fraud.net Open in urlscan Pro
199.16.173.27 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://fraud.net/
Submission: On June 29 via api (June 29th 2022, 11:27:53 pm UTC) from CH — Scanned from DE

Summary HTTP 207 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 59 IPs in 6 countries across 45 domains to perform 207 HTTP transactions. The main IP is 199.16.173.27, located in United States and belongs to AUTOMATTIC, US. The main domain is fraud.net. The Cisco Umbrella rank of the primary domain is 165089.
TLS certificate: Issued by R3 on May 25th 2022. Valid for: 3 months.

This is the only time fraud.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
24	199.16.173.27 199.16.173.27	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
57	192.0.77.39 192.0.77.39	2635 (AUTOMATTIC) (AUTOMATTIC)
4	162.159.138.60 162.159.138.60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:ba49	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:14a0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	65.9.66.34 65.9.66.34	16509 (AMAZON-02) (AMAZON-02)
2 13	2600:9000:206... 2600:9000:206f:2000:6:9280:1080:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:d6cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	143.204.215.52 143.204.215.52	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700::68... 2606:4700::6810:a852	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6810:5705	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	167.99.251.246 167.99.251.246	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	18.209.77.242 18.209.77.242	14618 (AMAZON-AES) (AMAZON-AES)
1	99.86.4.22 99.86.4.22	16509 (AMAZON-02) (AMAZON-02)
5	151.101.14.109 151.101.14.109	54113 (FASTLY) (FASTLY)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700::68... 2606:4700::6811:ebcc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::6812:21ab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:e9cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:82ab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:43b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
2	52.0.155.81 52.0.155.81	14618 (AMAZON-AES) (AMAZON-AES)
1	143.204.215.118 143.204.215.118	16509 (AMAZON-02) (AMAZON-02)
12 15	54.171.137.8 54.171.137.8	16509 (AMAZON-02) (AMAZON-02)
2	34.120.202.204 34.120.202.204	15169 (GOOGLE) (GOOGLE)
9	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	138.199.37.226 138.199.37.226	60068 (CDN77 ^_^) (CDN77 ^_^)
2	2620:1ec:27::... 2620:1ec:27::cafe:1995	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	34.253.52.76 34.253.52.76	16509 (AMAZON-02) (AMAZON-02)
8	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1	34.117.177.207 34.117.177.207	15169 (GOOGLE) (GOOGLE)
1 2	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	64.202.112.95 64.202.112.95	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1288:80:... 2a00:1288:80:807::1	203220 (YAHOO-DEB) (YAHOO-DEB)
1 2	52.29.193.101 52.29.193.101	16509 (AMAZON-02) (AMAZON-02)
1 2	37.252.172.45 37.252.172.45	29990 (ASN-APPNEX) (ASN-APPNEX)
1	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1 1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5805	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	20.75.32.255 20.75.32.255	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	2606:4700::68... 2606:4700::6811:5d2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
1 2	20.234.93.27 20.234.93.27	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700::68... 2606:4700::6811:f2cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	162.247.243.146 162.247.243.146	13335 (CLOUDFLAR...) (CLOUDFLARENET)
207	59

24 199.16.173.27 (United States)

ASN2635 (AUTOMATTIC, US)

fraud.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

57 192.0.77.39 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

149360532.v2.pressablecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 162.159.138.60 (None, )

ASN13335 (CLOUDFLARENET, US)

player.vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:ba49 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:14a0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-34.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2600:9000:206f:2000:6:9280:1080:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d6cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-52.fra53.r.cloudfront.net

media.fraud.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a852 (United States)

ASN13335 (CLOUDFLARENET, US)

ws.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:5705 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 167.99.251.246 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

front.optimonk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.209.77.242 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-209-77-242.compute-1.amazonaws.com

secure.gaug.es	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-22.fra6.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.14.109 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

i.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
f.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:ebcc (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:21ab (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:e9cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:82ab (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:43b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.0.155.81 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-155-81.compute-1.amazonaws.com

device.fraud.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-118.fra53.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 54.171.137.8 (Dublin, Ireland) 12 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-137-8.eu-west-1.compute.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.202.204 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 204.202.120.34.bc.googleusercontent.com

fresnel.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.199.37.226 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-138-199-37-226.datapacket.com

gs-cdn.optimonk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:27::cafe:1995 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.253.52.76 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-52-76.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.177.207 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 207.177.117.34.bc.googleusercontent.com

jfapiprod.optimonk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.19.126 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.95 (Harrodsburg, United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.29.193.101 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-193-101.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.172.45 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5805 (United States)

ASN13335 (CLOUDFLARENET, US)

perf.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.75.32.255 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

b.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6811:5d2 (United States)

ASN13335 (CLOUDFLARENET, US)

static.hsappstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.234.93.27 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:f2cc (United States)

ASN13335 (CLOUDFLARENET, US)

cdn2.hubspot.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.247.243.146 (United States)

ASN13335 (CLOUDFLARENET, US)

bam-cell.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
57	pressablecdn.com 149360532.v2.pressablecdn.com	3 MB
28	adroll.com 14 redirects s.adroll.com — Cisco Umbrella Rank: 2305 d.adroll.com — Cisco Umbrella Rank: 1568	143 KB
27	fraud.net fraud.net — Cisco Umbrella Rank: 165089 media.fraud.net — Cisco Umbrella Rank: 190135 device.fraud.net — Cisco Umbrella Rank: 345216	189 KB
15	gstatic.com fonts.gstatic.com www.gstatic.com	804 KB
9	hubspot.com api.hubspot.com — Cisco Umbrella Rank: 4290 forms.hubspot.com — Cisco Umbrella Rank: 3073 app.hubspot.com — Cisco Umbrella Rank: 5854 track.hubspot.com — Cisco Umbrella Rank: 2144	26 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 579 b.clarity.ms — Cisco Umbrella Rank: 5183 c.clarity.ms — Cisco Umbrella Rank: 1113	25 KB
7	google.com www.google.com — Cisco Umbrella Rank: 8	72 KB
7	vimeocdn.com i.vimeocdn.com — Cisco Umbrella Rank: 3084 f.vimeocdn.com — Cisco Umbrella Rank: 3222 fresnel.vimeocdn.com — Cisco Umbrella Rank: 3078	256 KB
5	hsappstatic.net static.hsappstatic.net — Cisco Umbrella Rank: 6868	263 KB
5	optimonk.com front.optimonk.com — Cisco Umbrella Rank: 22058 gs-cdn.optimonk.com — Cisco Umbrella Rank: 26794 jfapiprod.optimonk.com — Cisco Umbrella Rank: 24440	51 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 395 www.linkedin.com — Cisco Umbrella Rank: 485 px4.ads.linkedin.com — Cisco Umbrella Rank: 5675	3 KB
4	hsforms.com forms.hsforms.com — Cisco Umbrella Rank: 4450 perf.hsforms.com — Cisco Umbrella Rank: 9837	3 KB
4	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 627 script.hotjar.com — Cisco Umbrella Rank: 904 vars.hotjar.com — Cisco Umbrella Rank: 917 in.hotjar.com — Cisco Umbrella Rank: 1509	68 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 362 c.bing.com — Cisco Umbrella Rank: 182	13 KB
4	vimeo.com player.vimeo.com — Cisco Umbrella Rank: 1801 vimeo.com — Cisco Umbrella Rank: 1664	18 KB
3	nr-data.net bam-cell.nr-data.net — Cisco Umbrella Rank: 1560	3 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 96	402 B
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 155	193 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49	63 KB
2	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 244	2 KB
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 290	1 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 608	2 KB
2	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 54 cm.g.doubleclick.net — Cisco Umbrella Rank: 205	2 KB
2	gaug.es secure.gaug.es — Cisco Umbrella Rank: 29432	4 KB
1	hubspot.net cdn2.hubspot.net — Cisco Umbrella Rank: 6870	3 KB
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 412	18 KB
1	openx.net us-u.openx.net — Cisco Umbrella Rank: 387	275 B
1	yahoo.com ads.yahoo.com — Cisco Umbrella Rank: 1058	194 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 410	140 B
1	taboola.com sync.taboola.com — Cisco Umbrella Rank: 947	90 B
1	pubmatic.com image2.pubmatic.com — Cisco Umbrella Rank: 865	493 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 694	477 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 336	239 B
1	google.de www.google.de — Cisco Umbrella Rank: 5448	548 B
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2061	20 KB
1	hscollectedforms.net js.hscollectedforms.net — Cisco Umbrella Rank: 5004	25 KB
1	hsleadflows.net js.hsleadflows.net — Cisco Umbrella Rank: 4068	88 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2069	16 KB
1	usemessages.com js.usemessages.com — Cisco Umbrella Rank: 4780	21 KB
1	zoominfo.com ws.zoominfo.com — Cisco Umbrella Rank: 5501	2 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2291	1010 B
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 780	3 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 126	15 KB
1	hsforms.net js.hsforms.net — Cisco Umbrella Rank: 6630	147 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 89	69 KB
207	45

	Domain	Requested by
57	149360532.v2.pressablecdn.com	fraud.net
24	fraud.net	fraud.net 149360532.v2.pressablecdn.com
15	d.adroll.com	12 redirects s.adroll.com fraud.net
13	s.adroll.com	2 redirects www.googletagmanager.com fraud.net s.adroll.com d.adroll.com
8	www.gstatic.com	www.google.com www.gstatic.com
7	www.google.com	js.hsforms.net fraud.net www.gstatic.com www.google.com
7	fonts.gstatic.com	fraud.net
5	static.hsappstatic.net	app.hubspot.com
4	api.hubspot.com	js.usemessages.com static.hsappstatic.net app.hubspot.com
3	bam-cell.nr-data.net	app.hubspot.com
3	b.clarity.ms	www.clarity.ms
3	www.facebook.com	fraud.net
3	f.vimeocdn.com	player.vimeo.com
3	front.optimonk.com	fraud.net front.optimonk.com
3	forms.hsforms.com	js.hsforms.net fraud.net
3	connect.facebook.net	fraud.net connect.facebook.net
3	bat.bing.com	www.googletagmanager.com bat.bing.com fraud.net
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	player.vimeo.com	fraud.net
2	c.clarity.ms	1 redirects
2	track.hubspot.com
2	ib.adnxs.com	1 redirects fraud.net
2	x.bidswitch.net	1 redirects fraud.net
2	dsum-sec.casalemedia.com	1 redirects fraud.net
2	forms.hubspot.com	js.hscollectedforms.net js.hsleadflows.net
2	www.clarity.ms	bat.bing.com www.clarity.ms
2	fresnel.vimeocdn.com	f.vimeocdn.com
2	device.fraud.net	media.fraud.net
2	px.ads.linkedin.com	2 redirects
2	i.vimeocdn.com	player.vimeo.com
2	secure.gaug.es	fraud.net
1	cdn2.hubspot.net
1	c.bing.com	1 redirects
1	js-agent.newrelic.com	app.hubspot.com
1	perf.hsforms.com	fraud.net
1	app.hubspot.com	js.usemessages.com
1	cm.g.doubleclick.net	1 redirects
1	us-u.openx.net	fraud.net
1	ads.yahoo.com	fraud.net
1	eb2.3lift.com	fraud.net
1	sync.taboola.com	fraud.net
1	image2.pubmatic.com	fraud.net
1	sync.outbrain.com	fraud.net
1	pixel.rubiconproject.com	fraud.net
1	jfapiprod.optimonk.com	gs-cdn.optimonk.com
1	in.hotjar.com	script.hotjar.com
1	www.google.de	fraud.net
1	gs-cdn.optimonk.com	front.optimonk.com
1	vimeo.com	f.vimeocdn.com
1	vars.hotjar.com	static.hotjar.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hscollectedforms.net	js.hs-scripts.com
1	js.hsleadflows.net	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.usemessages.com	js.hs-scripts.com
1	px4.ads.linkedin.com	fraud.net
1	www.linkedin.com	1 redirects
1	script.hotjar.com	static.hotjar.com
1	ws.zoominfo.com	fraud.net
1	media.fraud.net	www.googletagmanager.com
1	js.hs-scripts.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	js.hsforms.net	fraud.net
1	www.googletagmanager.com	fraud.net
207	67

This site contains links to these domains. Also see Links.

Domain
api-docs.fraud.net
portal.fraud.net
www.linkedin.com
www.facebook.com

Subject Issuer	Validity	Valid
tls.automattic.com R3	`2022-05-25` - `2022-08-23`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.v2.pressablecdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-04-01` - `2023-03-31`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-06-10` - `2022-12-10`	6 months	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
s.adroll.com Amazon	`2021-08-02` - `2022-08-31`	a year	crt.sh
*.fraud.net Amazon	`2021-10-11` - `2022-11-09`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-04-08` - `2022-07-07`	3 months	crt.sh
zoominfo.com Cloudflare Inc ECC CA-3	`2022-05-04` - `2023-05-04`	a year	crt.sh
*.optimonk.com AlphaSSL CA - SHA256 - G2	`2022-05-16` - `2023-06-17`	a year	crt.sh
*.gaug.es Sectigo RSA Domain Validation Secure Server CA	`2022-02-18` - `2023-03-20`	a year	crt.sh
*.vimeocdn.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-05-17` - `2023-06-18`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
adroll.mgr.consensu.org Amazon	`2021-09-09` - `2022-10-08`	a year	crt.sh
fresnel.vimeocdn.com GTS CA 1D4	`2022-06-07` - `2022-09-05`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2022-03-08` - `2023-03-07`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
vimeo.com Cloudflare Inc ECC CA-3	`2022-03-18` - `2023-03-17`	a year	crt.sh
gs-cdn.optimonk.com R3	`2022-06-08` - `2022-09-06`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-02-27` - `2023-02-27`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
jfapiprod.optimonk.com GTS CA 1D4	`2022-06-10` - `2022-09-08`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 02	`2022-06-07` - `2023-06-02`	a year	crt.sh
hsappstatic.net Cloudflare Inc ECC CA-3	`2022-05-10` - `2023-05-10`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-10-06` - `2022-11-07`	a year	crt.sh
hubspot.net Cloudflare Inc ECC CA-3	`2022-05-06` - `2023-05-06`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-10` - `2023-02-10`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://fraud.net/
Frame ID: 5827F266446AFBBE4D6BF85D0A83F495
Requests: 168 HTTP requests in this frame

Frame: https://player.vimeo.com/video/235637953
Frame ID: 3B9E25B633447E91AFC95525A2CD50CB
Requests: 10 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-63c3a81830bf549dafe40b369003f751.html
Frame ID: B53292E5D34A85617C21553E18CB8D54
Requests: 1 HTTP requests in this frame

Frame: https://app.hubspot.com/conversations-visitor/2113031/threads/utk/d45da74e5f9f478480857a10e0ef4e1e?uuid=080349baf534431699f60add03dc3d95&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=fraud.net&inApp53=false&messagesUtk=d45da74e5f9f478480857a10e0ef4e1e&url=https%3A%2F%2Ffraud.net%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
Frame ID: 738EB743EB12411354AE8D6EC62DF293
Requests: 13 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9mcmF1ZC5uZXQ6NDQz&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&badge=inline&cb=jtwe0yrlqc02
Frame ID: 50CBDA98C92169D9F25F59590B26A898
Requests: 4 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 2A071481C90AC054BD16072B7EEEE618
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/bframe?hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Frame ID: 0019F66417E4AB97A7E5C97AA5F91472
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Fraud.net | AI Fraud Detection and Prevention for Enterprises

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:a|s)\.adroll\.com

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

207
Requests

92 %
HTTPS

47 %
IPv6

45
Domains

67
Subdomains

59
IPs

6
Countries

5561 kB
Transfer

12171 kB
Size

68
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://api-docs.fraud.net/
Title: Developers

Search URL Search Domain Scan URL

URL: https://portal.fraud.net/login
Title: Login

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/fraud-net/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Fraudnet/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 100

https://s.adroll.com/j/exp/HVT2SOYWOBESJB535C7MUS/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 101

https://s.adroll.com/j/pre/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM/fpconsent.js HTTP 302
https://s.adroll.com/j/pre/index.js

Request Chain 107

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=186217&time=1656545266223&url=https%3A%2F%2Ffraud.net%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D186217%26time%3D1656545266223%26url%3Dhttps%253A%252F%252Ffraud.net%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=186217&time=1656545266223&url=https%3A%2F%2Ffraud.net%2F&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=186217&time=1656545266223&url=https%3A%2F%2Ffraud.net%2F&liSync=true&e_ipv6=AQLfA2TpK0PLhQAAAYGxysz0CCCAMS5QCli4iHyfzRBl2SKiRGygkwII06yxGliIOVBNtHmj

Request Chain 140

https://d.adroll.com/pixel/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM?adroll_fpc=ac89e0d5c2f423d5652320a049bd84a2-1656545266829&arrfrr=https%3A%2F%2Ffraud.net%2F&pv=74547720206.88911&cookie=&adroll_s_ref=&keyw= HTTP 302
https://s.adroll.com/pixel/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM/6SMH2DHXINFNDD52UNEEKG.js

Request Chain 153

https://d.adroll.com/cm/index/out?adroll_fpc=ac89e0d5c2f423d5652320a049bd84a2-1656545266829&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=OTg0ZmE5NWEwMDQ4MmU4YTdkMThkNDBmY2NjNTg0MGU&expiration=1688081266 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=OTg0ZmE5NWEwMDQ4MmU4YTdkMThkNDBmY2NjNTg0MGU&expiration=1688081266&C=1

Request Chain 154

https://d.adroll.com/cm/n/out?adroll_fpc=ac89e0d5c2f423d5652320a049bd84a2-1656545266829&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS HTTP 302
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=OTg0ZmE5NWEwMDQ4MmU4YTdkMThkNDBmY2NjNTg0MGU&expires=365

Request Chain 155

https://d.adroll.com/cm/outbrain/out?adroll_fpc=ac89e0d5c2f423d5652320a049bd84a2-1656545266829&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS HTTP 302
https://sync.outbrain.com/cookie-sync?p=adroll&uid=OTg0ZmE5NWEwMDQ4MmU4YTdkMThkNDBmY2NjNTg0MGU

Request Chain 156

https://d.adroll.com/cm/pubmatic/out?adroll_fpc=ac89e0d5c2f423d5652320a049bd84a2-1656545266829&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=OTg0ZmE5NWEwMDQ4MmU4YTdkMThkNDBmY2NjNTg0MGU&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA

Request Chain 157

https://d.adroll.com/cm/taboola/out?adroll_fpc=ac89e0d5c2f423d5652320a049bd84a2-1656545266829&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS HTTP 302
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=OTg0ZmE5NWEwMDQ4MmU4YTdkMThkNDBmY2NjNTg0MGU

Request Chain 158

https://d.adroll.com/cm/triplelift/out?adroll_fpc=ac89e0d5c2f423d5652320a049bd84a2-1656545266829&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS HTTP 302
https://eb2.3lift.com/xuid?mid=4714&xuid=OTg0ZmE5NWEwMDQ4MmU4YTdkMThkNDBmY2NjNTg0MGU&dongle=c85e

Request Chain 159

https://d.adroll.com/cm/r/out?adroll_fpc=ac89e0d5c2f423d5652320a049bd84a2-1656545266829&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS HTTP 302
https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Request Chain 160

https://d.adroll.com/cm/b/out?adroll_fpc=ac89e0d5c2f423d5652320a049bd84a2-1656545266829&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS HTTP 302
https://x.bidswitch.net/sync?dsp_id=44&user_id=OTg0ZmE5NWEwMDQ4MmU4YTdkMThkNDBmY2NjNTg0MGU HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=OTg0ZmE5NWEwMDQ4MmU4YTdkMThkNDBmY2NjNTg0MGU

Request Chain 161

https://d.adroll.com/cm/x/out?adroll_fpc=ac89e0d5c2f423d5652320a049bd84a2-1656545266829&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS HTTP 302
https://ib.adnxs.com/setuid?entity=172&code=OTg0ZmE5NWEwMDQ4MmU4YTdkMThkNDBmY2NjNTg0MGU HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DOTg0ZmE5NWEwMDQ4MmU4YTdkMThkNDBmY2NjNTg0MGU

Request Chain 163

https://d.adroll.com/cm/o/out?adroll_fpc=ac89e0d5c2f423d5652320a049bd84a2-1656545266829&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537103138&val=984fa95a00482e8a7d18d40fccc5840e&gdpr=1&gdpr_consent=

Request Chain 164

https://d.adroll.com/cm/g/out?adroll_fpc=ac89e0d5c2f423d5652320a049bd84a2-1656545266829&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS&google_nid=adroll5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=mE-pWgBILop9GNQPzMWEDg HTTP 302
https://d.adroll.com/cm/g/in

Request Chain 190

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=D211D4FB448C418BBFDD83903C859B26&RedC=c.clarity.ms&MXFR=15472A33F6BA617102873BE1F2BA6F76 HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=D211D4FB448C418BBFDD83903C859B26&MUID=315EE14BBF856B8F3204F099BEEE6A29

207 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
fraud.net/ 154 KB
25 KB 1295ms
1254ms Document
text/html 199.16.173.27
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.173.27 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

79c9df4ce4d6688a62253d0c2c7f32ecb27ea683f7e593b265371f4375ab4bdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: false
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 29 Jun 2022 23:27:45 GMT
host-header: Pressable
link: <https://fraud.net/wp-json/>; rel="https://api.w.org/" <https://fraud.net/wp-json/wp/v2/pages/89913>; rel="alternate"; type="application/json" <https://fraud.net/>; rel=shortlink
referrer-policy: no-referrer-when-downgrade
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding Cookie
x-ac: 1.hhn _atomic_ams
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 1652993086-cssae156566e3b894605b8817a305298ec8ca0450d52f8e56df901e191854ace.css
fraud.net/wp-content/cache/fvm/min/ 82 KB
11 KB 118ms
116ms Stylesheet
text/css 199.16.173.27
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-content/cache/fvm/min/1652993086-cssae156566e3b894605b8817a305298ec8ca0450d52f8e56df901e191854ace.css

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.173.27 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

49f4b8f74f0057a33c9c7a9e0333477a9b8588104b6c6b3ae2da4f33a4664ab1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 24 May 2022 21:04:56 GMT
server: nginx
etag: W/"628d4878-14630"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
date: Wed, 29 Jun 2022 23:27:45 GMT
x-ac: 1.hhn _atomic_ams
expires: Wed, 06 Jul 2022 23:27:45 GMT

GET
H2 200 1652993086-css8c72dae05514e89988af6d08b5f840e573a18d8f01c21b798c83084958180.css
fraud.net/wp-content/cache/fvm/min/ 5 KB
683 B 112ms
111ms Stylesheet
text/css 199.16.173.27
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-content/cache/fvm/min/1652993086-css8c72dae05514e89988af6d08b5f840e573a18d8f01c21b798c83084958180.css

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.173.27 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

708eda67c33efe4faab84ee6f81f69d28c38d7584c8716b2dc16a049d133c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Thu, 19 May 2022 20:46:16 GMT
server: nginx
etag: W/"6286ac98-142d"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
date: Wed, 29 Jun 2022 23:27:45 GMT
x-ac: 1.hhn _atomic_ams
expires: Wed, 06 Jul 2022 23:27:45 GMT

GET
H2 200 1652993086-css51a0dc408bb3461f863cd0917e1db42b1f3b4f178d10fa2d24f6ab79a2339.css
fraud.net/wp-content/cache/fvm/min/ 7 KB
1 KB 124ms
122ms Stylesheet
text/css 199.16.173.27
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-content/cache/fvm/min/1652993086-css51a0dc408bb3461f863cd0917e1db42b1f3b4f178d10fa2d24f6ab79a2339.css

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.173.27 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

36d917fd43e64fdc614835cab757b6d79cd69209a68b451321cfa435b8860386

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 24 May 2022 21:04:56 GMT
server: nginx
etag: W/"628d4878-1d02"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
date: Wed, 29 Jun 2022 23:27:45 GMT
x-ac: 1.hhn _atomic_ams
expires: Wed, 06 Jul 2022 23:27:45 GMT

GET
H2 200 1652993086-css6cecd94cddb4f9d7e67f6b23fb710604383f68c58a82a0f0f670161e97b63.css
fraud.net/wp-content/cache/fvm/min/ 7 KB
1 KB 110ms
108ms Stylesheet
text/css 199.16.173.27
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-content/cache/fvm/min/1652993086-css6cecd94cddb4f9d7e67f6b23fb710604383f68c58a82a0f0f670161e97b63.css

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.173.27 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

05fc441485c38ec9788e204f015f8cafb4725fe282ba52f0d61a27cc9fe8d1a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 24 May 2022 21:04:56 GMT
server: nginx
etag: W/"628d4878-1c98"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
date: Wed, 29 Jun 2022 23:27:45 GMT
x-ac: 1.hhn _atomic_ams
expires: Wed, 06 Jul 2022 23:27:45 GMT

GET
H2 200 1652993086-csse4fc62df10e0eab8419c68deea7922c614466483a077098ed1e29b4e26d20.css
fraud.net/wp-content/cache/fvm/min/ 16 KB
3 KB 116ms
115ms Stylesheet
text/css 199.16.173.27
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-content/cache/fvm/min/1652993086-csse4fc62df10e0eab8419c68deea7922c614466483a077098ed1e29b4e26d20.css

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.173.27 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

70e1167580f8ff73e8b5b68d837e09a675216ab29f0bc81931b1ca8c8b0a9a58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Thu, 19 May 2022 20:46:16 GMT
server: nginx
etag: W/"6286ac98-414f"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
date: Wed, 29 Jun 2022 23:27:45 GMT
x-ac: 1.hhn _atomic_ams
expires: Wed, 06 Jul 2022 23:27:45 GMT

GET
H2 200 1652993086-css23b10c7e6f7a47ea03ba6b43a637a787fd9949302ababed4d102392f6c82d.css
fraud.net/wp-content/cache/fvm/min/ 4 KB
922 B 114ms
113ms Stylesheet
text/css 199.16.173.27
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-content/cache/fvm/min/1652993086-css23b10c7e6f7a47ea03ba6b43a637a787fd9949302ababed4d102392f6c82d.css

