fraud.net Open in urlscan Pro
199.16.173.27 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://fraudnet.tellwise.com/rest/v1/url/redirect/eyJJZCI6MTA4NDUyNDE2Mzk3ODIyOCwiSW52aXRhdGlvbklkIjoxMTE0MjUzNzA1MDMyOTE3fQ
Effective URL:
https://fraud.net/
Submission: On August 17 via api (August 17th 2022, 4:02:51 am UTC) from SG — Scanned from DE

Summary HTTP 200 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 56 IPs in 7 countries across 44 domains to perform 200 HTTP transactions. The main IP is 199.16.173.27, located in United States and belongs to AUTOMATTIC, US. The main domain is fraud.net. The Cisco Umbrella rank of the primary domain is 130792.
TLS certificate: Issued by R3 on July 26th 2022. Valid for: 3 months.

This is the only time fraud.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:440... 2606:4700:4400::ac40:9421	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 25	199.16.173.27 199.16.173.27	2635 (AUTOMATTIC) (AUTOMATTIC)
57	192.0.77.39 192.0.77.39	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
2	162.159.128.61 162.159.128.61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:b949	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:14a0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.225.78.14 13.225.78.14	16509 (AMAZON-02) (AMAZON-02)
2 13	2600:9000:225... 2600:9000:225e:e200:6:9280:1080:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:d5cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.66.112.78 18.66.112.78	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700::68... 2606:4700::6810:a852	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	199.232.18.109 199.232.18.109	54113 (FASTLY) (FASTLY)
5	2606:4700::68... 2606:4700::6810:5905	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	134.122.57.141 134.122.57.141	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
8	167.99.251.246 167.99.251.246	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	52.22.228.39 52.22.228.39	14618 (AMAZON-AES) (AMAZON-AES)
1	13.224.189.42 13.224.189.42	16509 (AMAZON-02) (AMAZON-02)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	162.159.138.60 162.159.138.60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:81ab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:43b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::ac40:9a55	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:eacc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.0.155.81 52.0.155.81	14618 (AMAZON-AES) (AMAZON-AES)
1 1	35.168.171.75 35.168.171.75	14618 (AMAZON-AES) (AMAZON-AES)
1	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.224.189.10 13.224.189.10	16509 (AMAZON-02) (AMAZON-02)
2	34.120.202.204 34.120.202.204	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
12 15	3.221.212.10 3.221.212.10	14618 (AMAZON-AES) (AMAZON-AES)
7	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2620:1ec:27::... 2620:1ec:27::cafe:1644	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
1	34.255.240.59 34.255.240.59	16509 (AMAZON-02) (AMAZON-02)
3	143.244.60.109 143.244.60.109	60068 (CDN77 ^_^) (CDN77 ^_^)
1 2	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	70.42.32.95 70.42.32.95	13789 (INTERNAP-...) (INTERNAP-BLK3)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1	52.45.33.138 52.45.33.138	14618 (AMAZON-AES) (AMAZON-AES)
1 2	35.211.178.172 35.211.178.172	19527 (GOOGLE-2) (GOOGLE-2)
1 2	185.89.210.46 185.89.210.46	29990 (ASN-APPNEX) (ASN-APPNEX)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1 1	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
3	52.224.31.34 52.224.31.34	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	34.117.177.207 34.117.177.207	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	20.234.93.27 20.234.93.27	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
200	56

1 2606:4700:4400::ac40:9421 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

fraudnet.tellwise.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 199.16.173.27 (United States) 1 redirects

ASN2635 (AUTOMATTIC, US)

fraud.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

57 192.0.77.39 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

149360532.v2.pressablecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.159.128.61 (None, )

ASN13335 (CLOUDFLARENET, US)

player.vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:b949 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:14a0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-14.fra2.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2600:9000:225e:e200:6:9280:1080:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d5cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-78.fra56.r.cloudfront.net

media.fraud.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a852 (United States)

ASN13335 (CLOUDFLARENET, US)

ws.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 199.232.18.109 (Vienna, Austria)

