f75cf3c001f5ecd70f69e121c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://fraud.net/
X-Requested-With: XMLHttpRequest
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 05 Mar 2024 01:10:25 GMT
strict-transport-security: max-age=31536000
x-ac: 2.yyz _atomic_dca BYPASS
server: nginx
etag: "62cd98f7-490"
content-type: text/html
alt-svc: h3=":443"; ma=86400
content-length: 1168

GET
H3 200 fraud-dot-net-background-dots-bottom-sm-uai-258x194.jpg
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2018/10/ 7 KB
7 KB 17ms
17ms Image
image/jpeg 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2018/10/fraud-dot-net-background-dots-bottom-sm-uai-258x194.jpg

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

be5349d4081fecf915783ec56264da71a51dc0e8171fd4556d1c7ea43ba1ba30

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Tue, 05 Mar 2024 01:10:25 GMT
x-ac: 2.yyz _atomic_dca BYPASS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Dec 2021 13:08:55 GMT
server: nginx
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2018/10/fraud-dot-net-background-dots-bottom-sm-uai-258x194.jpg>; rel="canonical"
content-length: 7103
alt-svc: h3=":443"; ma=86400
expires: Tue, 12 Mar 2024 01:10:25 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 268 KB
90 KB 70ms
70ms Script
application/javascript 172.253.62.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-GPKLFPPQY0&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVZ4N9X

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

f1562cbb77b3b31a5db8ea5ea2b352a84c90c18dad4cd6d467aa95dc668f6f1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 01:10:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92346
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 05 Mar 2024 01:10:25 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 204 KB
74 KB 86ms
86ms Script
application/javascript 172.253.62.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-998743206&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVZ4N9X

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

7e76ff512d5f00b42635a11ba8f0d158ba01fe3a8ce5eed40fef81a26ee613e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 01:10:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76178
x-xss-protection: 0
last-modified: Tue, 05 Mar 2024 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 05 Mar 2024 01:10:25 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 1 KB
856 B 149ms
47ms Script
application/javascript 23.40.207.227
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVZ4N9X

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.40.207.227 Atlanta, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-40-207-227.deploy.static.akamaitechnologies.com

Software

Resource Hash

26ab1e1eeca5b1289daa3d87aaf2e04534286ddb4f159bf83fb0c63f87ab1964

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 01:10:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 04 Mar 2024 18:59:30 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=64222
accept-ranges: bytes
content-length: 646

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 153ms
47ms Script
application/javascript 13.107.21.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVZ4N9X

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Tue, 05 Mar 2024 01:10:24 GMT
last-modified: Thu, 29 Feb 2024 19:58:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: DCDC3908E620493E8C31E1FEC05D4167 Ref B: YTO01EDGE0714 Ref C: 2024-03-05T01:10:25Z
etag: "01b4e9c496bda1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13261

GET
H2 200 hotjar-2001329.js Show response
static.hotjar.com/c/ 11 KB
5 KB 209ms
115ms Script
application/javascript 3.162.3.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2001329.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVZ4N9X

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.162.3.96 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-162-3-96.yul62.r.cloudfront.net

Software

Resource Hash

63d372bb317e16f8be6641cd69b889103df8c8987205d12c5f758fd2b1a4d69f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 01:10:25 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 07e5e07e8e5ea126f260c9aec11f0d3a.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-P2
etag: W/aacef5e4385f1ef76fa90feb767b48bc
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: w9KeANrh3ohP0XjhCdC_G_5fLz_QBY7J1m-zY1MAI0NM7Ytln6wKkg==

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 80 KB
25 KB 118ms
31ms Script
text/javascript 3.162.3.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVZ4N9X
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.3.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-3-108.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: af151592386fa0fbeb1de70e7cfad51720dc99626d92070cc40ba74fdbc1e85a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

X-Amz-Version-Id: CLfV4shnsLPv_YA1kCPcePB0KwsnXK4r
Content-Encoding: gzip
Via: 1.1 bccdd9eb44a87c0c46b5374545a79a04.cloudfront.net (CloudFront)
Date: Tue, 05 Mar 2024 01:08:46 GMT
Age: 102
X-Amz-Cf-Pop: YUL62-P2
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Thu, 22 Feb 2024 18:36:18 GMT
Server: AmazonS3
Etag: W/"8383a35d69d96ee7d6073ad727028386"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: vBNbP_i5I5O2k5JoDfc4yL1nZaJSJBKc7xT3HCFuL3c8XqV7OzuwKQ==

GET
H2 200 2113031.js Show response
js.hs-scripts.com/ 2 KB
1 KB 150ms
107ms Script
application/javascript 104.16.191.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hs-scripts.com/2113031.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVZ4N9X

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.191.89 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae9b4d12d3c7a3144e8f19449c075892563dedf78bcde3cd99a3ba712a9258f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 01:10:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 13c29417-0262-4582-9a9f-4ad24235a5e5
x-envoy-upstream-service-time: 6
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 13c29417-0262-4582-9a9f-4ad24235a5e5
last-modified: Tue, 05 Mar 2024 00:20:08 GMT
server: cloudflare
x-trace: 2BBBFBB55E30E5E4C8A018694DC6EBA20BF5FCF250000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://fraud.net
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-59d6fb747d-qf2zj
access-control-allow-credentials: true
cache-control: public, max-age=90
cf-ray: 85f639ead833a1ed-YYZ
expires: Tue, 05 Mar 2024 01:11:55 GMT

GET
H2 200 analytics.js Show response
media.fraud.net/shield/js/v1/ 98 KB
30 KB 120ms
41ms Script
application/javascript 18.67.65.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.fraud.net/shield/js/v1/analytics.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVZ4N9X
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.65.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-65-129.iad89.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0f47efcf7e21734e231f323a3d1ecf00c24dee2268687a589042d8de82500dda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 01:06:49 GMT
content-encoding: gzip
via: 1.1 cea67f5ca1b497624430e599aa6b7c62.cloudfront.net (CloudFront)
last-modified: Thu, 28 Feb 2019 18:42:24 GMT
server: AmazonS3
x-amz-cf-pop: IAD89-P1
age: 217
etag: "7479109d61e7cc42fa7496c3a2a11d5e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=300, no-transform, public
accept-ranges: bytes
content-length: 30572
x-amz-cf-id: OlQ6pXTSxCnAAiGQWJv4DmxZ5md9zE5XNUhCC9orgOzxoOoFiHouiw==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 215 KB
58 KB 320ms
105ms Script
application/x-javascript 163.70.128.23
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

163.70.128.23 Saint-Denis, France, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-03-cdg4.fbcdn.net

Software

Resource Hash

50b6e67cfcfe4ac8fe9cee705b681f696065306ee42bcd4e6b37a17dba333ac5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

permissions-policy-report-only: clipboard-read=(), clipboard-write=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 05 Mar 2024 01:10:25 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57348
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma: public
x-fb-debug: U+V3X4sj64R/AOfi0f3EvGT1iWgcCSwOBADCJTZHxtbqAbD7P18LXgpH+BBoyUHg4EP0uzXUTmg6WtFywtC9HA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 60e76b46e4c4e9001293ca88 Show response
ws.zoominfo.com/pixel/ 4 KB
2 KB 342ms
297ms Script
text/javascript 104.16.136.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/60e76b46e4c4e9001293ca88

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.136.15 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

d2010928cee8b22d12511c1f686781454cdf9eb5e8d2860f1110420d8f23526a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 01:10:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
x-powered-by: Express
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url
alt-svc: h3=":443"; ma=86400
cf-ray: 85f639eadc6f38e3-YYZ

GET
H2 200 Home Show response
track.cbdatatracker.com/ 2 B
180 B 213ms
95ms Script
text/html 148.59.128.196
LUNAVI-WY

General

Check archive.org

Show headers Download Go to

Full URL: https://track.cbdatatracker.com/Home?v=3&id=%27c2035064-646d-4517-860a-a8c2a7c110ea%27
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 148.59.128.196 , Canada, ASN33561 (LUNAVI-WY, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 7eb70257593da06f682a3ddda54a9d260d4fc514f645237f5ca74b08f8da61a6

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 01:10:23 GMT
x-aspnetmvc-version: 5.2
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: text/html; charset=utf-8
cache-control: private
alt-svc: h3=":443";
content-length: 2

GET
H2 200 2749.js Show response
tracking.g2crowd.com/attribution_tracking/conversions/ 16 B
1 KB 102ms
59ms Script
text/javascript 172.64.144.225
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tracking.g2crowd.com/attribution_tracking/conversions/2749.js?p=https://fraud.net/&e=

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.144.225 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3dae93a05edd9dcfc1864b87178a31e0bfa93e1a9b1c486c6e9cbf73cae87862

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .g2crowd.com .g2.com; connect-src 'self' .g2crowd.com .g2.com; font-src 'self' .g2crowd.com .g2.com; form-action 'self' .g2crowd.com .g2.com; frame-src 'self' .g2crowd.com .g2.com; img-src 'self' .g2crowd.com .g2.com; manifest-src 'self' .g2crowd.com .g2.com; media-src 'self' .g2crowd.com .g2.com; object-src 'self' .g2crowd.com .g2.com; script-src 'self' .g2crowd.com .g2.com; style-src 'self' .g2crowd.com .g2.com; worker-src 'self' .g2crowd.com .g2.com
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 01:10:25 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
x-permitted-cross-domain-policies: none
content-security-policy: default-src 'self' *.g2crowd.com *.g2.com; connect-src 'self' *.g2crowd.com *.g2.com; font-src 'self' *.g2crowd.com *.g2.com; form-action 'self' *.g2crowd.com *.g2.com; frame-src 'self' *.g2crowd.com *.g2.com; img-src 'self' *.g2crowd.com *.g2.com; manifest-src 'self' *.g2crowd.com *.g2.com; media-src 'self' *.g2crowd.com *.g2.com; object-src 'self' *.g2crowd.com *.g2.com; script-src 'self' *.g2crowd.com *.g2.com; style-src 'self' *.g2crowd.com *.g2.com; worker-src 'self' *.g2crowd.com *.g2.com
x-xss-protection: 1; mode=block
x-request-id: cef9d1ac-215a-4d36-9c1f-8ec4b172d7ef
x-runtime: 0.003342
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"3dae93a05edd9dcfc1864b87178a31e0"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=600, public
cf-ray: 85f639eafe4ba240-YYZ

GET
H2 200 os.min.js Show response
s.opensend.com/ 9 KB
4 KB 82ms
25ms Script
application/javascript 13.225.195.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.opensend.com/os.min.js
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.195.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-195-24.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c90fa12377dca0cca457f2e3cf34e10ab941944605e67237ea5584a7d66a34c7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 11:46:21 GMT
content-encoding: gzip
via: 1.1 7953c31b7650812341d5a358487e2bbc.cloudfront.net (CloudFront)
last-modified: Tue, 03 Oct 2023 19:20:42 GMT
server: AmazonS3
x-amz-cf-pop: YUL62-C1
age: 56339
x-amz-server-side-encryption: AES256
etag: W/"6b7a3bb12fb4e0826329dee1f7df2909"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: SsKKwisPDo0rZIpWiyIdIcBCIVdOdIOT3S2R024FrvSDpWww6UBy7Q==

GET
H2 200 icallback.js Show response
app.convolo.ai/js/ 40 KB
10 KB 636ms
398ms Script
text/javascript 134.122.57.141
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://app.convolo.ai/js/icallback.js?v=0.29445792169613894&key=722eceab7f60d18ed20b7092f33c4d77&uri=https%3A%2F%2Ffraud.net%2F
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 134.122.57.141 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 / Express
Resource Hash: c864ba3177bceaf4e8dc920603894239744114723f7640a01e1ef7fbbc0d26af

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 01:10:26 GMT
content-encoding: gzip
server: nginx/1.18.0
x-powered-by: Express
etag: W/"a0dd-EHY3BgxUCpBsGXINWV+87TIfgkQ"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 74ms
19ms Script
text/javascript 216.239.38.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVZ4N9X

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.239.38.178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 05 Mar 2024 00:07:09 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 3796
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 05 Mar 2024 02:07:09 GMT

GET
H2 200 player.module.js Show response
f.vimeocdn.com/p/4.28.12/js/ Frame 5F62 570 KB
137 KB 114ms
37ms Script
application/javascript 146.75.30.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/4.28.12/js/player.module.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/235637953?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.30.109 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e061ae2e26263c053a592e12c426bf56c7c7c9a855d1a4c60ec72a512cd37374

Request headers

Referer: https://player.vimeo.com/
Origin: https://player.vimeo.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-served-by: cache-iad-kiad7000080-IAD
date: Tue, 05 Mar 2024 01:10:25 GMT
content-encoding: br
via: 1.1 varnish
age: 29705
x-timer: S1709601026.877513,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 140459
x-cache-hits: 18

GET
H2 200 vendor.module.js Show response
f.vimeocdn.com/p/4.28.12/js/ Frame 5F62 417 KB
100 KB 113ms
37ms Script
application/javascript 146.75.30.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/4.28.12/js/vendor.module.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/235637953?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.30.109 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 64e1b0c75d8227ddab7862c64b7c48d18e3e9729432ada838d16abab849ca81c

Request headers

Referer: https://player.vimeo.com/
Origin: https://player.vimeo.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-served-by: cache-iad-kiad7000080-IAD
date: Tue, 05 Mar 2024 01:10:25 GMT
content-encoding: br
via: 1.1 varnish
age: 29705
x-timer: S1709601026.877557,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 102176
x-cache-hits: 7539

GET
H2 200 player.css
f.vimeocdn.com/p/4.28.12/css/ Frame 5F62 209 KB
22 KB 136ms
49ms Stylesheet
text/css 146.75.30.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/4.28.12/css/player.css
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/235637953?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.30.109 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ae61eee52a74b081700b0d5e04f90dc0472f834b50da52075259a9c152545674

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-served-by: cache-iad-kiad7000112-IAD
date: Tue, 05 Mar 2024 01:10:25 GMT
content-encoding: br
via: 1.1 varnish
age: 29705
x-timer: S1709601026.901000,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 22094
x-cache-hits: 7793

GET
H/1.1 200
OK track.js Show response
secure.gaug.es/ 4 KB
4 KB 147ms
36ms Script
application/javascript 54.209.50.46
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gaug.es/track.js
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.209.50.46 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-209-50-46.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: df2698e6cf74ed890afa92da10051f880df2ce0b3257b73c5d9ae2f6bea82d3c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Tue, 05 Mar 2024 01:10:26 GMT
Last-Modified: Tue, 30 Jan 2024 08:52:21 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "65b8b8c5-ef5"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3829

GET
H3 200 wp-emoji-release.min.js Show response
fraud.net/wp-includes/js/ 18 KB
5 KB 49ms
48ms Script
application/javascript 199.16.173.27
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

199.16.173.27 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 01:10:26 GMT
strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Thu, 02 Feb 2023 00:53:25 GMT
server: nginx
x-ac: 2.yyz _atomic_dca BYPASS
etag: W/"63db0985-4904"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
734 B 97ms
74ms Image
image/gif 104.18.176.125
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-DEFINITION_SUCCESS&count=1

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.176.125 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 01:10:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: a73bd532-4c0c-4aea-a6fe-37825afffffa
x-envoy-upstream-service-time: 3
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: a73bd532-4c0c-4aea-a6fe-37825afffffa
server: cloudflare
x-trace: 2B789979E29E35E9DC783EBA86AAD2393362121940000000000000000000
vary: origin
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-bfd765d7d-4s88s
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 85f639eca9f5a1f9-YYZ

GET
H2 200 761269575-6c5f8c54d48457c4a582eb93d22363f05ec10d47e9829dffd8598b02a20ddb61-d
i.vimeocdn.com/video/ Frame 5F62 2 KB
2 KB 56ms
18ms Image
image/avif 151.101.192.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/761269575-6c5f8c54d48457c4a582eb93d22363f05ec10d47e9829dffd8598b02a20ddb61-d?mw=80&q=85
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/235637953?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.192.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 8a7e18cd7d6f43fe4c0d4ee7bbdcc9d8d8b944b5d7b488bb1d0943ded77203b7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 01:10:26 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 461905
x-viewmaster-lossless-format: automatic
x-cache: miss, HIT, HIT
x-backend-server: varnish
content-length: 1753
viewmaster-server: viewmaster-glb-prod
x-served-by: cache-dfw-kdfw8210056-DFW, cache-yyz4563-YYZ
x-timer: S1709601026.046620,VS0,VE1
etag: "bdaa01b961c57c1b5cda5f7abee5bd49"
access-control-max-age: 86400
vary: Accept
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 2036, 1

GET
H2 200 enterprise.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 124ms
51ms Script
text/javascript 172.253.122.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise.js?&onload=hsRecaptchaLoaded_bade1e1c_d3bd_49ea_b9d0_3e9dbfc3e21c&render=explicit&hl=en

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.147 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f147.1e100.net

Software

GSE /

Resource Hash

74e27f27b84e9ec7b127a76e11748435fdbb7827f80d42fd8e76dd49e7d00815

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 01:10:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Tue, 05 Mar 2024 01:10:26 GMT

GET
H2 200 scraper-info-for-sppo Show response
front.optimonk.com/public/177110/embedded/ 2 B
332 B 383ms
129ms XHR
application/json 188.166.193.169
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://front.optimonk.com/public/177110/embedded/scraper-info-for-sppo?url=https%3A%2F%2Ffraud.net%2F

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

188.166.193.169 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 01:10:26 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: nginx
etag: W/"2-l9Fw4VUO7kr8CvBlt4zaMCqXZ0w"
x-download-options: noopen
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
vary: Accept-Encoding
content-length: 2
x-xss-protection: 1; mode=block

GET
H2 200 accountInfo.json Show response
cdn-account.optimonk.com/177110/ 221 B
976 B 108ms
32ms XHR
application/json 37.19.207.34
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-account.optimonk.com/177110/accountInfo.json

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.19.207.34 Ashburn, United States, ASN60068 (CDN77 _, GB),

Reverse DNS

37-19-207-34.bunnyinfra.net

Software

BunnyCDN-ASB1-925 /

Resource Hash

840cd5bf0aab9a5f4e41d3c63763b742d7b5c0c7d45dac9f7d6d9198698e320a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 01:10:26 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-encoding: br
cdn-edgestorageid: 925
x-dns-prefetch-control: off
cdn-cachedat: 03/03/2024 06:11:25
cdn-pullzone: 951434
x-xss-protection: 1; mode=block
server: BunnyCDN-ASB1-925
cdn-proxyver: 1.04
x-bunnycdn-countrycode: CA
etag: W/"dd-OMaEX+8AOA/UOoKykJREnJ5BNas"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 03887a3a-e2eb-4f9c-b547-bb29001e27f6
access-control-expose-headers: X-BunnyCDN-CountryCode
cache-control: public, max-age=30
cdn-requestpullcode: 200
cdn-requestid: 3fd17f0884ab4c98c002390a39a64282
cdn-requestcountrycode: CA
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/998743206/ 3 KB
2 KB 126ms
54ms Script
text/javascript 142.251.163.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/998743206/?random=1709601026106&cv=11&fst=1709601026106&bg=ffffff&guid=ON&async=1&gtm=45be42t1z879957660za201&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Ffraud.net%2F&hn=www.googleadservices.com&frm=0&tiba=AI%20Fraud%20Detection%20for%20Enterprises%20%7C%20Fraud.net&npa=0&pscdl=noapi&auid=60198894.1709601026&uamb=0&uaw=0&fdr=QA&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-998743206&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.154 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f154.1e100.net