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.173.27 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

3effa5429ad880eda7a2f410aabc03355ab50bda56390019c0e4577f1b5a00da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Thu, 19 May 2022 20:46:16 GMT
server: nginx
etag: W/"6286ac98-113c"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
date: Wed, 29 Jun 2022 23:27:45 GMT
x-ac: 1.hhn _atomic_ams
expires: Wed, 06 Jul 2022 23:27:45 GMT

GET
H2 200 1652993086-css3faec774ec9f2a220435dd94f8ca21dd95601cf3de8594af4a65c204e457d.css
fraud.net/wp-content/cache/fvm/min/ 492 KB
70 KB 152ms
151ms Stylesheet
text/css 199.16.173.27
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-content/cache/fvm/min/1652993086-css3faec774ec9f2a220435dd94f8ca21dd95601cf3de8594af4a65c204e457d.css

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.173.27 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

44d949ed99fb4895254e9b655291be8096ea66b282d5ab549062b908892f149a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Thu, 19 May 2022 20:46:18 GMT
server: nginx
etag: W/"6286ac9a-7aeba"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
date: Wed, 29 Jun 2022 23:27:45 GMT
x-ac: 1.hhn _atomic_ams
expires: Wed, 06 Jul 2022 23:27:45 GMT

GET
H2 200 1652993086-css3038bff3483d88b1e21cc21310a27b2153d5b8c53fedd9aeb7460d1fbd718.css
fraud.net/wp-content/cache/fvm/min/ 60 KB
12 KB 121ms
120ms Stylesheet
text/css 199.16.173.27
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-content/cache/fvm/min/1652993086-css3038bff3483d88b1e21cc21310a27b2153d5b8c53fedd9aeb7460d1fbd718.css

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.173.27 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

53980dec65aa0766875e758fdee2d1cacca5635158a40638afafde8bcb9c8e7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Thu, 19 May 2022 20:46:18 GMT
server: nginx
etag: W/"6286ac9a-f0cf"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
date: Wed, 29 Jun 2022 23:27:45 GMT
x-ac: 1.hhn _atomic_ams
expires: Wed, 06 Jul 2022 23:27:45 GMT

GET
H2 200 1652993086-css92059d3865e39cf335f76530b61fd438558e905633300c7187686d7981407.css
fraud.net/wp-content/cache/fvm/min/ 246 KB
24 KB 131ms
130ms Stylesheet
text/css 199.16.173.27
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-content/cache/fvm/min/1652993086-css92059d3865e39cf335f76530b61fd438558e905633300c7187686d7981407.css

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.173.27 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

e2a15aea407608171d7de61ae39a04e98e57280800688cc05b54c82006d8cdb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Thu, 19 May 2022 20:46:19 GMT
server: nginx
etag: W/"6286ac9b-3d991"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
date: Wed, 29 Jun 2022 23:27:45 GMT
x-ac: 1.hhn _atomic_ams
expires: Wed, 06 Jul 2022 23:27:45 GMT

GET
H2 200 1652993086-css9e78681b70099089665ad9bd57f6d63d65767f468a15cf1c7ee2ef0226f24.css
fraud.net/wp-content/cache/fvm/min/ 16 KB
5 KB 125ms
124ms Stylesheet
text/css 199.16.173.27
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-content/cache/fvm/min/1652993086-css9e78681b70099089665ad9bd57f6d63d65767f468a15cf1c7ee2ef0226f24.css

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.173.27 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

fec978c0a4d98ce499aec165c8b4f638938b75782fc62d7ae3edd6a53f208a1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Thu, 19 May 2022 20:46:19 GMT
server: nginx
etag: W/"6286ac9b-4102"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
date: Wed, 29 Jun 2022 23:27:45 GMT
x-ac: 1.hhn _atomic_ams
expires: Wed, 06 Jul 2022 23:27:45 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 191 KB
69 KB 143ms
53ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WVZ4N9X

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3e93e7a98a1795f470f9346f7381b72965ff2c593a746718e440371aaae85fa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 23:27:45 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69648
x-xss-protection: 0
last-modified: Wed, 29 Jun 2022 22:18:17 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 29 Jun 2022 23:27:45 GMT

GET
H2 200 jquery.min.js Show response
149360532.v2.pressablecdn.com/wp-includes/js/jquery/ 87 KB
31 KB 29ms
6ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 29 Jun 2022 23:27:45 GMT
content-encoding: br
last-modified: Wed, 10 Mar 2021 15:07:24 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-ac: 1.hhn _atomic_ams
strict-transport-security: max-age=15552000
link: <http://fraud.net/wp-includes/js/jquery/jquery.min.js>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery-migrate.min.js Show response
149360532.v2.pressablecdn.com/wp-includes/js/jquery/ 11 KB
4 KB 28ms
6ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 29 Jun 2022 23:27:45 GMT
content-encoding: br
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-ac: 1.hhn _atomic_ams
strict-transport-security: max-age=15552000
link: <http://fraud.net/wp-includes/js/jquery/jquery-migrate.min.js>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ai-uncode.min.js Show response
fraud.net/wp-content/themes/uncode/library/js/ 4 KB
1 KB 109ms
108ms Script
application/javascript 199.16.173.27
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-content/themes/uncode/library/js/ai-uncode.min.js

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.173.27 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

254eb6b34064b344d643ff7f75101721a3a536d9f77799558b160c2130f8e9a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Mon, 28 Mar 2022 09:12:47 GMT
server: nginx
etag: W/"62417c0f-e27"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
date: Wed, 29 Jun 2022 23:27:45 GMT
x-ac: 1.hhn _atomic_ams
expires: Wed, 06 Jul 2022 23:27:45 GMT

GET
H2 200 init.min.js Show response
149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/ 114 KB
25 KB 27ms
6ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/init.min.js

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

4e41610204ac609bd419f80a40413771b11df011863735a9bdd84f5d51c7c095

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 29 Jun 2022 23:27:45 GMT
content-encoding: br
last-modified: Mon, 28 Mar 2022 09:12:56 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
x-ac: 2.hhn _atomic_ams
strict-transport-security: max-age=15552000
link: <http://fraud.net/wp-content/themes/uncode-for-fraud/library/js/init.min.js>; rel="canonical"
expires: Wed, 06 Jul 2022 23:27:45 GMT

GET
H2 200 fnlogo-e1559250900846.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2018/09/ 5 KB
5 KB 21ms
15ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2018/09/fnlogo-e1559250900846.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

9a360fc3b255d7c649ffdd07ab330df23d0018ed8f71c4c619660f97bec81f0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 29 Jun 2022 23:27:45 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Thu, 26 Sep 2019 10:46:54 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2018/09/fnlogo-e1559250900846.png>; rel="canonical"
content-length: 4859
expires: Wed, 06 Jul 2022 23:27:45 GMT

GET
H2 200 fnlogo-white.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2018/09/ 2 KB
2 KB 21ms
15ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2018/09/fnlogo-white.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

e2310cdd13a9432e8234e690dd787286e1daf5603559a8d4eab22d38d4085899

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 29 Jun 2022 23:27:45 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Thu, 26 Sep 2019 10:52:24 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2018/09/fnlogo-white.png>; rel="canonical"
content-length: 2249
expires: Wed, 06 Jul 2022 23:27:45 GMT

GET
H2 200 1280px-Gartner_logo.svg.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 3 KB
3 KB 21ms
15ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/1280px-Gartner_logo.svg.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

89192623f01907db9e2db2a307ae59c0dd5170e1cbbd1f7854e4b5485f24a530

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 29 Jun 2022 23:27:45 GMT
x-ac: 1.hhn _atomic_ams
last-modified: Fri, 03 Sep 2021 16:15:20 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/1280px-Gartner_logo.svg.png>; rel="canonical"
content-length: 2561
expires: Wed, 06 Jul 2022 23:27:45 GMT

GET
H2 200 Arvato_Logo_2016.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 4 KB
4 KB 21ms
15ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Arvato_Logo_2016.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

faaf63b94b9756fc1891adaddce76acddd0be07b78a00c03ac6c60d6a577a684

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 29 Jun 2022 23:27:45 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Fri, 03 Sep 2021 16:15:22 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Arvato_Logo_2016.png>; rel="canonical"
content-length: 3779
expires: Wed, 06 Jul 2022 23:27:45 GMT

GET
H2 200 download-uai-258x74.jpeg
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 8 KB
8 KB 21ms
15ms Image
image/jpeg 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/download-uai-258x74.jpeg

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

654325663f600c925cd64f27cbd3b104bfbd7c731b0f11389d83a3bc1ba40cd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 29 Jun 2022 23:27:45 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Fri, 03 Dec 2021 13:09:11 GMT
server: nginx
strict-transport-security: max-age=15552000
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/download-uai-258x74.jpeg>; rel="canonical"
content-length: 8164
expires: Wed, 06 Jul 2022 23:27:45 GMT

GET
H2 200 icba-logo-blue-uai-258x116.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 7 KB
7 KB 21ms
16ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/icba-logo-blue-uai-258x116.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

44d5486ab2f70ac86114bbe3ba75cca3ec5b407845f08215e0f7c8bf0c75c7a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 29 Jun 2022 23:27:45 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Fri, 03 Dec 2021 13:09:11 GMT
server: nginx
strict-transport-security: max-age=15552000
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/icba-logo-blue-uai-258x116.png>; rel="canonical"
content-length: 7262
expires: Wed, 06 Jul 2022 23:27:45 GMT

GET
H2 200 1200px-AmazonWebservices_Logo.svg.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 4 KB
4 KB 21ms
16ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/1200px-AmazonWebservices_Logo.svg.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

4bffb0db717d36ea70b90a0d672647a3cc8797a93061be9b863d831fa93a9831

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 29 Jun 2022 23:27:45 GMT
x-ac: 1.hhn _atomic_ams
last-modified: Fri, 03 Sep 2021 16:15:29 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/1200px-AmazonWebservices_Logo.svg.png>; rel="canonical"
content-length: 4152
expires: Wed, 06 Jul 2022 23:27:45 GMT

GET
H2 200 microsoft_PNG4.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 3 KB
3 KB 22ms
16ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/microsoft_PNG4.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

725a72e4c7e67bec83f0504963f37d2d0ca9bb7869b6da94749a812c04a23c42

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 29 Jun 2022 23:27:45 GMT
x-ac: 1.hhn _atomic_ams
last-modified: Fri, 03 Sep 2021 16:15:26 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/microsoft_PNG4.png>; rel="canonical"
content-length: 2756
expires: Wed, 06 Jul 2022 23:27:45 GMT

GET
H2 200 mastercard_hrz_pos_300px_2x-e1634923002359-uai-258x47.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 4 KB
4 KB 22ms
16ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/mastercard_hrz_pos_300px_2x-e1634923002359-uai-258x47.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

4752d6ebb987080a0caca87a76e9e159836fc8b63214fa9bdb36a2c335c767c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 29 Jun 2022 23:27:45 GMT
x-ac: 1.hhn _atomic_ams
last-modified: Fri, 03 Dec 2021 13:09:11 GMT
server: nginx
strict-transport-security: max-age=15552000
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/mastercard_hrz_pos_300px_2x-e1634923002359-uai-258x47.png>; rel="canonical"
content-length: 4235
expires: Wed, 06 Jul 2022 23:27:45 GMT

GET
H/1.1 200
OK player.js Show response
player.vimeo.com/api/ 20 KB
7 KB 77ms
29ms Script
application/javascript 162.159.138.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/api/player.js

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.159.138.60 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

32c580e50f2df6739be4d12863694b740885c8aa6edbc80d87768f1af88f1005

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-varnish-cache: 1
Date: Wed, 29 Jun 2022 23:27:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
CF-Cache-Status: DYNAMIC
Age: 196
X-Cache: HIT
p3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
x-host: player-v114-82zp9
Connection: keep-alive
x-vserver: playproxy-prod-varnish-6
Content-Length: 6136
x-xss-protection: 1; mode=block
X-Served-By: cache-fra19183-FRA
X-Player-Backend: p
Server: cloudflare
X-Timer: S1656545266.580151,VS0,VE0
x-backend-proxy: playproxy7
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript;charset=utf-8
via: 1.1 varnish, 1.1 varnish
expires: Wed, 29 Jun 2022 23:32:10 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-bapp-server: player-v114-82zp9
content-security-policy: default-src 'none'; style-src 'unsafe-inline'
Accept-Ranges: bytes
CF-RAY: 72326f45c91b9a06-FRA
access-control-allow-origin: *
X-Cache-Hits: 47

GET
H2 200 Infographic_ApplicationAi.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 7 KB
7 KB 22ms
16ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Infographic_ApplicationAi.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

20428f93f2673efc5b14ddbb8488222dabf85da17bce338c6b791071f1cf597a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 29 Jun 2022 23:27:45 GMT
x-ac: 1.hhn _atomic_ams
last-modified: Fri, 03 Sep 2021 16:15:05 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Infographic_ApplicationAi.png>; rel="canonical"
content-length: 6704
expires: Wed, 06 Jul 2022 23:27:45 GMT

GET
H2 200 Infographic_TransactionAi.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 8 KB
8 KB 22ms
16ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Infographic_TransactionAi.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

234d8bdcdbe8ad7ad55b9dc05062cbba29a8aad1cdae054ac36c77ac0ceca285

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 29 Jun 2022 23:27:45 GMT
x-ac: 1.hhn _atomic_ams
last-modified: Fri, 03 Sep 2021 16:14:54 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Infographic_TransactionAi.png>; rel="canonical"
content-length: 7756
expires: Wed, 06 Jul 2022 23:27:45 GMT

GET
H2 200 Infographic_LoginAi.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 7 KB
7 KB 22ms
17ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Infographic_LoginAi.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

e83dc119745c93e5eb29ffac21b9809af235d091f3d55f909d4e74758a0cd090

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 29 Jun 2022 23:27:45 GMT
x-ac: 1.hhn _atomic_ams
last-modified: Fri, 03 Sep 2021 16:14:52 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Infographic_LoginAi.png>; rel="canonical"
content-length: 7114
expires: Wed, 06 Jul 2022 23:27:45 GMT

GET
H2 200 Infographic_AccountAi.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 7 KB
7 KB 22ms
17ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Infographic_AccountAi.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

b5aae3b92b530b0b751a307b0205461da8993bf520abf775b206004e9cd10108

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 29 Jun 2022 23:27:45 GMT
x-ac: 1.hhn _atomic_ams
last-modified: Fri, 03 Sep 2021 16:14:49 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Infographic_AccountAi.png>; rel="canonical"
content-length: 7022
expires: Wed, 06 Jul 2022 23:27:45 GMT

GET
H2 200 Infographic_DeviceAi.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 7 KB
7 KB 22ms
17ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Infographic_DeviceAi.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

8024acec341dcc8141dd3175d206cbb1c81d8141254363751ad0ab5f91af3e12

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 29 Jun 2022 23:27:45 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Fri, 03 Sep 2021 16:14:47 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Infographic_DeviceAi.png>; rel="canonical"
content-length: 6746
expires: Wed, 06 Jul 2022 23:27:45 GMT

GET
H2 200 Infographic_EmailAi.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 7 KB
7 KB 22ms
17ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Infographic_EmailAi.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

4b3b00234df4da1f9594dd6d05252c7529bfb37548078fc9ecf41c1811df3711

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 29 Jun 2022 23:27:45 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Fri, 03 Sep 2021 16:14:45 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Infographic_EmailAi.png>; rel="canonical"
content-length: 7027
expires: Wed, 06 Jul 2022 23:27:45 GMT

GET
H2 200 Computer-Appstore-e1628881087778-uai-258x160.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 20 KB
20 KB 22ms
17ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Computer-Appstore-e1628881087778-uai-258x160.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

e16e05db60d88b2b5e1866fddf94b16071ac8b61c5dd5028cf401d91f8d6f2c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 29 Jun 2022 23:27:45 GMT
x-ac: 1.hhn _atomic_ams
last-modified: Fri, 03 Dec 2021 13:09:12 GMT
server: nginx
strict-transport-security: max-age=15552000
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Computer-Appstore-e1628881087778-uai-258x160.png>; rel="canonical"
content-length: 20075
expires: Wed, 06 Jul 2022 23:27:45 GMT

GET
H2 200 internet-of-things.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 4 KB
4 KB 22ms
18ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/internet-of-things.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

f93c8551f65ba377f486fa012b49c4fdfbb3247cb0fa9aa1f7f084ea2cb36edf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 29 Jun 2022 23:27:45 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Fri, 03 Sep 2021 16:15:52 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/internet-of-things.png>; rel="canonical"
content-length: 4067
expires: Wed, 06 Jul 2022 23:27:45 GMT

GET
H2 200 money-making.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 3 KB
4 KB 22ms
18ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/money-making.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

b0c5713b0404676e491cdfba01ffd6aaf0dce9227bde577b4178afde264c9841

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 29 Jun 2022 23:27:45 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Fri, 03 Sep 2021 16:15:59 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/money-making.png>; rel="canonical"
content-length: 3493
expires: Wed, 06 Jul 2022 23:27:45 GMT

GET
H2 200 growth.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 2 KB
2 KB 22ms
18ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/growth.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

e3dcd1c22c0109630f06bb782eddd1db4910dbedc483193a7276dcd07e6d4651

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 29 Jun 2022 23:27:45 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Fri, 03 Sep 2021 16:16:01 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/growth.png>; rel="canonical"
content-length: 1789
expires: Wed, 06 Jul 2022 23:27:45 GMT

GET
H2 200 secure.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 3 KB
3 KB 22ms
18ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/secure.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

de599393ee2636d282e2724a638bd0bcb77bef4dad10207b5beb406df96e9847

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 29 Jun 2022 23:27:45 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Fri, 03 Sep 2021 16:16:05 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/secure.png>; rel="canonical"
content-length: 3029
expires: Wed, 06 Jul 2022 23:27:45 GMT

GET
H2 200 Group-370.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 385 B
520 B 22ms
18ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Group-370.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

af40864cb09a9463e558472afa4cb4d935d2bff2fad08e4db4cf33fcd5ccf9de

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 29 Jun 2022 23:27:45 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Mon, 13 Sep 2021 15:45:26 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Group-370.png>; rel="canonical"
content-length: 385
expires: Wed, 06 Jul 2022 23:27:45 GMT

GET
H2 200 featuredcustomers_logo_stars-e1646751392635.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2019/11/ 10 KB
10 KB 22ms
19ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2019/11/featuredcustomers_logo_stars-e1646751392635.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

fef32ae82d6491d9f226abb4babbc2e31abcff70ee4cb29ea2fbf91bd81ed402

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 29 Jun 2022 23:27:45 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Tue, 08 Mar 2022 14:56:32 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2019/11/featuredcustomers_logo_stars-e1646751392635.png>; rel="canonical"
content-length: 10025
expires: Wed, 06 Jul 2022 23:27:45 GMT

GET
H2 200 Juniper_award-uai-258x172.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2022/03/ 37 KB
38 KB 22ms
19ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2022/03/Juniper_award-uai-258x172.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

487edb5b8568e3b54881c2ba7f8b1295c78908f5c53dbe8ef8e6fc737f3e7ca4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 29 Jun 2022 23:27:45 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Mon, 07 Mar 2022 22:40:58 GMT
server: nginx
strict-transport-security: max-age=15552000
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2022/03/Juniper_award-uai-258x172.png>; rel="canonical"
content-length: 38348
expires: Wed, 06 Jul 2022 23:27:45 GMT

GET
H2 200 Group-448.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 3 KB
3 KB 22ms
19ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Group-448.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

41b1c7d6af05be020550025a5e45f94ea6f122654d5c783ce4abddbf66197776

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 29 Jun 2022 23:27:45 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Fri, 03 Sep 2021 16:13:52 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Group-448.png>; rel="canonical"
content-length: 3105
expires: Wed, 06 Jul 2022 23:27:45 GMT

GET
H2 200 Capterra_stars.jpg
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2019/11/ 9 KB
9 KB 22ms
19ms Image
image/jpeg 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2019/11/Capterra_stars.jpg

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

27bb1c46f69b49a4dceb4993432295bdea3769aae7a806b059add3b525def50d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 29 Jun 2022 23:27:45 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Wed, 20 Nov 2019 21:35:31 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2019/11/Capterra_stars.jpg>; rel="canonical"
content-length: 9072
expires: Wed, 06 Jul 2022 23:27:45 GMT

GET
H2 200 MicrosoftTeams-image-e1646750843390-uai-258x122.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 17 KB
17 KB 22ms
19ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/MicrosoftTeams-image-e1646750843390-uai-258x122.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

97f5bc236e0957f97b1cd816c850e067d38d794990644cf0100be692fe47f276

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 29 Jun 2022 23:27:45 GMT
x-ac: 1.hhn _atomic_ams
last-modified: Tue, 08 Mar 2022 14:47:54 GMT
server: nginx
strict-transport-security: max-age=15552000
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/MicrosoftTeams-image-e1646750843390-uai-258x122.png>; rel="canonical"
content-length: 17007
expires: Wed, 06 Jul 2022 23:27:45 GMT

GET
H2 200 g2-new2.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2022/03/ 2 KB
3 KB 22ms
20ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2022/03/g2-new2.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

5d3a9547f3ac1a0f55d23965a04ce04c7abf2caa2cb7e0eb411002e672f1130b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 29 Jun 2022 23:27:45 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Mon, 07 Mar 2022 23:10:02 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2022/03/g2-new2.png>; rel="canonical"
content-length: 2471
expires: Wed, 06 Jul 2022 23:27:45 GMT

GET
H2 200 accenture_new.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2022/03/ 3 KB
3 KB 23ms
20ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2022/03/accenture_new.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

d8e8e121a8ec7359a4284eca6a2f38e711d7c8792436cc0da4dd30275cec0a6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 29 Jun 2022 23:27:45 GMT
x-ac: 1.hhn _atomic_ams
last-modified: Tue, 08 Mar 2022 14:46:15 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2022/03/accenture_new.png>; rel="canonical"
content-length: 3109
expires: Wed, 06 Jul 2022 23:27:45 GMT

GET
H2 200 v2.js Show response
js.hsforms.net/forms/ 585 KB
147 KB 72ms
33ms Script
application/javascript 2606:4700::6811:ba49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/v2.js

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:ba49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1211a9a77e9e16594929055d1e99009c3e85f4ffbbfd5b0646319087812eea30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 23:27:45 GMT
via: 1.1 e418fd5667de46c635f0321ea814c2e0.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 313
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 21 Jun 2022 02:51:01 UTC
server: cloudflare
etag: W/"6e63031a8c528e5eccaa863d635b3ed8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zz14U0%2BIcDueHpDyMwA70jVkwtO9NvCMVVE1bSfOZQrDHdA6abUhjuUBo%2F4e%2FRx8mqlO6cplwcvDuY8vyxwsTYed32HmS5LYzGy%2BKL0J8nrtuGsyxnelIavU1fUrbW9Ggtj6B2Uqzi3J%2BbL4"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 6vyCWacfN9CPqy_wPW84vx64jCxte7kG
access-control-allow-origin: *
cache-control: s-maxage=600, max-age=0
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-P1
cf-ray: 72326f45d9dd9a00-FRA
x-amz-cf-id: H2hJ3ZkiqtgHthal4SZgHFL9unDNXI9nlEDbKfAVz7OPN37G48n0Vw==
x-hs-target-asset: FormsNext/static-5.508/bundles/project_with_deps.js

GET
H2 200 tooltipster.bundle.min.js Show response
149360532.v2.pressablecdn.com/wp-content/plugins/encyclopedia-pro/assets/js/ 39 KB
10 KB 12ms
6ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/plugins/encyclopedia-pro/assets/js/tooltipster.bundle.min.js?ver=4.2.6

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

8250a1bc2682e8826ae3d7647ee94059def19643f0034144c9d8e18cf0629ed0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 29 Jun 2022 23:27:45 GMT
content-encoding: br
last-modified: Mon, 09 Mar 2020 08:30:56 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-ac: 2.hhn _atomic_ams
strict-transport-security: max-age=15552000
link: <http://fraud.net/wp-content/plugins/encyclopedia-pro/assets/js/tooltipster.bundle.min.js>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 tooltips.js Show response
149360532.v2.pressablecdn.com/wp-content/plugins/encyclopedia-pro/assets/js/ 1 KB
740 B 14ms
6ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/plugins/encyclopedia-pro/assets/js/tooltips.js

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

7a5b0199c6fb4de2cc1f6f1b1e69ed74fd456472c187b18e88804bae3f82dfc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 29 Jun 2022 23:27:45 GMT
content-encoding: br
last-modified: Mon, 09 Mar 2020 08:30:56 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
x-ac: 1.hhn _atomic_ams
strict-transport-security: max-age=15552000
link: <http://fraud.net/wp-content/plugins/encyclopedia-pro/assets/js/tooltips.js>; rel="canonical"
expires: Wed, 06 Jul 2022 23:27:45 GMT

GET
H2 200 js-cookie.min.js Show response
149360532.v2.pressablecdn.com/wp-content/plugins/uncode-privacy/assets/js/ 3 KB
1 KB 14ms
7ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/plugins/uncode-privacy/assets/js/js-cookie.min.js?ver=2.2.0

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

1b63af7a02c46c6968431dcba892f98a347ad60453f3a6eb801528a1adaf32e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 29 Jun 2022 23:27:45 GMT
content-encoding: br
last-modified: Mon, 20 Dec 2021 14:32:06 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-ac: 2.hhn _atomic_ams
strict-transport-security: max-age=15552000
link: <http://fraud.net/wp-content/plugins/uncode-privacy/assets/js/js-cookie.min.js>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 uncode-privacy-public.min.js Show response
149360532.v2.pressablecdn.com/wp-content/plugins/uncode-privacy/assets/js/ 4 KB
1 KB 14ms
7ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/plugins/uncode-privacy/assets/js/uncode-privacy-public.min.js?ver=2.2.1