ASN54113 (FASTLY, US)

i.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
f.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6810:5905 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
perf.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 134.122.57.141 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

app.convolo.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 167.99.251.246 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

front.optimonk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.22.228.39 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-228-39.compute-1.amazonaws.com

secure.gaug.es	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-42.fra2.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.159.138.60 (None, )

ASN13335 (CLOUDFLARENET, US)

vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:81ab (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:43b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9a55 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:eacc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.0.155.81 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-155-81.compute-1.amazonaws.com

device.fraud.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.168.171.75 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-168-171-75.compute-1.amazonaws.com

aorta.clickagy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.215.191 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-10.fra2.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.202.204 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 204.202.120.34.bc.googleusercontent.com

fresnel.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 3.221.212.10 (Ashburn, United States) 12 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-221-212-10.compute-1.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:27::cafe:1644 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.255.240.59 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-240-59.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.244.60.109 (Chicago, United States)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-143-244-60-109.datapacket.com

gs-cdn.optimonk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn-asset.optimonk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn-renderer.optimonk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.19.126 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.42.32.95 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.45.33.138 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-33-138.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.211.178.172 (North Charleston, United States) 1 redirects

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.210.46 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.224.31.34 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

h.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.177.207 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 207.177.117.34.bc.googleusercontent.com

jfapiprod.optimonk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.234.93.27 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
57	pressablecdn.com 149360532.v2.pressablecdn.com	3 MB
28	adroll.com 14 redirects s.adroll.com — Cisco Umbrella Rank: 2181 d.adroll.com — Cisco Umbrella Rank: 1521	143 KB
28	fraud.net 1 redirects fraud.net — Cisco Umbrella Rank: 130792 media.fraud.net — Cisco Umbrella Rank: 149589 device.fraud.net — Cisco Umbrella Rank: 294035	190 KB
15	gstatic.com fonts.gstatic.com www.gstatic.com	832 KB
12	optimonk.com front.optimonk.com — Cisco Umbrella Rank: 20982 gs-cdn.optimonk.com — Cisco Umbrella Rank: 26013 cdn-asset.optimonk.com — Cisco Umbrella Rank: 47857 cdn-renderer.optimonk.com — Cisco Umbrella Rank: 127742 jfapiprod.optimonk.com — Cisco Umbrella Rank: 23825	122 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 547 h.clarity.ms — Cisco Umbrella Rank: 5385 c.clarity.ms — Cisco Umbrella Rank: 996	26 KB
7	google.com www.google.com — Cisco Umbrella Rank: 10	74 KB
7	vimeocdn.com i.vimeocdn.com — Cisco Umbrella Rank: 2896 f.vimeocdn.com — Cisco Umbrella Rank: 3063 fresnel.vimeocdn.com — Cisco Umbrella Rank: 2911	257 KB
5	hsforms.com forms.hsforms.com — Cisco Umbrella Rank: 4139 perf.hsforms.com — Cisco Umbrella Rank: 9440	3 KB
4	hubspot.com forms.hubspot.com — Cisco Umbrella Rank: 2845 track.hubspot.com — Cisco Umbrella Rank: 2017	4 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 361 www.linkedin.com — Cisco Umbrella Rank: 491 px4.ads.linkedin.com — Cisco Umbrella Rank: 5619	3 KB
4	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 642 script.hotjar.com — Cisco Umbrella Rank: 770 vars.hotjar.com — Cisco Umbrella Rank: 803 in.hotjar.com — Cisco Umbrella Rank: 1526	69 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 351 c.bing.com — Cisco Umbrella Rank: 195	13 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	402 B
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 155	195 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 52	64 KB
3	vimeo.com player.vimeo.com — Cisco Umbrella Rank: 1722 vimeo.com — Cisco Umbrella Rank: 1598	17 KB
2	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 238	2 KB
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 292	1 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 530	2 KB
2	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 cm.g.doubleclick.net — Cisco Umbrella Rank: 208	2 KB
2	gaug.es secure.gaug.es — Cisco Umbrella Rank: 28656	4 KB
1	openx.net us-u.openx.net — Cisco Umbrella Rank: 396	273 B
1	yahoo.com ups.analytics.yahoo.com — Cisco Umbrella Rank: 277	124 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 411	140 B
1	taboola.com sync.taboola.com — Cisco Umbrella Rank: 933	90 B
1	pubmatic.com image2.pubmatic.com — Cisco Umbrella Rank: 869	494 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 686	308 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 326	239 B
1	google.de www.google.de — Cisco Umbrella Rank: 5596	548 B
1	bluekai.com stags.bluekai.com — Cisco Umbrella Rank: 495	227 B
1	clickagy.com 1 redirects aorta.clickagy.com — Cisco Umbrella Rank: 1604	524 B
1	hsleadflows.net js.hsleadflows.net — Cisco Umbrella Rank: 3989	88 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 1934	16 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 1927	20 KB
1	hscollectedforms.net js.hscollectedforms.net — Cisco Umbrella Rank: 4461	25 KB
1	convolo.ai app.convolo.ai	226 B
1	zoominfo.com ws.zoominfo.com — Cisco Umbrella Rank: 5017	2 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2160	1003 B
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 734	3 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 125	16 KB
1	hsforms.net js.hsforms.net — Cisco Umbrella Rank: 6388	147 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 94	72 KB
1	tellwise.com 1 redirects fraudnet.tellwise.com	629 B
200	44