Software

cafe /

Resource Hash

c2f458baa5e4e762a8c527be2385cac2a95152ec8931b09e985df7ad6e575088

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 01:10:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1275
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
241 B 119ms
44ms Ping
text/plain 172.253.122.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-GPKLFPPQY0&gtm=45je42t1v9102467835z879957660za200&_p=1709601025192&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&cid=1137313730.1709601026&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1709601026&sct=1&seg=0&dl=https%3A%2F%2Ffraud.net%2F&dt=AI%20Fraud%20Detection%20for%20Enterprises%20%7C%20Fraud.net&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2278
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GPKLFPPQY0&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.253.122.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bh-in-f101.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 01:10:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fraud.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
250 B 118ms
43ms Ping
text/plain 172.253.63.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-GPKLFPPQY0&cid=1137313730.1709601026&gtm=45je42t1v9102467835z879957660za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GPKLFPPQY0&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bi-in-f155.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 01:10:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fraud.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
408 B 167ms
93ms Image
image/gif 142.251.16.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-GPKLFPPQY0&cid=1137313730.1709601026&gtm=45je42t1v9102467835z879957660za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&z=963407308

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.16.94 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 01:10:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 insight.beta.min.js Show response
snap.licdn.com/li.lms-analytics/ 48 KB
17 KB 47ms
46ms Script
application/javascript 23.40.207.227
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.beta.min.js

Requested by

Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.40.207.227 Atlanta, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-40-207-227.deploy.static.akamaitechnologies.com

Software

Resource Hash

2017e4b8e2b04c8305a4ad71ad1c4cb40ebe8414d779f9ed27c1b0cad0446e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 01:10:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 04 Mar 2024 18:59:30 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=64171
accept-ranges: bytes
content-length: 17199

GET
H2 200 2113031.js Show response
js.hs-analytics.net/analytics/1709601000000/ 66 KB
21 KB 202ms
139ms Script
text/javascript 104.16.76.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1709601000000/2113031.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2113031.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.76.186 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04ba75a73777c96a97a6ebf973bd2b6182d76997333824b7fa27a4dcef19aafa

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 01:10:26 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: 9QDCH1881GVE88TN
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: bb0fb924-7dff-475d-81b7-7f0b03b26bc6
x-envoy-upstream-service-time: 56
x-amz-id-2: AuCFPGNBQtuTAGHAjM9zgu2pIdxLnuFno0ZZpNoYptqjx7z6f2Lh1U22x9Hgl6jk05NpvszAseSuwPEQMvf37w==
x-evy-trace-listener: listener_https
x-request-id: bb0fb924-7dff-475d-81b7-7f0b03b26bc6
x-evy-trace-route-configuration: listener_https/all
last-modified: Tue, 27 Feb 2024 15:24:41 GMT
server: cloudflare
etag: W/"b72d120e1441e0636d99856cd268dff5"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-8555f56d-hgmm2
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 85f639edee8f5419-YYZ
expires: Tue, 05 Mar 2024 01:15:26 GMT

GET
H2 200 web-interactives-embed.js Show response
js.hubspot.com/ 84 KB
25 KB 101ms
58ms Script
application/javascript 104.19.155.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hubspot.com/web-interactives-embed.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2113031.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.155.83 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

989d0ff16db0110879e677d9ef14c48e83b028831830566393225fb0c39fe2fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fraud.net/
Origin: https://fraud.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-encoding: br
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=web-interactives-embed/static-2.932/bundles/project.js&cfRay=85f639edcbe154d9-YYZ
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"35c4e3d2f89657082d5372c7bc6e79d3"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-hs-target-asset: web-interactives-embed/static-2.932/bundles/project.js
date: Tue, 05 Mar 2024 01:10:26 GMT
x-amz-version-id: cAhbXPz2og2F4B.zBTxw9oB4G3dvep2P
via: 1.1 caafbc8a9aa04b09dd564a3ddef60622.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: a7595faf-82a4-4afe-9ae6-cf364f0fe178
x-cache: Hit from cloudfront
cache-tag: staticjsapp-web-interactives-embed-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 1
x-evy-trace-route-configuration: listener_https/all
x-request-id: a7595faf-82a4-4afe-9ae6-cf364f0fe178
last-modified: Wed, 28 Feb 2024 14:13:53 UTC
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cRze2MJMWzNuXK0DVUCDezCRZLyTZZEgyhv31OJ%2BW9mijsqGZBFUvK4pKg0s0KJAEJa3GcNUSQBEt9UyoXXJ%2FjZ4g0iDtihOhnMiJG5hDb33eL%2BKoVEv%2FxMtOrlvyZZ5"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-576f9d768-58mtb
cf-ray: 85f639edcbe154d9-YYZ
x-amz-cf-id: Q0DkM_VG4KIPUnjmYELnF527jwB-suEQjff7MI09CicDaqrnqfxKFA==

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 551 KB
88 KB 115ms
71ms Script
application/javascript 104.18.124.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsleadflows.net/leadflows.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2113031.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.124.12 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0eb564e8b104002217b23d191c384d64d77b30fa37b0f124db645e16096cfd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://fraud.net/
Origin: https://fraud.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-encoding: br
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=lead-flows-js/static-1.1313/bundle/main/lead-flows-release.js&cfRay=85f639edcc4036b2-YYZ
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"2a6dc24f5ac6c8a7eefaadde95ff2129"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=86400, max-age=0
x-hs-target-asset: lead-flows-js/static-1.1313/bundle/main/lead-flows-release.js
date: Tue, 05 Mar 2024 01:10:26 GMT
x-amz-version-id: ukHk26vS_rf4a6X6Ik2.9R2qKIwOxT4G
via: 1.1 6b29c936420d116b13807604a0e67044.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: 210d1a67-75b2-40c6-8995-2bf1dbd73838
x-cache: Hit from cloudfront
cache-tag: staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 11
x-evy-trace-route-configuration: listener_https/all
x-request-id: 210d1a67-75b2-40c6-8995-2bf1dbd73838
last-modified: Tue, 06 Feb 2024 10:46:39 UTC
server: cloudflare
access-control-max-age: 3000
x-hs-cache-status: MISS
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-576f9d768-j55l9
cf-ray: 85f639edcc4036b2-YYZ
x-amz-cf-id: jmdmSckEEXzGpzqjCrt_DRmNElZeWmrO1NK-1ogT6aA8jM4IUxkDfw==

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 69 KB
25 KB 106ms
64ms Script
application/javascript 104.17.89.154
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hscollectedforms.net/collectedforms.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2113031.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.89.154 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44dbbb0a1da3d1a2b3f637ba2eff82150de83164b3caf824fc0fc46633588de3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://fraud.net/
Origin: https://fraud.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 01:10:26 GMT
x-amz-version-id: VTCx5Wpr_CjwKFe_1K6ShUsHQL37oHcJ
via: 1.1 2a3aa853116c0a37d6c7762eca54d208.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-amz-cf-pop: IAD12-P3
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: d7f7a317-9b52-4bf1-96dd-75ad81efbff3
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.468/bundles/project.js&cfRay=85f639edca7b7119-YYZ
x-cache: Hit from cloudfront
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
content-encoding: br
x-envoy-upstream-service-time: 3
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: d7f7a317-9b52-4bf1-96dd-75ad81efbff3
last-modified: Wed, 21 Feb 2024 09:36:07 UTC
server: cloudflare
etag: W/"0892458d49ed5681928e6be69131caa7"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
x-hs-cache-status: HIT
cache-control: s-maxage=600, max-age=300
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-576f9d768-zx9hx
cf-ray: 85f639edca7b7119-YYZ
x-amz-cf-id: BdDXPQ0LoaL1YKy-M28e7nMMDYEYzv0nN__b6QXUSzA_0NOx-bgfTg==
x-hs-target-asset: collected-forms-embed-js/static-1.468/bundles/project.js

GET
H2 200 banner.js Show response
js.hs-banner.com/v2/2113031/ 70 KB
23 KB 104ms
61ms Script
text/javascript 104.18.34.229
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/2113031/banner.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2113031.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.34.229 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73a99604e8fb985f9e7effbbc9a8e4ef9bc8e14a0b5fa711631a14ec6a48ebf7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 01:10:26 GMT
x-amz-version-id: YsToGtTfT9XQgWBJ2nKyOnIh_nFaA3P5
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: CYSREJ255W892TDS
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 64c6f1ee-9412-44ae-a20c-a05173663215
x-envoy-upstream-service-time: 29
x-amz-id-2: twpe0/GHZlHn4mkILsXVKg1rS9VF/LOsJ83WJ9ou7TDRwucl7+/UydF6aC1UtOUWcKM3x977rTA=
x-evy-trace-listener: listener_https
x-request-id: 64c6f1ee-9412-44ae-a20c-a05173663215
x-evy-trace-route-configuration: listener_https/all
last-modified: Mon, 04 Mar 2024 21:16:46 GMT
server: cloudflare
etag: W/"d9a08271ac7737fa16abb1501306ef4d"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://fraud.net
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-8555f56d-pbs6d
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 85f639ee1ed3a210-YYZ
expires: Tue, 05 Mar 2024 01:15:26 GMT

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/pre/
Redirect Chain

https://s.adroll.com/j/pre/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM/fpconsent.js
https://s.adroll.com/j/pre/index.js

0
756 B

25ms
25ms

Script
application/javascript

3.162.3.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/index.js
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: HTTP/1.1
Server: 3.162.3.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-3-108.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

X-Amz-Version-Id: nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Date: Mon, 04 Mar 2024 19:11:45 GMT
Via: 1.1 bccdd9eb44a87c0c46b5374545a79a04.cloudfront.net (CloudFront)
Age: 21525
X-Amz-Cf-Pop: YUL62-P2
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Wed, 15 Jan 2020 23:54:18 GMT
Server: AmazonS3
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: Bi59x3jB0kntszr-vU8Eb4j_uuVNqwgTvQ03BBnglde-NSaBDRkaNA==

Redirect headers

Date: Mon, 04 Mar 2024 19:13:37 GMT
Via: 1.1 bccdd9eb44a87c0c46b5374545a79a04.cloudfront.net (CloudFront)
Age: 21409
X-Amz-Cf-Pop: YUL62-P2
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Location: https://s.adroll.com/j/pre/index.js
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: EPIjsWkQIqIuJ9TCYzM4pOgUkF280Wr_Ndg9n7QirIXTBt2PrED6lA==

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM/ 0
808 B 48ms
43ms Script
text/javascript 3.162.3.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.3.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-3-108.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

X-Amz-Version-Id: fXNmE67UaRYKno9OPgXc56wNkETx.LPf
Date: Tue, 05 Mar 2024 01:06:00 GMT
Via: 1.1 bccdd9eb44a87c0c46b5374545a79a04.cloudfront.net (CloudFront)
Age: 267
X-Amz-Cf-Pop: YUL62-P2
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Sat, 02 Mar 2024 12:17:48 GMT
Server: AmazonS3
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: wItPZ3i5Uvvm-6jbcIdOjyJsv6xk9LczHOy1XqC0G5b6dtkjZNHsMA==

OPTIONS tp2
device.fraud.net/com.snowplowanalytics.snowplow/ Frame 0
0

POST tp2
device.fraud.net/com.snowplowanalytics.snowplow/ 0
0

GET
H2 200 modules.84f80a92c39bbd76564a.js Show response
script.hotjar.com/ 221 KB
55 KB 347ms
37ms Script
application/javascript 3.162.3.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.84f80a92c39bbd76564a.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2001329.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.162.3.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-162-3-66.yul62.r.cloudfront.net

Software

Resource Hash

8cfc58c903082aab59592305e949e7b3c9215f3a62d70d13b9baee604d6132ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 12:10:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 07e5e07e8e5ea126f260c9aec11f0d3a.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-P2
age: 306019
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55719
last-modified: Fri, 01 Mar 2024 12:09:47 GMT
etag: "fd429e33536e4a29658cbbc9d61c6168"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: DYCiePLqh3TFQA3Hr_Cg-_ey11Q3LX_xhXtdRRd5q_zL2g52GzFf-g==

GET
H/1.1 200
OK counters.gif
forms-na1.hsforms.com/embed/v3/ 35 B
1015 B 3139ms
61ms Image
image/gif 104.18.192.125
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-RENDER_SUCCESS&count=1

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

104.18.192.125 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Tue, 05 Mar 2024 01:10:29 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
X-HubSpot-Correlation-Id: ef309041-45d1-4e55-9ff0-a3b28ff27263
x-envoy-upstream-service-time: 4
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: ef309041-45d1-4e55-9ff0-a3b28ff27263
Server: cloudflare
X-Trace: 2B5D2657E5150D683F20CDC713B4C355F0495D7B8E000000000000000000
Vary: origin
Content-Type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-bfd765d7d-r4fkb
Access-Control-Expose-Headers: X-Origin-Hublet
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: false
X-Robots-Tag: none
CF-RAY: 85f63a01785b3702-YYZ

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
205 B 43ms
42ms XHR
text/plain 216.239.38.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1606046068&t=pageview&_s=1&dl=https%3A%2F%2Ffraud.net%2F&ul=en-us&de=UTF-8&dt=AI%20Fraud%20Detection%20for%20Enterprises%20%7C%20Fraud.net&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAAABAAAAAC~&jid=712188238&gjid=527781589&cid=1137313730.1709601026&tid=UA-35675858-1&_gid=1481774051.1709601026&_r=1&_slc=1&gtm=45He42t1n81WVZ4N9Xv79957660za220&gcd=13l3l3l3l1&dma=0&z=537974504

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.239.38.178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://fraud.net/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 01:10:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fraud.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 4000327.js Show response
bat.bing.com/p/action/ 0
117 B 47ms
47ms Script
text/plain 13.107.21.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/4000327.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Tue, 05 Mar 2024 01:10:25 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 316C733657D743FFAD4930003D5F73BB Ref B: YTO01EDGE0714 Ref C: 2024-03-05T01:10:26Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
361 B 59ms
59ms Image
text/plain 13.107.21.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=4000327&tm=gtm002&Ver=2&mid=17a83548-bc6b-4df6-83e1-1a64621653b5&sid=264351a0da8d11ee87b58d7420c21aad&vid=26436ec0da8d11ee82a36fa2350fb603&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=AI%20Fraud%20Detection%20for%20Enterprises%20%7C%20Fraud.net&p=https%3A%2F%2Ffraud.net%2F&r=&lt=2132&evt=pageLoad&sv=1&rn=736160

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 05 Mar 2024 01:10:25 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 605CDE5B5C0F490EA0C227E8FB53ACF3 Ref B: YTO01EDGE0714 Ref C: 2024-03-05T01:10:26Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 after-pre-init Show response
front.optimonk.com/public/177110/embedded/ 152 B
507 B 227ms
134ms XHR
text/html 188.166.193.169
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://front.optimonk.com/public/177110/embedded/after-pre-init

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

188.166.193.169 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

7647a4c48c5804e526f18b451327c1496cfbb04e6c01b806e7e8991cd60c3c42

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fraud.net/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 05 Mar 2024 01:10:26 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
server: nginx
etag: W/"98-lC3A9CNC58A3Xk5qtOzmLLQkxH0"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Accept-Encoding
content-type: text/html; charset=utf-8
x-dns-prefetch-control: off
access-control-allow-origin: *
cache-control: no-cache
x-xss-protection: 1; mode=block

GET
H2 200 jfclientsdk.min.js Show response
gs-cdn.optimonk.com/jfclientsdk/latest/ 90 KB
31 KB 1376ms
33ms Script
application/javascript 37.19.207.34
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://gs-cdn.optimonk.com/jfclientsdk/latest/jfclientsdk.min.js?ts=14
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.19.207.34 Ashburn, United States, ASN60068 (CDN77 _, GB),
Reverse DNS: 37-19-207-34.bunnyinfra.net
Software: BunnyCDN-ASB1-925 /
Resource Hash: 55dbd0e83e9d146778625976b8231c58419ec23b690f25dc5cd4c27667ca713d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 01:10:27 GMT
content-encoding: br
cdn-edgestorageid: 925
x-guploader-uploadid: ABPtcPr-FHPG3IU2tlP4rOH4zRIcz28kJJNCKXeiEaxHniSaYHwTC7R6l4sQxhBS3t3mdsCB9WaAtSw-1eJrd_urgnZd4fiRoGCQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
cdn-cachedat: 10/31/2023 18:54:04
cdn-pullzone: 592317
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
last-modified: Mon, 09 Oct 2023 19:28:11 GMT
server: BunnyCDN-ASB1-925
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"863d7f9742fbb3e78601d44762fa0077"
vary: Accept-Encoding, Accept-Encoding
x-goog-generation: 1696879691149932
content-type: application/javascript
cdn-cache: HIT
x-goog-hash: crc32c=O/S94Q==, md5=hj1/l0L7s+eGAdRHYvoAdw==
cdn-uid: 03887a3a-e2eb-4f9c-b547-bb29001e27f6
cache-control: public, max-age=2592000
x-goog-stored-content-length: 91837
cdn-requestid: c10467002a98590ba79f3a1ec90cd17c
cdn-requestcountrycode: CA
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 preload.js Show response
front.optimonk.com/public/177110/js/ 5 KB
2 KB 383ms
139ms Script
application/javascript 188.166.193.169
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://front.optimonk.com/public/177110/js/preload.js?