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

3ecaf7a3e204b75b122c215abe539ee5e93a5e25fff818a5916760d6f03ea824

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 29 Jun 2022 23:27:45 GMT
content-encoding: br
last-modified: Mon, 20 Dec 2021 14:32:06 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-ac: 2.hhn _atomic_ams
strict-transport-security: max-age=15552000
link: <http://fraud.net/wp-content/plugins/uncode-privacy/assets/js/uncode-privacy-public.min.js>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 mediaelement-and-player.min.js Show response
149360532.v2.pressablecdn.com/wp-includes/js/mediaelement/ 154 KB
38 KB 14ms
7ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.16

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

443ba0af7a7ed827223c7fb3c008c02b9ff1d651b6492e9c270378b07d9f6008

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 29 Jun 2022 23:27:45 GMT
content-encoding: br
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-ac: 1.hhn _atomic_ams
strict-transport-security: max-age=15552000
link: <http://fraud.net/wp-includes/js/mediaelement/mediaelement-and-player.min.js>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 mediaelement-migrate.min.js Show response
149360532.v2.pressablecdn.com/wp-includes/js/mediaelement/ 1 KB
644 B 14ms
7ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=f56cce9939b283a419f1fab3d6dd0312

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

6d161e98e47ae150b51211443eef37040fb6269dcf85ad2048548066dca99e6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 29 Jun 2022 23:27:45 GMT
content-encoding: br
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-ac: 1.hhn _atomic_ams
strict-transport-security: max-age=15552000
link: <http://fraud.net/wp-includes/js/mediaelement/mediaelement-migrate.min.js>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wp-mediaelement.min.js Show response
149360532.v2.pressablecdn.com/wp-includes/js/mediaelement/ 906 B
566 B 16ms
9ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=f56cce9939b283a419f1fab3d6dd0312

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

3e6131330963c472b950b8aaf544ba3829735b8ccb103d614ba7793e3a786550

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 29 Jun 2022 23:27:45 GMT
content-encoding: br
last-modified: Wed, 20 Jan 2021 13:35:18 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-ac: 2.hhn _atomic_ams
strict-transport-security: max-age=15552000
link: <http://fraud.net/wp-includes/js/mediaelement/wp-mediaelement.min.js>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 plugins.min.js Show response
149360532.v2.pressablecdn.com/wp-content/themes/uncode/library/js/ 578 KB
160 KB 16ms
9ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/themes/uncode/library/js/plugins.min.js

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

26bb3223df27d9b62025f9e527d9e348f73e77432560c04a1bfc45d449b61c4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 29 Jun 2022 23:27:45 GMT
content-encoding: br
last-modified: Mon, 28 Mar 2022 09:12:47 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
x-ac: 2.hhn _atomic_ams
strict-transport-security: max-age=15552000
link: <http://fraud.net/wp-content/themes/uncode/library/js/plugins.min.js>; rel="canonical"
expires: Wed, 06 Jul 2022 23:27:45 GMT

GET
H2 200 app.min.js Show response
149360532.v2.pressablecdn.com/wp-content/themes/uncode/library/js/ 178 KB
40 KB 16ms
10ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/themes/uncode/library/js/app.min.js

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

b33deed37e74f16cf17b9164d63a89f7966b78e3ed76b2fdcf0248eb60f0b858

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 29 Jun 2022 23:27:45 GMT
content-encoding: br
last-modified: Mon, 28 Mar 2022 09:12:47 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
x-ac: 2.hhn _atomic_ams
strict-transport-security: max-age=15552000
link: <http://fraud.net/wp-content/themes/uncode/library/js/app.min.js>; rel="canonical"
expires: Wed, 06 Jul 2022 23:27:45 GMT

GET
H2 200 main.js Show response
149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/static/ 1 KB
605 B 16ms
10ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/static/main.js?ver=1.17.0

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

afb60239152b2ab1e5d44c2376662da21a98e3fe19cebdb891660bfa23bb3d4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 29 Jun 2022 23:27:45 GMT
content-encoding: br
last-modified: Mon, 28 Mar 2022 09:12:56 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-ac: 1.hhn _atomic_ams
strict-transport-security: max-age=15552000
link: <http://fraud.net/wp-content/themes/uncode-for-fraud/static/main.js>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1y4k.woff
fonts.gstatic.com/s/opensans/v29/ 69 KB
70 KB 123ms
37ms Font
font/woff 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1y4k.woff

Requested by

Host: fraud.net
URL: https://fraud.net/wp-content/cache/fvm/min/1652993086-css8c72dae05514e89988af6d08b5f840e573a18d8f01c21b798c83084958180.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dfa7e58767024c50ef0fa632e01eba77015cbd603b0692ab483e8270c37b7745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fraud.net/
Origin: https://fraud.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 21:08:09 GMT
x-content-type-options: nosniff
age: 181176
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70716
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 27 Jun 2023 21:08:09 GMT

GET
H2 200 uncode-icons.woff
149360532.v2.pressablecdn.com/wp-content/themes/uncode/library/fonts/ 373 KB
374 KB 33ms
4ms Font
application/font-woff 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/themes/uncode/library/fonts/uncode-icons.woff

Requested by

Host: fraud.net
URL: https://fraud.net/wp-content/cache/fvm/min/1652993086-css3038bff3483d88b1e21cc21310a27b2153d5b8c53fedd9aeb7460d1fbd718.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

59b76a96d782cd0b78b23230e7c44d1773aa8166e3985c96affec9026437aec9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://fraud.net/
Origin: https://fraud.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Wed, 29 Jun 2022 23:27:45 GMT
x-ac: 1.hhn _atomic_ams
last-modified: Mon, 28 Mar 2022 09:12:47 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/themes/uncode/library/fonts/uncode-icons.woff>; rel="canonical"
content-length: 382184
expires: Wed, 06 Jul 2022 23:27:45 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0C4k.woff
fonts.gstatic.com/s/opensans/v29/ 69 KB
69 KB 178ms
104ms Font
font/woff 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0C4k.woff

Requested by

Host: fraud.net
URL: https://fraud.net/wp-content/cache/fvm/min/1652993086-css8c72dae05514e89988af6d08b5f840e573a18d8f01c21b798c83084958180.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82a8e0e7680644103491c61687d900ccef00ffe78e3a29d9464ae7424069537b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fraud.net/
Origin: https://fraud.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 17:06:02 GMT
x-content-type-options: nosniff
age: 195703
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70856
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 27 Jun 2023 17:06:02 GMT

POST
H2 200 admin-ajax.php Show response
fraud.net/wp-admin/ 280 B
422 B 756ms
756ms XHR
application/json 199.16.173.27
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-admin/admin-ajax.php

Requested by

Host: 149360532.v2.pressablecdn.com
URL: https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/init.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.173.27 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

eccd7c6d1e93a69b1ca4b50bb48e3359b2aa029b4ca854bd308fad32174c0af1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fraud.net/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
x-content-type-options: nosniff
host-header: Pressable
referrer-policy: strict-origin-when-cross-origin
server: nginx
x-frame-options: SAMEORIGIN
date: Wed, 29 Jun 2022 23:27:46 GMT
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://fraud.net
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-ac: 1.hhn _atomic_ams
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 MicrosoftTeams-image-2-2-uai-258x110.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 32 KB
32 KB 6ms
6ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/MicrosoftTeams-image-2-2-uai-258x110.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

465726c1fc7cd0e6ff5a19fdf03a20d95e13f8e5c255c157df0428e3370cfd99

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 29 Jun 2022 23:27:45 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Fri, 03 Dec 2021 13:09:11 GMT
server: nginx
strict-transport-security: max-age=15552000
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/MicrosoftTeams-image-2-2-uai-258x110.png>; rel="canonical"
content-length: 32700
expires: Wed, 06 Jul 2022 23:27:45 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0C4k.woff
fonts.gstatic.com/s/opensans/v29/ 69 KB
69 KB 97ms
79ms Font
font/woff 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0C4k.woff

Requested by

Host: fraud.net
URL: https://fraud.net/wp-content/cache/fvm/min/1652993086-css8c72dae05514e89988af6d08b5f840e573a18d8f01c21b798c83084958180.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c6cd85ee4d226f9ccf8d165ec9d44bbed7b3872a007c95567639345f0d511dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fraud.net/
Origin: https://fraud.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 16:41:27 GMT
x-content-type-options: nosniff
age: 197178
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70572
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 27 Jun 2023 16:41:27 GMT

POST
H2 200 admin-ajax.php Show response
fraud.net/wp-admin/ 2 KB
465 B 826ms
826ms XHR
application/json 199.16.173.27
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-admin/admin-ajax.php

Requested by

Host: 149360532.v2.pressablecdn.com
URL: https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/init.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.173.27 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

46aedab68dfd1dbd62d158f44e0f4867424040521ace073d2cac8751e2a4a50c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fraud.net/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
x-content-type-options: nosniff
host-header: Pressable
referrer-policy: strict-origin-when-cross-origin
server: nginx
x-frame-options: SAMEORIGIN
date: Wed, 29 Jun 2022 23:27:46 GMT
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://fraud.net
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-ac: 1.hhn _atomic_ams
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1y4k.woff
fonts.gstatic.com/s/opensans/v29/ 67 KB
67 KB 114ms
114ms Font
font/woff 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1y4k.woff

Requested by

Host: fraud.net
URL: https://fraud.net/wp-content/cache/fvm/min/1652993086-css8c72dae05514e89988af6d08b5f840e573a18d8f01c21b798c83084958180.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca8f4dbd438e1cd09c1cc3566b135ec77fc1a553c180057e5e71b832c50cb036

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fraud.net/
Origin: https://fraud.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 14:21:07 GMT
x-content-type-options: nosniff
age: 205598
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68728
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 27 Jun 2023 14:21:07 GMT

POST
H2 200 admin-ajax.php Show response
fraud.net/wp-admin/ 266 B
232 B 813ms
812ms XHR
application/json 199.16.173.27
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-admin/admin-ajax.php

Requested by

Host: 149360532.v2.pressablecdn.com
URL: https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/init.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.173.27 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

7691709e6ed9c18787e38b8318d15eff9b1455f412f86ca90b27d6ac338dfcc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fraud.net/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
x-content-type-options: nosniff
host-header: Pressable
referrer-policy: strict-origin-when-cross-origin
server: nginx
x-frame-options: SAMEORIGIN
date: Wed, 29 Jun 2022 23:27:46 GMT
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://fraud.net
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-ac: 1.hhn _atomic_ams
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 Group-2851-uai-258x81.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 14 KB
14 KB 6ms
6ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Group-2851-uai-258x81.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

8ec10bed3af6096be5743e3e5dce99ea22832a46b86f13e19e68966a52fe63b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 29 Jun 2022 23:27:45 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Fri, 03 Dec 2021 13:09:11 GMT
server: nginx
strict-transport-security: max-age=15552000
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Group-2851-uai-258x81.png>; rel="canonical"
content-length: 14086
expires: Wed, 06 Jul 2022 23:27:45 GMT

GET
H/1.1 200
OK 235637953 Show response
player.vimeo.com/video/ Frame 3B9E 16 KB
9 KB 234ms
233ms Document
text/html 162.159.138.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/video/235637953?

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.159.138.60 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e94860a4b96ad96ec36a7e5b9df06576a2145e14ff24a9ca3db254ad1456437

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://.ci.vimeows.com https://csi.gstatic.com https://fresnel-player-staging.vimeows.com https://fresnel-event-staging.vimeows.com https://player-telemetry.vimeo.com https://.akamaized.net https://.akamaized-staging.net https://.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com https://.wirewax.com https://.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; media-src 'self' blob: https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net https://.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://devcaptions.cloud.vimeo.com/; object-src 'self' https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net; default-src 'none'; font-src https://edge-assets.wirewax.com https://player.vimeo.com https://fonts.gstatic.com; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://f.vimeocdn.com; frame-src 'self' https://*; report-uri /_csp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fraud.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Age: 0
CF-Cache-Status: DYNAMIC
CF-RAY: 72326f46f9f09a06-FRA
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Wed, 29 Jun 2022 23:27:45 GMT
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Cache: MISS
X-Cache-Hits: 0
X-Player-Backend: p
X-Served-By: cache-fra19180-FRA
X-Timer: S1656545266.762957,VS0,VE199
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-security-policy: script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel-player-staging.vimeows.com https://fresnel-event-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://*.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://devcaptions.cloud.vimeo.com/; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; font-src https://edge-assets.wirewax.com https://player.vimeo.com https://fonts.gstatic.com; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://f.vimeocdn.com; frame-src 'self' https://*; report-uri /_csp
expires: Wed, 29 Jun 2022 23:37:45 GMT
link: <https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin
p3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
x-backend-proxy: playproxy10
x-bapp-server: player-v114-mmtpb
x-content-type-options: nosniff
x-host: player-v114-mmtpb
x-varnish-cache: 0
x-vserver: playproxy-prod-varnish-9
x-xss-protection: 1; mode=block

POST
H2 200 admin-ajax.php Show response
fraud.net/wp-admin/ 1 KB
358 B 813ms
813ms XHR
application/json 199.16.173.27
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-admin/admin-ajax.php

Requested by

Host: 149360532.v2.pressablecdn.com
URL: https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/init.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.173.27 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

dd1265f45f58690e651a2795df3748cdcf49c21209e002296456f4799491ae6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fraud.net/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
x-content-type-options: nosniff
host-header: Pressable
referrer-policy: strict-origin-when-cross-origin
server: nginx
x-frame-options: SAMEORIGIN
date: Wed, 29 Jun 2022 23:27:46 GMT
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://fraud.net
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-ac: 1.hhn _atomic_ams
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT

POST
H2 200 admin-ajax.php Show response
fraud.net/wp-admin/ 266 B
233 B 997ms
997ms XHR
application/json 199.16.173.27
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-admin/admin-ajax.php

Requested by

Host: 149360532.v2.pressablecdn.com
URL: https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/init.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.173.27 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

e18926f5fdce4307ef7ec3bdc65329c50ba9231ddb8b1a4da8c8d83f7ae3e975

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fraud.net/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
x-content-type-options: nosniff
host-header: Pressable
referrer-policy: strict-origin-when-cross-origin
server: nginx
x-frame-options: SAMEORIGIN
date: Wed, 29 Jun 2022 23:27:46 GMT
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://fraud.net
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-ac: 1.hhn _atomic_ams
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 Group-2859-uai-258x34.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 5 KB
5 KB 6ms
6ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Group-2859-uai-258x34.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

cdbf143856a375cc4f975c8cd17edc52f04ebf0952d96944bf027290fe9ad28e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 29 Jun 2022 23:27:45 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Fri, 03 Dec 2021 13:09:11 GMT
server: nginx
strict-transport-security: max-age=15552000
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Group-2859-uai-258x34.png>; rel="canonical"
content-length: 5270
expires: Wed, 06 Jul 2022 23:27:45 GMT

GET
H2 200 Group-2858-uai-258x306.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 139 KB
139 KB 6ms
6ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Group-2858-uai-258x306.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

53327d1c55cd5f6aec4c686f3ba84c17c8fdcea1d62760bb61f3d45ef504566d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 29 Jun 2022 23:27:45 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Fri, 03 Dec 2021 13:09:11 GMT
server: nginx
strict-transport-security: max-age=15552000
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Group-2858-uai-258x306.png>; rel="canonical"
content-length: 142152
expires: Wed, 06 Jul 2022 23:27:45 GMT

POST
H2 200 admin-ajax.php Show response
fraud.net/wp-admin/ 265 B
238 B 906ms
905ms XHR
application/json 199.16.173.27
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-admin/admin-ajax.php

Requested by

Host: 149360532.v2.pressablecdn.com
URL: https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/init.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.173.27 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

32f178050abd02f1449cc5b27e86a5017437fe5e67c7c689327dd0272316c210

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fraud.net/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
x-content-type-options: nosniff
host-header: Pressable
referrer-policy: strict-origin-when-cross-origin
server: nginx
x-frame-options: SAMEORIGIN
date: Wed, 29 Jun 2022 23:27:46 GMT
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://fraud.net
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-ac: 1.hhn _atomic_ams
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT

POST
H2 200 admin-ajax.php Show response
fraud.net/wp-admin/ 296 B
259 B 984ms
984ms XHR
application/json 199.16.173.27
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-admin/admin-ajax.php

Requested by

Host: 149360532.v2.pressablecdn.com
URL: https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/init.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.173.27 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

143e0208290495ac2cef8003d9ee91f29b35dd1258d5b048d7d592a8b58da19c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fraud.net/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
x-content-type-options: nosniff
host-header: Pressable
referrer-policy: strict-origin-when-cross-origin
server: nginx
x-frame-options: SAMEORIGIN
date: Wed, 29 Jun 2022 23:27:46 GMT
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://fraud.net
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-ac: 1.hhn _atomic_ams
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT

POST
H2 200 admin-ajax.php Show response
fraud.net/wp-admin/ 266 B
233 B 851ms
851ms XHR
application/json 199.16.173.27
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-admin/admin-ajax.php

Requested by

Host: 149360532.v2.pressablecdn.com
URL: https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/init.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.173.27 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

8c43db75ba0b832516a5698991210808c1d06e45bb6b95d88b9ba336f3413766

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fraud.net/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
x-content-type-options: nosniff
host-header: Pressable
referrer-policy: strict-origin-when-cross-origin
server: nginx
x-frame-options: SAMEORIGIN
date: Wed, 29 Jun 2022 23:27:46 GMT
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://fraud.net
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-ac: 1.hhn _atomic_ams
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT

POST
H2 200 admin-ajax.php Show response
fraud.net/wp-admin/ 266 B
232 B 950ms
949ms XHR
application/json 199.16.173.27
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-admin/admin-ajax.php

Requested by

Host: 149360532.v2.pressablecdn.com
URL: https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/init.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.173.27 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

7bd989795dc3899a9234869ec0bf8c7dee665a332ae8fc6f7cd34eb4df229048

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fraud.net/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
x-content-type-options: nosniff
host-header: Pressable
referrer-policy: strict-origin-when-cross-origin
server: nginx
x-frame-options: SAMEORIGIN
date: Wed, 29 Jun 2022 23:27:46 GMT
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://fraud.net
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-ac: 1.hhn _atomic_ams
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4f3d35c6c4f11dcb2d162feb950a605448fa97de5c9b8d58109ef52eb167d566

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Group-2854-uai-258x74.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 21 KB
21 KB 7ms
7ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Group-2854-uai-258x74.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

97894d5d517bdace45e5737e6288178fe70c289d2b8e326ac82f3fa88ec92c58

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 29 Jun 2022 23:27:45 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Fri, 03 Dec 2021 13:09:12 GMT
server: nginx
strict-transport-security: max-age=15552000
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Group-2854-uai-258x74.png>; rel="canonical"
content-length: 21518
expires: Wed, 06 Jul 2022 23:27:45 GMT

POST
H2 200 admin-ajax.php Show response
fraud.net/wp-admin/ 2 KB
487 B 880ms
880ms XHR
application/json 199.16.173.27
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-admin/admin-ajax.php

Requested by

Host: 149360532.v2.pressablecdn.com
URL: https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/init.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.173.27 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

52779a67150f625eba1a786dafffae9ddcbdbb0f3271bf5ee9332245988cd7ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fraud.net/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
x-content-type-options: nosniff
host-header: Pressable
referrer-policy: strict-origin-when-cross-origin
server: nginx
x-frame-options: SAMEORIGIN
date: Wed, 29 Jun 2022 23:27:46 GMT
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://fraud.net
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-ac: 1.hhn _atomic_ams
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 Group-2851@2x-uai-258x81.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 14 KB
14 KB 7ms
6ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Group-2851@2x-uai-258x81.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

d23369096b16514e42ec85aa9495bebeed9569aee7d01e2feb52c2fff4e626b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 29 Jun 2022 23:27:45 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Fri, 03 Dec 2021 13:09:12 GMT
server: nginx
strict-transport-security: max-age=15552000
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Group-2851@2x-uai-258x81.png>; rel="canonical"
content-length: 14643
expires: Wed, 06 Jul 2022 23:27:45 GMT

GET
H2 200 optimize.js Show response
www.google-analytics.com/gtm/ 118 KB
43 KB 136ms
53ms Script
application/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/optimize.js?id=GTM-PGJR3MN

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVZ4N9X

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

65502342e7cf974e77cf11306ba0c9286a871cee025ff1f39f22de317be5e838

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 23:27:46 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44024
x-xss-protection: 0
expires: Wed, 29 Jun 2022 23:27:46 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 40 KB
15 KB 133ms
49ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVZ4N9X

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

00e67a6bb1601297c954a9c6438eb956f4ca87253683fb348d1bda64cee7d1ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 23:27:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15163
x-xss-protection: 0
server: cafe
etag: 11137310801552021614
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 29 Jun 2022 23:27:45 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 38ms
7ms Script
application/x-javascript 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVZ4N9X
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 29 Jun 2022 23:27:45 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Apr 2022 23:25:22 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=67739
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3085

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 63ms
33ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVZ4N9X

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0fcff9391b8f4560e9bc64c28dcd9101f66de7b93676ea8cc254980567f663db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 16 Jun 2022 18:22:08 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B794247D6F7F417EA02FA305D0C15180 Ref B: FRAEDGE1413 Ref C: 2022-06-29T23:27:45Z
etag: "0c8eafcad81d81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Wed, 29 Jun 2022 23:27:45 GMT
accept-ranges: bytes
content-length: 11374

GET
H2 200 hotjar-2001329.js Show response
static.hotjar.com/c/ 7 KB
3 KB 48ms
10ms Script
application/javascript 65.9.66.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2001329.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVZ4N9X

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.34 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-34.fra56.r.cloudfront.net

Software

Resource Hash

ca39ac222b96ad03fed23dadf5a970f06e0fa546566e8fb22c32c1e1dd555f47

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 23:27:45 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
age: 28
etag: W/fe66942662aedb90c7d0e89fa79fcfb4
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: -9kj_HizLkoxQp0Rrs-1b-erzGZfddTqbezNtCh1tqp1i0QK1GegKA==
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 52 KB
17 KB 50ms
10ms Script
text/javascript 2600:9000:206f:2000:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVZ4N9X
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:2000:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 162c738f4948e084faa0f32b9cab7d53cb3101173efe745beaa086767ea2c7bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

X-Amz-Version-Id: zvxipRd5DdeWfCyACkfHDboSpygEpcO3
Content-Encoding: gzip
Etag: W/"1b72d223d028de1124fb30874c986716"
Age: 1309
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Vary: Accept-Encoding
Via: 1.1 b8fb5d47d5536b63dd25111404e6e2e4.cloudfront.net (CloudFront)
Last-Modified: Tue, 28 Jun 2022 15:53:54 GMT
Server: AmazonS3
Date: Wed, 29 Jun 2022 23:05:57 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA56-C1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: DC2-t3_hqmf6LMJTkXOtzimHOiX6qoOCC3bhJt2egYgZYG7hX13k1A==

GET
H2 200 2113031.js Show response
js.hs-scripts.com/ 2 KB
1010 B 154ms
123ms Script
application/javascript 2606:4700::6811:d6cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/2113031.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVZ4N9X
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:d6cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 000a033dd889ce94c5ddda49b87ed3a9e78c19b941123c45f3cdf5c0e426ace3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 23:27:46 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: EXPIRED
x-hubspot-correlation-id: 0db36dbd-03af-4d18-8b5c-1ce781f856a5
last-modified: Wed, 29 Jun 2022 19:45:00 GMT
server: cloudflare
x-trace: 2B8C31A73C1A10320FB4666EE470F06A0BAA67EC5C000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://fraud.net
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 72326f4828549bf4-FRA
expires: Wed, 29 Jun 2022 23:28:46 GMT

GET
H2 200 analytics.js Show response
media.fraud.net/shield/js/v1/ 98 KB
30 KB 74ms
15ms Script
application/javascript 143.204.215.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.fraud.net/shield/js/v1/analytics.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVZ4N9X
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-52.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0f47efcf7e21734e231f323a3d1ecf00c24dee2268687a589042d8de82500dda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 23:27:45 GMT
content-encoding: gzip
last-modified: Thu, 28 Feb 2019 18:42:24 GMT
server: AmazonS3
age: 6
etag: "7479109d61e7cc42fa7496c3a2a11d5e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 6080b2713e502211e152f21f5c59c5a6.cloudfront.net (CloudFront)
cache-control: max-age=300, no-transform, public
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 30572
x-amz-cf-id: mPCFOfNg0lkd1B7aVFRc8ODmFiCs-QoEVGurDbQCNArsHRiMpvMbRg==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 30ms
8ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f8bdb531d36caf4bb43071d1be58a2d1b153d3a403f4b8f4e6a919dd46213f47

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 25939
x-xss-protection: 0
pragma: public
x-fb-debug: QW86g/+XxZGXGNmgUZku7HV1AqpeS2p8/q860oYKE1rLUPub6EdbOqy977l8TZCb4NtqAp5q8R2NPpit7r/ibw==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 29 Jun 2022 23:27:45 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 60e76b46e4c4e9001293ca88 Show response
ws.zoominfo.com/pixel/ 3 KB
2 KB 446ms
420ms Script
text/javascript 2606:4700::6810:a852
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/60e76b46e4c4e9001293ca88

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a852 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

0131bc8a05decd2012a41a0e2aee3bff340f1b311f132169463333021b024dc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 23:27:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 72326f481a339b5d-FRA
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for
via: 1.1 google

POST
H2 200 admin-ajax.php Show response
fraud.net/wp-admin/ 282 B
245 B 1069ms
1069ms XHR
application/json 199.16.173.27
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-admin/admin-ajax.php

Requested by

Host: 149360532.v2.pressablecdn.com
URL: https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/init.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.173.27 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

dddd61772cbcff08a8335f20961a7e4023d21e7cdd38c587b838d4f7c7881379

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fraud.net/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
x-content-type-options: nosniff
host-header: Pressable
referrer-policy: strict-origin-when-cross-origin
server: nginx
x-frame-options: SAMEORIGIN
date: Wed, 29 Jun 2022 23:27:46 GMT
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://fraud.net
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-ac: 1.hhn _atomic_ams
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 fraud-dot-net-background-dots-bottom-sm-uai-258x194.jpg
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2018/10/ 7 KB
7 KB 7ms
6ms Image
image/jpeg 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2018/10/fraud-dot-net-background-dots-bottom-sm-uai-258x194.jpg