	Domain	Requested by
57	149360532.v2.pressablecdn.com	fraud.net
25	fraud.net	1 redirects fraud.net 149360532.v2.pressablecdn.com
15	d.adroll.com	12 redirects s.adroll.com fraud.net
13	s.adroll.com	2 redirects www.googletagmanager.com fraud.net s.adroll.com d.adroll.com
8	www.gstatic.com	www.google.com www.gstatic.com
8	front.optimonk.com	fraud.net front.optimonk.com
7	www.google.com	js.hsforms.net fraud.net www.gstatic.com www.google.com
7	fonts.gstatic.com	fraud.net
4	forms.hsforms.com	js.hsforms.net fraud.net
3	h.clarity.ms	www.clarity.ms
3	www.facebook.com	fraud.net
3	f.vimeocdn.com	player.vimeo.com
3	connect.facebook.net	fraud.net connect.facebook.net
3	bat.bing.com	www.googletagmanager.com bat.bing.com fraud.net
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	c.clarity.ms	1 redirects
2	track.hubspot.com
2	ib.adnxs.com	1 redirects fraud.net
2	x.bidswitch.net	1 redirects fraud.net
2	dsum-sec.casalemedia.com	1 redirects fraud.net
2	forms.hubspot.com	js.hscollectedforms.net js.hsleadflows.net
2	www.clarity.ms	bat.bing.com www.clarity.ms
2	fresnel.vimeocdn.com	f.vimeocdn.com
2	device.fraud.net	media.fraud.net
2	px.ads.linkedin.com	2 redirects
2	secure.gaug.es	fraud.net
2	i.vimeocdn.com	player.vimeo.com
2	player.vimeo.com	fraud.net
1	c.bing.com	1 redirects
1	jfapiprod.optimonk.com	gs-cdn.optimonk.com
1	cdn-renderer.optimonk.com	front.optimonk.com
1	cdn-asset.optimonk.com	front.optimonk.com
1	cm.g.doubleclick.net	1 redirects
1	us-u.openx.net	fraud.net
1	ups.analytics.yahoo.com	fraud.net
1	eb2.3lift.com	fraud.net
1	sync.taboola.com	fraud.net
1	image2.pubmatic.com	fraud.net
1	sync.outbrain.com	fraud.net
1	pixel.rubiconproject.com	fraud.net
1	perf.hsforms.com	fraud.net
1	gs-cdn.optimonk.com	front.optimonk.com
1	in.hotjar.com	script.hotjar.com
1	www.google.de	fraud.net
1	vars.hotjar.com	static.hotjar.com
1	stags.bluekai.com	fraud.net
1	aorta.clickagy.com	1 redirects
1	js.hsleadflows.net	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hscollectedforms.net	js.hs-scripts.com
1	vimeo.com	f.vimeocdn.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	px4.ads.linkedin.com	fraud.net
1	www.linkedin.com	1 redirects
1	script.hotjar.com	static.hotjar.com
1	app.convolo.ai	fraud.net
1	ws.zoominfo.com	fraud.net
1	media.fraud.net	www.googletagmanager.com
1	js.hs-scripts.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	js.hsforms.net	fraud.net
1	www.googletagmanager.com	fraud.net
1	fraudnet.tellwise.com	1 redirects
200	66