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

188.166.193.169 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

4f783b7af4b0e80fca38a57b25d2d364cfda53838b97815e500f39860d748584

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 01:10:26 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
server: nginx
etag: W/"14fd-WR5OMwvcGW70QHaV0ilgebuERCA"
x-download-options: noopen
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=1350
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 vuid.min.js Show response
f.vimeocdn.com/js_opt/modules/utils/ Frame 5F62 2 KB
1 KB 38ms
37ms Script
application/javascript 146.75.30.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/235637953?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.30.109 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c051b8b5eb2a0aef699780f15a449491868faa6f8b39b684b5ae8f64f345b94a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-served-by: cache-iad-kiad7000112-IAD
date: Tue, 05 Mar 2024 01:10:26 GMT
content-encoding: gzip
via: 1.1 varnish
age: 831716
x-timer: S1709601026.316869,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
content-length: 985
x-cache-hits: 54401

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 5F62 4 KB
2 KB 1904ms
1579ms Script
text/javascript 172.253.62.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Requested by

Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.28.12/js/vendor.module.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f94.1e100.net

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 01:10:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 05 Mar 2024 01:10:28 GMT

GET
H2 200 761269575-6c5f8c54d48457c4a582eb93d22363f05ec10d47e9829dffd8598b02a20ddb61-d
i.vimeocdn.com/video/ Frame 5F62 31 KB
32 KB 18ms
18ms Image
image/avif 151.101.192.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/761269575-6c5f8c54d48457c4a582eb93d22363f05ec10d47e9829dffd8598b02a20ddb61-d?mw=700&mh=394
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.192.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e6d5cb873a1f0ff9658cd5b61e067f2d488773a3ecae800d479722fef7200726

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 01:10:26 GMT
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 891973
x-viewmaster-lossless-format: automatic
x-cache: HIT, HIT
content-length: 32097
x-served-by: cache-dfw-kdfw8210166-DFW, cache-yyz4563-YYZ
x-timer: S1709601026.343555,VS0,VE2
etag: "dc2ffa64887c2847d3bbfa011c20ebf6"
access-control-max-age: 86400
vary: Accept
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: max-age=2592000
accept-ranges: bytes
x-cache-hits: 41, 1

POST
H2 200 player-stats
fresnel.vimeocdn.com/add/ Frame 5F62 0
142 B 1114ms
53ms Ping
text/plain 34.120.202.204
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=533a62332cd87be728e48f45dac69523d91cd0381709601025
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.28.12/js/vendor.module.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Tue, 05 Mar 2024 01:10:27 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 MicrosoftTeams-image-2-2.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 192 KB
192 KB 19ms
18ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/MicrosoftTeams-image-2-2.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

bde3b71f93b22cd94edb3a80c7ca8dc84e6e90f0609084d6254c7b82a1f59fb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Tue, 05 Mar 2024 01:10:26 GMT
x-ac: 2.yyz _atomic_dca BYPASS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Sep 2021 16:33:05 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/MicrosoftTeams-image-2-2.png>; rel="canonical"
content-length: 196542
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Tue, 12 Mar 2024 01:10:26 GMT

GET
H2 200 HVT2SOYWOBESJB535C7MUS Show response
d.adroll.com/consent/check/ 494 B
1 KB 112ms
36ms Script
application/javascript 3.216.203.117
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/HVT2SOYWOBESJB535C7MUS?pv=48267240024.28315&arrfrr=https%3A%2F%2Ffraud.net%2F&_s=121cac69f2cdfed712ec0eb0c086476c&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.216.203.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-216-203-117.compute-1.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: e30866264b10deeab90af739d9431f7900b8483e6d20ae91b17db5d195f995b7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-type: application/javascript
pragma: no-cache
date: Tue, 05 Mar 2024 01:10:26 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.22.1
content-length: 494
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H/1.1 200
OK track.gif
secure.gaug.es/ 35 B
389 B 41ms
41ms Image
image/gif 54.209.50.46
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.gaug.es/track.gif?h[site_id]=5d2ff78cc994471481492bdc&h[resource]=https%3A%2F%2Ffraud.net%2F&h[referrer]=&h[title]=AI%20Fraud%20Detection%20for%20Enterprises%20%7C%20Fraud.net&h[user_agent]=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F122.0.6261.94%20Safari%2F537.36&h[unique]=1&h[unique_hour]=1&h[unique_day]=1&h[unique_month]=1&h[unique_year]=1&h[screenx]=1600&h[browserx]=1600&h[browsery]=1200&timestamp=1709601026496

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.209.50.46 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-209-50-46.compute-1.amazonaws.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Mar 2024 01:10:26 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 05 Mar 2024 01:10:26 GMT
Server: nginx/1.10.3 (Ubuntu)
Content-Type: image/gif
Cache-Control: no-store, no-cache, must-revalidate, private
Connection: keep-alive
Content-Length: 35
Expires: Sat, 25 Nov 2000 05:00:00 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/ 492 KB
196 KB 110ms
35ms Script
text/javascript 172.253.62.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?&onload=hsRecaptchaLoaded_bade1e1c_d3bd_49ea_b9d0_3e9dbfc3e21c&render=explicit&hl=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f94.1e100.net

Software

sffe /

Resource Hash

2c6a3425cec9ba0cbcfcf1dbba2120a72ac369674a6d02e06bd3b0c16efbdcf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fraud.net/
Origin: https://fraud.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 14:28:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38501
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 199830
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 03:01:13 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Mar 2025 14:28:45 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 43ms
42ms XHR
text/plain 172.253.63.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-35675858-1&cid=1137313730.1709601026&jid=712188238&gjid=527781589&_gid=1481774051.1709601026&_u=YADAAAAAAAAAAC~&z=328124493

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f155.1e100.net

Software

Golfe2 /

Resource Hash

8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fraud.net/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 05 Mar 2024 01:10:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fraud.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1567786626743241 Show response
connect.facebook.net/signals/config/ 61 KB
13 KB 218ms
218ms Script
application/x-javascript 163.70.128.23
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1567786626743241?v=2.9.148&r=stable&domain=fraud.net&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

163.70.128.23 Saint-Denis, France, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-03-cdg4.fbcdn.net

Software

Resource Hash

04d3faf7fcc2467132db8f3a709237b27410d2cd7c5c200c2fb0f973013abdc4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

permissions-policy-report-only: clipboard-read=(), clipboard-write=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 05 Mar 2024 01:10:26 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma: public
x-fb-debug: 6cJXvYzZped4VakjzdJQV55WvAcx8M2jjWceV+wOH3D+RV7Uc7B7e6NlamiZgqxDCKOA7Lr5UPkNd7ObrqWqhQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 Group-2854.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 265 KB
265 KB 17ms
17ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Group-2854.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

78cada0d0ef4f1560d0bf4022a53790fad68297d09099dbbb3628d8dc62c9275

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Tue, 05 Mar 2024 01:10:26 GMT
x-ac: 2.yyz _atomic_dca BYPASS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Sep 2021 16:14:08 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Group-2854.png>; rel="canonical"
content-length: 271391
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Tue, 12 Mar 2024 01:10:26 GMT

GET
H3 200 Group-2859.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 84 KB
84 KB 17ms
17ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Group-2859.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

8a5b549f97ff7e1523fed10f7de1b2bd371e1d07a9a5ffb748520609b348bb5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Tue, 05 Mar 2024 01:10:26 GMT
x-ac: 1.yyz _atomic_dca BYPASS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Sep 2021 16:14:37 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Group-2859.png>; rel="canonical"
content-length: 85846
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Tue, 12 Mar 2024 01:10:26 GMT

GET
H3 200 Group-2851.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 304 KB
305 KB 18ms
18ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Group-2851.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

2d94d3066a34b525976103a941c069e16f5ed11534466b0070d88f83a63c9ef7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Tue, 05 Mar 2024 01:10:26 GMT
x-ac: 2.yyz _atomic_dca BYPASS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Sep 2021 16:15:11 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Group-2851.png>; rel="canonical"
content-length: 311451
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Tue, 12 Mar 2024 01:10:26 GMT

GET
H3 200 Group-2858.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 235 KB
236 KB 31ms
30ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Group-2858.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

f557768dc0c8791b80b0d6415b9c5d292503431d5c48f155e23f335883c7fe4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Tue, 05 Mar 2024 01:10:26 GMT
x-ac: 2.yyz _atomic_dca BYPASS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Sep 2021 16:14:30 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Group-2858.png>; rel="canonical"
content-length: 241112
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Tue, 12 Mar 2024 01:10:26 GMT

GET
H3 200 Computer-Appstore-e1628881087778-uai-1032x638.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 191 KB
192 KB 32ms
32ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Computer-Appstore-e1628881087778-uai-1032x638.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

d34714f028b8a056625c6cc214a4a2456052e03cee9bac45c19b138f4560b368

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Tue, 05 Mar 2024 01:10:26 GMT
x-ac: 1.yyz _atomic_dca BYPASS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Dec 2021 13:48:14 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Computer-Appstore-e1628881087778-uai-1032x638.png>; rel="canonical"
content-length: 195680
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Tue, 12 Mar 2024 01:10:26 GMT

POST
H2 200 ossync Show response
os.aggle.net/ 2 KB
2 KB 293ms
114ms Fetch
application/json 52.37.152.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://os.aggle.net/ossync
Requested by: Host: s.opensend.com
URL: https://s.opensend.com/os.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.37.152.76 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-37-152-76.us-west-2.compute.amazonaws.com
Software: gunicorn /
Resource Hash: 7f1c808ada1dfba89cee8e564f6e0c317d5641568e53639123c1fcdcbc7ae76a

Request headers

Referer: https://fraud.net/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
content-type: application/json;charset=UTF-8

Response headers

access-control-allow-origin: https://fraud.net
date: Tue, 05 Mar 2024 01:10:27 GMT
access-control-allow-credentials: true
server: gunicorn
content-length: 2208
vary: Origin
content-type: application/json

OPTIONS
H2 200 ossync
os.aggle.net/ Frame 0
0 526ms
90ms Preflight
text/html 52.37.152.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://os.aggle.net/ossync
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.37.152.76 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-37-152-76.us-west-2.compute.amazonaws.com
Software: gunicorn /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://fraud.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://fraud.net
allow: OPTIONS, POST
content-length: 0
content-type: text/html; charset=utf-8
date: Tue, 05 Mar 2024 01:10:27 GMT
server: gunicorn
vary: Origin

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=186217&time=1709601026556&li_adsId=91633759-5b1a-4c43-bf01-4555e17511be&url=https%3A%2F%2Ffraud.net%2F
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=186217&time=1709601026556&li_adsId=91633759-5b1a-4c43-bf01-4555e17511be&url=https%3A%2F%2Ffraud.net%2F&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D186217%26time%3D1709601026556%26li_adsId%3D91633759-5b1a-4c43-bf01-4555e17511be%2...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=186217&time=1709601026556&li_adsId=91633759-5b1a-4c43-bf01-4555e17511be&url=https%3A%2F%2Ffraud.net%2F&cookiesTest=true&liSync=true

0
385 B

77ms
77ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=186217&time=1709601026556&li_adsId=91633759-5b1a-4c43-bf01-4555e17511be&url=https%3A%2F%2Ffraud.net%2F&cookiesTest=true&liSync=true
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 01:10:26 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: DEE61762D51541A0984960E44D1CE4CB Ref B: YTO01EDGE0411 Ref C: 2024-03-05T01:10:27Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYS34HulWWxDlde+K/+Mw==

Redirect headers

strict-transport-security: max-age=31536000
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
date: Tue, 05 Mar 2024 01:10:26 GMT
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-length: 0
x-li-uuid: AAYS34HtAh1OuY27/+Fagg==
pragma: no-cache
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 1FF0B7634BFF47739F56A89DE8B5485B Ref B: YTO01EDGE0411 Ref C: 2024-03-05T01:10:27Z
x-frame-options: sameorigin
x-li-fabric: prod-ltx1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=186217&time=1709601026556&li_adsId=91633759-5b1a-4c43-bf01-4555e17511be&url=https%3A%2F%2Ffraud.net%2F&cookiesTest=true&liSync=true
cache-control: no-cache, no-store
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 761269575-6c5f8c54d48457c4a582eb93d22363f05ec10d47e9829dffd8598b02a20ddb61-d
i.vimeocdn.com/video/ Frame 5F62 31 KB
31 KB 17ms
17ms Image
image/avif 151.101.192.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/761269575-6c5f8c54d48457c4a582eb93d22363f05ec10d47e9829dffd8598b02a20ddb61-d?mw=700&mh=394
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.192.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e6d5cb873a1f0ff9658cd5b61e067f2d488773a3ecae800d479722fef7200726

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 01:10:26 GMT
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 891973
x-viewmaster-lossless-format: automatic
x-cache: HIT, HIT
content-length: 32097
x-served-by: cache-dfw-kdfw8210166-DFW, cache-yyz4563-YYZ
x-timer: S1709601027.580563,VS0,VE0
etag: "dc2ffa64887c2847d3bbfa011c20ebf6"
access-control-max-age: 86400
vary: Accept
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: max-age=2592000
accept-ranges: bytes
x-cache-hits: 41, 2

GET
H2 200 761269575-6c5f8c54d48457c4a582eb93d22363f05ec10d47e9829dffd8598b02a20ddb61-d
i.vimeocdn.com/video/ Frame 5F62 2 KB
2 KB 17ms
17ms Image
image/avif 151.101.192.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/761269575-6c5f8c54d48457c4a582eb93d22363f05ec10d47e9829dffd8598b02a20ddb61-d?mw=80&q=85
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.28.12/js/vendor.module.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.192.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 8a7e18cd7d6f43fe4c0d4ee7bbdcc9d8d8b944b5d7b488bb1d0943ded77203b7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 01:10:26 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 461906
x-viewmaster-lossless-format: automatic
x-cache: miss, HIT, HIT
x-backend-server: varnish
content-length: 1753
viewmaster-server: viewmaster-glb-prod
x-served-by: cache-dfw-kdfw8210056-DFW, cache-yyz4563-YYZ
x-timer: S1709601027.602761,VS0,VE0
etag: "bdaa01b961c57c1b5cda5f7abee5bd49"
access-control-max-age: 86400
vary: Accept
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 2036, 2

GET
H2 200 /
www.google.com/pagead/1p-user-list/998743206/ 42 B
327 B 49ms
47ms Image
image/gif 172.253.122.147
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/998743206/?random=1709601026106&cv=11&fst=1709600400000&bg=ffffff&guid=ON&async=1&gtm=45be42t1z879957660za201&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Ffraud.net%2F&frm=0&tiba=AI%20Fraud%20Detection%20for%20Enterprises%20%7C%20Fraud.net&npa=0&fmt=3&is_vtc=1&cid=CAQSGwB7FLtq90hRzBv3iqjgaVV20QBQ_OmMix1y9Q&random=1533146942&rmt_tld=0&ipr=y

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.147 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f147.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 01:10:26 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.ca/pagead/1p-user-list/998743206/ 42 B
154 B 51ms
48ms Image
image/gif 142.251.16.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/998743206/?random=1709601026106&cv=11&fst=1709600400000&bg=ffffff&guid=ON&async=1&gtm=45be42t1z879957660za201&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Ffraud.net%2F&frm=0&tiba=AI%20Fraud%20Detection%20for%20Enterprises%20%7C%20Fraud.net&npa=0&fmt=3&is_vtc=1&cid=CAQSGwB7FLtq90hRzBv3iqjgaVV20QBQ_OmMix1y9Q&random=1533146942&rmt_tld=1&ipr=y

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.16.94 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 01:10:26 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 97ms
95ms Image
image/gif 172.253.122.147
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-35675858-1&cid=1137313730.1709601026&jid=712188238&_u=YADAAAAAAAAAAC~&z=2020579560

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.147 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f147.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 01:10:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
107 B 96ms
94ms Image
image/gif 142.251.16.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-35675858-1&cid=1137313730.1709601026&jid=712188238&_u=YADAAAAAAAAAAC~&z=2020579560

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.16.94 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 01:10:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 combinedConfigs Show response
cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/ 433 B
1 KB 75ms
69ms Fetch
application/json 104.19.155.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/combinedConfigs?portalId=2113031&currentUrl=https%3A%2F%2Ffraud.net%2F

Requested by

Host: js.hubspot.com
URL: https://js.hubspot.com/web-interactives-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.155.83 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4bf8910a202b24bd61be26e28eaa8c5f83a48d78999b2693a9cbdf4c9910cf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 01:10:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 6c1672ee-26d6-43ce-9434-009e81e5b054
content-encoding: br
x-envoy-upstream-service-time: 14
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 6c1672ee-26d6-43ce-9434-009e81e5b054
server: cloudflare
vary: origin
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-allow-origin: https://fraud.net
x-evy-trace-virtual-host: all
access-control-max-age: 180
access-control-allow-credentials: true
cache-control: max-age=0, no-cache, no-store
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IU%2FkwhxzMYe5YHew6KLAxZ%2FVICES35nHAgNue5OgS5iRct9U2owyD7kFLi2Q2s7WZITym%2FkjHOhH%2B1U5ptoPxW6TV3z24STmrj2I8VVqGXx0SuPDHdku6sIVTrCfqofTyeQLYLZH99Zqfqlyi8I%3D"}],"group":"cf-nel","max_age":604800}
x-robots-tag: noindex, follow
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray: 85f639f0685254d9-YYZ
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-bfd765d7d-5xsfj

POST
H/1.1 204
No Content vuid
vimeo.com/ablincoln/ Frame 5F62 0
916 B 131ms
88ms Ping
text/plain 162.159.128.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vimeo.com/ablincoln/vuid?pid=533a62332cd87be728e48f45dac69523d91cd0381709601025

Requested by

Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.159.128.61 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

expires: Mon, 04 Mar 2024 13:10:26 GMT
Date: Tue, 05 Mar 2024 01:10:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
CF-Cache-Status: DYNAMIC
Via: 1.1 varnish, 1.1 varnish
content-security-policy-report-only: default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /_csp
X-Cache: MISS, MISS
Connection: keep-alive
x-xss-protection: 1; mode=block
X-Served-By: cache-iad-kiad7000169-IAD, cache-yyz4563-YYZ
x-ua-compatible: IE=edge
x-vimeo-device: d
Server: cloudflare
X-Timer: S1709601027.734035,VS0,VE50
x-backend-proxy: webproxy5
x-frame-options: sameorigin
Vary: User-Agent,x-http-method-override
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-bapp-server: pweb-8665bccdcf-cxzzk
Accept-Ranges: bytes
CF-RAY: 85f639f0faafa246-YYZ
X-Cache-Hits: 0, 0

GET
H2 200 icallback.573f0d8f8fedb2d7b3fb.js Show response
app.leadconnect.cc/ 543 KB
117 KB 219ms
203ms Script
application/javascript 134.122.57.141
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://app.leadconnect.cc/icallback.573f0d8f8fedb2d7b3fb.js
Requested by: Host: app.convolo.ai
URL: https://app.convolo.ai/js/icallback.js?v=0.29445792169613894&key=722eceab7f60d18ed20b7092f33c4d77&uri=https%3A%2F%2Ffraud.net%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 134.122.57.141 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 0938fcdcbd45788d0cf88429067c7b505bb93ae3b2d44b5968914d53c8cc09ab

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 01:10:26 GMT
content-encoding: gzip
last-modified: Mon, 05 Feb 2024 11:32:19 GMT
server: nginx/1.18.0
etag: W/"65c0c743-87bbc"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 json Show response
forms.hscollectedforms.net/collected-forms/v1/config/ 115 B
429 B 63ms
57ms XHR
application/json 104.17.89.154
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=2113031&utk=

Requested by

Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.89.154 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4df654661d6a1770cd4d647cf1a16adc085a300d1e521e9bc9f2c133d4e22a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://fraud.net/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 01:10:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: db2eda03-cc42-427d-a287-804789ae26d5
x-envoy-upstream-service-time: 9
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: db2eda03-cc42-427d-a287-804789ae26d5
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://fraud.net
x-evy-trace-virtual-host: all
cache-control: max-age=0
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-576f9d768-q6tzb
access-control-max-age: 180
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 85f639f10fba7119-YYZ