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

be5349d4081fecf915783ec56264da71a51dc0e8171fd4556d1c7ea43ba1ba30

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 29 Jun 2022 23:27:45 GMT
x-ac: 1.hhn _atomic_ams
last-modified: Fri, 03 Dec 2021 13:08:55 GMT
server: nginx
strict-transport-security: max-age=15552000
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2018/10/fraud-dot-net-background-dots-bottom-sm-uai-258x194.jpg>; rel="canonical"
content-length: 7103
expires: Wed, 06 Jul 2022 23:27:45 GMT

OPTIONS
H2 200 json
forms.hsforms.com/embed/v3/form/2113031/e7da54a7-2f38-4f6a-9f57-178fe485ef3c/ Frame 0
0 142ms
116ms Preflight
text/plain 2606:4700::6810:5705
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/2113031/e7da54a7-2f38-4f6a-9f57-178fe485ef3c/json?hutk=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5705 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: x-requested-with
Access-Control-Request-Method: GET
Origin: https://fraud.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: x-requested-with
access-control-allow-methods: OPTIONS, GET
access-control-allow-origin: https://fraud.net
access-control-expose-headers: X-Origin-Hublet
access-control-max-age: 180
allow: HEAD,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=0, no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 72326f487de1690a-FRA
content-length: 18
content-type: text/plain; charset=utf-8
date: Wed, 29 Jun 2022 23:27:46 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-hubspot-correlation-id: ca8d81c3-1264-4f2c-90be-c060cdd23f84
x-robots-tag: none
x-trace: 2B76AFB8B659105F2156C283853285013629467169000000000000000000

GET
H3 200 json Show response
forms.hsforms.com/embed/v3/form/2113031/e7da54a7-2f38-4f6a-9f57-178fe485ef3c/ 5 KB
2 KB 221ms
203ms XHR
application/json 2606:4700::6810:5705
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/2113031/e7da54a7-2f38-4f6a-9f57-178fe485ef3c/json?hutk=

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5705 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e3b1f3ac65a8112fa728b8874454d4876cf4d5787e08175abe9e6af80ef8322

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/javascript
Referer: https://fraud.net/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-origin-hublet: na1
date: Wed, 29 Jun 2022 23:27:46 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
x-hubspot-correlation-id: ae66f7e3-9d7c-4894-bebe-d4b1b40d4780
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-robots-tag: none
server: cloudflare
x-trace: 2B9F7AEB72CC71D45DB6B70EB935D1D44C9FE4BAE5000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-allow-origin: https://fraud.net
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
cf-ray: 72326f494c138fd1-FRA
access-control-allow-headers: *

POST
H2 200 admin-ajax.php Show response
fraud.net/wp-admin/ 296 B
253 B 912ms
912ms XHR
application/json 199.16.173.27
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-admin/admin-ajax.php

Requested by

Host: 149360532.v2.pressablecdn.com
URL: https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/init.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.173.27 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

0743c423757d690a2b2e8ccdf9891c0662b01ff5d236f4e660d6bb19921468e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fraud.net/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
x-content-type-options: nosniff
host-header: Pressable
referrer-policy: strict-origin-when-cross-origin
server: nginx
x-frame-options: SAMEORIGIN
date: Wed, 29 Jun 2022 23:27:46 GMT
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://fraud.net
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-ac: 1.hhn _atomic_ams
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 preload.js Show response
front.optimonk.com/public/177110/js/ 3 KB
2 KB 38ms
18ms Script
application/javascript 167.99.251.246
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://front.optimonk.com/public/177110/js/preload.js

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

167.99.251.246 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

b3ae1db95ac322cbd656af3757878b35c4878e778fcf53a2cdade17fbadc21aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 23:27:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
etag: W/"da8-ZbyYu/fqA+mSmlOWAs2JOvgUQpc"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=1350
strict-transport-security: max-age=15552000; includeSubDomains
x-dns-prefetch-control: off
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK track.js Show response
secure.gaug.es/ 4 KB
4 KB 417ms
100ms Script
application/javascript 18.209.77.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gaug.es/track.js
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.209.77.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-209-77-242.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: df2698e6cf74ed890afa92da10051f880df2ce0b3257b73c5d9ae2f6bea82d3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 29 Jun 2022 23:27:46 GMT
Last-Modified: Wed, 15 Dec 2021 05:45:49 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "61b9810d-ef5"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3829

POST
H/1.1 204
No Content _csp
player.vimeo.com/ Frame 3B9E 0
1 KB 136ms
136ms Other
text/html 162.159.138.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/_csp

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.159.138.60 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' https://f.vimeocdn.com; style-src 'self' https://f.vimeocdn.com; img-src 'self' https://i.vimeocdn.com https://f.vimeocdn.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://player.vimeo.com/video/235637953?
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/csp-report

Response headers

Date: Wed, 29 Jun 2022 23:27:46 GMT
Via: 1.1 varnish
x-content-type-options: nosniff
CF-Cache-Status: DYNAMIC
X-Cache: MISS
p3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
x-host: player-v114-glxvd
Connection: keep-alive
Vary: Accept-Encoding
x-xss-protection: 1; mode=block
X-Served-By: cache-fra19183-FRA
X-Player-Backend: p
Server: cloudflare
X-Timer: S1656545266.182251,VS0,VE108
x-backend-proxy: playproxy10
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
Content-Type: text/html; charset=UTF-8
expires: Fri, 15 Dec 1985 19:30:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-bapp-server: player-v114-glxvd
content-security-policy: default-src 'self'; script-src 'self' https://f.vimeocdn.com; style-src 'self' https://f.vimeocdn.com; img-src 'self' https://i.vimeocdn.com https://f.vimeocdn.com
Accept-Ranges: bytes
CF-RAY: 72326f498b969a06-FRA
X-Cache-Hits: 0

GET
H2 200 modules.e0f9a963b7d4b193cd64.js Show response
script.hotjar.com/ 243 KB
63 KB 34ms
7ms Script
application/javascript 99.86.4.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.e0f9a963b7d4b193cd64.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2001329.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.22 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-22.fra6.r.cloudfront.net

Software

Resource Hash

14985928b15bd12c655b3c4e2aa400bec14add042eef99423cf5f1b37631d54c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 13:41:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35199
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 64018
access-control-allow-origin: *
last-modified: Wed, 29 Jun 2022 13:40:55 GMT
etag: "ed88526504ddc1265fe4032f28900bc6"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: vWg4kpfIubUkRbS1hjctiuslsi_D0B3P8qng1IwXCG4lgMQy_nN_Aw==

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/exp/
Redirect Chain

https://s.adroll.com/j/exp/HVT2SOYWOBESJB535C7MUS/index.js
https://s.adroll.com/j/exp/index.js

28 B
785 B

8ms
8ms

Script
application/javascript

2600:9000:206f:2000:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: HTTP/1.1
Server: 2600:9000:206f:2000:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

X-Amz-Version-Id: QCXe6z8Ijv28a3Z6pj7cPKMX4fdClAik
Via: 1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
Etag: "5816cced8568d223aa09d889f300692b"
Age: 81817
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 28
Last-Modified: Wed, 18 May 2022 19:09:46 GMT
Server: AmazonS3
Date: Wed, 29 Jun 2022 00:44:40 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA56-C1
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: vc869WFJaF92wBrx9OqWzkNAv4y3rvW1JemvdyXyEzRn800q1DppTg==

Redirect headers

Date: Wed, 29 Jun 2022 04:43:26 GMT
Via: 1.1 b8fb5d47d5536b63dd25111404e6e2e4.cloudfront.net (CloudFront)
Age: 67460
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA56-C1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: --C-vFydAOe9UbMFv_D8Cl3U57OMTcYadj_aoS7xrLG6Uqh6_UENEg==

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/pre/
Redirect Chain

https://s.adroll.com/j/pre/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM/fpconsent.js
https://s.adroll.com/j/pre/index.js

0
755 B

9ms
8ms

Script
application/javascript

2600:9000:206f:2000:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/index.js
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: HTTP/1.1
Server: 2600:9000:206f:2000:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

X-Amz-Version-Id: nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Via: 1.1 b8fb5d47d5536b63dd25111404e6e2e4.cloudfront.net (CloudFront)
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Age: 8028
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 0
Last-Modified: Wed, 15 Jan 2020 23:54:18 GMT
Server: AmazonS3
Date: Wed, 29 Jun 2022 21:15:09 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA56-C1
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: cC3ABHg8-_2Ei9H6smW7NfTZzFnD5n6_wChWTNvhJGQU2n3ktbLAXw==

Redirect headers

Date: Wed, 29 Jun 2022 10:22:37 GMT
Via: 1.1 b8fb5d47d5536b63dd25111404e6e2e4.cloudfront.net (CloudFront)
Age: 47108
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Location: https://s.adroll.com/j/pre/index.js
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA56-C1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: cPgba04AdJELpEbIpDAUt-YwMri5TnO582iTCb98QIDEs-B8e_AKUA==

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM/ 0
807 B 23ms
8ms Script
text/javascript 2600:9000:206f:2000:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:2000:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

X-Amz-Version-Id: ZRVtqpGOmnitFdfK.SWA9ct69DmnI7sK
Via: 1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Age: 28
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 0
Last-Modified: Sat, 25 Jun 2022 14:08:19 GMT
Server: AmazonS3
Date: Wed, 29 Jun 2022 23:27:19 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA56-C1
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: Yk28V4bxANIvsTcZbtDYs9MCZ5WnMV6up8--hUFFU90a03tp_k5-Sw==

GET
H2 200 761269575-6c5f8c54d48457c4a582eb93d22363f05ec10d47e9829dffd8598b02a20ddb61-d.jpg
i.vimeocdn.com/video/ Frame 3B9E 2 KB
2 KB 39ms
9ms Image
image/jpeg 151.101.14.109
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/761269575-6c5f8c54d48457c4a582eb93d22363f05ec10d47e9829dffd8598b02a20ddb61-d.jpg?mw=80&q=85
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/235637953?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 71e71947e14e056db8dfe955894ca7ae88b0dbe55dad48c6b9270de946b2ecb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 23:27:46 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 1863229
x-viewmaster-lossless-format: lossy
x-cache: miss, HIT, HIT
x-backend-server: varnish
content-length: 1659
viewmaster-server: viewmaster-us-central1-d04z
x-served-by: cache-dfw18657-DFW, cache-fra19182-FRA
x-timer: S1656545266.252708,VS0,VE1
etag: 81c15d4e4ece4e5dff2ba9c297822654
access-control-max-age: 86400
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 player.de-DE.js Show response
f.vimeocdn.com/p/4.5.3/js/ Frame 3B9E 873 KB
205 KB 35ms
8ms Script
application/javascript 151.101.14.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/4.5.3/js/player.de-DE.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/235637953?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 747de6a4fcd656b37cbcee5a4297bf474c3c2a37c0dde1a84aa03baa495e7bef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 23:27:46 GMT
via: 1.1 varnish, 1.1 varnish
age: 26558
x-served-by: cache-iad-kiad7000137-IAD, cache-fra19122-FRA
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: application/javascript
content-encoding: br
cache-control: max-age=1209600
accept-ranges: bytes
x-timer: S1656545266.253469,VS0,VE0
content-length: 209895
x-cache-hits: 1, 14

GET
H2 200 player.css
f.vimeocdn.com/p/4.5.3/css/ Frame 3B9E 219 KB
21 KB 34ms
7ms Stylesheet
text/css 151.101.14.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/4.5.3/css/player.css
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/235637953?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 2ab9eb77d4d236457b8be2564c0d99f3684dab8aa44cd3113a86de6dbea3ddea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 23:27:46 GMT
via: 1.1 varnish, 1.1 varnish
age: 26559
x-served-by: cache-iad-kiad7000115-IAD, cache-fra19122-FRA
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: text/css
access-control-allow-origin: *
content-encoding: br
cache-control: max-age=1209600
accept-ranges: bytes
x-timer: S1656545266.253485,VS0,VE0
content-length: 21167
x-cache-hits: 1, 12793

GET
H2 200 vuid.min.js Show response
f.vimeocdn.com/js_opt/modules/utils/ Frame 3B9E 2 KB
1 KB 35ms
7ms Script
application/javascript 151.101.14.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/235637953?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c051b8b5eb2a0aef699780f15a449491868faa6f8b39b684b5ae8f64f345b94a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 23:27:46 GMT
via: 1.1 varnish, 1.1 varnish
age: 3209
x-timer: S1656545266.253457,VS0,VE0
x-served-by: cache-iad-kjyo7100144-IAD, cache-fra19122-FRA
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: application/javascript
content-encoding: gzip
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
content-length: 997
x-cache-hits: 1, 417

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=186217&time=1656545266223&url=https%3A%2F%2Ffraud.net%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D186217%26time%3D1656545266223%26url%3Dhttps%253A%252F%252Ffraud.net%252F%26liSync...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=186217&time=1656545266223&url=https%3A%2F%2Ffraud.net%2F&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=186217&time=1656545266223&url=https%3A%2F%2Ffraud.net%2F&liSync=true&e_ipv6=AQLfA2TpK0PLhQAAAYGxysz0CCCAMS5QCli4iHyfzRBl2SKiRGygkwII06yxGliIOVBNtHmj

0
266 B

195ms
153ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=186217&time=1656545266223&url=https%3A%2F%2Ffraud.net%2F&liSync=true&e_ipv6=AQLfA2TpK0PLhQAAAYGxysz0CCCAMS5QCli4iHyfzRBl2SKiRGygkwII06yxGliIOVBNtHmj
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 23:27:46 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: F728DB36C34A49AFA4CECA391FE5E9EC Ref B: FRAEDGE1320 Ref C: 2022-06-29T23:27:47Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXinoAz3dKlkKy+zCgqXQ==
x-li-fabric: prod-ltx1

Redirect headers

date: Wed, 29 Jun 2022 23:27:46 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: D164D08941B843FA809339BE53155C00 Ref B: FRAEDGE1107 Ref C: 2022-06-29T23:27:46Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=186217&time=1656545266223&url=https%3A%2F%2Ffraud.net%2F&liSync=true&e_ipv6=AQLfA2TpK0PLhQAAAYGxysz0CCCAMS5QCli4iHyfzRBl2SKiRGygkwII06yxGliIOVBNtHmj
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXinoAwWSIp5Ll8vhQTzQ==

GET
H2 200 4000327.js Show response
bat.bing.com/p/action/ 218 B
475 B 166ms
166ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/4000327.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

49a3c422d58f6290447bce90a917d620f73930bb2948b8eefe6f35b297b5ba23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C491004832D049CD9B406637E5B9578B Ref B: FRAEDGE1413 Ref C: 2022-06-29T23:27:46Z
date: Wed, 29 Jun 2022 23:27:46 GMT
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private,max-age=60
content-length: 299

GET
H2 204 0
bat.bing.com/action/ 0
175 B 32ms
32ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=4000327&tm=gtm002&Ver=2&mid=2e5c9473-c4e3-4e42-b5ee-d151ccb623ff&sid=14fbba40f80311ec8e55b3c61bfd16e6&vid=14fbe4e0f80311ec9dcc3df6b6180664&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Fraud.net%20%7C%20AI%20Fraud%20Detection%20and%20Prevention%20for%20Enterprises&p=https%3A%2F%2Ffraud.net%2F&r=&lt=2124&evt=pageLoad&msclkid=N&sv=1&rn=601332

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7F8B9115A5914189B3EF5A697AA0C6D7 Ref B: FRAEDGE1413 Ref C: 2022-06-29T23:27:46Z
date: Wed, 29 Jun 2022 23:27:46 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 72 KB
21 KB 47ms
16ms Script
application/javascript 2606:4700::6811:ebcc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.usemessages.com/conversations-embed.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2113031.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:ebcc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 098f1a1400af17ccadd35f423d47cc1eab1e8e814f73a98c3bd034e4dea62c08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 23:27:46 GMT
via: 1.1 9557da2570df16242f84a67f254d7f30.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 25
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-embed/static-1.10317/bundles/project.js&cfRay=72326eacd93b91d5-EWR
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
last-modified: Tue, 28 Jun 2022 08:24:15 UTC
server: cloudflare
etag: W/"ec888afa280a584d80fa2e4a6e695475"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: MC1MujafCIKhor0u_m.Zxaddp4B8ErnC
cache-control: max-age=600
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-P1
cf-ray: 72326f4a2903bb41-FRA
x-amz-cf-id: zp3ZLNjkZKh3lVt5Ei5I9hf2Qa4wlwIbj2zc2jbCzt_EMu4hBAEs-w==
x-hs-target-asset: conversations-embed/static-1.10317/bundles/project.js

GET
H2 200 2113031.js Show response
js.hs-banner.com/ 59 KB
16 KB 155ms
130ms Script
text/javascript 2606:4700:4400::6812:21ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/2113031.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2113031.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:21ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6c7368ee2a3a9d820258824f544be9ef045516be05fde679c010d37d3f01188

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 23:27:46 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: 78YBXT9KG38N0ANX
x-amz-server-side-encryption: AES256
content-type: text/javascript; charset=UTF-8
access-control-max-age: 604800
x-amz-id-2: 3FAjWnHPbEjsdW6v1MaTH8DgPehQuCPD4TWXGentVP0dLVt097mzNcHvLyY5izpHU9/bVtd7LW8=
timing-allow-origin: *
last-modified: Fri, 27 May 2022 15:32:37 GMT
server: cloudflare
etag: W/"2686aba0c00cd3000446c95135d91755"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id: cA6W.MsHJZa.byIA4PTRHixoSYz7ANBk
access-control-allow-origin: https://fraud.net
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
cf-ray: 72326f4a1c335c6e-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Wed, 29 Jun 2022 23:32:46 GMT

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 547 KB
88 KB 71ms
32ms Script
application/javascript 2606:4700::6811:e9cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsleadflows.net/leadflows.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2113031.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:e9cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd03eda5317d9d62243195e41b4b52d55640561480d2682fcf6daf9b90987434

Request headers

Referer: https://fraud.net/
Origin: https://fraud.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 23:27:46 GMT
via: 1.1 3500e6db5ae43764ed5ca43fc6d56058.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 53259
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=lead-flows-js/static-1.1092/bundle/main/lead-flows-release.js&cfRay=722d5b06df259b2d-IAD
x-cache: Hit from cloudfront
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
content-encoding: br
cf-ray: 72326f4a39346937-FRA
last-modified: Tue, 14 Jun 2022 09:22:35 UTC
server: cloudflare
etag: W/"4d9060d46ded886725fdadd2918d8827"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
x-amz-version-id: Ln2dBnu66WcBGVnZb6Z.xnR7vFzaf.57
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=0
x-hs-cache-status: MISS
x-amz-cf-pop: IAD89-P1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: GKzAdBzCqOpyC8RDYE_KnqWJ-Pa598RTJH7RMW7WwP2Q9WM3c8LQHw==
x-hs-target-asset: lead-flows-js/static-1.1092/bundle/main/lead-flows-release.js

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 72 KB
25 KB 189ms
158ms Script
application/javascript 2606:4700::6811:82ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hscollectedforms.net/collectedforms.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2113031.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:82ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8309531b6b2107c16edd77efa774374f935a7924a84c7bae72973f19b962e0e5

Request headers

Referer: https://fraud.net/
Origin: https://fraud.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 23:27:46 GMT
via: 1.1 920629f47fa586ce02a1a1af8b626578.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
x-amz-cf-pop: IAD89-P1
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.278/bundles/project.js&cfRay=72326f4a2c159247-EWR
x-cache: RefreshHit from cloudfront
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
content-encoding: br
cf-ray: 72326f4a2c159247-FRA
last-modified: Thu, 19 May 2022 12:56:36 UTC
server: cloudflare
etag: W/"9bdc82a581dc188ff306ce5ac3c3e170"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
x-amz-version-id: w6kD440dVLHBLSxXlQNkz9NYzxhkbh3c
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=0
x-hs-cache-status: MISS
content-type: application/javascript; charset=utf-8
x-amz-cf-id: SdiIC3TRBl3EvRz8Pw-OmK0rml8lbvPq0xYTQ-8y2vBh5LVLnaBJsg==
x-hs-target-asset: collected-forms-embed-js/static-1.278/bundles/project.js

GET
H2 200 2113031.js Show response
js.hs-analytics.net/analytics/1656545100000/ 62 KB
20 KB 179ms
149ms Script
text/javascript 2606:4700::6811:43b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1656545100000/2113031.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2113031.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:43b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62d89588588a8dfb2b6db5704f2ef856c5435ff2d32c4dda09cbf6a50eac0a5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 23:27:46 GMT
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: B1ZH8W6K3D054F7A
x-amz-server-side-encryption: AES256
cf-ray: 72326f4a2ff39a3c-FRA
x-amz-id-2: km8CjbLCXQxNkAT4UdS0I7YGSI9Tmj1yxX8n/eaITWpmMQLHxpOXHqfemWYrZAFYjrDFXhjoeXg=
last-modified: Tue, 14 Jun 2022 15:04:46 GMT
server: cloudflare
etag: W/"9c3332b2d941df4bc7cd93aaf555e8f7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: max-age=300, public
access-control-allow-credentials: false
content-type: text/javascript
expires: Wed, 29 Jun 2022 23:32:46 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/998743206/ 2 KB
2 KB 154ms
48ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/998743206/?random=1656545266233&cv=9&fst=1656545266233&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6r0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Ffraud.net%2F&tiba=Fraud.net%20%7C%20AI%20Fraud%20Detection%20and%20Prevention%20for%20Enterprises&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

44f9763ddabfef2cb5faeb9fc9a33e8bfd81cd855c0d092f700fdd4e9f29406e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Jun 2022 23:27:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1036
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 1567786626743241 Show response
connect.facebook.net/signals/config/ 291 KB
84 KB 66ms
58ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1567786626743241?v=2.9.64&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

553d87708fad8d5375f6d908703797187c0b248ec21bbce0f551bf688bf17931

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: REE/XtttcYKyhIuSIOkCtXGEyqCP21TaPGzrU9brxozezCSqeQ3diSCdNS9zh2kGd5M0pwnf20UTj6SrIK/jQw==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 29 Jun 2022 23:27:46 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1656545266303
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 tp2 Show response
device.fraud.net/com.snowplowanalytics.snowplow/ 2 B
323 B 291ms
97ms XHR
text/plain 52.0.155.81
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://device.fraud.net/com.snowplowanalytics.snowplow/tp2
Requested by: Host: media.fraud.net
URL: https://media.fraud.net/shield/js/v1/analytics.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.0.155.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-0-155-81.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://fraud.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

access-control-allow-origin: https://fraud.net
date: Wed, 29 Jun 2022 23:27:46 GMT
access-control-allow-credentials: true
server: nginx
content-type: text/plain; charset=UTF-8
content-length: 2
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"

OPTIONS
H2 200 tp2
device.fraud.net/com.snowplowanalytics.snowplow/ Frame 0
0 325ms
97ms Preflight 52.0.155.81
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://device.fraud.net/com.snowplowanalytics.snowplow/tp2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.0.155.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-0-155-81.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://fraud.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-allow-origin: https://fraud.net
access-control-max-age: 5
content-length: 0
date: Wed, 29 Jun 2022 23:27:46 GMT
server: nginx

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 110ms
36ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVZ4N9X

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 1898
date: Wed, 29 Jun 2022 22:56:08 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 30 Jun 2022 00:56:08 GMT

GET
H2 200 box-63c3a81830bf549dafe40b369003f751.html Show response
vars.hotjar.com/ Frame B532 2 KB
1 KB 40ms
8ms Document
text/html 143.204.215.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-63c3a81830bf549dafe40b369003f751.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2001329.js?sv=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-118.fra53.r.cloudfront.net
Software: /
Resource Hash: f05ac9ba83369cd58d06d8ee2e5f8d61c040d30d044e20752153f95577627dc6

Request headers

Referer: https://fraud.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2562820
cache-control: max-age=31536000
content-encoding: br
content-length: 1044
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 31 May 2022 07:34:06 GMT
etag: "e6fb1304cb60a0dea0f76f7077cb13c6"
last-modified: Tue, 31 May 2022 07:33:23 GMT
vary: Accept-Encoding
via: 1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
x-amz-cf-id: njuQFwhm-VCwsbxJW5pbDuZkM0PI8L47EO9zU7hgfmYN57dI2cNwhw==
x-amz-cf-pop: FRA53-C1
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H2 200 preload-base.js Show response
front.optimonk.com/ 50 KB
16 KB 11ms
10ms Script
application/javascript 167.99.251.246
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://front.optimonk.com/preload-base.js?v=5493e6adca

Requested by

Host: front.optimonk.com
URL: https://front.optimonk.com/public/177110/js/preload.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

167.99.251.246 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

0e809ee0a59017ff9205bb5c568c8f30a4aa01b4756eb68fbbe4812d9c700134

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 23:27:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
etag: W/"c9c2-/rgfJz3Th002lxMTj1td3CR3JVw"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=604800
strict-transport-security: max-age=15552000; includeSubDomains
x-dns-prefetch-control: off
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 HVT2SOYWOBESJB535C7MUS Show response
d.adroll.com/consent/check/ 448 B
917 B 99ms
29ms Script
application/javascript 54.171.137.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/HVT2SOYWOBESJB535C7MUS?arrfrr=https%3A%2F%2Ffraud.net%2F&_s=b88ed4af507ecbd6f6685e4bcb2027e8&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.137.8 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-137-8.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: b19d141626adeb00fb1083db2962ddf804c9c950c70efaa3caad2923825bef2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Jun 2022 23:27:46 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.20.0
content-type: application/javascript
content-length: 448
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