This site contains links to these domains. Also see Links.

Domain
api-docs.fraud.net
portal.fraud.net
www.linkedin.com
www.facebook.com
landing.optimonk.com

Subject Issuer	Validity	Valid
tls.automattic.com R3	`2022-07-26` - `2022-10-24`	3 months	crt.sh
*.v2.pressablecdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-04-01` - `2023-03-31`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-06-10` - `2022-12-10`	6 months	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
s.adroll.com Amazon	`2022-07-03` - `2023-08-01`	a year	crt.sh
*.fraud.net Amazon	`2021-10-11` - `2022-11-09`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-05-26` - `2022-08-24`	3 months	crt.sh
zoominfo.com Cloudflare Inc ECC CA-3	`2022-05-04` - `2023-05-04`	a year	crt.sh
*.vimeocdn.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-05-17` - `2023-06-18`	a year	crt.sh
icallback.leadcm.com R3	`2022-08-16` - `2022-11-14`	3 months	crt.sh
*.optimonk.com AlphaSSL CA - SHA256 - G2	`2022-05-16` - `2023-06-17`	a year	crt.sh
*.gaug.es Sectigo RSA Domain Validation Secure Server CA	`2022-02-18` - `2023-03-20`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
vimeo.com Cloudflare Inc ECC CA-3	`2022-03-18` - `2023-03-17`	a year	crt.sh
fresnel.vimeocdn.com GTS CA 1D4	`2022-08-04` - `2022-11-02`	3 months	crt.sh
adroll.mgr.consensu.org Amazon	`2022-08-11` - `2023-09-09`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-02-27` - `2023-02-27`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2022-03-08` - `2023-03-07`	a year	crt.sh
gs-cdn.optimonk.com R3	`2022-08-01` - `2022-10-30`	3 months	crt.sh
cdn-asset.optimonk.com R3	`2022-08-01` - `2022-10-30`	3 months	crt.sh
cdn-renderer.optimonk.com R3	`2022-08-06` - `2022-11-04`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 02	`2022-06-07` - `2023-06-02`	a year	crt.sh
jfapiprod.optimonk.com GTS CA 1D4	`2022-08-07` - `2022-11-05`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://fraud.net/
Frame ID: 207AC8F0F22D58C4DF72A590188BDCEB
Requests: 175 HTTP requests in this frame

Frame: https://player.vimeo.com/video/235637953
Frame ID: 2A2F2237A9006AE9BA62C50E1E920B6D
Requests: 9 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-1ada912494ba7fc7aca15fcef1c2a7ae.html
Frame ID: 5EED4CBBB6FBE1A03BA221A99E836692
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9mcmF1ZC5uZXQ6NDQz&hl=de&v=mq0-U1BHZ5YTcoDC-CvsLPNc&size=invisible&badge=inline&cb=nfzp87z2vdeq
Frame ID: B8EF49FD4DE2E7D53FACCE89D66C7E72
Requests: 4 HTTP requests in this frame

Frame: https://cdn-renderer.optimonk.com/ssr/177110/62f2b0b960ab400023076b7b.html?v=1660245683
Frame ID: A492899605A49E0ADDADB29ACAFEE73B
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 96AD4C7CBEEA122444FC240619979191
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/bframe?hl=de&v=mq0-U1BHZ5YTcoDC-CvsLPNc&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Frame ID: 196955ABD7FB2F41101CD59AF16EF36D
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Fraud.net | AI Fraud Detection and Prevention for Enterprises