GET
H/1.1

200
OK

6SMH2DHXINFNDD52UNEEKG.js Show response
s.adroll.com/pixel/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM/
Redirect Chain

https://d.adroll.com/pixel/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM?adroll_fpc=f5ac016763e9b4862e16cc1390559e63-1709601026759&pv=48267240024.28315&arrfrr=https%3A%2F%2Ffraud.net%2F&cookie=&adr...
https://s.adroll.com/pixel/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM/6SMH2DHXINFNDD52UNEEKG.js

4 KB
2 KB

70ms
70ms

Script
text/javascript

3.162.3.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/pixel/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM/6SMH2DHXINFNDD52UNEEKG.js
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: HTTP/1.1
Server: 3.162.3.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-3-108.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ad5ed5ee34c091c5aa7c83bb8d34af4b0bd6fbcd3ae65e03b136df93cab689c5

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

X-Amz-Version-Id: FixSM3OjxjW5ORM_x8D1OZcjHmIBvcmG
Content-Encoding: gzip
Via: 1.1 bccdd9eb44a87c0c46b5374545a79a04.cloudfront.net (CloudFront)
Date: Tue, 05 Mar 2024 01:06:01 GMT
Age: 266
X-Amz-Cf-Pop: YUL62-P2
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Thu, 21 Dec 2023 12:36:11 GMT
Server: AmazonS3
Etag: W/"d785dd43a46120b3df712a44f7f11724"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: zzoNKrkFRthwk_Pkrdd5bUDomb8YeHPy_V_ovK5mQ7z1pKjvUKb8pw==

Redirect headers

date: Tue, 05 Mar 2024 01:10:26 GMT
x-segment-display-name: FN Homepage
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
x-rule-type: s
content-length: 0
pragma: no-cache
x-conversion-value: 0.00
server: nginx/1.22.1
x-rule: *fraud.net/*
x-segment-eid: 6SMH2DHXINFNDD52UNEEKG
location: https://s.adroll.com/pixel/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM/6SMH2DHXINFNDD52UNEEKG.js
cache-control: no-store, no-cache, must-revalidate
x-pixel-eid: ML43PNVWLZH6BAVX2UYHRM
x-segment-name: d1dcd5e9
x-advertisable-eid: HVT2SOYWOBESJB535C7MUS
x-conversion-currency

GET
H2 204 2001329 Show response
vc.hotjar.io/sessions/ 0
233 B 186ms
93ms XHR
text/plain 13.225.195.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/2001329?s=0.25&r=0.03297647979363183
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.84f80a92c39bbd76564a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.195.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-195-69.yul62.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 05 Mar 2024 01:10:26 GMT
cache-control: no-store
via: 1.1 6bc96fcd042709dbc96cdeb6eb80307c.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-C1
x-amz-cf-id: bAknJQ4PUc1XJD4WEhKGfvRugytNKRZqaOua7IjgWDlP4N3S3m9pGQ==
x-cache: Miss from cloudfront

GET
H3 200 anchor Show response
www.google.com/recaptcha/enterprise/ Frame 88A9 46 KB
28 KB 66ms
65ms Document
text/html 172.253.122.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9mcmF1ZC5uZXQ6NDQz&hl=en&v=vj7hFxe2iNgbe-u95xTozOXW&size=invisible&badge=inline&cb=w00xducdvla0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.147 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f147.1e100.net

Software

GSE /

Resource Hash

0fddf53979ed4681e9ffd26e14ec5cd8f6859dec969ceb22967ae92c19001ca4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-XAN8KNubK5B0LDKQJimpQw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fraud.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-XAN8KNubK5B0LDKQJimpQw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 05 Mar 2024 01:10:26 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK counters.gif
perf-na1.hsforms.com/embed/v3/ 35 B
1 KB 1155ms
110ms Image
image/gif 104.18.160.125
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf-na1.hsforms.com/embed/v3/counters.gif?key=config-loaded-success&value=1

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

104.18.160.125 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Tue, 05 Mar 2024 01:10:27 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
CF-Cache-Status: MISS
x-evy-trace-route-service-name: envoyset-translator
X-HubSpot-Correlation-Id: 3081e00f-0484-4a69-9b80-a3b189417be8
x-envoy-upstream-service-time: 7
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 3081e00f-0484-4a69-9b80-a3b189417be8
Last-Modified: Tue, 05 Mar 2024 01:10:27 GMT
Server: cloudflare
X-Trace: 2B0063B36C51E99B3E578660D6A8E41DFEECDD9B44000000000000000000
Vary: origin, Accept-Encoding
Content-Type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-bfd765d7d-ndvzs
Access-Control-Expose-Headers: X-Origin-Hublet
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
X-Robots-Tag: none
CF-RAY: 85f639f84f4338e2-YYZ

GET
H2 200 preload-base.900073ab.js Show response
front.optimonk.com/ 63 KB
20 KB 129ms
129ms Script
application/javascript 188.166.193.169
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://front.optimonk.com/preload-base.900073ab.js

Requested by

Host: front.optimonk.com
URL: https://front.optimonk.com/public/177110/js/preload.js?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

188.166.193.169 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

8f6d295acb5758e409b5045f8ce36f89611c7a973623b192650552a2fc7f26ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 01:10:26 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
server: nginx
etag: W/"fbcb-XSA9quXihvGQZz18EV9+bwDy+yA"
x-download-options: noopen
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=604800
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H3 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
589 B 103ms
103ms Image
image/gif 104.18.176.125
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=2

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.176.125 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 01:10:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 53a1d6e5-a035-4ea9-b472-89edc72bed89
x-envoy-upstream-service-time: 7
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 53a1d6e5-a035-4ea9-b472-89edc72bed89
server: cloudflare
x-trace: 2B517B4AC0D678B3F865DADFA4198A3D8F3EAF8185000000000000000000
vary: origin
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-bfd765d7d-s6b6d
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 85f639f1ebf1a1f9-YYZ

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 570ms
105ms Image
text/plain 163.70.128.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1567786626743241&ev=PageView&dl=https%3A%2F%2Ffraud.net%2F&rl=&if=false&ts=1709601026868&sw=1600&sh=1200&v=2.9.148&r=stable&ec=0&o=4126&fbp=fb.1.1709601026866.1802195830&cs_est=true&ler=empty&cdl=API_unavailable&it=1709601026522&coo=false&rqm=GET

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

163.70.128.35 Saint-Denis, France, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-03-cdg4.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 05 Mar 2024 01:10:27 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/ Frame 88A9 55 KB
25 KB 36ms
35ms Stylesheet
text/css 172.253.62.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9mcmF1ZC5uZXQ6NDQz&hl=en&v=vj7hFxe2iNgbe-u95xTozOXW&size=invisible&badge=inline&cb=w00xducdvla0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f94.1e100.net

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 23:12:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7102
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 03:01:13 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Mar 2025 23:12:04 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/ Frame 88A9 492 KB
195 KB 55ms
54ms Script
text/javascript 172.253.62.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__en.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f94.1e100.net

Software

sffe /

Resource Hash

2c6a3425cec9ba0cbcfcf1dbba2120a72ac369674a6d02e06bd3b0c16efbdcf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 14:28:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38501
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 199830
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 03:01:13 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Mar 2025 14:28:45 GMT

GET
H/1.1 200
OK onsiteloader.js Show response
s.adroll.com/onsite_personalization/production/0.1/loader/ 2 KB
2 KB 26ms
25ms Script
application/javascript 3.162.3.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/onsite_personalization/production/0.1/loader/onsiteloader.js
Requested by: Host: d.adroll.com
URL: https://d.adroll.com/pixel/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM?adroll_fpc=f5ac016763e9b4862e16cc1390559e63-1709601026759&pv=48267240024.28315&arrfrr=https%3A%2F%2Ffraud.net%2F&cookie=&adroll_s_ref=&keyw=&p0=984
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.3.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-3-108.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 61e6bb7dc98f8adb836fc72a8fdd38c6cfb48a0e71d3c58ffc2943217764ef40

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

X-Amz-Version-Id: jCG0Y9XUUOQKBmsnFB0TVFtRkjlhb5c.
Content-Encoding: gzip
Via: 1.1 bccdd9eb44a87c0c46b5374545a79a04.cloudfront.net (CloudFront)
Date: Tue, 05 Mar 2024 01:10:26 GMT
X-Amz-Cf-Pop: YUL62-P2
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Thu, 09 Dec 2021 21:03:21 GMT
Server: AmazonS3
Etag: W/"73534cc70057d4d96ec3c5a56ad5d4ef"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: 4y-mLy8VbjCz4K6njgcAYLa9598ET7Y5jyOafTo4PpwHZrNFAssizg==

GET
H/1.1 200
OK sendrolling.js Show response
s.adroll.com/j/ 8 KB
3 KB 26ms
26ms Script
text/javascript 3.162.3.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/sendrolling.js
Requested by: Host: d.adroll.com
URL: https://d.adroll.com/pixel/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM?adroll_fpc=f5ac016763e9b4862e16cc1390559e63-1709601026759&pv=48267240024.28315&arrfrr=https%3A%2F%2Ffraud.net%2F&cookie=&adroll_s_ref=&keyw=&p0=984
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.3.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-3-108.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 203987ff8bd021893a06303e163eeb294647081d8376b725bdacbc414cc4d035

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

X-Amz-Version-Id: kaomAQKNRR_7Pb.3Bms_Xue6LaAItEu.
Content-Encoding: gzip
Via: 1.1 39bd4dd36d89ac693c6b532053af59d6.cloudfront.net (CloudFront)
Date: Tue, 05 Mar 2024 01:08:38 GMT
Age: 108
X-Amz-Cf-Pop: YUL62-P2
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 21 Jun 2023 16:22:01 GMT
Server: AmazonS3
Etag: W/"4a64112c69b3c4b3f104f38d9547a094"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=300, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: Y0wROBalq-2IPpMXP4wpmbQYLuNQ5MIBhyYWyt3im8xXXEFz1Mqtfw==

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/
Redirect Chain

https://d.adroll.com/cm/b/out?adroll_fpc=f5ac016763e9b4862e16cc1390559e63-1709601026759&pv=48267240024.28315&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS
https://x.bidswitch.net/sync?dsp_id=44&user_id=NTdhNmJhNzM1ZWJhNzBmZDFkYmY1ZWYwZDRkZTA4MDc
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NTdhNmJhNzM1ZWJhNzBmZDFkYmY1ZWYwZDRkZTA4MDc

43 B
510 B

45ms
44ms

Image
image/gif

35.211.178.172
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NTdhNmJhNzM1ZWJhNzBmZDFkYmY1ZWYwZDRkZTA4MDc
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: HTTP/1.1
Server: 35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 172.178.211.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Tue, 05 Mar 2024 01:10:30 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NTdhNmJhNzM1ZWJhNzBmZDFkYmY1ZWYwZDRkZTA4MDc
Date: Tue, 05 Mar 2024 01:10:30 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

in
d.adroll.com/cm/g/
Redirect Chain

https://d.adroll.com/cm/g/out?adroll_fpc=f5ac016763e9b4862e16cc1390559e63-1709601026759&pv=48267240024.28315&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=V6a6c166cP0dv17w1N4IBw
https://d.adroll.com/cm/g/in

42 B
819 B

36ms
35ms

Image
image/gif

3.216.203.117
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/g/in
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: H2
Server: 3.216.203.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-216-203-117.compute-1.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 01:10:27 GMT
server: nginx/1.22.1
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate
content-length: 42
x-result: g.-1.-1.-1

Redirect headers

pragma: no-cache
date: Tue, 05 Mar 2024 01:10:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://d.adroll.com/cm/g/in
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 225
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/
Redirect Chain

https://d.adroll.com/cm/index/out?adroll_fpc=f5ac016763e9b4862e16cc1390559e63-1709601026759&pv=48267240024.28315&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NTdhNmJhNzM1ZWJhNzBmZDFkYmY1ZWYwZDRkZTA4MDc&expiration=1741137026
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NTdhNmJhNzM1ZWJhNzBmZDFkYmY1ZWYwZDRkZTA4MDc&expiration=1741137026&C=1

43 B
338 B

73ms
72ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NTdhNmJhNzM1ZWJhNzBmZDFkYmY1ZWYwZDRkZTA4MDc&expiration=1741137026&C=1
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 01:10:30 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SbBZ7T7kMApJurwDUKvuPz24lXjPIvjZWyDcOb%2FvpC4VIyYkqj2lQegEnGAK8gAchaRZNfUGD0VI29j4nK0SNxSPacxwxeJWKyZfbZBXzTogbym6v6gWtn%2Bg0tu3wo5fjOmjJlYu7ByFtw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 85f63a065f333704-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 05 Mar 2024 01:10:30 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nlU5ZldcVer%2Bpca%2B1wTK6NAIDyVqeaLKzDmd4xtfboFCK3VlnGxu0wz3C9klPWSPbNYTz9M3Nzu3XKwaO1WPhMnxYJ5tKUywOsa4fKumeS3jEUTew7k93slM%2B0chlxtbAfm%2BG405qy4t8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=105&external_user_id=NTdhNmJhNzM1ZWJhNzBmZDFkYmY1ZWYwZDRkZTA4MDc&expiration=1741137026&C=1
cache-control: no-cache
cf-ray: 85f63a05fea63704-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2

200

sync
pippio.com/api/
Redirect Chain

https://d.adroll.com/cm/l/out?adroll_fpc=f5ac016763e9b4862e16cc1390559e63-1709601026759&pv=48267240024.28315&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS
https://idsync.rlcdn.com/377928.gif?partner_uid=57a6ba735eba70fd1dbf5ef0d4de0807
https://idsync.rlcdn.com/1000.gif?memo=CMiIFxIrCicIARDqIhogNTdhNmJhNzM1ZWJhNzBmZDFkYmY1ZWYwZDRkZTA4MDcQABoNCIbima8GEgUI6AcQAEIASgA
https://pippio.com/api/sync?pid=5324&it=1&iv=ca1f5ddc5f5547457f0582d3dca14f4252200403994bacf55dc59acb2f8cdf8d791426b5417dce21&_=2

42 B
568 B

87ms
48ms

Image
image/gif

107.178.254.65
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pippio.com/api/sync?pid=5324&it=1&iv=ca1f5ddc5f5547457f0582d3dca14f4252200403994bacf55dc59acb2f8cdf8d791426b5417dce21&_=2
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: H2
Server: 107.178.254.65 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 65.254.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 01:10:30 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

date: Tue, 05 Mar 2024 01:10:30 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://pippio.com/api/sync?pid=5324&it=1&iv=ca1f5ddc5f5547457f0582d3dca14f4252200403994bacf55dc59acb2f8cdf8d791426b5417dce21&_=2
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://d.adroll.com/cm/n/out?adroll_fpc=f5ac016763e9b4862e16cc1390559e63-1709601026759&pv=48267240024.28315&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NTdhNmJhNzM1ZWJhNzBmZDFkYmY1ZWYwZDRkZTA4MDc&expires=365

42 B
977 B

3186ms
38ms

Image
image/gif

69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NTdhNmJhNzM1ZWJhNzBmZDFkYmY1ZWYwZDRkZTA4MDc&expires=365
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: HTTP/1.1
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: a0d1cefc91c6f8b22fd2adf3abe06a61
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location: https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NTdhNmJhNzM1ZWJhNzBmZDFkYmY1ZWYwZDRkZTA4MDc&expires=365
pragma: no-cache
date: Tue, 05 Mar 2024 01:10:26 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.22.1
content-length: 124
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://d.adroll.com/cm/o/out?adroll_fpc=f5ac016763e9b4862e16cc1390559e63-1709601026759&pv=48267240024.28315&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS
https://us-u.openx.net/w/1.0/sd?id=537103138&val=57a6ba735eba70fd1dbf5ef0d4de0807&gdpr=0&gdpr_consent=
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=57a6ba735eba70fd1dbf5ef0d4de0807&gdpr=0&gdpr_consent=

43 B
171 B

52ms
52ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=57a6ba735eba70fd1dbf5ef0d4de0807&gdpr=0&gdpr_consent=
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 01:10:30 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=57a6ba735eba70fd1dbf5ef0d4de0807&gdpr=0&gdpr_consent=
date: Tue, 05 Mar 2024 01:10:30 GMT
via: 1.1 google
server: OXGW/0.0.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/
Redirect Chain

https://d.adroll.com/cm/outbrain/out?adroll_fpc=f5ac016763e9b4862e16cc1390559e63-1709601026759&pv=48267240024.28315&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS
https://sync.outbrain.com/cookie-sync?p=adroll&uid=NTdhNmJhNzM1ZWJhNzBmZDFkYmY1ZWYwZDRkZTA4MDc&gdpr=0&gdpr_consent=&us_privacy=1---

0
360 B

3154ms
35ms

Image
text/plain

64.202.112.127
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.outbrain.com/cookie-sync?p=adroll&uid=NTdhNmJhNzM1ZWJhNzBmZDFkYmY1ZWYwZDRkZTA4MDc&gdpr=0&gdpr_consent=&us_privacy=1---

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

HTTP/1.1

Server

64.202.112.127 , United States, ASN23352 (SERVERCENTRAL, US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Tue, 05 Mar 2024 01:10:30 GMT
Cache-Control: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-TraceId: f4ce62f2fafacc20041b1441b341d69e
Content-Length: 0

Redirect headers

location: https://sync.outbrain.com/cookie-sync?p=adroll&uid=NTdhNmJhNzM1ZWJhNzBmZDFkYmY1ZWYwZDRkZTA4MDc&gdpr=0&gdpr_consent=&us_privacy=1---
pragma: no-cache
date: Tue, 05 Mar 2024 01:10:26 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.22.1
content-length: 137
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

200

Pug
image2.pubmatic.com/AdServer/
Redirect Chain

https://d.adroll.com/cm/pubmatic/out?adroll_fpc=f5ac016763e9b4862e16cc1390559e63-1709601026759&pv=48267240024.28315&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=NTdhNmJhNzM1ZWJhNzBmZDFkYmY1ZWYwZDRkZTA4MDc&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXy...