POST
H2 200 player-test-impression
fresnel.vimeocdn.com/add/ Frame 3B9E 0
142 B 195ms
129ms Ping
text/plain 34.120.202.204
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fresnel.vimeocdn.com/add/player-test-impression?beacon=1
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.5.3/js/player.de-DE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Wed, 29 Jun 2022 23:27:46 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 761269575-6c5f8c54d48457c4a582eb93d22363f05ec10d47e9829dffd8598b02a20ddb61-d
i.vimeocdn.com/video/ Frame 3B9E 27 KB
27 KB 7ms
7ms Image
image/avif 151.101.14.109
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/761269575-6c5f8c54d48457c4a582eb93d22363f05ec10d47e9829dffd8598b02a20ddb61-d?mw=700&mh=394
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/235637953?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5a8fec3c4a16262ecaa3bb9de610f13ba27c1ae1699af37faa43a6cd1ebcc52d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 23:27:46 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 699033
x-viewmaster-lossless-format: automatic
x-cache: miss, HIT, HIT
access-control-max-age: 86400
x-backend-server: varnish
content-length: 27328
viewmaster-server: viewmaster-us-central1-5ckw
x-served-by: cache-dfw18666-DFW, cache-fra19182-FRA
x-timer: S1656545266.464693,VS0,VE1
etag: f8192317ef45f7d64358bbad45347dbc
vary: Accept
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 1, 1

POST
H2 200 player-stats
fresnel.vimeocdn.com/add/ Frame 3B9E 0
40 B 187ms
129ms Ping
text/plain 34.120.202.204
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=9825fa08f42a49fef10b7c658cc8c18a0e81c5bf1656545265
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.5.3/js/player.de-DE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Wed, 29 Jun 2022 23:27:46 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 public Show response
api.hubspot.com/livechat-public/v1/message/ 3 KB
3 KB 213ms
195ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=2113031&conversations-embed=static-1.10317&mobile=false&messagesUtk=d45da74e5f9f478480857a10e0ef4e1e&traceId=d45da74e5f9f478480857a10e0ef4e1e

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f89353ede1ede64b0e64cd1629dfdeaa1397ddc1cb611bc4ba80170465e0673

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Referer: https://fraud.net/
accept-language: de-DE,de;q=0.9
X-HubSpot-Messages-Uri: https://fraud.net/

Response headers

date: Wed, 29 Jun 2022 23:27:47 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: dc809177-0175-4d50-91fa-450918a967ee
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1474
server: cloudflare
x-trace: 2B3144760FBA16F3696203B8CDDD4CF0A2264A8580000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=crRwvuHsEC5nDoaIE%2BLQRsK0pDjJnCqZavRdXqDXGxlqg068CRefV60dBXXx8fh1W1PDeNubWVimZRIuC8oVTjnIv2RZcGZw4FtDXjOohfVyIprmyhGQOmawqiwH0Ub789O849OPv8kWsJio0w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://fraud.net
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
cf-ray: 72326f4dde6bbbc8-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

OPTIONS
H2 200 public
api.hubspot.com/livechat-public/v1/message/ Frame 0
0 187ms
161ms Preflight
text/plain 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: x-hubspot-messages-uri
Access-Control-Request-Method: GET
Origin: https://fraud.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://fraud.net
allow: HEAD,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 72326f4cb976bb5b-FRA
content-length: 18
content-type: text/plain; charset=utf-8
date: Wed, 29 Jun 2022 23:27:46 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lOcz86gbBlDVagqDxPk5WowkTuomKuUmWUhGRp66YuwBCgbWoycAP1siVjT5UKgby%2FXBBU7VmCnnEElOiap6I%2FgevWd%2FM%2BTejjIsgSWlWq9tpsFpdvlXbG%2BkIBVR7RVRCgPRtS4rfxi3YxKWzA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-hubspot-correlation-id: 0f70439e-9568-492d-aa51-3a8b4802086c
x-trace: 2BC241476DFEDD9B57E4A71281C806ED3A1F29F93A000000000000000000

GET
H2 200 MicrosoftTeams-image-2-2.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 192 KB
192 KB 6ms
6ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/MicrosoftTeams-image-2-2.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

bde3b71f93b22cd94edb3a80c7ca8dc84e6e90f0609084d6254c7b82a1f59fb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 29 Jun 2022 23:27:46 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Fri, 03 Sep 2021 16:33:05 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/MicrosoftTeams-image-2-2.png>; rel="canonical"
content-length: 196542
expires: Wed, 06 Jul 2022 23:27:46 GMT

GET
H2 200 enterprise.js Show response
www.google.com/recaptcha/ 1008 B
1022 B 129ms
47ms Script
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit&isolated=true

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d82b41bdb1dd724c9b8e802e72405ef52aabd5557ac870db13ed0da796a719cc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 23:27:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 610
x-xss-protection: 1; mode=block
expires: Wed, 29 Jun 2022 23:27:46 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 30ms
7ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1567786626743241&ev=PageView&dl=https%3A%2F%2Ffraud.net%2F&rl=&if=false&ts=1656545266704&sw=1600&sh=1200&v=2.9.64&r=stable&ec=0&o=30&fbp=fb.1.1656545266703.1241064525&it=1656545266240&coo=false&exp=p0&rqm=GET

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 23:27:46 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Wed, 29 Jun 2022 23:27:46 GMT

GET
H2 200 Group-2851.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 304 KB
305 KB 7ms
6ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Group-2851.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

2d94d3066a34b525976103a941c069e16f5ed11534466b0070d88f83a63c9ef7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 29 Jun 2022 23:27:46 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Fri, 03 Sep 2021 16:15:11 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Group-2851.png>; rel="canonical"
content-length: 311451
expires: Wed, 06 Jul 2022 23:27:46 GMT

POST
H/1.1 204
No Content vuid
vimeo.com/ablincoln/ Frame 3B9E 0
990 B 206ms
169ms Ping
text/plain 162.159.138.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vimeo.com/ablincoln/vuid?pid=9825fa08f42a49fef10b7c658cc8c18a0e81c5bf1656545265

Requested by

Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.159.138.60 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 29 Jun 2022 23:27:46 GMT
Via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
CF-Cache-Status: DYNAMIC
content-security-policy-report-only: default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /_csp
X-Cache: MISS, MISS
Connection: keep-alive
Vary: User-Agent
x-xss-protection: 1; mode=block
X-Served-By: cache-iad-kcgs7200139-IAD, cache-fra19171-FRA
x-vimeo-device: d
Server: cloudflare
X-Timer: S1656545267.806085,VS0,VE133
x-frame-options: sameorigin
x-backend-proxy: webproxy3
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
expires: Wed, 29 Jun 2022 11:27:46 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-bapp-server: pweb-v1732-zkc5z
x-ua-compatible: IE=edge
Accept-Ranges: bytes
CF-RAY: 72326f4d6cee90a3-FRA
X-Cache-Hits: 0, 0

GET
H2 200 Group-2859.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 84 KB
84 KB 8ms
7ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Group-2859.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

8a5b549f97ff7e1523fed10f7de1b2bd371e1d07a9a5ffb748520609b348bb5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 29 Jun 2022 23:27:46 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Fri, 03 Sep 2021 16:14:37 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Group-2859.png>; rel="canonical"
content-length: 85846
expires: Wed, 06 Jul 2022 23:27:46 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 43ms
43ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1855640018&t=pageview&_s=1&dl=https%3A%2F%2Ffraud.net%2F&ul=en-us&de=UTF-8&dt=Fraud.net%20%7C%20AI%20Fraud%20Detection%20and%20Prevention%20for%20Enterprises&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABQAAAAC~&jid=1932954908&gjid=720723310&cid=486333096.1656545267&tid=UA-35675858-1&_gid=454939537.1656545267&_r=1&gtm=2wg6r0WVZ4N9X&z=1634059876

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://fraud.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 29 Jun 2022 23:27:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fraud.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Group-2858.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 235 KB
236 KB 7ms
7ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Group-2858.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

f557768dc0c8791b80b0d6415b9c5d292503431d5c48f155e23f335883c7fe4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 29 Jun 2022 23:27:46 GMT
x-ac: 1.hhn _atomic_ams
last-modified: Fri, 03 Sep 2021 16:14:30 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Group-2858.png>; rel="canonical"
content-length: 241112
expires: Wed, 06 Jul 2022 23:27:46 GMT

GET
H2 200 jfclientsdk.min.js Show response
gs-cdn.optimonk.com/jfclientsdk/latest/ 95 KB
32 KB 39ms
7ms Script
application/javascript 138.199.37.226
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://gs-cdn.optimonk.com/jfclientsdk/latest/jfclientsdk.min.js?ts=12
Requested by: Host: front.optimonk.com
URL: https://front.optimonk.com/preload-base.js?v=5493e6adca
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.226 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-138-199-37-226.datapacket.com
Software: BunnyCDN-DE-832 /
Resource Hash: 85f0b9ca412b1b2c5ce84007871323a0d6f3e532e7b8a726026b458a1656c1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 23:27:46 GMT
content-encoding: br
cdn-edgestorageid: 832
x-guploader-uploadid: ADPycdvzcXWeG7eagFXoz5rJ5QaIUDE0nG6Vh6DyBHV0gEyJaoZ_Ec7fwd2ikZzPf7-rtRrTIqcvyM2hGexPDPfBJiy-Va3KMj3F
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
cdn-pullzone: 592317
x-goog-stored-content-encoding: identity
cdn-cachedat: 06/23/2022 11:30:52
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000
server: BunnyCDN-DE-832
last-modified: Thu, 23 Jun 2022 11:01:56 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"0d51daede184576e937e1d8135d6e64d"
content-language: en
vary: Accept-Encoding, Accept-Encoding
x-goog-hash: crc32c=KnNijw==, md5=DVHa7eGEV26Tfh2BNdbmTQ==
x-goog-generation: 1655982116491970
cdn-cache: HIT
cdn-uid: 03887a3a-e2eb-4f9c-b547-bb29001e27f6
cache-control: public, max-age=2592000
x-goog-stored-content-length: 97067
cdn-requestid: c890801ee6311290015edbc2afedfca9
content-type: application/javascript
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 4000327 Show response
www.clarity.ms/tag/uet/ 897 B
1 KB 167ms
103ms Script
application/x-javascript 2620:1ec:27::cafe:1995
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/4000327
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/4000327.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1995 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 710415c4758deaf0933c0e9a85ae6cd2dc9a4aa5c26460f31dcfa7636bba007a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 23:27:46 GMT
x-powered-by: ASP.NET
x-azure-ref: 08t+8YgAAAABcYQU3tEuIRKr7vzy2y3toUEFSMDJFREdFMDYxMwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
request-context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
content-length: 897
expires: -1

GET
H3 200 /
www.google.com/pagead/1p-user-list/998743206/ 42 B
64 B 129ms
49ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/998743206/?random=1656545266233&cv=9&fst=1656543600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6r0&sendb=1&frm=0&url=https%3A%2F%2Ffraud.net%2F&tiba=Fraud.net%20%7C%20AI%20Fraud%20Detection%20and%20Prevention%20for%20Enterprises&async=1&fmt=3&is_vtc=1&random=3060234007&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Jun 2022 23:27:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/998743206/ 42 B
548 B 127ms
46ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/998743206/?random=1656545266233&cv=9&fst=1656543600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6r0&sendb=1&frm=0&url=https%3A%2F%2Ffraud.net%2F&tiba=Fraud.net%20%7C%20AI%20Fraud%20Detection%20and%20Prevention%20for%20Enterprises&async=1&fmt=3&is_vtc=1&random=3060234007&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Jun 2022 23:27:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

6SMH2DHXINFNDD52UNEEKG.js Show response
s.adroll.com/pixel/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM/
Redirect Chain

https://d.adroll.com/pixel/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM?adroll_fpc=ac89e0d5c2f423d5652320a049bd84a2-1656545266829&arrfrr=https%3A%2F%2Ffraud.net%2F&pv=74547720206.88911&cookie=&adr...
https://s.adroll.com/pixel/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM/6SMH2DHXINFNDD52UNEEKG.js

5 KB
3 KB

9ms
8ms

Script
text/javascript

2600:9000:206f:2000:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/pixel/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM/6SMH2DHXINFNDD52UNEEKG.js
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: HTTP/1.1
Server: 2600:9000:206f:2000:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0b94bede2650cab53ab4993aa247e12944317add295da23ac72894a20ec0b448

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

X-Amz-Version-Id: aEzA8ZiD3GBvTEFl97h.zOEnHFJ9yDtC
Content-Encoding: gzip
Etag: W/"8955661fd9b03bac87a8e2e4016e9727"
Age: 27
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Vary: Accept-Encoding
Via: 1.1 b8fb5d47d5536b63dd25111404e6e2e4.cloudfront.net (CloudFront)
Last-Modified: Mon, 06 Jun 2022 22:12:13 GMT
Server: AmazonS3
Date: Wed, 29 Jun 2022 23:27:20 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA56-C1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: uVGadIQm66hlV41L7gZQUDBuszjCDEn6d9Sd4FAotP6uo2wcVT2jlg==

Redirect headers

date: Wed, 29 Jun 2022 23:27:46 GMT
x-segment-display-name: FN Homepage
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
x-rule-type: s
content-length: 0
pragma: no-cache
x-conversion-value: 0.00
server: nginx/1.20.0
x-rule: *fraud.net/*
x-segment-eid: 6SMH2DHXINFNDD52UNEEKG
location: https://s.adroll.com/pixel/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM/6SMH2DHXINFNDD52UNEEKG.js
cache-control: no-store, no-cache, must-revalidate
x-pixel-eid: ML43PNVWLZH6BAVX2UYHRM
x-segment-name: d1dcd5e9
x-advertisable-eid: HVT2SOYWOBESJB535C7MUS
x-conversion-currency

GET
H/1.1 200
OK track.gif
secure.gaug.es/ 35 B
389 B 108ms
108ms Image
image/gif 18.209.77.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.gaug.es/track.gif?h[site_id]=5d2ff78cc994471481492bdc&h[resource]=https%3A%2F%2Ffraud.net%2F&h[referrer]=&h[title]=Fraud.net%20%7C%20AI%20Fraud%20Detection%20and%20Prevention%20for%20Enterprises&h[user_agent]=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F103.0.5060.53%20Safari%2F537.36&h[unique]=1&h[unique_hour]=1&h[unique_day]=1&h[unique_month]=1&h[unique_year]=1&h[screenx]=1600&h[browserx]=1600&h[browsery]=1200&timestamp=1656545266837

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.209.77.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-209-77-242.compute-1.amazonaws.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 29 Jun 2022 23:27:46 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 29 Jun 2022 23:27:46 GMT
Server: nginx/1.10.3 (Ubuntu)
Content-Type: image/gif
Cache-Control: no-store, no-cache, must-revalidate, private
Connection: keep-alive
Content-Length: 35
Expires: Sat, 25 Nov 2000 05:00:00 GMT

GET
H2 200 Computer-Appstore-e1628881087778-uai-1032x638.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 191 KB
191 KB 7ms
6ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Computer-Appstore-e1628881087778-uai-1032x638.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

d34714f028b8a056625c6cc214a4a2456052e03cee9bac45c19b138f4560b368

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 29 Jun 2022 23:27:46 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Fri, 03 Dec 2021 13:48:14 GMT
server: nginx
strict-transport-security: max-age=15552000
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Computer-Appstore-e1628881087778-uai-1032x638.png>; rel="canonical"
content-length: 195680
expires: Wed, 06 Jul 2022 23:27:46 GMT

POST
H2 200 load Show response
front.optimonk.com/public/177110/js/ 0
347 B 27ms
12ms XHR
application/javascript 167.99.251.246
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://front.optimonk.com/public/177110/js/load

Requested by

Host: front.optimonk.com
URL: https://front.optimonk.com/preload-base.js?v=5493e6adca

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

167.99.251.246 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fraud.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 29 Jun 2022 23:27:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
x-download-options: noopen
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
strict-transport-security: max-age=15552000; includeSubDomains
x-dns-prefetch-control: off
x-xss-protection: 1; mode=block

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/2001329/ 147 B
323 B 97ms
32ms XHR
application/json 34.253.52.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/2001329/visit-data?sv=7
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.e0f9a963b7d4b193cd64.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.52.76 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-52-76.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: d2e4914ae962acd061798de5379f9e74b461e90543002cf3f284d6a29dcd5f23

Request headers

Referer: https://fraud.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Wed, 29 Jun 2022 23:27:46 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H2 200 json Show response
forms.hubspot.com/collected-forms/v1/config/ 115 B
707 B 386ms
376ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/collected-forms/v1/config/json?portalId=2113031&utk=

Requested by

Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4df654661d6a1770cd4d647cf1a16adc085a300d1e521e9bc9f2c133d4e22a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://fraud.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 23:27:47 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 19f9d9e2-1e30-488a-acd6-2e061226274f
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zTGl0FUKzXy%2BtcD3SgVqjh5FfvXjtxKWeQLMO8kBtCcvI7iigiorTS%2FSugiCLzJlEA3K8E3%2BDDA4rdRoBJ%2BZed2wPCUXOjpyixKRM0UGLxpD4IIdVajwIGa4M5exVDz%2BlNNCxp7SFRUrlHM%2FYE1L"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://fraud.net
x-robots-tag: none
access-control-allow-credentials: false
cf-ray: 72326f4deacfbb5b-FRA
access-control-allow-headers: *

GET
H2 200 Group-2854.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 265 KB
265 KB 6ms
6ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Group-2854.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

78cada0d0ef4f1560d0bf4022a53790fad68297d09099dbbb3628d8dc62c9275

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 29 Jun 2022 23:27:46 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Fri, 03 Sep 2021 16:14:08 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Group-2854.png>; rel="canonical"
content-length: 271391
expires: Wed, 06 Jul 2022 23:27:46 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ 366 KB
145 KB 135ms
37ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit&isolated=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1146849b14934539a02490c2934b135178838306e98e2a490a8aac3206f8036

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fraud.net/
Origin: https://fraud.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 23:19:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 518
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 148046
x-xss-protection: 0
last-modified: Mon, 13 Jun 2022 04:02:51 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 29 Jun 2023 23:19:08 GMT

GET
H2 200 fraud-dot-net-background-dots-bottom-sm.jpg
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2018/10/ 45 KB
45 KB 6ms
6ms Image
image/jpeg 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2018/10/fraud-dot-net-background-dots-bottom-sm.jpg

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

445d907172a2bf29b119fecb54a2c2cad1a2eda934f9c887e4c1c923789108d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 29 Jun 2022 23:27:46 GMT
x-ac: 1.hhn _atomic_ams
last-modified: Thu, 26 Sep 2019 11:05:29 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2018/10/fraud-dot-net-background-dots-bottom-sm.jpg>; rel="canonical"
content-length: 45696
expires: Wed, 06 Jul 2022 23:27:46 GMT

POST
H2 200 / Show response
jfapiprod.optimonk.com/v2/ 26 B
196 B 243ms
153ms Fetch
application/json 34.117.177.207
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://jfapiprod.optimonk.com/v2/
Requested by: Host: gs-cdn.optimonk.com
URL: https://gs-cdn.optimonk.com/jfclientsdk/latest/jfclientsdk.min.js?ts=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.177.207 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 207.177.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 3e9b76cd18916b141392804403064f5b92bcbf054ca0b20036d44b04405fd854

Request headers

Referer: https://fraud.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 29 Jun 2022 23:27:47 GMT
via: 1.1 google
etag: W/"1a-oDk6RB3+SLV96sulj5WuSYroQto"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26
content-type: application/json; charset=utf-8

GET
H/1.1 200
OK onsiteloader.js Show response
s.adroll.com/onsite_personalization/production/0.1/loader/ 2 KB
2 KB 12ms
11ms Script
application/javascript 2600:9000:206f:2000:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/onsite_personalization/production/0.1/loader/onsiteloader.js
Requested by: Host: d.adroll.com
URL: https://d.adroll.com/pixel/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM?adroll_fpc=ac89e0d5c2f423d5652320a049bd84a2-1656545266829&arrfrr=https%3A%2F%2Ffraud.net%2F&pv=74547720206.88911&cookie=&adroll_s_ref=&keyw=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:2000:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 61e6bb7dc98f8adb836fc72a8fdd38c6cfb48a0e71d3c58ffc2943217764ef40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

X-Amz-Version-Id: jCG0Y9XUUOQKBmsnFB0TVFtRkjlhb5c.
Content-Encoding: gzip
Etag: W/"73534cc70057d4d96ec3c5a56ad5d4ef"
X-Amz-Cf-Pop: FRA56-C1
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Access-Control-Max-Age: 600
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Thu, 09 Dec 2021 21:03:21 GMT
Server: AmazonS3
Date: Wed, 29 Jun 2022 23:27:46 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Via: 1.1 b8fb5d47d5536b63dd25111404e6e2e4.cloudfront.net (CloudFront)
Cache-Control: no-cache
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: yoVolUfqBSclX3u60Xf0HGQgdADhxqhkFpd_6-CQtbn0OMdp5oz0HQ==

GET
H/1.1 200
OK sendrolling.js Show response
s.adroll.com/j/ 9 KB
3 KB 9ms
8ms Script
application/javascript 2600:9000:206f:2000:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/sendrolling.js
Requested by: Host: d.adroll.com
URL: https://d.adroll.com/pixel/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM?adroll_fpc=ac89e0d5c2f423d5652320a049bd84a2-1656545266829&arrfrr=https%3A%2F%2Ffraud.net%2F&pv=74547720206.88911&cookie=&adroll_s_ref=&keyw=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:2000:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0e43526628a115f55ff6651fd7e7d73d89c8026d42eda4c5b42576c7c68fb1c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

X-Amz-Version-Id: JR5Vq.DMHfime0bERr5Hmy67RS3m7vPf
Content-Encoding: gzip
Etag: W/"9756544f4d5f7804fccddbebdbfb756f"
Age: 268
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Vary: Accept-Encoding
Via: 1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
Last-Modified: Mon, 27 Jun 2022 17:51:28 GMT
Server: AmazonS3
Date: Wed, 29 Jun 2022 23:23:18 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=300, must-revalidate
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA56-C1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: ImPh5GZJ_cBw1Rr2movhA3XVcajzcddiPUUFuPFhnSkA2adat5TDww==

GET
H3 200 411617989444864 Show response
connect.facebook.net/signals/config/ 291 KB
84 KB 54ms
53ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/411617989444864?v=2.9.64&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

68884651e04059f54d0f39103185aac113e56724030e546d64b20972c5e8ada2

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: 6cc1Ejgr6wOEVnQfyT2BJuBDOW094W2C+pSP3hQzqVAncqqYz/oauHMWgV8BGDn3DMBemeU4ySoxQZHeP8cuJA==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 29 Jun 2022 23:27:46 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1656545266969
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/
Redirect Chain

https://d.adroll.com/cm/index/out?adroll_fpc=ac89e0d5c2f423d5652320a049bd84a2-1656545266829&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=OTg0ZmE5NWEwMDQ4MmU4YTdkMThkNDBmY2NjNTg0MGU&expiration=1688081266
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=OTg0ZmE5NWEwMDQ4MmU4YTdkMThkNDBmY2NjNTg0MGU&expiration=1688081266&C=1

43 B
941 B

52ms
36ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=OTg0ZmE5NWEwMDQ4MmU4YTdkMThkNDBmY2NjNTg0MGU&expiration=1688081266&C=1
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray: 72326f4f7c049b8f-FRA
pragma: no-cache
date: Wed, 29 Jun 2022 23:27:47 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PU9ntt8HqcdfLyqASjJMv4wSB7IW19FHzfq6wADsIxoZCWT2Rq1oxPPty6KdG1afY3Kt5wY06YooIwIMO%2BbW86bTl2KeikBAgmnX5bzZ0nwHIe2HMKmC0rV91UwADHa7L920w4pyt7QayQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 29 Jun 2022 23:27:47 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NtK1%2BBFK91pNR7wIHD4AosYCMRFf7dIff%2BnV6q1DbFAVvCL4Z6OYL4Jg5FbVevx6tXzY6hx31bnyJigGdecU2kbTYeCSarl0BJNhMgzgTHh0aYXM8RXxjcK4Y4y3fsu54cZ75%2BSqucY4cA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=105&external_user_id=OTg0ZmE5NWEwMDQ4MmU4YTdkMThkNDBmY2NjNTg0MGU&expiration=1688081266&C=1
cache-control: no-cache
cf-ray: 72326f4eeba25ba4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://d.adroll.com/cm/n/out?adroll_fpc=ac89e0d5c2f423d5652320a049bd84a2-1656545266829&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=OTg0ZmE5NWEwMDQ4MmU4YTdkMThkNDBmY2NjNTg0MGU&expires=365

0
239 B

129ms
7ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=OTg0ZmE5NWEwMDQ4MmU4YTdkMThkNDBmY2NjNTg0MGU&expires=365
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Content-Type: image/gif

Redirect headers

location: https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=OTg0ZmE5NWEwMDQ4MmU4YTdkMThkNDBmY2NjNTg0MGU&expires=365
pragma: no-cache
date: Wed, 29 Jun 2022 23:27:46 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.20.0
content-length: 124
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/
Redirect Chain

https://d.adroll.com/cm/outbrain/out?adroll_fpc=ac89e0d5c2f423d5652320a049bd84a2-1656545266829&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS
https://sync.outbrain.com/cookie-sync?p=adroll&uid=OTg0ZmE5NWEwMDQ4MmU4YTdkMThkNDBmY2NjNTg0MGU

0
477 B

383ms
93ms

Image
text/plain

64.202.112.95
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=adroll&uid=OTg0ZmE5NWEwMDQ4MmU4YTdkMThkNDBmY2NjNTg0MGU
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: HTTP/1.1
Server: 64.202.112.95 Harrodsburg, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 29 Jun 2022 23:27:47 GMT
Cache-Control: no-cache
X-TraceId: 1f93408751b0caaca88cc1a29d896910
Content-Length: 0

Redirect headers

location: https://sync.outbrain.com/cookie-sync?p=adroll&uid=OTg0ZmE5NWEwMDQ4MmU4YTdkMThkNDBmY2NjNTg0MGU
pragma: no-cache
date: Wed, 29 Jun 2022 23:27:46 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.20.0
content-length: 100
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

200

Pug
image2.pubmatic.com/AdServer/
Redirect Chain

https://d.adroll.com/cm/pubmatic/out?adroll_fpc=ac89e0d5c2f423d5652320a049bd84a2-1656545266829&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=OTg0ZmE5NWEwMDQ4MmU4YTdkMThkNDBmY2NjNTg0MGU&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXy...