42 B
539 B

3152ms
49ms

Image
image/gif

8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=NTdhNmJhNzM1ZWJhNzBmZDFkYmY1ZWYwZDRkZTA4MDc&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: H2
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Tue, 05 Mar 2024 01:10:29 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=NTdhNmJhNzM1ZWJhNzBmZDFkYmY1ZWYwZDRkZTA4MDc&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
pragma: no-cache
date: Tue, 05 Mar 2024 01:10:26 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.22.1
content-length: 212
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55980/
Redirect Chain

https://d.adroll.com/cm/r/out?adroll_fpc=f5ac016763e9b4862e16cc1390559e63-1709601026759&pv=48267240024.28315&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS
https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=NTdhNmJhNzM1ZWJhNzBmZDFkYmY1ZWYwZDRkZTA4MDc&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=NTdhNmJhNzM1ZWJhNzBmZDFkYmY1ZWYwZDRkZTA4MDc&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true

0
120 B

39ms
39ms

Image
text/plain

34.200.65.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=NTdhNmJhNzM1ZWJhNzBmZDFkYmY1ZWYwZDRkZTA4MDc&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Server

34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-200-65-202.compute-1.amazonaws.com

Software

ATS/9.1.10.94 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 01:10:30 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=NTdhNmJhNzM1ZWJhNzBmZDFkYmY1ZWYwZDRkZTA4MDc&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true
date: Tue, 05 Mar 2024 01:10:30 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

204

rtb-h
sync.taboola.com/sg/adroll-network/1/
Redirect Chain

https://d.adroll.com/cm/taboola/out?adroll_fpc=f5ac016763e9b4862e16cc1390559e63-1709601026759&pv=48267240024.28315&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=NTdhNmJhNzM1ZWJhNzBmZDFkYmY1ZWYwZDRkZTA4MDc

0
365 B

3160ms
51ms

Image
text/plain

141.226.224.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=NTdhNmJhNzM1ZWJhNzBmZDFkYmY1ZWYwZDRkZTA4MDc
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: H2
Server: 141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 01:10:30 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 19270

Redirect headers

location: https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=NTdhNmJhNzM1ZWJhNzBmZDFkYmY1ZWYwZDRkZTA4MDc
pragma: no-cache
date: Tue, 05 Mar 2024 01:10:26 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.22.1
content-length: 111
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

200

xuid
eb2.3lift.com/
Redirect Chain

https://d.adroll.com/cm/triplelift/out?adroll_fpc=f5ac016763e9b4862e16cc1390559e63-1709601026759&pv=48267240024.28315&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS
https://eb2.3lift.com/xuid?mid=4714&xuid=NTdhNmJhNzM1ZWJhNzBmZDFkYmY1ZWYwZDRkZTA4MDc&dongle=c85e
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=NTdhNmJhNzM1ZWJhNzBmZDFkYmY1ZWYwZDRkZTA4MDc&dongle=c85e&gdpr=0&cmp_cs=&us_privacy=

37 B
354 B

40ms
40ms

Image
image/gif

52.223.22.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=NTdhNmJhNzM1ZWJhNzBmZDFkYmY1ZWYwZDRkZTA4MDc&dongle=c85e&gdpr=0&cmp_cs=&us_privacy=
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: H2
Server: 52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-type: image/gif
date: Tue, 05 Mar 2024 01:10:28 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=4714&xuid=NTdhNmJhNzM1ZWJhNzBmZDFkYmY1ZWYwZDRkZTA4MDc&dongle=c85e&gdpr=0&cmp_cs=&us_privacy=
date: Tue, 05 Mar 2024 01:10:28 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

bounce
ib.adnxs.com/
Redirect Chain

https://d.adroll.com/cm/x/out?adroll_fpc=f5ac016763e9b4862e16cc1390559e63-1709601026759&pv=48267240024.28315&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS
https://ib.adnxs.com/setuid?entity=172&code=NTdhNmJhNzM1ZWJhNzBmZDFkYmY1ZWYwZDRkZTA4MDc
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DNTdhNmJhNzM1ZWJhNzBmZDFkYmY1ZWYwZDRkZTA4MDc

43 B
1 KB

36ms
36ms

Image
image/gif

68.67.179.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DNTdhNmJhNzM1ZWJhNzBmZDFkYmY1ZWYwZDRkZTA4MDc

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Server

68.67.179.87 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 01:10:27 GMT
an-x-request-uuid: d1a85e16-d6e1-4992-b02a-307a64dbfd01
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 37.19.212.49; 37.19.212.49; 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 05 Mar 2024 01:10:27 GMT
an-x-request-uuid: ea4b1807-f3ee-4cdf-bb21-673ead3d56ff
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DNTdhNmJhNzM1ZWJhNzBmZDFkYmY1ZWYwZDRkZTA4MDc
cache-control: no-store, no-cache, private
x-proxy-origin: 37.19.212.49; 37.19.212.49; 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK main.39c29e42.js Show response
s.adroll.com/onsite_personalization/production/0.1/static/js/ 336 KB
100 KB 75ms
25ms Script
application/javascript 3.162.3.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/onsite_personalization/production/0.1/static/js/main.39c29e42.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/onsite_personalization/production/0.1/loader/onsiteloader.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.3.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-3-108.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 07db2104bff88b827b7d0dc6c06ec4b2d6fe59c2633680546dbddb3be400285f

Request headers

Referer: https://fraud.net/
Origin: https://fraud.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

X-Amz-Version-Id: VbMgk_gXghimoZRhj6QFui2WfE6aoopb
Content-Encoding: gzip
Via: 1.1 24c2a7b3c7e677d544aa5e2a7eb85b4e.cloudfront.net (CloudFront)
Date: Mon, 04 Mar 2024 21:08:06 GMT
Age: 81002
X-Amz-Cf-Pop: YUL62-P2
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 22 Dec 2021 19:15:34 GMT
Server: AmazonS3
Etag: W/"86fbdc8ff56a043dffe520cd42b1e7b9"
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: Fm1eD_UtocPx5T-jsYyzqkqq_eSnqWGd1hHuKAAXNeJ-qgg-FAUDlg==

GET
H/1.1 200
OK main.2a90a3dd.css
s.adroll.com/onsite_personalization/production/0.1/static/css/ 25 KB
4 KB 26ms
26ms Stylesheet
text/css 3.162.3.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/onsite_personalization/production/0.1/static/css/main.2a90a3dd.css
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/onsite_personalization/production/0.1/loader/onsiteloader.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.3.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-3-108.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 59c48654847cab7c894b4e49aed73de1a4141c27e501d72dd1117a356ef0f069

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

X-Amz-Version-Id: stG5rI47SkR3xxZTGnejIIBdHw6mvWlq
Content-Encoding: gzip
Via: 1.1 bccdd9eb44a87c0c46b5374545a79a04.cloudfront.net (CloudFront)
Date: Tue, 05 Mar 2024 01:10:26 GMT
X-Amz-Cf-Pop: YUL62-P2
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Thu, 09 Dec 2021 21:03:21 GMT
Server: AmazonS3
Etag: W/"3b96be16936102d8935969d4c53c212f"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: AnalnGodXm-KdQE0ATjEvQJAsqeCG3c9DiDdGbhkb6rPgRlF3J_l2g==

GET
H3 200 IDLZ5bdCrEGdGR5FKKZfiIWvV7rMSlbAHUEzxUIOBQg.js Show response
www.google.com/js/bg/ Frame 88A9 17 KB
7 KB 36ms
35ms Script
text/javascript 172.253.122.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/IDLZ5bdCrEGdGR5FKKZfiIWvV7rMSlbAHUEzxUIOBQg.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.147 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f147.1e100.net

Software

sffe /

Resource Hash

2032d9e5b742ac419d191e4528a65f8885af57bacc4a56c01d4133c5420e0508

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9mcmF1ZC5uZXQ6NDQz&hl=en&v=vj7hFxe2iNgbe-u95xTozOXW&size=invisible&badge=inline&cb=w00xducdvla0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 16:21:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31724
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6933
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 17:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Mar 2025 16:21:43 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/enterprise/ Frame 88A9 102 B
135 B 50ms
50ms Other
text/javascript 172.253.122.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/webworker.js?hl=en&v=vj7hFxe2iNgbe-u95xTozOXW

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.147 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f147.1e100.net

Software

GSE /

Resource Hash

c8decb7c7d17d6353f74d740f2afba7886d2c53e0b3d10a44ae1ad7738316ff9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9mcmF1ZC5uZXQ6NDQz&hl=en&v=vj7hFxe2iNgbe-u95xTozOXW&size=invisible&badge=inline&cb=w00xducdvla0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 01:10:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Tue, 05 Mar 2024 01:10:27 GMT

POST
H2 200 load Show response
front.optimonk.com/public/177110/js/ 0
346 B 133ms
132ms XHR
application/javascript 188.166.193.169
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://front.optimonk.com/public/177110/js/load

Requested by

Host: front.optimonk.com
URL: https://front.optimonk.com/preload-base.900073ab.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

188.166.193.169 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fraud.net/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 05 Mar 2024 01:10:27 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
server: nginx
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
x-dns-prefetch-control: off
access-control-allow-origin: *
cache-control: no-cache
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK no_builder_customizations.json Show response
s.adroll.com/onsite_personalization/production/advertiser-personalizations/HVT2SOYWOBESJB535C7MUS/ 2 B
775 B 294ms
294ms XHR
binary/octet-stream 3.162.3.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/onsite_personalization/production/advertiser-personalizations/HVT2SOYWOBESJB535C7MUS/no_builder_customizations.json
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/onsite_personalization/production/0.1/static/js/main.39c29e42.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.3.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-3-108.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

X-Amz-Version-Id: Qq4r8F1tiHtgStZBEhtkqfS84yGuBoes
Date: Tue, 05 Mar 2024 01:10:28 GMT
Via: 1.1 24c2a7b3c7e677d544aa5e2a7eb85b4e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: YUL62-P2
X-Amz-Server-Side-Encryption: AES256
X-Cache: RefreshHit from cloudfront
Connection: keep-alive
Content-Length: 2
Last-Modified: Tue, 07 Sep 2021 06:39:56 GMT
Server: AmazonS3
Etag: "99914b932bd37a50b983c5e7c90ae93b"
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: false
Vary: Accept-Encoding
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: qeToH8jDWLwSqLZKTemKveP9SjGMENhvjTcFDp0VwLCHJGt9RtI00g==

GET
H/1.1 200
OK config.json Show response
s.adroll.com/onsite_personalization/production/advertiser-personalizations/HVT2SOYWOBESJB535C7MUS/ 2 KB
2 KB 610ms
314ms XHR
binary/octet-stream 3.162.3.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/onsite_personalization/production/advertiser-personalizations/HVT2SOYWOBESJB535C7MUS/config.json
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/onsite_personalization/production/0.1/static/js/main.39c29e42.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.3.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-3-108.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0b7cc6c8b7fefd78a6ae414419fedf7a729897da31dd6a95d350d3cd5633005c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

X-Amz-Version-Id: gdsCJ91e36preZqcIA6RaB5svplwGuhr
Date: Tue, 05 Mar 2024 01:10:28 GMT
Via: 1.1 24c2a7b3c7e677d544aa5e2a7eb85b4e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: YUL62-P2
X-Amz-Server-Side-Encryption: AES256
X-Cache: RefreshHit from cloudfront
Connection: keep-alive
Content-Length: 1697
Last-Modified: Tue, 07 Sep 2021 06:39:56 GMT
Server: AmazonS3
Etag: "04a72a37c10f648fb8263045b284cb6c"
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: false
Vary: Accept-Encoding
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: tKUNhqLm1Nurel-7xqDFzREt608_jezko8o7boqqL_DWpsu74p6RaA==

GET
H/1.1 200
OK / Show response
api.icallback.convolo.ai/api/v1/ext/collect-data/ 16 B
291 B 609ms
121ms XHR
application/json 104.248.194.21
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.icallback.convolo.ai/api/v1/ext/collect-data/?visit_id=ac67e79c0d2b3ef47947c1738e35c737&params=%7B%22referer%22%3A%22%22%2C%22screenWidth%22%3A1600%2C%22screenHeight%22%3A1200%2C%22userAgent%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F122.0.6261.94%20Safari%2F537.36%22%2C%22title%22%3A%22AI%20Fraud%20Detection%20for%20Enterprises%20%7C%20Fraud.net%22%7D
Requested by: Host: app.leadconnect.cc
URL: https://app.leadconnect.cc/icallback.573f0d8f8fedb2d7b3fb.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 104.248.194.21 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) / Express
Resource Hash: c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Tue, 05 Mar 2024 01:10:27 GMT
Server: nginx/1.14.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 16

GET
H2 200 css
fonts.googleapis.com/ 9 KB
917 B 46ms
45ms Stylesheet
text/css 172.253.63.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:100,300,400,700&display=swap

Requested by

Host: app.leadconnect.cc
URL: https://app.leadconnect.cc/icallback.573f0d8f8fedb2d7b3fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f95.1e100.net

Software

ESF /

Resource Hash

8afe7c51bde49c1198c0c63fa9c40b59ada442c8c9d307875110e46981a5d37b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 05 Mar 2024 01:10:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 05 Mar 2024 00:13:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 05 Mar 2024 01:10:27 GMT

GET
H/1.1 200
OK / Show response
api.events.convolo.ai/api/v1/ext/register-event/ 16 B
291 B 1378ms
123ms XHR
application/json 134.122.60.49
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.events.convolo.ai/api/v1/ext/register-event/?event=INIT&visit_id=ac67e79c0d2b3ef47947c1738e35c737&params=%7B%7D
Requested by: Host: app.leadconnect.cc
URL: https://app.leadconnect.cc/icallback.573f0d8f8fedb2d7b3fb.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 134.122.60.49 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Tue, 05 Mar 2024 01:10:28 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 16

GET
DATA 200
OK truncated
/ 18 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a69f80a41d67db1d65201e37988539cc8598c58dd1136b18cbdfdd7b1978d6ab

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 tenor.gif
testpage.convolo.ai//images/ 42 KB
42 KB 132ms
126ms Image
image/gif 134.122.57.141
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://testpage.convolo.ai//images/tenor.gif
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 134.122.57.141 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 6437022dfef658c9c8f2098bd8033472e853eb8bb959fc4908e2bdb94adae67d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 01:10:27 GMT
last-modified: Sun, 03 Mar 2019 19:40:27 GMT
server: nginx/1.18.0
accept-ranges: bytes
etag: "5c7c2dab-a689"
content-length: 42633
content-type: image/gif

GET
H2 200 663ead3e63f8d79c2107ae68dcb5310221.png
app.leadconnect.cc/images/saved/ 2 KB
2 KB 111ms
110ms Image
image/png 134.122.57.141
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.leadconnect.cc/images/saved/663ead3e63f8d79c2107ae68dcb5310221.png
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 134.122.57.141 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e2310cdd13a9432e8234e690dd787286e1daf5603559a8d4eab22d38d4085899

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 01:10:27 GMT
last-modified: Thu, 19 May 2022 16:42:48 GMT
server: nginx/1.18.0
accept-ranges: bytes
etag: "62867388-8c9"
content-length: 2249
content-type: image/png

GET
H2 200 2f1346f2fea3a8494c5ee21763f59f8a.png
app.leadconnect.cc/images/saved/ 311 KB
311 KB 112ms
111ms Image
image/png 134.122.57.141
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.leadconnect.cc/images/saved/2f1346f2fea3a8494c5ee21763f59f8a.png
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 134.122.57.141 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 7f79f6efe44385491775b8260407a13b69dadc5161d1005dc750d187135e39ed

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 01:10:27 GMT
last-modified: Fri, 09 Sep 2022 14:07:11 GMT
server: nginx/1.18.0
accept-ranges: bytes
etag: "631b488f-4dbdf"
content-length: 318431
content-type: image/png

GET
H2 200 1f4de.svg
s.w.org/images/core/emoji/14.0.0/svg/ 391 B
703 B 56ms
17ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/1f4de.svg

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

75c52e1c16937c12b0237d384089300a6d05d8e12d390995674abe2e56886445

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Tue, 05 Mar 2024 01:10:27 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:43 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 391
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 36ms
36ms Font
font/woff2 142.251.163.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f94.1e100.net

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fraud.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 15:31:09 GMT
x-content-type-options: nosniff
age: 34758
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Mar 2025 15:31:09 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 36ms
36ms Font
font/woff2 142.251.163.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f94.1e100.net

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fraud.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 02:02:58 GMT
x-content-type-options: nosniff
age: 83249
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Mar 2025 02:02:58 GMT

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
193 B 78ms
78ms XHR
text/plain 13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.beta.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: *
Referer: https://fraud.net/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 05 Mar 2024 01:10:26 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 6146FDABF3FC409EB1B31FB0AAEE1B4F Ref B: YTO01EDGE0411 Ref C: 2024-03-05T01:10:27Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
access-control-allow-origin: https://fraud.net
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYS34HwV6OGlNS6FmwfNg==

GET
H3 200 bframe Show response
www.google.com/recaptcha/enterprise/ Frame 69B6 7 KB
1 KB 58ms
57ms Document
text/html 172.253.122.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=vj7hFxe2iNgbe-u95xTozOXW&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.147 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f147.1e100.net

Software

GSE /

Resource Hash

54f3687e1d092fd949c47207798b7866f9e4e23bf8e0b2b96a84b4a4f316baf0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ZUFcOi3F3ehyzZYtnSHeNg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fraud.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-ZUFcOi3F3ehyzZYtnSHeNg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 05 Mar 2024 01:10:27 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

OPTIONS
H2 200 osjlog
os.aggle.net/ Frame 0
0 96ms
95ms Preflight
text/html 52.37.152.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://os.aggle.net/osjlog
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.37.152.76 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-37-152-76.us-west-2.compute.amazonaws.com
Software: gunicorn /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://fraud.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://fraud.net
allow: OPTIONS, POST
content-length: 0
content-type: text/html; charset=utf-8
date: Tue, 05 Mar 2024 01:10:27 GMT
server: gunicorn
vary: Origin

POST
H2 200 osjlog Show response
os.aggle.net/ 16 B
174 B 104ms
103ms Fetch
application/json 52.37.152.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://os.aggle.net/osjlog
Requested by: Host: s.opensend.com
URL: https://s.opensend.com/os.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.37.152.76 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-37-152-76.us-west-2.compute.amazonaws.com
Software: gunicorn /
Resource Hash: 422ed3ad15da2c2647708eb9302934c5494a80e04bd30732dd749956feef331d

Request headers

Referer: https://fraud.net/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
content-type: application/json;charset=UTF-8

Response headers

access-control-allow-origin: https://fraud.net
date: Tue, 05 Mar 2024 01:10:27 GMT
access-control-allow-credentials: true
server: gunicorn
content-length: 16
vary: Origin
content-type: application/json

GET
H2

200

p.json Show response
alocdn.com/c/9rgi64bf/a/xtarget/
Redirect Chain

https://alocdn.com/c/9rgi64bf/a/xtarget/p.json
https://alocdn.com/c/9rgi64bf/a/xtarget/p.json?tdc=1&url=https%3A%2F%2Ffraud.net%2F

48 B
247 B

114ms
113ms

Fetch
application/json

44.231.247.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://alocdn.com/c/9rgi64bf/a/xtarget/p.json?tdc=1&url=https%3A%2F%2Ffraud.net%2F
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: H2
Server: 44.231.247.170 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-231-247-170.us-west-2.compute.amazonaws.com
Software: Jetty(9.4.48.v20220622) /
Resource Hash: ad59384e0dee7482becbb4679b2d85154140ac3b8bb4b0d667ff001c803e0224

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-origin: https://fraud.net
date: Tue, 05 Mar 2024 01:10:28 GMT
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
server: Jetty(9.4.48.v20220622)
content-type: application/json

Redirect headers

date: Tue, 05 Mar 2024 01:10:27 GMT
server: Jetty(9.4.48.v20220622)
content-type: application/json
location: https://alocdn.com/c/9rgi64bf/a/xtarget/p.json?tdc=1&url=https%3A%2F%2Ffraud.net%2F
access-control-allow-origin: https://fraud.net
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 osjlog Show response
os.aggle.net/ 16 B
174 B 93ms
92ms Fetch
application/json 52.37.152.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://os.aggle.net/osjlog
Requested by: Host: s.opensend.com
URL: https://s.opensend.com/os.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.37.152.76 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-37-152-76.us-west-2.compute.amazonaws.com
Software: gunicorn /
Resource Hash: 422ed3ad15da2c2647708eb9302934c5494a80e04bd30732dd749956feef331d

Request headers

Referer: https://fraud.net/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
content-type: application/json;charset=UTF-8

Response headers

access-control-allow-origin: https://fraud.net
date: Tue, 05 Mar 2024 01:10:27 GMT
access-control-allow-credentials: true
server: gunicorn
content-length: 16
vary: Origin
content-type: application/json

GET
H/1.1 200
OK t.dhj Show response
pxdrop.lijit.com/1/d/ 2 KB
2 KB 1102ms
28ms Script
application/javascript 23.44.203.89
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://pxdrop.lijit.com/1/d/t.dhj?cls=append&pubid=techlist&puu=e08427da-dff1-4aa9-a876-447f6661f68b&dmn=fraud.net

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.44.203.89 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-44-203-89.deploy.static.akamaitechnologies.com

Software

Resource Hash

3b717e31aa3594cbb5abecc099b7144bb38b12dd6ee3b749ed3e4ddf5c9e0ec4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Tue, 05 Mar 2024 01:10:28 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1377
Expires: Tue, 05 Mar 2024 02:10:28 GMT

OPTIONS
H2 200 osjlog
os.aggle.net/ Frame 0
0 92ms
91ms Preflight
text/html 52.37.152.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://os.aggle.net/osjlog
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.37.152.76 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-37-152-76.us-west-2.compute.amazonaws.com
Software: gunicorn /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://fraud.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://fraud.net
allow: POST, OPTIONS
content-length: 0
content-type: text/html; charset=utf-8
date: Tue, 05 Mar 2024 01:10:27 GMT
server: gunicorn
vary: Origin

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/ Frame 69B6 55 KB
24 KB 37ms
36ms Stylesheet
text/css 172.253.62.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=vj7hFxe2iNgbe-u95xTozOXW&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f94.1e100.net

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 23:12:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7103
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 03:01:13 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Mar 2025 23:12:04 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/ Frame 69B6 492 KB
195 KB 49ms
48ms Script
text/javascript 172.253.62.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=vj7hFxe2iNgbe-u95xTozOXW&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f94.1e100.net

Software

sffe /

Resource Hash

2c6a3425cec9ba0cbcfcf1dbba2120a72ac369674a6d02e06bd3b0c16efbdcf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 14:28:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38502
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 199830
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 03:01:13 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Mar 2025 14:28:45 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame 69B6 20 KB
15 KB 82ms
81ms XHR
application/json 172.253.122.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.147 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f147.1e100.net

Software

GSE /

Resource Hash

6a7702d12283cd02359dc12a87d6a4c2b2af056fcfcb7a0d6b00634e2ca5c0ee

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=vj7hFxe2iNgbe-u95xTozOXW&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Tue, 05 Mar 2024 01:10:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Tue, 05 Mar 2024 01:10:27 GMT

POST
H2 200 / Show response
jfapiprod.optimonk.com/v2/ 26 B
187 B 97ms
59ms Fetch
application/json 34.117.177.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://jfapiprod.optimonk.com/v2/
Requested by: Host: gs-cdn.optimonk.com
URL: https://gs-cdn.optimonk.com/jfclientsdk/latest/jfclientsdk.min.js?ts=14
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.177.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.177.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 3e9b76cd18916b141392804403064f5b92bcbf054ca0b20036d44b04405fd854

Request headers

Referer: https://fraud.net/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 05 Mar 2024 01:10:27 GMT
via: 1.1 google
etag: W/"1a-oDk6RB3+SLV96sulj5WuSYroQto"
content-length: 26
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json; charset=utf-8

GET
H3 200 refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame 69B6 600 B
624 B 36ms
35ms Image
image/png 172.253.62.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/refresh_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f94.1e100.net

Software

sffe /

Resource Hash

44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 20:16:11 GMT
x-content-type-options: nosniff
age: 104056
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 600
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sun, 10 Mar 2024 20:16:11 GMT

GET
H3 200 audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame 69B6 530 B
554 B 39ms
38ms Image
image/png 172.253.62.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/audio_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f94.1e100.net

Software

sffe /

Resource Hash

89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 09:04:36 GMT
x-content-type-options: nosniff
age: 489951
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 530
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Wed, 06 Mar 2024 09:04:36 GMT

GET
H3 200 info_2x.png
www.gstatic.com/recaptcha/api2/ Frame 69B6 665 B
689 B 38ms
37ms Image
image/png 172.253.62.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/info_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f94.1e100.net

Software

sffe /

Resource Hash

55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 09:04:36 GMT
x-content-type-options: nosniff
age: 489951
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 665
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Wed, 06 Mar 2024 09:04:36 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 69B6 15 KB
15 KB 37ms
36ms Font
font/woff2 142.251.163.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f94.1e100.net

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 15:49:54 GMT
x-content-type-options: nosniff
age: 292833
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 01 Mar 2025 15:49:54 GMT

GET
H3 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 69B6 15 KB
15 KB 52ms
51ms Font
font/woff2 142.251.163.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f94.1e100.net

Software

sffe /

Resource Hash

c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 14:10:36 GMT
x-content-type-options: nosniff
age: 39591
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15340
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Mar 2025 14:10:36 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 69B6 15 KB
15 KB 40ms
39ms Font
font/woff2 142.251.163.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f94.1e100.net

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 08:59:46 GMT
x-content-type-options: nosniff
age: 490241
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Feb 2025 08:59:46 GMT

GET
H3 200 IDLZ5bdCrEGdGR5FKKZfiIWvV7rMSlbAHUEzxUIOBQg.js Show response
www.google.com/js/bg/ Frame 69B6 17 KB
7 KB 36ms
36ms Script
text/javascript 172.253.122.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/IDLZ5bdCrEGdGR5FKKZfiIWvV7rMSlbAHUEzxUIOBQg.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.147 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f147.1e100.net

Software

sffe /

Resource Hash

2032d9e5b742ac419d191e4528a65f8885af57bacc4a56c01d4133c5420e0508

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=vj7hFxe2iNgbe-u95xTozOXW&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 16:21:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31724
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6933
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 17:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Mar 2025 16:21:43 GMT

GET
H3 200 payload
www.google.com/recaptcha/api2/ Frame 69B6 47 KB
47 KB 52ms
52ms Image
image/jpeg 172.253.122.147
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/recaptcha/api2/payload?p=06AFcWeA7SZeGhdO0yB5GSFX98me4SqOReXlLwB2zJOc8-pJBuibBRBGI9vRulazNgV1UKDAx_mzvwmTuYwMt8g_qgsYFANKqeVQlF0b_pTOxOsbCvRunJ2nzXDERBBrDqGwXEJO9A92wfX8fe5n8DhDWYtmCRXe_iv9cw2G2bGefJW8qitN0Rr6THPqXXhXst8olqi9yTk-hE&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.147 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f147.1e100.net

Software

GSE /

Resource Hash

56da2fb3b832f752a7da4bfff5b08ef87d36b23e3bc547cbcb0f686533eaad70

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=vj7hFxe2iNgbe-u95xTozOXW&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 01:10:27 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: private, max-age=30
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Tue, 05 Mar 2024 01:10:27 GMT

OPTIONS
H2 200 idsync
os.aggle.net/ Frame 0
0 92ms
91ms Preflight
text/html 52.37.152.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://os.aggle.net/idsync
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.37.152.76 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-37-152-76.us-west-2.compute.amazonaws.com
Software: gunicorn /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://fraud.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://fraud.net
allow: POST, OPTIONS
content-length: 0
content-type: text/html; charset=utf-8
date: Tue, 05 Mar 2024 01:10:28 GMT
server: gunicorn
vary: Origin

OPTIONS
H2 200 osjlog
os.aggle.net/ Frame 0
0 105ms
105ms Preflight
text/html 52.37.152.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://os.aggle.net/osjlog
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.37.152.76 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-37-152-76.us-west-2.compute.amazonaws.com
Software: gunicorn /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://fraud.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://fraud.net
allow: OPTIONS, POST
content-length: 0
content-type: text/html; charset=utf-8
date: Tue, 05 Mar 2024 01:10:28 GMT
server: gunicorn
vary: Origin

POST
H2 200 idsync Show response
os.aggle.net/ 264 B
803 B 600ms
599ms Fetch
application/json 52.37.152.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://os.aggle.net/idsync
Requested by: Host: s.opensend.com
URL: https://s.opensend.com/os.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.37.152.76 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-37-152-76.us-west-2.compute.amazonaws.com
Software: gunicorn /
Resource Hash: 388257d9650e068daaad1f4783c931b6253da76571884e92023aa59747ed0b64

Request headers

Referer: https://fraud.net/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
content-type: application/json;charset=UTF-8

Response headers

date: Tue, 05 Mar 2024 01:10:28 GMT
server: gunicorn
vary: Origin
p3p: CP="NOI OUR BUS UNI COM NAV"
access-control-allow-origin: https://fraud.net
content-type: application/json
cache-control: no-cache
access-control-allow-credentials: true
content-length: 264
expires: Tue, 05 Mar 2024 01:10:29 GMT

POST
H2 200 osjlog Show response
os.aggle.net/ 16 B
174 B 92ms
92ms Fetch
application/json 52.37.152.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://os.aggle.net/osjlog
Requested by: Host: s.opensend.com
URL: https://s.opensend.com/os.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.37.152.76 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-37-152-76.us-west-2.compute.amazonaws.com
Software: gunicorn /
Resource Hash: 422ed3ad15da2c2647708eb9302934c5494a80e04bd30732dd749956feef331d

Request headers

Referer: https://fraud.net/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
content-type: application/json;charset=UTF-8

Response headers

access-control-allow-origin: https://fraud.net
date: Tue, 05 Mar 2024 01:10:28 GMT
access-control-allow-credentials: true
server: gunicorn
content-length: 16
vary: Origin
content-type: application/json

GET
H2 200 igfad
aggle.net/ 43 B
698 B 265ms
102ms Image
image/gif 15.197.179.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aggle.net/igfad?pid=A7D4T45C&pih1=69ea4cc2579f1ef784ca162379764611
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 15.197.179.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a938864f9581ea3da.awsglobalaccelerator.com
Software: gunicorn /
Resource Hash: 70a4cd5d0ba7c6b43eae942a9cfa53f75bb275cce10031e5d6afec299f94c708

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

expires: Tue, 05 Mar 2024 01:10:29 GMT
date: Tue, 05 Mar 2024 01:10:28 GMT
cache-control: no-cache, no-store
content-type: image/gif
server: gunicorn
content-length: 43
p3p: CP="NOI OUR BUS UNI COM NAV"

GET
H3 200 cast_framework.js Show response
www.gstatic.com/cast/sdk/libs/sender/1.0/ Frame 5F62 35 KB
12 KB 39ms
39ms Script
text/javascript 172.253.62.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cast/sdk/libs/sender/1.0/cast_framework.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f94.1e100.net

Software

sffe /

Resource Hash

a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 01:10:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12197
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 23:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="chrome-dongle"
vary: Accept-Encoding
report-to: {"group":"chrome-dongle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/chrome-dongle"}]}
content-type: text/javascript
cache-control: private, max-age=0
accept-ranges: bytes
expires: Tue, 05 Mar 2024 01:10:28 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/122/ Frame 5F62 50 KB
14 KB 37ms
37ms Script
text/javascript 172.253.62.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/122/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f94.1e100.net

Software

sffe /

Resource Hash

765a638d2813ec1b917fc56cf90863f88991ef2550c1a14c99e9e9b243e80f74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 20:16:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17656
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14711
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 16:03:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Tue, 05 Mar 2024 20:16:12 GMT

GET
H/1.1 200
OK t_.htm Show response
pxdrop.lijit.com/a/ Frame F2E6 2 KB
1 KB 29ms
28ms Document
text/html 23.44.203.89
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://pxdrop.lijit.com/a/t_.htm?ver=1.1298.699&cid=c026&cls=append
Requested by: Host: pxdrop.lijit.com
URL: https://pxdrop.lijit.com/1/d/t.dhj?cls=append&pubid=techlist&puu=e08427da-dff1-4aa9-a876-447f6661f68b&dmn=fraud.net
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.203.89 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-203-89.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Request headers

Referer: https://fraud.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Tue, 05 Mar 2024 01:10:28 GMT
Expires: Tue, 12 Mar 2024 01:10:28 GMT
X-Robots-Tag: noindex, nofollow

GET
H/1.1 200
OK t_.js Show response
pxdrop.lijit.com/1.1298.699/a/CA/ Frame 8D29 19 KB
8 KB 31ms
31ms Script
text/javascript 23.44.203.89
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://pxdrop.lijit.com/1.1298.699/a/CA/t_.js?cid=c026&cls=append
Requested by: Host: pxdrop.lijit.com
URL: https://pxdrop.lijit.com/a/t_.htm?ver=1.1298.699&cid=c026&cls=append
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.203.89 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-203-89.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a20dbc75e35e9bdc1bd0184302ba865ead4628240b936b438196a95a8d36e36c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pxdrop.lijit.com/a/t_.htm?ver=1.1298.699&cid=c026&cls=append
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Tue, 05 Mar 2024 01:10:28 GMT
Content-Encoding: gzip
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8381
Expires: Tue, 12 Mar 2024 01:10:28 GMT

GET
H/1.1 204
No Content a.gif
pxdrop.lijit.com/d/ Frame 8D29 0
225 B 29ms
28ms Image
text/plain 23.44.203.89
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pxdrop.lijit.com/d/a.gif?cls=append&pubid=techlist&puu=e08427da-dff1-4aa9-a876-447f6661f68b&dmn=fraud.net&tt=t.dhj&cid=c026&lbl=lijit&flbl=pxcel&ll=d&ver=1.1298.699&ell=d&cck=ljt_reader&pn=%2F&qs=na&rdn=fraud.net&rpn=%2F&rqs=na&cc=CA&cont=NA&evid=QoXKM4YA5YgSFVrfCTpF&urls=&rnd=1709601028625&cid=c026&version=1.1298.699&cc=CA&cont=NA&cls=append&repeat=0&htmLcy=35
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.203.89 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-203-89.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pxdrop.lijit.com/a/t_.htm?ver=1.1298.699&cid=c026&cls=append
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Mar 2024 01:10:28 GMT
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Tue, 05 Mar 2024 01:10:28 GMT

GET
H/1.1 200
OK / Show response
api.events.convolo.ai/api/v1/ext/register-event/ 16 B
291 B 124ms
123ms XHR
application/json 134.122.60.49
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.events.convolo.ai/api/v1/ext/register-event/?event=OPENED_BY_TIMEOUT&visit_id=ac67e79c0d2b3ef47947c1738e35c737&params=%7B%7D
Requested by: Host: app.leadconnect.cc
URL: https://app.leadconnect.cc/icallback.573f0d8f8fedb2d7b3fb.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 134.122.60.49 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Tue, 05 Mar 2024 01:10:29 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 16

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
1 KB 135ms
90ms Image
image/gif 104.19.154.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1755828995&v=1.1&a=2113031&rcu=https%3A%2F%2Ffraud.net%2F&pu=https%3A%2F%2Ffraud.net%2F&t=AI+Fraud+Detection+for+Enterprises+%7C+Fraud.net&cts=1709601030364&vi=b41d2ecf723ba12c94f0572507c8e2a8&nc=true&u=57037109.b41d2ecf723ba12c94f0572507c8e2a8.1709601030360.1709601030360.1709601030360.1&b=57037109.1.1709601030361&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.154.83 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 01:10:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 0b73018d-522e-4e5e-829d-6a5f773b1155
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 12
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 0b73018d-522e-4e5e-829d-6a5f773b1155
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p7qrmRtqIu4jiByVAZN9tAgYQO%2FOXEP5TdjYUpkMF8QvWa0XS7kopyHse6At2ybf83KkyH7ORvCiInQx%2BnWq91o1fBPumZYD846qh9ur6au5X4V5zjRZeqxnu8HkYYpmtZxy"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-68f68ffdf9-9lgsc
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 85f63a081db45431-YYZ
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
742 B 162ms
121ms Image
image/gif 104.19.154.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=e7da54a7-2f38-4f6a-9f57-178fe485ef3c&fci=bade1e1c-d3bd-49ea-b9d0-3e9dbfc3e21c&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1755828995&v=1.1&a=2113031&rcu=https%3A%2F%2Ffraud.net%2F&pu=https%3A%2F%2Ffraud.net%2F&t=AI+Fraud+Detection+for+Enterprises+%7C+Fraud.net&cts=1709601030365&vi=b41d2ecf723ba12c94f0572507c8e2a8&nc=true&u=57037109.b41d2ecf723ba12c94f0572507c8e2a8.1709601030360.1709601030360.1709601030360.1&b=57037109.1.1709601030361&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.154.83 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 01:10:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 93c7991f-004a-4f2b-8052-a5c04e1fc430
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 8
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 93c7991f-004a-4f2b-8052-a5c04e1fc430
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6LZmdRD9z%2BfPrH4xCU3a1i3YW0qZWpIPxzxJz2%2F2mvfyKP6VWMqHIbN0jonjoGoR9JLsY8K%2FMhnnlf%2FqFCAIk0nDT4rxCt7sd4%2Fal0Q%2BqeBJIEdjZU%2FLuvYuAzF1prZ9bwas"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-68f68ffdf9-scd75
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 85f63a081dbb5431-YYZ
x-robots-tag: none

GET
H2 200 json Show response
forms.hubspot.com/lead-flows-config/v1/config/ 178 B
1 KB 122ms
117ms XHR
application/json 104.19.155.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=2113031&utk=b41d2ecf723ba12c94f0572507c8e2a8&__hstc=57037109.b41d2ecf723ba12c94f0572507c8e2a8.1709601030360.1709601030360.1709601030360.1&__hssc=57037109.1.1709601030361&currentUrl=https%3A%2F%2Ffraud.net%2F

Requested by

Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.155.83 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