42 B
493 B

66ms
16ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=OTg0ZmE5NWEwMDQ4MmU4YTdkMThkNDBmY2NjNTg0MGU&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 23:27:45 GMT
cache-control: no-store, no-cache, private
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=OTg0ZmE5NWEwMDQ4MmU4YTdkMThkNDBmY2NjNTg0MGU&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
pragma: no-cache
date: Wed, 29 Jun 2022 23:27:46 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.20.0
content-length: 212
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

204

rtb-h
sync.taboola.com/sg/adroll-network/1/
Redirect Chain

https://d.adroll.com/cm/taboola/out?adroll_fpc=ac89e0d5c2f423d5652320a049bd84a2-1656545266829&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=OTg0ZmE5NWEwMDQ4MmU4YTdkMThkNDBmY2NjNTg0MGU

0
90 B

66ms
22ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=OTg0ZmE5NWEwMDQ4MmU4YTdkMThkNDBmY2NjNTg0MGU
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 23:27:47 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13762

Redirect headers

location: https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=OTg0ZmE5NWEwMDQ4MmU4YTdkMThkNDBmY2NjNTg0MGU
pragma: no-cache
date: Wed, 29 Jun 2022 23:27:46 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.20.0
content-length: 111
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

200

xuid
eb2.3lift.com/
Redirect Chain

https://d.adroll.com/cm/triplelift/out?adroll_fpc=ac89e0d5c2f423d5652320a049bd84a2-1656545266829&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS
https://eb2.3lift.com/xuid?mid=4714&xuid=OTg0ZmE5NWEwMDQ4MmU4YTdkMThkNDBmY2NjNTg0MGU&dongle=c85e

37 B
140 B

59ms
14ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=4714&xuid=OTg0ZmE5NWEwMDQ4MmU4YTdkMThkNDBmY2NjNTg0MGU&dongle=c85e
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 23:27:47 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

location: https://eb2.3lift.com/xuid?mid=4714&xuid=OTg0ZmE5NWEwMDQ4MmU4YTdkMThkNDBmY2NjNTg0MGU&dongle=c85e
pragma: no-cache
date: Wed, 29 Jun 2022 23:27:46 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.20.0
content-length: 102
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

204

v1
ads.yahoo.com/cms/
Redirect Chain

https://d.adroll.com/cm/r/out?adroll_fpc=ac89e0d5c2f423d5652320a049bd84a2-1656545266829&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS
https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

0
194 B

88ms
20ms

Image
text/plain

2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 23:27:47 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

location: https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
pragma: no-cache
date: Wed, 29 Jun 2022 23:27:46 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.20.0
content-length: 165
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/
Redirect Chain

https://d.adroll.com/cm/b/out?adroll_fpc=ac89e0d5c2f423d5652320a049bd84a2-1656545266829&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS
https://x.bidswitch.net/sync?dsp_id=44&user_id=OTg0ZmE5NWEwMDQ4MmU4YTdkMThkNDBmY2NjNTg0MGU
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=OTg0ZmE5NWEwMDQ4MmU4YTdkMThkNDBmY2NjNTg0MGU

43 B
495 B

8ms
8ms

Image
image/gif

52.29.193.101
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=OTg0ZmE5NWEwMDQ4MmU4YTdkMThkNDBmY2NjNTg0MGU
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: HTTP/1.1
Server: 52.29.193.101 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-193-101.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 29 Jun 2022 23:27:47 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=OTg0ZmE5NWEwMDQ4MmU4YTdkMThkNDBmY2NjNTg0MGU
Date: Wed, 29 Jun 2022 23:27:47 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

bounce
ib.adnxs.com/
Redirect Chain

https://d.adroll.com/cm/x/out?adroll_fpc=ac89e0d5c2f423d5652320a049bd84a2-1656545266829&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS
https://ib.adnxs.com/setuid?entity=172&code=OTg0ZmE5NWEwMDQ4MmU4YTdkMThkNDBmY2NjNTg0MGU
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DOTg0ZmE5NWEwMDQ4MmU4YTdkMThkNDBmY2NjNTg0MGU

43 B
1 KB

12ms
12ms

Image
image/gif

37.252.172.45
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DOTg0ZmE5NWEwMDQ4MmU4YTdkMThkNDBmY2NjNTg0MGU

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

HTTP/1.1

Server

37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 29 Jun 2022 23:27:47 GMT
X-Proxy-Origin: 185.213.155.162; 185.213.155.162; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 819e8b18-ad81-480b-bcd3-24c0091abcf8
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 29 Jun 2022 23:27:47 GMT
X-Proxy-Origin: 185.213.155.162; 185.213.155.162; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 63b101f5-6d5b-49ce-88a1-53d05c3f7d70
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DOTg0ZmE5NWEwMDQ4MmU4YTdkMThkNDBmY2NjNTg0MGU
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 out
d.adroll.com/cm/l/ 42 B
180 B 56ms
55ms Image
image/gif 54.171.137.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/l/out?adroll_fpc=ac89e0d5c2f423d5652320a049bd84a2-1656545266829&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.137.8 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-137-8.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 23:27:46 GMT
cache-control: no-transform,public,max-age=300,s-maxage=900
server: nginx/1.20.0
content-length: 42
vary: Cookie
content-type: image/gif

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://d.adroll.com/cm/o/out?adroll_fpc=ac89e0d5c2f423d5652320a049bd84a2-1656545266829&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS
https://us-u.openx.net/w/1.0/sd?id=537103138&val=984fa95a00482e8a7d18d40fccc5840e&gdpr=1&gdpr_consent=

43 B
275 B

66ms
23ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537103138&val=984fa95a00482e8a7d18d40fccc5840e&gdpr=1&gdpr_consent=
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/7f1e280 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Jun 2022 23:27:47 GMT
via: 1.1 google
server: OXGW/7f1e280
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?id=537103138&val=984fa95a00482e8a7d18d40fccc5840e&gdpr=1&gdpr_consent=
pragma: no-cache
date: Wed, 29 Jun 2022 23:27:46 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.20.0
content-length: 108
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

200

in
d.adroll.com/cm/g/
Redirect Chain

https://d.adroll.com/cm/g/out?adroll_fpc=ac89e0d5c2f423d5652320a049bd84a2-1656545266829&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS&google_nid=adroll5
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=mE-pWgBILop9GNQPzMWEDg
https://d.adroll.com/cm/g/in

42 B
537 B

28ms
27ms

Image
image/gif

54.171.137.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/g/in
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: H2
Server: 54.171.137.8 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-137-8.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Jun 2022 23:27:47 GMT
server: nginx/1.20.0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-store, no-cache, must-revalidate
content-type: image/gif
content-length: 42
x-result: g.-1.-1.-1

Redirect headers

pragma: no-cache
date: Wed, 29 Jun 2022 23:27:47 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://d.adroll.com/cm/g/in
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 225
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK main.39c29e42.js Show response
s.adroll.com/onsite_personalization/production/0.1/static/js/ 336 KB
100 KB 24ms
8ms Script
application/javascript 2600:9000:206f:2000:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/onsite_personalization/production/0.1/static/js/main.39c29e42.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/onsite_personalization/production/0.1/loader/onsiteloader.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:2000:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 07db2104bff88b827b7d0dc6c06ec4b2d6fe59c2633680546dbddb3be400285f

Request headers

Referer: https://fraud.net/
Origin: https://fraud.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

X-Amz-Version-Id: VbMgk_gXghimoZRhj6QFui2WfE6aoopb
Content-Encoding: gzip
Etag: W/"86fbdc8ff56a043dffe520cd42b1e7b9"
Age: 81374
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Access-Control-Max-Age: 600
Connection: keep-alive
Via: 1.1 c4a2e8b9ec0bdec016055cf127d5dad8.cloudfront.net (CloudFront)
Last-Modified: Wed, 22 Dec 2021 19:15:34 GMT
Server: AmazonS3
Date: Wed, 29 Jun 2022 00:51:42 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA56-C1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: JUsERTa2FWgl9eHRXUut4GOk0AMIdzSp6XmfTmFarekT6VUxLa52qQ==

GET
H/1.1 200
OK main.2a90a3dd.css
s.adroll.com/onsite_personalization/production/0.1/static/css/ 25 KB
4 KB 11ms
11ms Stylesheet
text/css 2600:9000:206f:2000:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/onsite_personalization/production/0.1/static/css/main.2a90a3dd.css
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/onsite_personalization/production/0.1/loader/onsiteloader.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:2000:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 59c48654847cab7c894b4e49aed73de1a4141c27e501d72dd1117a356ef0f069

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

X-Amz-Version-Id: stG5rI47SkR3xxZTGnejIIBdHw6mvWlq
Content-Encoding: gzip
Etag: W/"3b96be16936102d8935969d4c53c212f"
X-Amz-Cf-Pop: FRA56-C1
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Access-Control-Max-Age: 600
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Thu, 09 Dec 2021 21:03:21 GMT
Server: AmazonS3
Date: Wed, 29 Jun 2022 23:27:46 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/css
Via: 1.1 b8fb5d47d5536b63dd25111404e6e2e4.cloudfront.net (CloudFront)
Cache-Control: no-cache
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: wi99WH12V87yoU69X0w0PYQKJUJS-W8sHN2DG0DGUrIM3ljNFg8tBw==

GET
H2 200 clarity.js Show response
www.clarity.ms/eus2/s/0.6.34/ 53 KB
23 KB 104ms
99ms Script
application/javascript 2620:1ec:27::cafe:1995
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus2/s/0.6.34/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/4000327
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1995 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 23:27:46 GMT
content-encoding: br
etag: "1d88bc3d8d26054"
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
x-azure-ref: 08t+8YgAAAADhXIAaTMHGRL5zYVSLo7ImUEFSMDJFREdFMDYxMwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
accept-ranges: bytes
content-length: 23150
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

GET
H/1.1 200
OK no_builder_customizations.json Show response
s.adroll.com/onsite_personalization/production/advertiser-personalizations/HVT2SOYWOBESJB535C7MUS/ 2 B
775 B 606ms
604ms XHR
binary/octet-stream 2600:9000:206f:2000:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/onsite_personalization/production/advertiser-personalizations/HVT2SOYWOBESJB535C7MUS/no_builder_customizations.json
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/onsite_personalization/production/0.1/static/js/main.39c29e42.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:2000:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

X-Amz-Version-Id: Qq4r8F1tiHtgStZBEhtkqfS84yGuBoes
Via: 1.1 c4a2e8b9ec0bdec016055cf127d5dad8.cloudfront.net (CloudFront)
Etag: "99914b932bd37a50b983c5e7c90ae93b"
X-Amz-Cf-Pop: FRA56-C1
X-Amz-Server-Side-Encryption: AES256
X-Cache: RefreshHit from cloudfront
Access-Control-Max-Age: 600
Connection: keep-alive
Content-Length: 2
Last-Modified: Tue, 07 Sep 2021 06:39:56 GMT
Server: AmazonS3
Date: Wed, 29 Jun 2022 23:27:48 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: GZE0KO4Xxe5eun73g8YElK03cNBrhaR384HxPN8_psqeVswQHUfTpg==

GET
H/1.1 200
OK config.json Show response
s.adroll.com/onsite_personalization/production/advertiser-personalizations/HVT2SOYWOBESJB535C7MUS/ 2 KB
2 KB 618ms
596ms XHR
binary/octet-stream 2600:9000:206f:2000:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/onsite_personalization/production/advertiser-personalizations/HVT2SOYWOBESJB535C7MUS/config.json
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/onsite_personalization/production/0.1/static/js/main.39c29e42.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:2000:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0b7cc6c8b7fefd78a6ae414419fedf7a729897da31dd6a95d350d3cd5633005c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

X-Amz-Version-Id: gdsCJ91e36preZqcIA6RaB5svplwGuhr
Via: 1.1 c4a2e8b9ec0bdec016055cf127d5dad8.cloudfront.net (CloudFront)
Etag: "04a72a37c10f648fb8263045b284cb6c"
X-Amz-Cf-Pop: FRA56-C1
X-Amz-Server-Side-Encryption: AES256
X-Cache: RefreshHit from cloudfront
Access-Control-Max-Age: 600
Connection: keep-alive
Content-Length: 1697
Last-Modified: Tue, 07 Sep 2021 06:39:56 GMT
Server: AmazonS3
Date: Wed, 29 Jun 2022 23:27:48 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: 8HG9ckibHQ0NylDWaJYAXRSkwBNC9XtDZ2qnO8AbA2AYHyehWOhA5A==

GET
H2 200 Group-2851@2x-uai-2064x645.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 500 KB
501 KB 8ms
7ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Group-2851@2x-uai-2064x645.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

c7d26650e92cefe3dca2d12dbc1524fbbed818e854aa3a18a7c74520873f8441

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 29 Jun 2022 23:27:47 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Fri, 03 Dec 2021 13:48:15 GMT
server: nginx
strict-transport-security: max-age=15552000
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Group-2851@2x-uai-2064x645.png>; rel="canonical"
content-length: 512361
expires: Wed, 06 Jul 2022 23:27:47 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
90 B 16ms
7ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=411617989444864&ev=PageView&dl=https%3A%2F%2Ffraud.net%2F&rl=&if=false&ts=1656545267041&cd[segment_eid]=6SMH2DHXINFNDD52UNEEKG&sw=1600&sh=1200&v=2.9.64&r=stable&ec=0&o=29&fbp=fb.1.1656545266703.1241064525&it=1656545266240&coo=false&dpo=LDU&dpoco=0&dpost=0&exp=p0&rqm=GET

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 23:27:47 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 29 Jun 2022 23:27:47 GMT

GET
H2 200 d45da74e5f9f478480857a10e0ef4e1e Show response
app.hubspot.com/conversations-visitor/2113031/threads/utk/ Frame 738E 48 KB
18 KB 249ms
223ms Document
text/html 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/conversations-visitor/2113031/threads/utk/d45da74e5f9f478480857a10e0ef4e1e?uuid=080349baf534431699f60add03dc3d95&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=fraud.net&inApp53=false&messagesUtk=d45da74e5f9f478480857a10e0ef4e1e&url=https%3A%2F%2Ffraud.net%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb9992345b0fc5a4952e6481b5093dd41db7f458aa8a68b7eeedf6a787fdd08d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://fraud.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: false
age: 1402
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=600
cf-cache-status: DYNAMIC
cf-ray: 72326f4f8f7c9a2a-FRA
content-encoding: br
content-security-policy-report-only: script-src 'self' www.hubspot.com *.hsappstatic.net *.hs-analytics.net *.hs-banner.com *.hsforms.net *.hsleadflows.net *.hs-scripts.com *.hubspotfeedback.com *.usemessages.com js.hubspot.com *.hsadspixel.net *.hscollectedforms.net js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net *.google-analytics.com www.googletagmanager.com data: 'unsafe-inline' 'unsafe-eval' blob: connect.facebook.net www.gstatic.cn www.gstatic.com www.google.com *.fullstory.com fullstory.com apis.google.com snap.licdn.com; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-visitor-ui/static-1.12778/html/index.html&cfRay=72326f4f8f7c9a2a&reqUrl=https%3A%2F%2Fapp.hubspot.com%2Fconversations-visitor%2F2113031%2Fthreads%2Futk%2Fd45da74e5f9f478480857a10e0ef4e1e%3Fuuid%3D080349baf534431699f60add03dc3d95%26mobile%3Dfalse%26mobileSafari%3Dfalse%26hideWelcomeMessage%3Dfalse%26hstc%3Dnull%26domain%3Dfraud.net%26inApp53%3Dfalse%26messagesUtk%3Dd45da74e5f9f478480857a10e0ef4e1e%26url%3Dhttps%253A%252F%252Ffraud.net%252F%26inline%3Dfalse%26isFullscreen%3Dfalse%26globalCookieOptOut%3Dnull%26isFirstVisitorSession%3Dtrue%26isAttachmentDisabled%3Dfalse%26enableWidgetCookieBanner%3Dfalse%26isInCMS%3Dfalse&referrer=https%3A%2F%2Ffraud.net%2F&cfenv=prod&pdt=2022-06-29&csp=ro
content-type: text/html; charset=utf-8
date: Wed, 29 Jun 2022 23:27:47 GMT
etag: W/"bea0c92e58616b75a69232e52f05e169"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Tue, 28 Jun 2022 08:24:15 UTC
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://exceptions.hubspot.com/csp/reports?cfRay=72326f4f8f7c9a2a&resource=conversations-visitor-ui/static-1.12778/html/index.html"}]}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 066fc17b108820c747336d8f45e8ea54.cloudfront.net (CloudFront)
x-amz-cf-id: SWRJSsrCcKBo7Ej6DTxZ-yHFmhjFBkY73ghfGjhPFfxdiCR6OKsfZQ==
x-amz-cf-pop: IAD89-P1
x-amz-replication-status: COMPLETED
x-amz-server-side-encryption: AES256
x-amz-version-id: 0IPfs9gMRFlG6MPGVsT74Dr08YWFvky_
x-cache: Hit from cloudfront
x-hs-cache-status: MISS
x-hs-target-asset: conversations-visitor-ui/static-1.12778/html/index.html
x-hs-worker-debug-mode: false

GET
H3 200 anchor Show response
www.google.com/recaptcha/enterprise/ Frame 50CB 42 KB
22 KB 58ms
58ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9mcmF1ZC5uZXQ6NDQz&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&badge=inline&cb=jtwe0yrlqc02

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

45743628005c1325350b32432d73edef162a495e5e260b1f8e5e585e26ee81de

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-x7ICiREE2Ces_-kzEaAo-A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fraud.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22574
content-security-policy: script-src 'report-sample' 'nonce-x7ICiREE2Ces_-kzEaAo-A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 29 Jun 2022 23:27:47 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 counters.gif
perf.hsforms.com/embed/v3/ 35 B
545 B 151ms
126ms Image
image/gif 2606:4700::6810:5805
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf.hsforms.com/embed/v3/counters.gif?key=forms-next-recaptcha-viewed&count=1&portalId=2113031

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5805 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 23:27:47 GMT
vary: Accept-Encoding
cf-cache-status: MISS
x-hubspot-correlation-id: 9dfce6b4-acf9-4ed4-965f-01e0b32cc789
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35
x-robots-tag: none
last-modified: Wed, 29 Jun 2022 23:27:47 GMT
server: cloudflare
x-trace: 2B173B6653E2CE384B481F35003AE0297FCA80BDA3000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/gif
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 72326f50184d6931-FRA

POST
H2 204 collect Show response
b.clarity.ms/ 0
171 B 301ms
97ms XHR
text/plain 20.75.32.255
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2/s/0.6.34/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.75.32.255 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://fraud.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: https://fraud.net
date: Wed, 29 Jun 2022 23:27:46 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 2A07 0
15 B 7ms
7ms Document
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://fraud.net
Referer: https://fraud.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://fraud.net
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Wed, 29 Jun 2022 23:27:47 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H3 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
472 B 146ms
130ms Image
image/gif 2606:4700::6810:5705
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=2

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5705 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 23:27:47 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
x-hubspot-correlation-id: 27fad59f-c44a-4f58-8970-a159e532bedf
cf-ray: 72326f507ca2bbfb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35
server: cloudflare
x-trace: 2BD116D02C1B8720BAFD411ACD84BD4CF4FA233D29000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/gif
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame 50CB 51 KB
24 KB 117ms
39ms Stylesheet
text/css 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9mcmF1ZC5uZXQ6NDQz&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&badge=inline&cb=jtwe0yrlqc02

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 21:34:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6809
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 13 Jun 2022 04:02:51 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 29 Jun 2023 21:34:18 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame 50CB 366 KB
145 KB 116ms
38ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1146849b14934539a02490c2934b135178838306e98e2a490a8aac3206f8036

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 23:19:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 519
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 148046
x-xss-protection: 0
last-modified: Mon, 13 Jun 2022 04:02:51 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 29 Jun 2023 23:19:08 GMT

GET
H2 200 bundle.production.js Show response
static.hsappstatic.net/head-dlb/static-1.213/ Frame 738E 44 KB
16 KB 42ms
16ms Script
application/javascript 2606:4700::6811:5d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/head-dlb/static-1.213/bundle.production.js

Requested by

Host: app.hubspot.com
URL: https://app.hubspot.com/conversations-visitor/2113031/threads/utk/d45da74e5f9f478480857a10e0ef4e1e?uuid=080349baf534431699f60add03dc3d95&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=fraud.net&inApp53=false&messagesUtk=d45da74e5f9f478480857a10e0ef4e1e&url=https%3A%2F%2Ffraud.net%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:5d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67e83360c1899059ca090a581bff375f4061dbfb87373cb97cfcd7f9171a480e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 23:27:47 GMT
via: 1.1 590590f04f79f692591f9db0e720a31c.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1307573
x-amz-server-side-encryption: AES256
cf-ray: 72326f512cb6923d-FRA
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 17 May 2022 14:06:27 GMT
server: cloudflare
etag: W/"be8e05e1f26cd3b649ade425f7b669e7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BEefRX4EOKJUTFkekuwmOApyCy%2BuScMS%2FlpvM70y4zqLZHjKSfKqlWHm%2FGHoVdcw%2FjK2EwChRgHOfCIYbMO%2BfaWoJkhp9grq1R1UY2lUqQUGxKaAdcJm16XOyNxAkm8%2FnzQoF5Mx3UeFW0%2F2DBipmhjoJzQ%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: oRECgMYrXUZy0onk7voirehZ8Cymfuh0
access-control-allow-origin: https://app.hubspot.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C2
content-type: application/javascript
x-amz-cf-id: TG-AhUWx8OJS63hB0d5zRf_-xnY-eZef8ZJN4x8xnZu6MSWYs9VQ7A==
expires: Thu, 29 Jun 2023 23:27:47 GMT

GET
H2 200 visitor.css
static.hsappstatic.net/conversations-visitor-ui/static-1.11843/sass/ Frame 738E 20 KB
5 KB 60ms
20ms Stylesheet
text/css 2606:4700::6811:5d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.11843/sass/visitor.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:5d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76e2bca54d321dfd4cebf8797b2c9a81ccb1c0619d4da3a7c53d4e6228c5a61d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 23:27:47 GMT
via: 1.1 cba87929a659f0e0a8a2cdc0b7cb22ae.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 577138
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: text/css
x-amz-replication-status: COMPLETED
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 15 Nov 2021 19:50:41 GMT
server: cloudflare
etag: W/"370a89ea102d7b437eb549729472631f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HjsEP5h1GOWSdAHmaQrmRToUSZBYhptBRjZxwtZYSdMgWrtTss3UaEAKZ5gd%2BJKFu5pVUBC4FMu0C3FRwGXuV8SjxZ9m%2B0%2BJH8vVvtogRqrWqcM3IlkT8EgvDcQsl6b57bXvbLT24YCtFRX8A8iuemnaFVE%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: LgyvJN0nZOCplqIYlCYJJ1cibXdW_3K_
cache-control: public, max-age=31536000
x-amz-cf-pop: HEL51-P2
cf-ray: 72326f513e63904f-FRA
x-amz-cf-id: pUn2MIDrESb4MIntLPEl6MZiXWuBFxCOZQg2xX_pvNgIQ4-MB4VHow==
expires: Thu, 29 Jun 2023 23:27:47 GMT

GET
H2 200 bundle.production.js Show response
static.hsappstatic.net/hubspot-dlb/static-1.286/ Frame 738E 290 KB
93 KB 42ms
16ms Script
application/javascript 2606:4700::6811:5d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/hubspot-dlb/static-1.286/bundle.production.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:5d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

616f18c3b199d1dca9e4c25edcb5b7b5f7affe7a0794b838c32cf7c49874f20c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 23:27:47 GMT
via: 1.1 4bb1350a7e907cdd02f8977c1aa46622.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 185568
x-amz-server-side-encryption: AES256
cf-ray: 72326f512cb7923d-FRA
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 27 Jun 2022 18:53:32 GMT
server: cloudflare
etag: W/"4cc6838bd9a6aa5ef1081182c81226b3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yZdhMxmAxCEPNPI15cRvEHQCCRQy2yI75lDgxfWBsLjG1QWPDU12iM%2FqCetuPw%2Fm85rDE8bnXfdTWS5d797wmA7rIzp6O1RRkGBXE9rzjEqob7SFA%2FwPC%2B6KT63CfYoO6KRrhEvGJNGtMizSt8oYys1KTdM%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 69wCx0fBOggiTFGXS8J_ySZB06wpq0BB
access-control-allow-origin: https://app.hubspot.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: CDG52-P2
content-type: application/javascript
x-amz-cf-id: 3zUQRWK0fZXhEWYI1sK0oc1K07QLSggD1z9-UX9Ii-5zLCCFz58XDQ==
expires: Thu, 29 Jun 2023 23:27:47 GMT

GET
H2 200 visitor.js Show response
static.hsappstatic.net/conversations-visitor-ui/static-1.12778/bundles/ Frame 738E 507 KB
148 KB 42ms
17ms Script
application/javascript 2606:4700::6811:5d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.12778/bundles/visitor.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:5d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c1ea25785699db7e923bf7f8c2fd663d6996993b32e80fc6fe237b51af5de7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 23:27:47 GMT
via: 1.1 e328b143eb69c36369a2def78300d502.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 97408
x-amz-server-side-encryption: AES256
cf-ray: 72326f512cb8923d-FRA
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 28 Jun 2022 19:28:03 GMT
server: cloudflare
etag: W/"089ce9241d564cdffc3deeee9d4f5608"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KUooA4wdKqO98ZCUjkKT3gaxwroZDYu9M1cVMtsKAAtq5xsxiDgl%2Ft6RebmLVwQJp1WOBYkfWE4lQ32q%2FrWXqxBPSU1LbzEIMYRnXE%2FP4Q7MN6AbprbWu%2FbBv8ws%2FiS8G0Ywwpa9IRZUiSzW4LICLSqXXEw%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: rMuKRy.zRvmQCQ6syKQtifq8ayoZ0MBh
access-control-allow-origin: https://app.hubspot.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: AMS1-C1
content-type: application/javascript
x-amz-cf-id: u-udXxVzpLAA_NBCnO4MObniuq24qYfc6kld7IBZ9eZCAwAzXPptQA==
expires: Thu, 29 Jun 2023 23:27:47 GMT