32671e6fd862f94933b0d63245a20ce8c1ea5921a5c7c8fc1655265344889300

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 01:10:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 6b1cafc6-af31-4b95-b110-856c74d2ed71
content-encoding: br
x-envoy-upstream-service-time: 46
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 6b1cafc6-af31-4b95-b110-856c74d2ed71
server: cloudflare
vary: origin
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://fraud.net
x-evy-trace-virtual-host: all
access-control-max-age: 180
access-control-allow-credentials: false
cache-control: max-age=0, no-cache, no-store
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M0yPxT5vjMSXROtJOESVpKbdr1ENNO8q9iff4O4C3AY2UZ9pL%2BZybjWPT9QD9weL1Jx6aG0UKGwksLo4MvwI4bst8J0qZNIBaWmsZLpJwl3BMUztsi8dkryRiaWUWBu%2F3AiO"}],"group":"cf-nel","max_age":604800}
x-robots-tag: none
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray: 85f63a07ee7154d9-YYZ
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-bfd765d7d-z8vxw

POST
H2 200 ostevnt Show response
os.aggle.net/ 16 B
447 B 609ms
609ms Fetch
application/json 52.37.152.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://os.aggle.net/ostevnt
Requested by: Host: s.opensend.com
URL: https://s.opensend.com/os.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.37.152.76 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-37-152-76.us-west-2.compute.amazonaws.com
Software: gunicorn /
Resource Hash: 422ed3ad15da2c2647708eb9302934c5494a80e04bd30732dd749956feef331d

Request headers

Referer: https://fraud.net/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
content-type: application/json;charset=UTF-8

Response headers

date: Tue, 05 Mar 2024 01:10:33 GMT
server: gunicorn
vary: Origin
p3p: CP="NOI OUR BUS UNI COM NAV"
access-control-allow-origin: https://fraud.net
content-type: application/json
cache-control: no-cache
access-control-allow-credentials: true
content-length: 16
expires: Tue, 05 Mar 2024 01:10:34 GMT

OPTIONS
H2 200 ostevnt
os.aggle.net/ Frame 0
0 92ms
92ms Preflight
text/html 52.37.152.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://os.aggle.net/ostevnt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.37.152.76 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-37-152-76.us-west-2.compute.amazonaws.com
Software: gunicorn /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://fraud.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://fraud.net
allow: POST, OPTIONS, GET, HEAD
content-length: 0
content-type: text/html; charset=utf-8
date: Tue, 05 Mar 2024 01:10:32 GMT
server: gunicorn
vary: Origin

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: device.fraud.net
URL: https://device.fraud.net/com.snowplowanalytics.snowplow/tp2

Domain: device.fraud.net
URL: https://device.fraud.net/com.snowplowanalytics.snowplow/tp2

Verdicts & Comments Add Verdict or Comment

242 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

85 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 23:12:33	Name: _GRECAPTCHA Value: 09AOiBZIBMAWzKzUujaFcu-SpPgPv-2OF64ZF7shc_E6cUgqgse6zTe_vwc0eQDOuy7GV5w7IqfJLLtfxUvNIrEf0
fraud.net/	1970-01-21 03:38:57	Name: uncode_privacy[consent_types] Value: %5B%5D
.vimeo.com/	1970-01-20 18:53:22	Name: __cf_bm Value: JZBJz9K4YrtH9sJ4tX05Hu.N8vn0aFXwSKKSEUKiA9w-1709601025-1.0.1.1-svZ1FgSXXpjQILeRKqe_0LlCzHUWA9J42nDdCxzkzgvH1o2x5Wi3wXxzRoxADewf0tXh4qdZdbN_D7UM_hhklQ
.fraud.net/	1970-01-20 21:02:57	Name: _gcl_au Value: 1.1.60198894.1709601026
tracking.g2crowd.com/	1970-01-20 19:13:30	Name: _session_id Value: bed3364169f977e04c3a1dc0e5c789d8
.g2crowd.com/	1970-01-20 18:53:22	Name: __cf_bm Value: ZRF4SVAHn5AMJFvQ9QPfAbgv.ME8jA.rQawWj_HfqtM-1709601025-1.0.1.1-nB11ir9uGvHCRy4hNSlQbVjObZ2fjH92n5avFdDqqpW5YCAo5xRRJ9Q8GoHWWay_za2dcLq3n2kRktO7ggXA7w
.ws.zoominfo.com/	1970-01-21 03:38:57	Name: visitorId Value: eb180982cab4782499e324cb291a3da3a85eeaa5ba83027c6f2916e0df961625
.zoominfo.com/	1970-01-20 18:53:22	Name: __cf_bm Value: YWWSCpvc8F6BXrHxytrPSnpJ8R7ozRnZA_T1bqJR_og-1709601026-1.0.1.1-k00UN7fuMkHp7qKjuLP6H.elP4tJhXfUNdF0OhKrcN6QbidQax3ecUf7sLfXLtXtWnezg03KkE1rPN0oDv8Vag
.zoominfo.com/	1969-12-31 23:59:59	Name: _cfuvid Value: oNHi6HZ4SCaxijA_OZ5cxFlfWyMaFa_fa_bVfybJpSE-1709601026018-0.0.1.1-604800000
.hsforms.com/	1969-12-31 23:59:59	Name: _cfuvid Value: EjKEBJwrK5w69Rs2cAp9DYuwa8QxYz2Bk6n5a2pnpRM-1709601026078-0.0.1.1-604800000
fraud.net/	1970-01-21 03:38:57	Name: optiMonkClientId Value: 7f2f0d9c-f1e1-3417-d1ed-f03772a0de7a
.fraud.net/	1970-01-21 04:29:21	Name: _ga_GPKLFPPQY0 Value: GS1.1.1709601026.1.0.1709601026.60.0.0
fraud.net/	1970-01-20 18:53:22	Name: _sp_ses.c750 Value: *
fraud.net/	1970-01-21 04:29:21	Name: _sp_id.c750 Value: 79c61143-0ea3-42b3-ac17-ce408c3a17d2.1709601026.1.1709601026.1709601026.73de8e53-ebe4-46a0-9dae-9cdebaa6f0bd
.fraud.net/	1970-01-21 04:29:21	Name: _ga Value: GA1.2.1137313730.1709601026
.fraud.net/	1970-01-20 18:54:47	Name: _gid Value: GA1.2.1481774051.1709601026
.fraud.net/	1970-01-20 18:53:21	Name: _gat_UA-35675858-1 Value: 1
.fraud.net/	1970-01-20 18:54:47	Name: _uetsid Value: 264351a0da8d11ee87b58d7420c21aad
.fraud.net/	1970-01-21 04:14:57	Name: _uetvid Value: 26436ec0da8d11ee82a36fa2350fb603
fraud.net/	1969-12-31 23:59:59	Name: optiMonkSession Value: 1709601026
.bing.com/	1970-01-21 04:14:57	Name: MUID Value: 18EFFA8A9E196DD73EB9EEB39FB36C2C
.bat.bing.com/	1970-01-20 19:03:25	Name: MR Value: 0
fraud.net/	1970-01-20 18:53:24	Name: _gauges_unique_hour Value: 1
fraud.net/	1970-01-20 18:54:47	Name: _gauges_unique_day Value: 1
fraud.net/	1970-01-20 19:37:59	Name: _gauges_unique_month Value: 1
fraud.net/	1970-01-21 03:38:57	Name: _gauges_unique_year Value: 1
fraud.net/	1970-01-21 03:38:57	Name: _gauges_unique Value: 1
fraud.net/	1970-01-21 03:38:57	Name: optiMonkEmbedded177110 Value: N4IgFghgzgMglgWzgFwEoFMIGMzoCYgBcAZhADZToC+QA===
.d.adroll.com/	1970-01-21 04:22:09	Name: receive-cookie-deprecation Value: 1
.adroll.com/	1970-01-21 04:22:09	Name: receive-cookie-deprecation Value: 1
.vimeo.com/	1970-01-21 04:29:21	Name: vuid Value: pl263881342.1680771319
.fraud.net/	1970-01-21 03:39:18	Name: __adroll_fpc Value: f5ac016763e9b4862e16cc1390559e63-1709601026759
.fraud.net/	1970-01-21 03:38:57	Name: _hjSessionUser_2001329 Value: eyJpZCI6IjIzNzI5MTk5LWIxN2YtNThkMS1hMTM4LTAwNTE4MjJlMDU3MyIsImNyZWF0ZWQiOjE3MDk2MDEwMjY4MDAsImV4aXN0aW5nIjpmYWxzZX0=
.fraud.net/	1970-01-20 18:53:22	Name: _hjSession_2001329 Value: eyJpZCI6IjcwYzczNmRlLWQxMmEtNDNmOS1iYWRiLWZmOTJkOTEzYjczOCIsImMiOjE3MDk2MDEwMjY4MDEsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MX0=
.fraud.net/	1970-01-20 21:02:57	Name: _fbp Value: fb.1.1709601026866.1802195830
.fraud.net/	1970-01-21 03:38:57	Name: __ar_v4 Value: %7CHVT2SOYWOBESJB535C7MUS%3A20240304%3A1%7CML43PNVWLZH6BAVX2UYHRM%3A20240304%3A1%7C6SMH2DHXINFNDD52UNEEKG%3A20240304%3A1
.linkedin.com/	1970-01-20 21:02:57	Name: li_sugr Value: 58651371-941c-4814-a6b8-34d3e9d17773
.linkedin.com/	1970-01-21 03:38:57	Name: bcookie Value: "v=2&b43ff1c0-286d-41b7-841f-488cf5499ad4"
.linkedin.com/	1970-01-20 18:54:47	Name: lidc Value: "b=TGST03:s=T:r=T:a=T:p=T:g=3173:u=1:x=1:i=1709601026:t=1709687426:v=2:sig=AQEA0AXZW2GhcUqdOWUbhpBEeoceymMK"
.linkedin.com/	1970-01-20 19:36:33	Name: UserMatchHistory Value: AQJCCSuYwtLrFwAAAY4MKXOthNu4Y9W9rbiHljeHHeEL_LCHXZJwmvbL4n9E_M45UlDVuKgogYOmpQ
.linkedin.com/	1970-01-20 19:36:33	Name: AnalyticsSyncHistory Value: AQKrl7xYzZwEGgAAAY4MKXOt9mmxqomb3VtaqeLoduq71HSC4_cQDMtQsQTEX4yx7Xk30DOrEbNOWBhRulVI2w
.doubleclick.net/	1970-01-21 04:29:21	Name: IDE Value: AHWqTUnrniNhAcaHwXSwOKLKw4crI3aXH8Lqwn3BPAu2zok2Yim00gZY6sdJPeHSa4s
.www.linkedin.com/	1970-01-21 03:38:57	Name: bscookie Value: "v=1&20240305011027602acd11-b4d3-48e6-8107-34317baf9d21AQHPUi5GgpvWSpfc4qUDQAqLYv8TgAgl"
.d.adroll.com/	1970-01-21 04:22:09	Name: __adroll Value: 57a6ba735eba70fd1dbf5ef0d4de0807-g_1709601027-a_1709601026
.adroll.com/	1970-01-21 04:22:09	Name: __adroll_shared Value: 57a6ba735eba70fd1dbf5ef0d4de0807-g_1709601027-a_1709601026
.adnxs.com/	1970-01-20 21:02:57	Name: XANDR_PANID Value: n-Vpt5Jb3vbiBBFDTYvYLG02AePyWeESk5K1XbguG3XCn8EfRDsiyJ9A-Mr9cvjB-dskowdCTT2YMmzb28ACkY7PvlIBb_uoOCdNhe7RvTI.
.adnxs.com/	1970-01-21 04:29:21	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 21:02:57	Name: uuid2 Value: 2830641911119118368
.adnxs.com/	1970-01-20 21:02:57	Name: anj Value: dTM7k!M4/rD>6NRF']wIg2HaREJmw-!@wnfH1Ya.O4]7Q=E?-J0/ZGk2(WV8k1a_t9u)P#a`_6Dp!kJNSqbJr91t-^R`HMrfXFdNF!/i4CoP1wCrtOdCnY6-gX%L`
.alocdn.com/	1970-01-21 03:38:57	Name: uuid Value: 59894299-9a68-4ee7-9b08-46cf86ae804f
.3lift.com/	1970-01-20 21:02:57	Name: tluid Value: 807461196767046855872
.aggle.net/	1970-01-20 21:02:57	Name: aggsid Value: gAAAAABl5nEEZNrch3cczeagNgNagOQDMWPlfjM-9WIEfD-6ZAso2dmye7PaMS4szZbijg3BtqTnLR8K1-0r2lqkU0GGL4VBWdax8aiYPU47pQDUpRT3CHE
.lijit.com/	1970-01-20 18:54:47	Name: lijitAcc3PC Value: 1
.pxdrop.lijit.com/	1969-12-31 23:59:59	Name: lijitBcnLcy Value: 30
.aggle.net/	1970-01-20 21:02:57	Name: aggcid Value: e08427da-dff1-4aa9-a876-447f6661f68b
.aggle.net/	1970-01-20 21:02:57	Name: aggiid Value: gAAAAABl5nEEgD3V8QzowsdPF_7TdQWuSbTm5XvHr-05S3uwIbuqPI2zckhlgkXT8l1FUDw7bnP8It9NOdblgi_01SO_b6GwuT63TPyxRfq-FYSWrNiS1EAWTRkTEajSPz1lE2PT2Ut3
.rlcdn.com/	1970-01-21 03:38:57	Name: rlas3 Value: kGYXH0AEdL8axEmrDf2cuOgydzKeqd/g3IeZxL3Jqj4=
.casalemedia.com/	1970-01-21 03:38:57	Name: CMID Value: ZeZxBtHM6cwAAG.BABg9eQAA
.casalemedia.com/	1970-01-20 21:02:57	Name: CMPS Value: 3632
.casalemedia.com/	1970-01-20 21:02:57	Name: CMPRO Value: 3632
.openx.net/	1970-01-21 03:38:57	Name: i Value: cf1f9c8e-bd8a-45bc-8376-92df1390fda0\|1709601030
.pubmatic.com/	1970-01-20 21:02:57	Name: KRTBCOOKIE_10 Value: 22808-NTdhNmJhNzM1ZWJhNzBmZDFkYmY1ZWYwZDRkZTA4MDc&KRTB&22883-NTdhNmJhNzM1ZWJhNzBmZDFkYmY1ZWYwZDRkZTA4MDc&KRTB&23504-NTdhNmJhNzM1ZWJhNzBmZDFkYmY1ZWYwZDRkZTA4MDc
.pubmatic.com/	1970-01-20 19:36:33	Name: PugT Value: 1709601029
.taboola.com/	1970-01-21 03:38:57	Name: t_gid Value: 26723159-f4eb-44c1-b941-81bdc79ecd2b-tuctcdff686
.taboola.com/	1970-01-21 03:38:57	Name: t_pt_gid Value: 26723159-f4eb-44c1-b941-81bdc79ecd2b-tuctcdff686
.bidswitch.net/	1970-01-21 03:38:57	Name: tuuid Value: b9795191-5881-4f1e-8d91-6ca12f37bda5
.bidswitch.net/	1970-01-21 03:38:57	Name: c Value: 1709601030
.bidswitch.net/	1970-01-21 03:38:57	Name: tuuid_lu Value: 1709601030
.rlcdn.com/	1970-01-20 20:19:45	Name: pxrc Value: CIbima8GEgUI6AcQABIFCOhHEAA=
.rubiconproject.com/	1970-01-21 03:38:57	Name: khaos Value: LTDOB9C4-1H-6J0P
.rubiconproject.com/	1970-01-21 03:38:57	Name: audit Value: 1\|eJ2Vfc5rDM2Qyd6Tg4mAcQJeE23Fleal2dD90gUA/P0CaXVZfvB2KfSSprYL7w7CKFjZTpW62FCM1KxoLazIt7kxm0k08nop+R4DB+iLIkEWFdGr1LuDtadSG9pGVQ4MKPQ72mb3UtJzoCTlJU6VUlWVQ0voPAdnLIYChwSLJYpdJZ7Y0htnAA5/8Wu8VjpS3TYsX/cuoqHQD5U7tEfUTQ==
.rubiconproject.com/	1970-01-20 21:02:57	Name: receive-cookie-deprecation Value: 1
.yahoo.com/	1970-01-21 03:39:18	Name: A3 Value: d=AQABBAZx5mUCEA2Hh4Z_ZralwQW9aYP2YPkFEgEBAQHC52XwZSXaxyMA_eMAAA&S=AQAAAqZJZn32wIysy6n-JHA7mjw
.analytics.yahoo.com/	1970-01-21 03:38:57	Name: IDSYNC Value: 1770~2h41
.pippio.com/	1970-01-21 03:38:57	Name: did Value: e4g-_XGYikf5eauY
.pippio.com/	1970-01-21 03:38:57	Name: didts Value: 1709601030
.pippio.com/	1970-01-20 20:19:45	Name: nnls Value:
.pippio.com/	1970-01-20 20:19:45	Name: pxrc Value: CAA=
.fraud.net/	1970-01-20 23:12:33	Name: __hstc Value: 57037109.b41d2ecf723ba12c94f0572507c8e2a8.1709601030360.1709601030360.1709601030360.1
.fraud.net/	1970-01-20 23:12:33	Name: hubspotutk Value: b41d2ecf723ba12c94f0572507c8e2a8
.fraud.net/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.fraud.net/	1970-01-20 18:53:22	Name: __hssc Value: 57037109.1.1709601030361
.hubspot.com/	1970-01-20 18:53:22	Name: __cf_bm Value: .IGzQDajyGkh7qLyVDbWHgMBREQAkdf2QBhpK3jIMvE-1709601030-1.0.1.1-joV8CX3D2LlalF7MjmWHj_MiFjwTRja6XNSM4uSeAO_SSKdm5y3oQEEmyzRqQWwvpMQo7rFWgc3_nOEDj69fKw
.hubspot.com/	1969-12-31 23:59:59	Name: _cfuvid Value: KRVaVXuZFx28457gb6VEek0fmdgpZBDYKlUvzBh.1uA-1709601030520-0.0.1.1-604800000
.aggle.net/	1970-01-20 21:02:57	Name: aggpid Value: gAAAAABl5nEJqfkNCJw-zBseY65sWlLFTvbu4oc10wyWHuqRygcDxfWWOjoW0shvU06rSg-Y8KDG1yI6pwvcSMCh8mV63IYuXm5oMsSXxBJbWwckIFwToju07XgspHS8aRZp3N8ux9Dp

186 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://fraud.net/(Line 730) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/(Line 741) Message: Allow attribute will take precedence over 'allowfullscreen'.
network	error	URL: https://fraud.net/wp-admin/admin-ajax.php Message: Failed to load resource: the server responded with a status of 429 ()
network	error	URL: https://fraud.net/wp-admin/admin-ajax.php Message: Failed to load resource: the server responded with a status of 429 ()
other	warning	URL: https://fraud.net/(Line 1050) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/(Line 1066) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/(Line 1066) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://device.fraud.net/com.snowplowanalytics.snowplow/tp2 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.facebook.net/signals/config/1567786626743241?v=2.9.148&r=stable&domain=fraud.net&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100(Line 105) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fraud.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