GET
H3 200 i18n-data-data-locales-en-us.js Show response
static.hsappstatic.net/conversations-visitor-ui/static-1.12542/ Frame 738E 776 B
1 KB 46ms
27ms Script
application/javascript 2606:4700::6811:5d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.12542/i18n-data-data-locales-en-us.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:5d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1365d4bdc14090157c99cf8491ca4391c87425182f746b89ff13276985ea1399

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 23:27:47 GMT
via: 1.1 347732911156afff87ff95b6d55b9278.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1149306
x-amz-server-side-encryption: AES256
cf-ray: 72326f51fbca9978-FRA
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 18 May 2022 09:08:39 GMT
server: cloudflare
etag: W/"656b59b2f477f1ad6d02dcf138603986"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q4EN3CJ0xcEdAXRxSq6AD6F%2F0Rzc%2FkmQkkvK4mWxwZ81MelX9tVXPb3jRNjHblUqUXfSi4MZzLDSyfdpD06qSDMrDRTwLIawNvrZWUJSU8vp2dxON2XQEwGBYAbwa1Sphk3s%2FS4WoIZyOEkp2qUtfC%2FlTbM%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: fUHN74ynTDIdw0gGW.WlWNPVJIqAdzYS
access-control-allow-origin: https://app.hubspot.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-P2
content-type: application/javascript
x-amz-cf-id: 9cwf1zfyGRNCYEOAdJarmRfGqFWREOiO1gYnL9SAjuMh4lN1GHgqJg==
expires: Thu, 29 Jun 2023 23:27:47 GMT

POST
H2 204 collect Show response
b.clarity.ms/ 0
25 B 290ms
290ms XHR
text/plain 20.75.32.255
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2/s/0.6.34/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.75.32.255 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://fraud.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: https://fraud.net
date: Wed, 29 Jun 2022 23:27:46 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

GET
H3 200 webworker.js
www.google.com/recaptcha/enterprise/ Frame 50CB 102 B
132 B 48ms
48ms Other
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/webworker.js?hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

36bc338d4454d68ba19d0b4ad84e5b9bd5cc04d8f1f97d0a6481a8044b76fa95

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9mcmF1ZC5uZXQ6NDQz&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&badge=inline&cb=jtwe0yrlqc02
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 23:27:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110
x-xss-protection: 1; mode=block
expires: Wed, 29 Jun 2022 23:27:47 GMT

GET
H2 200 nr-spa-1216.min.js Show response
js-agent.newrelic.com/ Frame 738E 49 KB
18 KB 28ms
7ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-spa-1216.min.js
Requested by: Host: app.hubspot.com
URL: https://app.hubspot.com/conversations-visitor/2113031/threads/utk/d45da74e5f9f478480857a10e0ef4e1e?uuid=080349baf534431699f60add03dc3d95&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=fraud.net&inApp53=false&messagesUtk=d45da74e5f9f478480857a10e0ef4e1e&url=https%3A%2F%2Ffraud.net%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: UU.F5jvoumAjQChriwTQHbisCFw_OInU
content-encoding: gzip
etag: "63e2df852d15ab21d7ff8fc4363222e8"
x-amz-request-id: QR2C8BRSZT3TYBTH
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 18216
x-amz-id-2: gKFj1333cGV9X54HGb70dYVFWpwbbd3eQTjs1Z8ACXNKR/BkiggCOfbWN898/mEIRdyyn8eyCJ8=
x-served-by: cache-hhn4059-HHN
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
server: AmazonS3
x-timer: S1656545268.673787,VS0,VE0
date: Wed, 29 Jun 2022 23:27:47 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 2304

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
514 B 124ms
123ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=e7da54a7-2f38-4f6a-9f57-178fe485ef3c&fci=f1145d48-eb8f-4dd8-ba4b-b56d84966047&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2760707843&v=1.1&a=2113031&rcu=https%3A%2F%2Ffraud.net%2F&pu=https%3A%2F%2Ffraud.net%2F&t=Fraud.net+%7C+AI+Fraud+Detection+and+Prevention+for+Enterprises&cts=1656545267762&vi=df205a76bb9f3e32955117c03b9e52cc&nc=true&u=57037109.df205a76bb9f3e32955117c03b9e52cc.1656545267757.1656545267757.1656545267757.1&b=57037109.1.1656545267757&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 23:27:47 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: dda46f9b-d438-40f1-a319-9a254e487d6d
cf-ray: 72326f538bfb9a2a-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B65pEJcdGauKRwC7Vmxsv7YCKkxxQNusEQu3wlYcElJS60J3iiVNis6ybfKXLrR3IWmQ6v4d8ZD1%2BPiq8wrS3bwO8C%2FEVCPMvN4%2BnJq2NuUIJ4Qxf2ySqrGZYtXDQoCzoLnz0jMZzQuHq7oKA2C4"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
423 B 130ms
129ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2760707843&v=1.1&a=2113031&rcu=https%3A%2F%2Ffraud.net%2F&pu=https%3A%2F%2Ffraud.net%2F&t=Fraud.net+%7C+AI+Fraud+Detection+and+Prevention+for+Enterprises&cts=1656545267764&vi=df205a76bb9f3e32955117c03b9e52cc&nc=true&u=57037109.df205a76bb9f3e32955117c03b9e52cc.1656545267757.1656545267757.1656545267757.1&b=57037109.1.1656545267757&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 23:27:47 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: dfe5325e-6c81-4ea8-a30d-a02534c8d4d9
cf-ray: 72326f538bfa9a2a-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CTzABPZL2T8zdbRS4efm8UBNa6qKLNHyoQ1Y04V3UQHmH4JXQ1gBjWoMZvLwASiQGt1ft0F0sxqTzzux5MhETOib%2Fa%2Fye6YwmSg1Jjbx2h2pWfCY5SO4vdj7jcAllcdaz3keaLhO7YHFItSFLmp1"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=D211D4FB448C418BBFDD83903C859B26&RedC=c.clarity.ms&MXFR=15472A33F6BA617102873BE1F2BA6F76
https://c.clarity.ms/c.gif?CtsSyncId=D211D4FB448C418BBFDD83903C859B26&MUID=315EE14BBF856B8F3204F099BEEE6A29

42 B
368 B

26ms
26ms

Image
image/gif

20.234.93.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=D211D4FB448C418BBFDD83903C859B26&MUID=315EE14BBF856B8F3204F099BEEE6A29
Protocol: H2
Server: 20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Jun 2022 23:27:47 GMT
last-modified: Fri, 20 May 2022 21:53:17 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "17a28a3946cd81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Wed, 29 Jun 2022 23:27:47 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C3878DCA78824DA7B1264226257B55CF Ref B: FRAEDGE1413 Ref C: 2022-06-29T23:27:47Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=D211D4FB448C418BBFDD83903C859B26&MUID=315EE14BBF856B8F3204F099BEEE6A29
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H3 200 json Show response
forms.hubspot.com/lead-flows-config/v1/config/ 167 B
1 KB 165ms
165ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=2113031&utk=df205a76bb9f3e32955117c03b9e52cc&__hstc=57037109.df205a76bb9f3e32955117c03b9e52cc.1656545267757.1656545267757.1656545267757.1&__hssc=57037109.1.1656545267757&currentUrl=https%3A%2F%2Ffraud.net%2F

Requested by

Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ea118bb87c6dfe4d61d05bd1159aaa0397e88a93e5fa487e5bac5001dfccf61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 23:27:47 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: bf518407-8c44-4e49-84de-c2c12c7459f9
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-robots-tag: none
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B8kZSge3oxweodgAqvhkGCDlx1oeXL5fBDcMqQ2OC5wQdhvLBfDrswYRLMOG1VRuysiZY%2FFxqTGc%2FI%2FZM6S9lVNVydtPGEvu22%2Fz78CU1qEfz%2BaleOguzPN%2BROKgRaAZDze3JmpgY2HPE9aXWGYc"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://fraud.net
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
cf-ray: 72326f539c81bbc8-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent

GET
H3 200 bframe Show response
www.google.com/recaptcha/enterprise/ Frame 0019 7 KB
1 KB 51ms
51ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/bframe?hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3ef7afff6672c49b3dfa433d80de64c844be0c60d93b6af9b1768c24cf7d39a7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-pNw7N62JZUY-SXRGd6iYig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fraud.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1115
content-security-policy: script-src 'report-sample' 'nonce-pNw7N62JZUY-SXRGd6iYig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 29 Jun 2022 23:27:47 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 Fraud_net_final_logo_square_500x500.jpg
cdn2.hubspot.net/hub/2113031/hubfs/lead-flow-images/ Frame 738E 2 KB
3 KB 138ms
97ms Image
image/webp 2606:4700::6811:f2cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.hubspot.net/hub/2113031/hubfs/lead-flow-images/Fraud_net_final_logo_square_500x500.jpg?width=108&height=108
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:f2cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 647027d64b0b4d0632aebd3bac36db0bb22f6cda29b493af4f091717157a93ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-methods: GET
date: Wed, 29 Jun 2022 23:27:47 GMT
via: 1.1 979084a90b32fe3f5fdc377fb6e67b76.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 215226
cf-polished: qual=85, origFmt=jpeg, origSize=4151
edge-cache-tag: F-5547817478,FD-5547817466,P-2113031,FLS-ALL
x-amz-storage-class: INTELLIGENT_TIERING
content-disposition: inline; filename="Fraud_net_final_logo_square_500x500.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
content-length: 2354
x-amz-server-side-encryption: AES256
last-modified: Fri, 10 Jun 2022 03:06:27 GMT
server: cloudflare
x-cache: RefreshHit from cloudfront
etag: "ab24a82a7e937bfb6f0721c883365861"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AeTbCDyMbsbouzoRDOMPxm6FIhjSbBgDdWj%2FCdFL5r8KthRuCc1GqriWuxvfdW8Z%2BgynrvnqYNBAF3j18el2aptxEipQUQbWmmB8mIM59dc%2FIb1xkJFKmmc3v5pV8cunazdD7LW9DibWsrqvnR4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cf-bgj: imgq:85,h2pri
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-cf-pop: IAD89-P1
accept-ranges: bytes
cf-ray: 72326f5429249a30-FRA
x-amz-cf-id: hZjYpkMOEwbP7FGJjzxLgTLB-ca2NgJojb9ET7lXZB-IXDwe6EYIuQ==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

POST
H3 204 rhumb
api.hubspot.com/cartographer/v1/ Frame 738E 0
1 KB 156ms
139ms Ping
text/plain 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/cartographer/v1/rhumb?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.12778

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/conversations-visitor-ui/static-1.12778/bundles/visitor.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 29 Jun 2022 23:27:47 GMT
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 836819e3-9a65-4c9b-8594-eb154e2bfe8a
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MtE2Mnk3fY%2F0QVdRkITmm%2F7nT3A4GKu%2F2DLm7spH9sQ4u9Az7ipPrbXlaUhtLSpyZgU1JpUr40uUOBBvq%2B5PE6CGENFH4n3SRfcXpGI9kx6xGPVLzNILU2RWJcRG6GNqgWHETu0LrUQ%2FgaWxYA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://app.hubspot.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing, X-Hubspot-Correct-Hublet
access-control-allow-credentials: true
cf-ray: 72326f540d159013-FRA
access-control-allow-headers: Authorization, Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer

GET
H3 200 welcomeMessages Show response
api.hubspot.com/livechat-public/v1/bots/public/bot/120571/ Frame 738E 549 B
1 KB 188ms
179ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/bots/public/bot/120571/welcomeMessages?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.12778&conversations-visitor-ui=static-1.12778&traceId=d45da74e5f9f478480857a10e0ef4e1e&sessionId=AMOaWbLYmD8TnEkpw-J5itxJGcA5mV7FSjrHIgSosDc88Et4HMo3hhqfTPMClUMGt9FHec-JKa-RxXTQCoK0tOdTSd3-RCp-i9m9WTTymNvBGz1yCUxGSviYP5jWh2IgRa9TR2zS9bGCfQ0bKKixpikzAQ0u28gHXPz3_3LCuUnV4RcYBreBZCc

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af4fbe58ad267b229e18b5efac450d06c4d7386211899999c16b95e0bd75c286

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://app.hubspot.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 23:27:48 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: b6dc01f5-cb21-4502-bd61-2bc478a6e364
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
server: cloudflare
x-trace: 2BBC6B133D6874E5F21B9797A68F58BC9AAD1A2BF7000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iIhK556f24xDt2oenIMaHrprsk1dsiWl5cT7od8LTaAmsG7aevC6setq52u7PVimzcIa0PkqP%2FoDyHExHgvLXKpfoNdEur6YAupuX28Su2dalk0FFGrNNoAyky%2Bc1x%2FmJVw2WMbrw4ouSNnq2g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://app.hubspot.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing, X-Hubspot-Correct-Hublet
access-control-allow-credentials: true
cf-ray: 72326f540d139013-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame 0019 51 KB
24 KB 39ms
38ms Stylesheet
text/css 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/bframe?hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 21:34:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6809
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 13 Jun 2022 04:02:51 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 29 Jun 2023 21:34:18 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame 0019 366 KB
145 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/bframe?hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1146849b14934539a02490c2934b135178838306e98e2a490a8aac3206f8036

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 23:19:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 519
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 148046
x-xss-protection: 0
last-modified: Mon, 13 Jun 2022 04:02:51 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 29 Jun 2023 23:19:08 GMT

GET
H/1.1 200
OK f9d051f404 Show response
bam-cell.nr-data.net/1/ Frame 738E 49 B
1 KB 182ms
143ms Script
text/javascript 162.247.243.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/1/f9d051f404?a=205242107&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=829&ck=1&ref=https://app.hubspot.com/conversations-visitor/2113031/threads/utk/d45da74e5f9f478480857a10e0ef4e1e&be=336&fe=556&dc=404&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1656545267093,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:10,%22c%22:10,%22s%22:16,%22ce%22:27,%22rq%22:27,%22rp%22:250,%22rpe%22:252,%22dl%22:257,%22di%22:404,%22ds%22:404,%22de%22:404,%22dc%22:555,%22l%22:556,%22le%22:556%7D,%22navigation%22:%7B%7D%7D&fp=767&fcp=767&ja=%7B%22nrSnippetVersion%22:%221216%22,%22environment%22:%22prod%22,%22deployed%22:true,%22hublet%22:%22na1%22,%22userAgentRaw%22:%22Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/103.0.5060.53%20Safari/537.36%22,%22supportsPromiseRejectionEvent%22:true,%22deviceMemory%22:8,%22cpuCores%22:4,%22downloadSpeedMbps%22:9.8,%22effectiveConnectionType%22:%224g%22,%22networkLatencyMs%22:0,%22conditionalPolyfillsInstalled%22:false,%22portalId%22:2113031,%22package%22:%22conversations-visitor-ui%22,%22packageVersion%22:%221.12778%22,%22template%22:%22html/visitor-index.html.jade%22,%22user-online%22:true,%22visibility%22:%22visible%22,%22currentVisibility%22:%22visible%22,%22isEmbeddedInProduct%22:%22false%22,%22reactRhumbVersion%22:%221.7728%22,%22reaganVersion%22:%22react-rhumb%22,%22route%22:%22/%22,%22numReaganChecksStarted%22:1,%22numPreviousReaganChecksAborted%22:0,%22avgDurationBeforePreviousReaganAborts%22:0,%22numPreviousReaganChecksFailed%22:0,%22numPreviousReaganChecksSuccessful%22:0,%22supportsUserTiming%22:true,%22supportsPerformanceTimeline%22:true,%22supportsHighResolutionTime%22:true%7D&jsonp=NREUM.setToken
Requested by: Host: app.hubspot.com
URL: https://app.hubspot.com/conversations-visitor/2113031/threads/utk/d45da74e5f9f478480857a10e0ef4e1e?uuid=080349baf534431699f60add03dc3d95&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=fraud.net&inApp53=false&messagesUtk=d45da74e5f9f478480857a10e0ef4e1e&url=https%3A%2F%2Ffraud.net%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 29 Jun 2022 23:27:48 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Connection: keep-alive
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rcwxpa8RJ%2F%2BT6vK%2FLMyhzvlWaOtdi9pPxwTLXtHSLYWxNcRA1f7ISRLp8MuRrGH1Cs3CUXPivumT%2FlpHwe8MRr8KLrP00cAutU351ba0JCe0TEq5b91Ri0QogIVgibXo8LAdgkVE"}],"group":"cf-nel","max_age":604800}
Content-Type: text/javascript
Access-Control-Allow-Origin: *
access-control-allow-credentials: true
CF-Ray: 72326f54c9a09b5d-FRA

POST
H3 200 reload Show response
www.google.com/recaptcha/enterprise/ Frame 0019 39 KB
23 KB 93ms
93ms XHR
application/json 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/reload?k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

665c821aeea335cd62853185ad825a4b04c82336675da0d55a85dbb99cf4e8c6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/enterprise/bframe?hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Wed, 29 Jun 2022 23:27:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24026
x-xss-protection: 1; mode=block
expires: Wed, 29 Jun 2022 23:27:48 GMT

POST
H/1.1 204
No Content f9d051f404 Show response
bam-cell.nr-data.net/ins/1/ Frame 738E 0
772 B 126ms
126ms XHR
text/plain 162.247.243.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/ins/1/f9d051f404?a=205242107&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=1017&ck=1&ref=https://app.hubspot.com/conversations-visitor/2113031/threads/utk/d45da74e5f9f478480857a10e0ef4e1e
Requested by: Host: app.hubspot.com
URL: https://app.hubspot.com/conversations-visitor/2113031/threads/utk/d45da74e5f9f478480857a10e0ef4e1e?uuid=080349baf534431699f60add03dc3d95&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=fraud.net&inApp53=false&messagesUtk=d45da74e5f9f478480857a10e0ef4e1e&url=https%3A%2F%2Ffraud.net%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://app.hubspot.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
content-type: text/plain

Response headers

Date: Wed, 29 Jun 2022 23:27:48 GMT
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Access-Control-Allow-Origin: https://app.hubspot.com
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k5kzxI7%2FNFTQ2SWGEv8srWPrG8EynZebMJXlqwu%2Bj%2BYWCyk9IYUsSeRzyoW5ZFm7SIR1xfPRrzYccmNWfjhN6q23ao9uzfeOn9Sq1TB6BUZ6ihMtNoaJECfny8f39visZ3wpQ7DI"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
Connection: keep-alive
CF-Ray: 72326f55bb0e9b5d-FRA

POST
H/1.1 200
OK f9d051f404 Show response
bam-cell.nr-data.net/events/1/ Frame 738E 24 B
833 B 164ms
136ms XHR
image/gif 162.247.243.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/events/1/f9d051f404?a=205242107&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=1021&ck=1&ref=https://app.hubspot.com/conversations-visitor/2113031/threads/utk/d45da74e5f9f478480857a10e0ef4e1e
Requested by: Host: app.hubspot.com
URL: https://app.hubspot.com/conversations-visitor/2113031/threads/utk/d45da74e5f9f478480857a10e0ef4e1e?uuid=080349baf534431699f60add03dc3d95&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=fraud.net&inApp53=false&messagesUtk=d45da74e5f9f478480857a10e0ef4e1e&url=https%3A%2F%2Ffraud.net%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://app.hubspot.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
content-type: text/plain

Response headers

Date: Wed, 29 Jun 2022 23:27:48 GMT
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://app.hubspot.com
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P%2B0scBpheOG2VxwgO0BaZXut9GG7bOjRMASn3Ig0yG6D2W446%2BVqHMMa0EhUjn6kEPvlEfqERuZESsBZY0bRCRWHzxZwN9hzy4GOyvnHLycWoWBV0G9kVxT9RPEhpjNjZPw2N%2FOb"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
Connection: keep-alive
CF-Ray: 72326f55eff5bbc2-FRA
Content-Length: 24

GET
H3 200 refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame 0019 600 B
624 B 39ms
38ms Image
image/png 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/refresh_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 08:44:59 GMT
x-content-type-options: nosniff
age: 52969
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 600
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Wed, 06 Jul 2022 08:44:59 GMT

GET
H3 200 audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame 0019 530 B
554 B 40ms
39ms Image
image/png 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/audio_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 05:44:53 GMT
x-content-type-options: nosniff
age: 63775
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 530
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Wed, 06 Jul 2022 05:44:53 GMT

GET
H3 200 info_2x.png
www.gstatic.com/recaptcha/api2/ Frame 0019 665 B
689 B 41ms
40ms Image
image/png 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/info_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 16:37:52 GMT
x-content-type-options: nosniff
age: 110996
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 665
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 05 Jul 2022 16:37:52 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0019 15 KB
15 KB 41ms
40ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 17:06:41 GMT
x-content-type-options: nosniff
age: 109267
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 28 Jun 2023 17:06:41 GMT

GET
H3 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0019 15 KB
15 KB 56ms
56ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 21:19:14 GMT
x-content-type-options: nosniff
age: 180514
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15340
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 27 Jun 2023 21:19:14 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0019 15 KB
15 KB 41ms
41ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 08:48:37 GMT
x-content-type-options: nosniff
age: 139151
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Jun 2023 08:48:37 GMT

GET
H3 200 payload
www.google.com/recaptcha/enterprise/ Frame 0019 24 KB
24 KB 51ms
50ms Image
image/jpeg 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/recaptcha/enterprise/payload?p=06AGdBq26y-HNIR8IocL8H0NPTdhBkhjaa_RNt1moVVyd5Qq35dfD96b14rDez2ywFL1sYiSA-P0pwyp3pqOxUdLVbn4JCzhU_2A_Veq_YZWjNsbczy_f2RW160fXH9g1BzhTECo82Qbx7A-gb4wERpnXhBspsZ5gb1oMzJTb_ijUHz3vrjkhT0NqSWwDTkQ_INAgTmi_UBfItgBKNfDe-uUHqSt8Edka_aQ&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

914db0118f1e311ebdb96176dfb3b0ffb21c5d57865ddccfc9f9cfb28c2d7144

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/enterprise/bframe?hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 23:27:48 GMT
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: private, max-age=30
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24906
x-xss-protection: 1; mode=block
expires: Wed, 29 Jun 2022 23:27:48 GMT

POST
H2 204 collect Show response
b.clarity.ms/ 0
48 B 97ms
97ms XHR
text/plain 20.75.32.255
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2/s/0.6.34/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.75.32.255 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://fraud.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: https://fraud.net
date: Wed, 29 Jun 2022 23:27:48 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