149360532.v2.pressablecdn.com
aggle.net
alocdn.com
analytics.google.com
api.events.convolo.ai
api.icallback.convolo.ai
app.convolo.ai
app.leadconnect.cc
archiescloud.com
bat.bing.com
cdn-account.optimonk.com
cm.g.doubleclick.net
connect.facebook.net
cta-service-cms2.hubspot.com
d.adroll.com
device.fraud.net
dsum-sec.casalemedia.com
eb2.3lift.com
f.vimeocdn.com
fonts.googleapis.com
fonts.gstatic.com
forms-na1.hsforms.com
forms.hscollectedforms.net
forms.hsforms.com
forms.hubspot.com
fraud.net
fresnel.vimeocdn.com
front.optimonk.com
googleads.g.doubleclick.net
gs-cdn.optimonk.com
i.vimeocdn.com
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
jfapiprod.optimonk.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hscollectedforms.net
js.hsforms.net
js.hsleadflows.net
js.hubspot.com
media.fraud.net
onsite.optimonk.com
os.aggle.net
perf-na1.hsforms.com
pippio.com
pixel.rubiconproject.com
player.vimeo.com
px.ads.linkedin.com
pxdrop.lijit.com
s.adroll.com
s.opensend.com
s.w.org
script.hotjar.com
secure.gaug.es
snap.licdn.com
static.hotjar.com
stats.g.doubleclick.net
sync.outbrain.com
sync.taboola.com
testpage.convolo.ai
track.cbdatatracker.com
track.hubspot.com
tracking.g2crowd.com
ups.analytics.yahoo.com
us-u.openx.net
vc.hotjar.io
vimeo.com
ws.zoominfo.com
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
x.bidswitch.net
device.fraud.net
104.16.136.15
104.16.137.206
104.16.191.89
104.16.76.186
104.17.89.154
104.18.124.12
104.18.160.125
104.18.176.125
104.18.192.125
104.18.34.229
104.18.36.155
104.19.154.83
104.19.155.83
104.248.194.21
107.178.254.65
13.107.21.200
13.107.42.14
13.225.195.24
13.225.195.69
134.122.57.141
134.122.60.49
141.226.224.48
142.251.16.156
142.251.16.94
142.251.163.154
142.251.163.94
146.75.30.109
148.59.128.196
15.197.179.7
151.101.192.217
162.159.128.61
163.70.128.23
163.70.128.35
172.253.122.101
172.253.122.147
172.253.62.94
172.253.62.97
172.253.63.155
172.253.63.95
172.64.144.225
18.67.65.129
188.166.193.169
192.0.77.39
192.0.77.48
199.16.173.27
216.239.38.178
23.40.207.227
23.44.203.89
3.162.3.108
3.162.3.66
3.162.3.96
3.216.203.117
3.33.152.147
34.117.177.207
34.120.202.204
34.200.65.202
35.211.178.172
35.244.154.8
35.244.159.8
37.19.207.34
44.231.247.170
52.223.22.214
52.37.152.76
54.209.50.46
64.202.112.127
68.67.179.87
69.173.151.100
8.28.7.83
0091e95e8c3756b1468ac8063de5c5551df6dfdeda001d0e67271e59507e37f7
04ba75a73777c96a97a6ebf973bd2b6182d76997333824b7fa27a4dcef19aafa
04d3faf7fcc2467132db8f3a709237b27410d2cd7c5c200c2fb0f973013abdc4
07db2104bff88b827b7d0dc6c06ec4b2d6fe59c2633680546dbddb3be400285f
0938fcdcbd45788d0cf88429067c7b505bb93ae3b2d44b5968914d53c8cc09ab
0b7cc6c8b7fefd78a6ae414419fedf7a729897da31dd6a95d350d3cd5633005c
0f47efcf7e21734e231f323a3d1ecf00c24dee2268687a589042d8de82500dda
0fddf53979ed4681e9ffd26e14ec5cd8f6859dec969ceb22967ae92c19001ca4
1054650aaad2b126aa97e4b6f2a4caf3d996a87707100dfbe77819b65f0f005c
15c15643141bd4c8fb383b7e2c4d8406a7bdf5d31d2e648126c0f6d5a9a85f24
1b63af7a02c46c6968431dcba892f98a347ad60453f3a6eb801528a1adaf32e8
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
2017e4b8e2b04c8305a4ad71ad1c4cb40ebe8414d779f9ed27c1b0cad0446e23
2032d9e5b742ac419d191e4528a65f8885af57bacc4a56c01d4133c5420e0508
203987ff8bd021893a06303e163eeb294647081d8376b725bdacbc414cc4d035
20428f93f2673efc5b14ddbb8488222dabf85da17bce338c6b791071f1cf597a
21200fdcf2fb9fb7a01ec311ca3b49dc918347f75cf3c001f5ecd70f69e121c0
234d8bdcdbe8ad7ad55b9dc05062cbba29a8aad1cdae054ac36c77ac0ceca285
254eb6b34064b344d643ff7f75101721a3a536d9f77799558b160c2130f8e9a4
26ab1e1eeca5b1289daa3d87aaf2e04534286ddb4f159bf83fb0c63f87ab1964
27bb1c46f69b49a4dceb4993432295bdea3769aae7a806b059add3b525def50d
2c6a3425cec9ba0cbcfcf1dbba2120a72ac369674a6d02e06bd3b0c16efbdcf7
2d11d1670725ef460f0c38c42d6bd2b88ecd4d505bbb4a335f74b002bd1eefd9
2d94d3066a34b525976103a941c069e16f5ed11534466b0070d88f83a63c9ef7
32671e6fd862f94933b0d63245a20ce8c1ea5921a5c7c8fc1655265344889300
38201f49004c4d534c20a9e60afdb583fafdea5ac7daa8cd7bc57f4078f25b83
388257d9650e068daaad1f4783c931b6253da76571884e92023aa59747ed0b64
3b717e31aa3594cbb5abecc099b7144bb38b12dd6ee3b749ed3e4ddf5c9e0ec4
3c2acc19291068a85aa17a541593a525cb4133a2d593770885793757368f8533
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3dae93a05edd9dcfc1864b87178a31e0bfa93e1a9b1c486c6e9cbf73cae87862
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e9b76cd18916b141392804403064f5b92bcbf054ca0b20036d44b04405fd854
41b1c7d6af05be020550025a5e45f94ea6f122654d5c783ce4abddbf66197776
422ed3ad15da2c2647708eb9302934c5494a80e04bd30732dd749956feef331d
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
449a607424de8313b9432f4c9cd1a4c88c68f06d169ce0019540f5886d20d6bb
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
44dbbb0a1da3d1a2b3f637ba2eff82150de83164b3caf824fc0fc46633588de3
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
465726c1fc7cd0e6ff5a19fdf03a20d95e13f8e5c255c157df0428e3370cfd99
4752d6ebb987080a0caca87a76e9e159836fc8b63214fa9bdb36a2c335c767c0
480a56bf31ba28d6c22331660770cfda42f682b64767dbc48235f863de01a8c9
487edb5b8568e3b54881c2ba7f8b1295c78908f5c53dbe8ef8e6fc737f3e7ca4
4b3b00234df4da1f9594dd6d05252c7529bfb37548078fc9ecf41c1811df3711
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bffb0db717d36ea70b90a0d672647a3cc8797a93061be9b863d831fa93a9831
4de50d0f0563103a9a51080cd303fa3c61b059189411435bf36a884bcc7ddd86
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f3d35c6c4f11dcb2d162feb950a605448fa97de5c9b8d58109ef52eb167d566
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4f783b7af4b0e80fca38a57b25d2d364cfda53838b97815e500f39860d748584
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
50b6e67cfcfe4ac8fe9cee705b681f696065306ee42bcd4e6b37a17dba333ac5
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
53327d1c55cd5f6aec4c686f3ba84c17c8fdcea1d62760bb61f3d45ef504566d
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54f3687e1d092fd949c47207798b7866f9e4e23bf8e0b2b96a84b4a4f316baf0
55dbd0e83e9d146778625976b8231c58419ec23b690f25dc5cd4c27667ca713d
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
56da2fb3b832f752a7da4bfff5b08ef87d36b23e3bc547cbcb0f686533eaad70
598649c9ca160b89e08546ab2394ff428128645ab0432d430a55b66f1728e601
59c48654847cab7c894b4e49aed73de1a4141c27e501d72dd1117a356ef0f069
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5d27d33568e57bb634250ad5fd29627bc444e1fab180d870f755013cf524ad28
5d3a9547f3ac1a0f55d23965a04ce04c7abf2caa2cb7e0eb411002e672f1130b
61e6bb7dc98f8adb836fc72a8fdd38c6cfb48a0e71d3c58ffc2943217764ef40
63d372bb317e16f8be6641cd69b889103df8c8987205d12c5f758fd2b1a4d69f
6437022dfef658c9c8f2098bd8033472e853eb8bb959fc4908e2bdb94adae67d
64e1b0c75d8227ddab7862c64b7c48d18e3e9729432ada838d16abab849ca81c
654325663f600c925cd64f27cbd3b104bfbd7c731b0f11389d83a3bc1ba40cd7
6972b66b95853b03c2bc72665973cc84fc1228c191d43e911ed6aa8e43331b91
6a7702d12283cd02359dc12a87d6a4c2b2af056fcfcb7a0d6b00634e2ca5c0ee
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
70a4cd5d0ba7c6b43eae942a9cfa53f75bb275cce10031e5d6afec299f94c708
70ceba313631a8887328812e871ea50456c5afb1f58f0989a1fc039d673b2f74
712e285c3d25c47a89f84c5c692ae865dca2669b508d86c7ce4f23f53d8ef23c
725a72e4c7e67bec83f0504963f37d2d0ca9bb7869b6da94749a812c04a23c42
73a99604e8fb985f9e7effbbc9a8e4ef9bc8e14a0b5fa711631a14ec6a48ebf7
74e27f27b84e9ec7b127a76e11748435fdbb7827f80d42fd8e76dd49e7d00815
75c52e1c16937c12b0237d384089300a6d05d8e12d390995674abe2e56886445
7647a4c48c5804e526f18b451327c1496cfbb04e6c01b806e7e8991cd60c3c42
765a638d2813ec1b917fc56cf90863f88991ef2550c1a14c99e9e9b243e80f74
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
78cada0d0ef4f1560d0bf4022a53790fad68297d09099dbbb3628d8dc62c9275
7aab53c8ee27291e41a23076e60add62a812f1b077e0207df006cb90bbfa71dd
7e76ff512d5f00b42635a11ba8f0d158ba01fe3a8ce5eed40fef81a26ee613e9
7eb70257593da06f682a3ddda54a9d260d4fc514f645237f5ca74b08f8da61a6
7ee31a17e8c32a3aaf1747906ddcb9fa29586f247f0d61658ab1981694a61d19
7f1c808ada1dfba89cee8e564f6e0c317d5641568e53639123c1fcdcbc7ae76a
7f79f6efe44385491775b8260407a13b69dadc5161d1005dc750d187135e39ed
8024acec341dcc8141dd3175d206cbb1c81d8141254363751ad0ab5f91af3e12
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
8250a1bc2682e8826ae3d7647ee94059def19643f0034144c9d8e18cf0629ed0
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
840cd5bf0aab9a5f4e41d3c63763b742d7b5c0c7d45dac9f7d6d9198698e320a
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
8a5b549f97ff7e1523fed10f7de1b2bd371e1d07a9a5ffb748520609b348bb5d
8a7e18cd7d6f43fe4c0d4ee7bbdcc9d8d8b944b5d7b488bb1d0943ded77203b7
8afe7c51bde49c1198c0c63fa9c40b59ada442c8c9d307875110e46981a5d37b
8cfc58c903082aab59592305e949e7b3c9215f3a62d70d13b9baee604d6132ab
8ec10bed3af6096be5743e3e5dce99ea22832a46b86f13e19e68966a52fe63b8
8f6d295acb5758e409b5045f8ce36f89611c7a973623b192650552a2fc7f26ba
97894d5d517bdace45e5737e6288178fe70c289d2b8e326ac82f3fa88ec92c58
97f5bc236e0957f97b1cd816c850e067d38d794990644cf0100be692fe47f276
9801c8c01f4b6f9a836df270946d8eeffe8f2d0db88013654b38d4a1c6ab6fe9
989d0ff16db0110879e677d9ef14c48e83b028831830566393225fb0c39fe2fd
9a360fc3b255d7c649ffdd07ab330df23d0018ed8f71c4c619660f97bec81f0a
9ff28263116736c7c7ef73a0fa1420c7add46fe9ff53748a2db0a1f5c8a998b8
a0eb564e8b104002217b23d191c384d64d77b30fa37b0f124db645e16096cfd3
a20dbc75e35e9bdc1bd0184302ba865ead4628240b936b438196a95a8d36e36c
a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73
a4df654661d6a1770cd4d647cf1a16adc085a300d1e521e9bc9f2c133d4e22a5
a69f80a41d67db1d65201e37988539cc8598c58dd1136b18cbdfdd7b1978d6ab
ad59384e0dee7482becbb4679b2d85154140ac3b8bb4b0d667ff001c803e0224
ad5ed5ee34c091c5aa7c83bb8d34af4b0bd6fbcd3ae65e03b136df93cab689c5
ae61eee52a74b081700b0d5e04f90dc0472f834b50da52075259a9c152545674
ae9b4d12d3c7a3144e8f19449c075892563dedf78bcde3cd99a3ba712a9258f7
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aec9f4f7455da97df0df620ef3773a19089cd36b9af30fc0fc90f79eb8e7f869
af151592386fa0fbeb1de70e7cfad51720dc99626d92070cc40ba74fdbc1e85a
af40864cb09a9463e558472afa4cb4d935d2bff2fad08e4db4cf33fcd5ccf9de
afb60239152b2ab1e5d44c2376662da21a98e3fe19cebdb891660bfa23bb3d4b
b08242455ed9e1a61010b2ba7c997877ac599e2520056232e55f5612f2dc5e58
b0c5713b0404676e491cdfba01ffd6aaf0dce9227bde577b4178afde264c9841
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4bf8910a202b24bd61be26e28eaa8c5f83a48d78999b2693a9cbdf4c9910cf1
b4c75349aec71c33e98eedabf73a5b54d8071b1a0eca3d0cf8309a33a8c1b405
b5aae3b92b530b0b751a307b0205461da8993bf520abf775b206004e9cd10108
b628ff95829edd2fcb3fc5e787206ff4c9f5a0ef262f05ec2349575de01ed8fe
b715034010b1479e7a4a2e5d571689fd05142a6a765fa341fb8f61e9ce576329
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bcd0c5706a71257dc4726833b8dbccf0bade6d725fa058700e3c3e9415c0cd0c
bde3b71f93b22cd94edb3a80c7ca8dc84e6e90f0609084d6254c7b82a1f59fb5
be5349d4081fecf915783ec56264da71a51dc0e8171fd4556d1c7ea43ba1ba30
c051b8b5eb2a0aef699780f15a449491868faa6f8b39b684b5ae8f64f345b94a
c08008fb0ee7a04923cca99b60b2421a77dd409ac8942ed02731107c594f6da8
c2f458baa5e4e762a8c527be2385cac2a95152ec8931b09e985df7ad6e575088
c7cafdd33dddd9b590db1197febe5659f7ca3ff90d968cb30e010245f4ffa4d2
c864ba3177bceaf4e8dc920603894239744114723f7640a01e1ef7fbbc0d26af
c87f1cddf8a77ad8523529962263fb03e587a1c998fedb7961bb195a12aaa711
c8decb7c7d17d6353f74d740f2afba7886d2c53e0b3d10a44ae1ad7738316ff9
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15
c90fa12377dca0cca457f2e3cf34e10ab941944605e67237ea5584a7d66a34c7
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cdbf143856a375cc4f975c8cd17edc52f04ebf0952d96944bf027290fe9ad28e
ceec890d5bd5186e78bad7f451885f1603fc4d64d793554d26889a60aad73ef0
d2010928cee8b22d12511c1f686781454cdf9eb5e8d2860f1110420d8f23526a
d23369096b16514e42ec85aa9495bebeed9569aee7d01e2feb52c2fff4e626b1
d34714f028b8a056625c6cc214a4a2456052e03cee9bac45c19b138f4560b368
d8e8e121a8ec7359a4284eca6a2f38e711d7c8792436cc0da4dd30275cec0a6e
daee12829489482aa26dec2daf699ffbbf1635fa4c5341348b28582ed0330e31
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
de23120c819f0b91203a2ac065e465ae21b0c926d5b93ce7f6709fcc064ebea8
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de599393ee2636d282e2724a638bd0bcb77bef4dad10207b5beb406df96e9847
df2698e6cf74ed890afa92da10051f880df2ce0b3257b73c5d9ae2f6bea82d3c
e061ae2e26263c053a592e12c426bf56c7c7c9a855d1a4c60ec72a512cd37374
e16e05db60d88b2b5e1866fddf94b16071ac8b61c5dd5028cf401d91f8d6f2c1
e2310cdd13a9432e8234e690dd787286e1daf5603559a8d4eab22d38d4085899
e30866264b10deeab90af739d9431f7900b8483e6d20ae91b17db5d195f995b7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3dcd1c22c0109630f06bb782eddd1db4910dbedc483193a7276dcd07e6d4651
e6d5cb873a1f0ff9658cd5b61e067f2d488773a3ecae800d479722fef7200726
e6e797fdd37f20f47b0150c3287d7cc0745533bc839426ae0d47532fd2703be5
e83dc119745c93e5eb29ffac21b9809af235d091f3d55f909d4e74758a0cd090
e99c15ba681a7f4008c5c2457c9f376265dd0fb80327141c905dbd83f9ae62d5
ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1562cbb77b3b31a5db8ea5ea2b352a84c90c18dad4cd6d467aa95dc668f6f1a
f35c2e92888e9c429528a68873eef50cbc4115ecb5cb8376663a71e8c5768ba7
f557768dc0c8791b80b0d6415b9c5d292503431d5c48f155e23f335883c7fe4c
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f93c8551f65ba377f486fa012b49c4fdfbb3247cb0fa9aa1f7f084ea2cb36edf
fa8273933101146ea0678f1d44ffdde8630c02280e33d4ab052d61bfdb7dbb6f
faaf63b94b9756fc1891adaddce76acddd0be07b78a00c03ac6c60d6a577a684
fef32ae82d6491d9f226abb4babbc2e31abcff70ee4cb29ea2fbf91bd81ed402

fraud.net Open in urlscan Pro 199.16.173.27 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

227 Requests

92 %HTTPS

0 %IPv6

52 Domains

78 Subdomains

66 IPs

6 Countries

5261 kBTransfer

12746 kBSize

85 Cookies

7 Outgoing links

Page URL History

Redirected requests

227 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

fraud.net Open in urlscan Pro
199.16.173.27 Public Scan

Screenshot
Live screenshot

Full Image

227
Requests

92 %
HTTPS

0 %
IPv6

52
Domains

78
Subdomains

66
IPs

6
Countries

5261 kB
Transfer

12746 kB
Size

85
Cookies

227 HTTP transactions
5 data transactions