Verdicts & Comments Add Verdict or Comment

247 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

68 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 08:28:17	Name: _GRECAPTCHA Value: 09AIxHhP8O3A5c_kVvRqf3EnBhPEFi8kbEFZGvjFsDTLy1N1mwl3A_SngmF1wLHF5SQ7akYp-BXg7WVlRIUOlvN9o
fraud.net/	1970-01-20 12:54:41	Name: uncode_privacy[consent_types] Value: %5B%5D
.vimeo.com/	1970-01-20 04:09:07	Name: __cf_bm Value: igF75zQWy7UesyDvXNkZ5NRF3c9mmRbd6tF9kBXVCvE-1656545265-0-AdvThP3bW5w5AX47unkUGsamPRmCyHSEtyjICfe2wv+jE0Kp6grVzoM8IN92GRlK1gTGCb04mGmQax2YiS2zY4M=
.fraud.net/	1970-01-20 06:18:41	Name: _gcl_au Value: 1.1.201187481.1656545266
.bing.com/	1970-01-20 13:30:41	Name: MUID Value: 315EE14BBF856B8F3204F099BEEE6A29
.fraud.net/	1970-01-20 04:10:31	Name: _uetsid Value: 14fbba40f80311ec8e55b3c61bfd16e6
.fraud.net/	1970-01-20 13:30:41	Name: _uetvid Value: 14fbe4e0f80311ec9dcc3df6b6180664
fraud.net/	1970-01-20 04:09:07	Name: _sp_ses.c750 Value: *
fraud.net/	1970-01-20 21:40:17	Name: _sp_id.c750 Value: a5d91586-07bf-48c2-94fd-e4ecfe430e68.1656545266.1.1656545266.1656545266.0505f655-a8bc-4b70-b2c4-8b4710e10478
.ws.zoominfo.com/	1970-01-20 12:54:41	Name: visitorId Value: 911265a48918402073d04711644acc51fedc986aad865cf24e85bdf2bce9bcd0
.linkedin.com/	1970-01-20 04:52:17	Name: UserMatchHistory Value: AQLQ865ANwoFEwAAAYGxysqkOvN4jJZd1QqU6q3fPCm0Ru8UHzP7E-uaKqSUe3OHJs9hdo4Guw1Qyg
.linkedin.com/	1970-01-20 04:52:17	Name: AnalyticsSyncHistory Value: AQIxOMFRC6lL0wAAAYGxysqk5MMulfn1PWK6khMRVEaqDOzTYfbidpbKLVIgY5R6MaKOn7JAuYm76gH2YCB_nw
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 21:40:59	Name: bcookie Value: "v=2&2d275bdf-8783-4b25-852f-c8c8d3ada0fd"
.linkedin.com/	1970-01-20 04:10:31	Name: lidc Value: "b=TGST02:s=T:r=T:a=T:p=T:g=2816:u=1:x=1:i=1656545266:t=1656631666:v=2:sig=AQG31-Wi9UWYv6F9jT531ok6B8TQ-V6C"
.fraud.net/	1970-01-20 06:18:41	Name: _fbp Value: fb.1.1656545266703.1241064525
.vimeo.com/	1970-01-20 21:40:17	Name: vuid Value: pl1699878788.1270333954
.fraud.net/	1970-01-20 21:40:17	Name: _ga Value: GA1.2.486333096.1656545267
.fraud.net/	1970-01-20 04:10:31	Name: _gid Value: GA1.2.454939537.1656545267
.fraud.net/	1970-01-20 04:09:05	Name: _gat_UA-35675858-1 Value: 1
fraud.net/	1970-01-20 12:54:41	Name: optiMonkClientId Value: c8570269-3f49-7290-61fa-e12d799b2a7a
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 21:40:59	Name: bscookie Value: "v=1&20220629232746c4de7a85-a7a2-4114-81d5-58beb8f5e357AQGTAiF8VXIX7k5_UpIDIi6bUbSPF_8K"
.linkedin.com/	1970-01-20 21:38:31	Name: li_gc Value: MTswOzE2NTY1NDUyNjY7MjswMjE17Zodx3SWtnEBrdKZW2u7nAlXT7p6l1WeBbImiQ7kFg==
.fraud.net/	1970-01-20 12:55:02	Name: __adroll_fpc Value: ac89e0d5c2f423d5652320a049bd84a2-1656545266829
fraud.net/	1970-01-20 04:09:08	Name: _gauges_unique_hour Value: 1
fraud.net/	1970-01-20 04:10:31	Name: _gauges_unique_day Value: 1
fraud.net/	1970-01-20 04:53:43	Name: _gauges_unique_month Value: 1
fraud.net/	1970-01-20 12:54:41	Name: _gauges_unique_year Value: 1
fraud.net/	1970-01-20 12:54:41	Name: _gauges_unique Value: 1
.fraud.net/	1970-01-20 12:54:41	Name: _hjSessionUser_2001329 Value: eyJpZCI6Ijg3NTE3YWFiLWUwYTctNTgyYy05N2NhLWQzY2RmODUyNDhhOCIsImNyZWF0ZWQiOjE2NTY1NDUyNjYzNTMsImV4aXN0aW5nIjpmYWxzZX0=
.fraud.net/	1970-01-20 04:09:07	Name: _hjFirstSeen Value: 1
fraud.net/	1970-01-20 04:09:05	Name: _hjIncludedInSessionSample Value: 1
.fraud.net/	1970-01-20 04:09:07	Name: _hjSession_2001329 Value: eyJpZCI6IjBkYzc1NzMyLTVhOGUtNDU1My05NGY0LWE4Y2I2YzUwYWFhNiIsImNyZWF0ZWQiOjE2NTY1NDUyNjY4NDcsImluU2FtcGxlIjp0cnVlfQ==
fraud.net/	1970-01-20 04:09:05	Name: _hjIncludedInPageviewSample Value: 1
.fraud.net/	1970-01-20 04:09:07	Name: _hjAbsoluteSessionInProgress Value: 0
.fraud.net/	1970-01-20 12:54:41	Name: sp Value: ceeeffbf-b5cc-4208-bbbe-f11dd6639026
.fraud.net/	1970-01-20 12:54:41	Name: __ar_v4 Value: %7CHVT2SOYWOBESJB535C7MUS%3A20220629%3A1%7CML43PNVWLZH6BAVX2UYHRM%3A20220629%3A1%7C6SMH2DHXINFNDD52UNEEKG%3A20220629%3A1
www.clarity.ms/	1970-01-20 12:54:41	Name: CLID Value: c2366db792514d34b54a278d934b8993.20220629.20230629
.adnxs.com/	1970-01-20 06:18:41	Name: uuid2 Value: 414794018396825012
.pubmatic.com/	1970-01-20 06:18:41	Name: KRTBCOOKIE_10 Value: 22808-OTg0ZmE5NWEwMDQ4MmU4YTdkMThkNDBmY2NjNTg0MGU&KRTB&22883-OTg0ZmE5NWEwMDQ4MmU4YTdkMThkNDBmY2NjNTg0MGU
.pubmatic.com/	1970-01-20 04:52:17	Name: PugT Value: 1656545265
.bidswitch.net/	1970-01-20 12:54:41	Name: tuuid Value: bf932fa2-d1c1-411a-834e-583f2bb5340c
.bidswitch.net/	1970-01-20 12:54:41	Name: c Value: 1656545267
.bidswitch.net/	1970-01-20 12:54:41	Name: tuuid_lu Value: 1656545267
.adnxs.com/	1970-01-20 06:18:41	Name: anj Value: dTM7k!M4/rD>6NRF']wIg2In>x3P9@!]tbPl@/@8$-^=$UfZF:ao=?z]2XM=GYu[EXW`X+[*GQo=#(^2:cjvM?k<GsCc?i4RR`b0czy_lZr<qN#BI7y)N[UD!!$:W-?to?
.casalemedia.com/	1970-01-20 12:54:41	Name: CMID Value: Yrzf8.9A6MTzY-4ShufRWgAA
.casalemedia.com/	1970-01-20 06:18:41	Name: CMPS Value: 1220
.casalemedia.com/	1970-01-20 06:18:41	Name: CMPRO Value: 1220
.fraud.net/	1970-01-20 12:54:41	Name: _clck Value: le0z6z\|1\|f2q\|0
.doubleclick.net/	1970-01-20 13:30:41	Name: IDE Value: AHWqTUkKq7x0bnCoQAqCoa32SXiB5yfK6_qSphy-E8EUBqKIfUMOSiwv4ZBrLr7aV0I
.casalemedia.com/	1970-01-20 06:18:41	Name: CMTS Value: 3328
d.adroll.com/	1970-01-20 13:37:53	Name: __adroll Value: 984fa95a00482e8a7d18d40fccc5840e-g_1656545267-a_1656545266
.adroll.com/	1970-01-20 13:37:53	Name: __adroll_shared Value: 984fa95a00482e8a7d18d40fccc5840e-g_1656545267-a_1656545266
.outbrain.com/	1970-01-20 06:18:41	Name: obuid Value: 577595f5-399c-41a8-bef7-e39bac299373
.outbrain.com/	1970-01-20 04:29:14	Name: adrl Value: OTg0ZmE5NWEwMDQ4MmU4YTdkMThkNDBmY2NjNTg0MGU
.hubspot.com/	1970-01-20 04:09:07	Name: __cf_bm Value: Ug4BImQOHLu.hJEbz27LiMEmLhg4G2Hxj9Uoy9JGilU-1656545267-0-ARYAwRMbO9v+nq8pnv67P05SnEb41DlabjYhFXWAG7AZO+T0ZI/5t9thFStw7xo/q0EwyDk9R6RMSIOXV1Bfx/Q=
.fraud.net/	1970-01-20 04:10:31	Name: _clsk Value: gxqlfm\|1656545267529\|1\|1\|b.clarity.ms/collect
.fraud.net/	1970-01-20 08:28:17	Name: __hstc Value: 57037109.df205a76bb9f3e32955117c03b9e52cc.1656545267757.1656545267757.1656545267757.1
.fraud.net/	1970-01-20 08:28:17	Name: hubspotutk Value: df205a76bb9f3e32955117c03b9e52cc
.fraud.net/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.fraud.net/	1970-01-20 04:09:07	Name: __hssc Value: 57037109.1.1656545267757
.fraud.net/	1970-01-20 08:28:17	Name: messagesUtk Value: d45da74e5f9f478480857a10e0ef4e1e
.c.bing.com/	1970-01-20 13:30:41	Name: SRM_B Value: 315EE14BBF856B8F3204F099BEEE6A29
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 13:30:41	Name: MUID Value: 315EE14BBF856B8F3204F099BEEE6A29
.c.clarity.ms/	1970-01-20 04:09:05	Name: ANONCHK Value: 0
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: 131c4364e09e77cf

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://fraud.net/(Line 348) Message: Allow attribute will take precedence over 'allowfullscreen'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

149360532.v2.pressablecdn.com
ads.yahoo.com
api.hubspot.com
app.hubspot.com
b.clarity.ms
bam-cell.nr-data.net
bat.bing.com
c.bing.com
c.clarity.ms
cdn2.hubspot.net
cm.g.doubleclick.net
connect.facebook.net
d.adroll.com
device.fraud.net
dsum-sec.casalemedia.com
eb2.3lift.com
f.vimeocdn.com
fonts.gstatic.com
forms.hsforms.com
forms.hubspot.com
fraud.net
fresnel.vimeocdn.com
front.optimonk.com
googleads.g.doubleclick.net
gs-cdn.optimonk.com
i.vimeocdn.com
ib.adnxs.com
image2.pubmatic.com
in.hotjar.com
jfapiprod.optimonk.com
js-agent.newrelic.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hscollectedforms.net
js.hsforms.net
js.hsleadflows.net
js.usemessages.com
media.fraud.net
perf.hsforms.com
pixel.rubiconproject.com
player.vimeo.com
px.ads.linkedin.com
px4.ads.linkedin.com
s.adroll.com
script.hotjar.com
secure.gaug.es
snap.licdn.com
static.hotjar.com
static.hsappstatic.net
sync.outbrain.com
sync.taboola.com
track.hubspot.com
us-u.openx.net
vars.hotjar.com
vimeo.com
ws.zoominfo.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
x.bidswitch.net
104.18.19.126
13.107.42.14
13.248.245.213
138.199.37.226
141.226.228.48
142.250.185.130
142.250.186.98
143.204.215.118
143.204.215.52
151.101.14.109
151.101.2.137
162.159.138.60
162.247.243.146
167.99.251.246
18.209.77.242
185.64.189.110
192.0.77.39
199.16.173.27
20.234.93.27
20.75.32.255
2600:9000:206f:2000:6:9280:1080:93a1
2606:4700:4400::6812:21ab
2606:4700::6810:5705
2606:4700::6810:5805
2606:4700::6810:a852
2606:4700::6811:43b0
2606:4700::6811:5d2
2606:4700::6811:82ab
2606:4700::6811:ba49
2606:4700::6811:d6cc
2606:4700::6811:e9cc
2606:4700::6811:ebcc
2606:4700::6811:f2cc
2606:4700::6813:9a53
2620:1ec:21::14
2620:1ec:27::cafe:1995
2620:1ec:c11::200
2a00:1288:80:807::1
2a00:1450:4001:800::2002
2a00:1450:4001:801::2008
2a00:1450:4001:806::2003
2a00:1450:4001:809::200e
2a00:1450:4001:813::2003
2a00:1450:4001:813::2004
2a00:1450:4001:82a::2003
2a02:26f0:3500:16::215:14a0
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
34.117.177.207
34.120.202.204
34.253.52.76
34.98.64.218
37.252.172.45
52.0.155.81
52.29.193.101
54.171.137.8
64.202.112.95
65.9.66.34
69.173.144.138
99.86.4.22
000a033dd889ce94c5ddda49b87ed3a9e78c19b941123c45f3cdf5c0e426ace3
00e67a6bb1601297c954a9c6438eb956f4ca87253683fb348d1bda64cee7d1ca
0131bc8a05decd2012a41a0e2aee3bff340f1b311f132169463333021b024dc2
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
05fc441485c38ec9788e204f015f8cafb4725fe282ba52f0d61a27cc9fe8d1a0
0743c423757d690a2b2e8ccdf9891c0662b01ff5d236f4e660d6bb19921468e0
07db2104bff88b827b7d0dc6c06ec4b2d6fe59c2633680546dbddb3be400285f
098f1a1400af17ccadd35f423d47cc1eab1e8e814f73a98c3bd034e4dea62c08
0b7cc6c8b7fefd78a6ae414419fedf7a729897da31dd6a95d350d3cd5633005c
0b94bede2650cab53ab4993aa247e12944317add295da23ac72894a20ec0b448
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0e43526628a115f55ff6651fd7e7d73d89c8026d42eda4c5b42576c7c68fb1c2
0e809ee0a59017ff9205bb5c568c8f30a4aa01b4756eb68fbbe4812d9c700134
0f47efcf7e21734e231f323a3d1ecf00c24dee2268687a589042d8de82500dda
0fcff9391b8f4560e9bc64c28dcd9101f66de7b93676ea8cc254980567f663db
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1211a9a77e9e16594929055d1e99009c3e85f4ffbbfd5b0646319087812eea30
1365d4bdc14090157c99cf8491ca4391c87425182f746b89ff13276985ea1399
143e0208290495ac2cef8003d9ee91f29b35dd1258d5b048d7d592a8b58da19c
14985928b15bd12c655b3c4e2aa400bec14add042eef99423cf5f1b37631d54c
14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c
162c738f4948e084faa0f32b9cab7d53cb3101173efe745beaa086767ea2c7bf
1b63af7a02c46c6968431dcba892f98a347ad60453f3a6eb801528a1adaf32e8
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
1ea118bb87c6dfe4d61d05bd1159aaa0397e88a93e5fa487e5bac5001dfccf61
20428f93f2673efc5b14ddbb8488222dabf85da17bce338c6b791071f1cf597a
234d8bdcdbe8ad7ad55b9dc05062cbba29a8aad1cdae054ac36c77ac0ceca285
254eb6b34064b344d643ff7f75101721a3a536d9f77799558b160c2130f8e9a4
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
26bb3223df27d9b62025f9e527d9e348f73e77432560c04a1bfc45d449b61c4c
27bb1c46f69b49a4dceb4993432295bdea3769aae7a806b059add3b525def50d
2ab9eb77d4d236457b8be2564c0d99f3684dab8aa44cd3113a86de6dbea3ddea
2d94d3066a34b525976103a941c069e16f5ed11534466b0070d88f83a63c9ef7
32c580e50f2df6739be4d12863694b740885c8aa6edbc80d87768f1af88f1005
32f178050abd02f1449cc5b27e86a5017437fe5e67c7c689327dd0272316c210
36bc338d4454d68ba19d0b4ad84e5b9bd5cc04d8f1f97d0a6481a8044b76fa95
36d917fd43e64fdc614835cab757b6d79cd69209a68b451321cfa435b8860386
3c1ea25785699db7e923bf7f8c2fd663d6996993b32e80fc6fe237b51af5de7a
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e6131330963c472b950b8aaf544ba3829735b8ccb103d614ba7793e3a786550
3e93e7a98a1795f470f9346f7381b72965ff2c593a746718e440371aaae85fa6
3e9b76cd18916b141392804403064f5b92bcbf054ca0b20036d44b04405fd854
3ecaf7a3e204b75b122c215abe539ee5e93a5e25fff818a5916760d6f03ea824
3ef7afff6672c49b3dfa433d80de64c844be0c60d93b6af9b1768c24cf7d39a7
3effa5429ad880eda7a2f410aabc03355ab50bda56390019c0e4577f1b5a00da
41b1c7d6af05be020550025a5e45f94ea6f122654d5c783ce4abddbf66197776
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
443ba0af7a7ed827223c7fb3c008c02b9ff1d651b6492e9c270378b07d9f6008
445d907172a2bf29b119fecb54a2c2cad1a2eda934f9c887e4c1c923789108d7
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
44d5486ab2f70ac86114bbe3ba75cca3ec5b407845f08215e0f7c8bf0c75c7a2
44d949ed99fb4895254e9b655291be8096ea66b282d5ab549062b908892f149a
44f9763ddabfef2cb5faeb9fc9a33e8bfd81cd855c0d092f700fdd4e9f29406e
45743628005c1325350b32432d73edef162a495e5e260b1f8e5e585e26ee81de
465726c1fc7cd0e6ff5a19fdf03a20d95e13f8e5c255c157df0428e3370cfd99
46aedab68dfd1dbd62d158f44e0f4867424040521ace073d2cac8751e2a4a50c
4752d6ebb987080a0caca87a76e9e159836fc8b63214fa9bdb36a2c335c767c0
487edb5b8568e3b54881c2ba7f8b1295c78908f5c53dbe8ef8e6fc737f3e7ca4
49a3c422d58f6290447bce90a917d620f73930bb2948b8eefe6f35b297b5ba23
49f4b8f74f0057a33c9c7a9e0333477a9b8588104b6c6b3ae2da4f33a4664ab1
4b3b00234df4da1f9594dd6d05252c7529bfb37548078fc9ecf41c1811df3711
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bffb0db717d36ea70b90a0d672647a3cc8797a93061be9b863d831fa93a9831
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e41610204ac609bd419f80a40413771b11df011863735a9bdd84f5d51c7c095
4f3d35c6c4f11dcb2d162feb950a605448fa97de5c9b8d58109ef52eb167d566
52779a67150f625eba1a786dafffae9ddcbdbb0f3271bf5ee9332245988cd7ae
53327d1c55cd5f6aec4c686f3ba84c17c8fdcea1d62760bb61f3d45ef504566d
53980dec65aa0766875e758fdee2d1cacca5635158a40638afafde8bcb9c8e7e
545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
553d87708fad8d5375f6d908703797187c0b248ec21bbce0f551bf688bf17931
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
59b76a96d782cd0b78b23230e7c44d1773aa8166e3985c96affec9026437aec9
59c48654847cab7c894b4e49aed73de1a4141c27e501d72dd1117a356ef0f069
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5a8fec3c4a16262ecaa3bb9de610f13ba27c1ae1699af37faa43a6cd1ebcc52d
5d3a9547f3ac1a0f55d23965a04ce04c7abf2caa2cb7e0eb411002e672f1130b
5e3b1f3ac65a8112fa728b8874454d4876cf4d5787e08175abe9e6af80ef8322
616f18c3b199d1dca9e4c25edcb5b7b5f7affe7a0794b838c32cf7c49874f20c
61e6bb7dc98f8adb836fc72a8fdd38c6cfb48a0e71d3c58ffc2943217764ef40
62d89588588a8dfb2b6db5704f2ef856c5435ff2d32c4dda09cbf6a50eac0a5e
647027d64b0b4d0632aebd3bac36db0bb22f6cda29b493af4f091717157a93ca
654325663f600c925cd64f27cbd3b104bfbd7c731b0f11389d83a3bc1ba40cd7
65502342e7cf974e77cf11306ba0c9286a871cee025ff1f39f22de317be5e838
665c821aeea335cd62853185ad825a4b04c82336675da0d55a85dbb99cf4e8c6
67e83360c1899059ca090a581bff375f4061dbfb87373cb97cfcd7f9171a480e
68884651e04059f54d0f39103185aac113e56724030e546d64b20972c5e8ada2
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d161e98e47ae150b51211443eef37040fb6269dcf85ad2048548066dca99e6f
708eda67c33efe4faab84ee6f81f69d28c38d7584c8716b2dc16a049d133c7bf
70e1167580f8ff73e8b5b68d837e09a675216ab29f0bc81931b1ca8c8b0a9a58
710415c4758deaf0933c0e9a85ae6cd2dc9a4aa5c26460f31dcfa7636bba007a
71e71947e14e056db8dfe955894ca7ae88b0dbe55dad48c6b9270de946b2ecb8
725a72e4c7e67bec83f0504963f37d2d0ca9bb7869b6da94749a812c04a23c42
747de6a4fcd656b37cbcee5a4297bf474c3c2a37c0dde1a84aa03baa495e7bef
7691709e6ed9c18787e38b8318d15eff9b1455f412f86ca90b27d6ac338dfcc7
76e2bca54d321dfd4cebf8797b2c9a81ccb1c0619d4da3a7c53d4e6228c5a61d
78cada0d0ef4f1560d0bf4022a53790fad68297d09099dbbb3628d8dc62c9275
79c9df4ce4d6688a62253d0c2c7f32ecb27ea683f7e593b265371f4375ab4bdf
7a5b0199c6fb4de2cc1f6f1b1e69ed74fd456472c187b18e88804bae3f82dfc8
7bd989795dc3899a9234869ec0bf8c7dee665a332ae8fc6f7cd34eb4df229048
7c6cd85ee4d226f9ccf8d165ec9d44bbed7b3872a007c95567639345f0d511dc
7e94860a4b96ad96ec36a7e5b9df06576a2145e14ff24a9ca3db254ad1456437
8024acec341dcc8141dd3175d206cbb1c81d8141254363751ad0ab5f91af3e12
8250a1bc2682e8826ae3d7647ee94059def19643f0034144c9d8e18cf0629ed0
82a8e0e7680644103491c61687d900ccef00ffe78e3a29d9464ae7424069537b
8309531b6b2107c16edd77efa774374f935a7924a84c7bae72973f19b962e0e5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85f0b9ca412b1b2c5ce84007871323a0d6f3e532e7b8a726026b458a1656c1df
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
89192623f01907db9e2db2a307ae59c0dd5170e1cbbd1f7854e4b5485f24a530
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
8a5b549f97ff7e1523fed10f7de1b2bd371e1d07a9a5ffb748520609b348bb5d
8c43db75ba0b832516a5698991210808c1d06e45bb6b95d88b9ba336f3413766
8ec10bed3af6096be5743e3e5dce99ea22832a46b86f13e19e68966a52fe63b8
914db0118f1e311ebdb96176dfb3b0ffb21c5d57865ddccfc9f9cfb28c2d7144
97894d5d517bdace45e5737e6288178fe70c289d2b8e326ac82f3fa88ec92c58
97f5bc236e0957f97b1cd816c850e067d38d794990644cf0100be692fe47f276
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a360fc3b255d7c649ffdd07ab330df23d0018ed8f71c4c619660f97bec81f0a
9f89353ede1ede64b0e64cd1629dfdeaa1397ddc1cb611bc4ba80170465e0673
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4df654661d6a1770cd4d647cf1a16adc085a300d1e521e9bc9f2c133d4e22a5
af40864cb09a9463e558472afa4cb4d935d2bff2fad08e4db4cf33fcd5ccf9de
af4fbe58ad267b229e18b5efac450d06c4d7386211899999c16b95e0bd75c286
afb60239152b2ab1e5d44c2376662da21a98e3fe19cebdb891660bfa23bb3d4b
b0c5713b0404676e491cdfba01ffd6aaf0dce9227bde577b4178afde264c9841
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b19d141626adeb00fb1083db2962ddf804c9c950c70efaa3caad2923825bef2e
b33deed37e74f16cf17b9164d63a89f7966b78e3ed76b2fdcf0248eb60f0b858
b3ae1db95ac322cbd656af3757878b35c4878e778fcf53a2cdade17fbadc21aa
b5aae3b92b530b0b751a307b0205461da8993bf520abf775b206004e9cd10108
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb9992345b0fc5a4952e6481b5093dd41db7f458aa8a68b7eeedf6a787fdd08d
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bde3b71f93b22cd94edb3a80c7ca8dc84e6e90f0609084d6254c7b82a1f59fb5
be5349d4081fecf915783ec56264da71a51dc0e8171fd4556d1c7ea43ba1ba30
c051b8b5eb2a0aef699780f15a449491868faa6f8b39b684b5ae8f64f345b94a
c6c7368ee2a3a9d820258824f544be9ef045516be05fde679c010d37d3f01188
c7d26650e92cefe3dca2d12dbc1524fbbed818e854aa3a18a7c74520873f8441
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
ca39ac222b96ad03fed23dadf5a970f06e0fa546566e8fb22c32c1e1dd555f47
ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa
ca8f4dbd438e1cd09c1cc3566b135ec77fc1a553c180057e5e71b832c50cb036
cdbf143856a375cc4f975c8cd17edc52f04ebf0952d96944bf027290fe9ad28e
d1146849b14934539a02490c2934b135178838306e98e2a490a8aac3206f8036
d23369096b16514e42ec85aa9495bebeed9569aee7d01e2feb52c2fff4e626b1
d2e4914ae962acd061798de5379f9e74b461e90543002cf3f284d6a29dcd5f23
d34714f028b8a056625c6cc214a4a2456052e03cee9bac45c19b138f4560b368
d82b41bdb1dd724c9b8e802e72405ef52aabd5557ac870db13ed0da796a719cc
d8e8e121a8ec7359a4284eca6a2f38e711d7c8792436cc0da4dd30275cec0a6e
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dd03eda5317d9d62243195e41b4b52d55640561480d2682fcf6daf9b90987434
dd1265f45f58690e651a2795df3748cdcf49c21209e002296456f4799491ae6d
dddd61772cbcff08a8335f20961a7e4023d21e7cdd38c587b838d4f7c7881379
de599393ee2636d282e2724a638bd0bcb77bef4dad10207b5beb406df96e9847
df2698e6cf74ed890afa92da10051f880df2ce0b3257b73c5d9ae2f6bea82d3c
dfa7e58767024c50ef0fa632e01eba77015cbd603b0692ab483e8270c37b7745
e16e05db60d88b2b5e1866fddf94b16071ac8b61c5dd5028cf401d91f8d6f2c1
e18926f5fdce4307ef7ec3bdc65329c50ba9231ddb8b1a4da8c8d83f7ae3e975
e2310cdd13a9432e8234e690dd787286e1daf5603559a8d4eab22d38d4085899
e2a15aea407608171d7de61ae39a04e98e57280800688cc05b54c82006d8cdb8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3dcd1c22c0109630f06bb782eddd1db4910dbedc483193a7276dcd07e6d4651
e83dc119745c93e5eb29ffac21b9809af235d091f3d55f909d4e74758a0cd090
eccd7c6d1e93a69b1ca4b50bb48e3359b2aa029b4ca854bd308fad32174c0af1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f05ac9ba83369cd58d06d8ee2e5f8d61c040d30d044e20752153f95577627dc6
f557768dc0c8791b80b0d6415b9c5d292503431d5c48f155e23f335883c7fe4c
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f8bdb531d36caf4bb43071d1be58a2d1b153d3a403f4b8f4e6a919dd46213f47
f93c8551f65ba377f486fa012b49c4fdfbb3247cb0fa9aa1f7f084ea2cb36edf
faaf63b94b9756fc1891adaddce76acddd0be07b78a00c03ac6c60d6a577a684
fec978c0a4d98ce499aec165c8b4f638938b75782fc62d7ae3edd6a53f208a1f
fef32ae82d6491d9f226abb4babbc2e31abcff70ee4cb29ea2fbf91bd81ed402

fraud.net Open in urlscan Pro 199.16.173.27 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

207 Requests

92 %HTTPS

47 %IPv6

45 Domains

67 Subdomains

59 IPs

6 Countries

5561 kBTransfer

12171 kBSize

68 Cookies

4 Outgoing links

Redirected requests

207 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

fraud.net Open in urlscan Pro
199.16.173.27 Public Scan

Screenshot
Live screenshot

Full Image

207
Requests

92 %
HTTPS

47 %
IPv6

45
Domains

67
Subdomains

59
IPs

6
Countries

5561 kB
Transfer

12171 kB
Size

68
Cookies

207 HTTP transactions
4 data transactions