Page URL History Show full URLs

https://fraudnet.tellwise.com/rest/v1/url/redirect/eyJJZCI6MTA4NDUyNDE2Mzk3ODIyOCwiSW52aXRhdGlvbklkIjoxMTE... HTTP 302
http://fraud.net/ HTTP 301
https://fraud.net/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:a|s)\.adroll\.com

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

200
Requests

92 %
HTTPS

41 %
IPv6

44
Domains

66
Subdomains

56
IPs

7
Countries

5341 kB
Transfer

11463 kB
Size

70
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://api-docs.fraud.net/
Title: Developers

Search URL Search Domain Scan URL

URL: https://portal.fraud.net/login
Title: Login

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/fraud-net/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Fraudnet/

Search URL Search Domain Scan URL

URL: https://landing.optimonk.com/powered-by-optimonk/?utm_source=link&utm_medium=optimonk_popup&utm_campaign=177110&domain=fraud.net
Title: Made with ♥️ by OptiMonk

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://fraudnet.tellwise.com/rest/v1/url/redirect/eyJJZCI6MTA4NDUyNDE2Mzk3ODIyOCwiSW52aXRhdGlvbklkIjoxMTE0MjUzNzA1MDMyOTE3fQ HTTP 302
http://fraud.net/ HTTP 301
https://fraud.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 104

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=186217&time=1660708960923&url=https%3A%2F%2Ffraud.net%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D186217%26time%3D1660708960923%26url%3Dhttps%253A%252F%252Ffraud.net%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=186217&time=1660708960923&url=https%3A%2F%2Ffraud.net%2F&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=186217&time=1660708960923&url=https%3A%2F%2Ffraud.net%2F&liSync=true&e_ipv6=AQIT3Ad32OXoXwAAAYKp970vGvbi2Yi-PjrzSNHGG36PVdpaQyZu_BB8x0aDZJUJprZtf_6LLzF2

Request Chain 105

https://s.adroll.com/j/exp/HVT2SOYWOBESJB535C7MUS/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 106

https://s.adroll.com/j/pre/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM/fpconsent.js HTTP 302
https://s.adroll.com/j/pre/index.js

Request Chain 120

https://aorta.clickagy.com/pixel.gif?ch=278&cm=1b87f4263451535d0b245f25812af4453c5d66d42f5735ca5d8fdb84f9225bf6 HTTP 302
https://stags.bluekai.com/site/51557?id=c:d54587c0c39889b37442c588d37a454f&redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D122%26cm%3D$_BK_UUID&BKUUID=$_BK_UUID&limit=1

Request Chain 136

https://d.adroll.com/pixel/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM?adroll_fpc=9284a370f31389a828cd589c2c97a878-1660708961616&arrfrr=https%3A%2F%2Ffraud.net%2F&pv=17177436987.624462&cookie=&adroll_s_ref=&keyw= HTTP 302
https://s.adroll.com/pixel/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM/6SMH2DHXINFNDD52UNEEKG.js

Request Chain 150

https://d.adroll.com/cm/index/out?adroll_fpc=9284a370f31389a828cd589c2c97a878-1660708961616&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=ODI2YmI3ZmU5MjUwYzZiZWZjZGExMWMwM2NiYWU4ZjA&expiration=1692244961 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=ODI2YmI3ZmU5MjUwYzZiZWZjZGExMWMwM2NiYWU4ZjA&expiration=1692244961&C=1

Request Chain 151

https://d.adroll.com/cm/n/out?adroll_fpc=9284a370f31389a828cd589c2c97a878-1660708961616&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS HTTP 302
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=ODI2YmI3ZmU5MjUwYzZiZWZjZGExMWMwM2NiYWU4ZjA&expires=365

Request Chain 152

https://d.adroll.com/cm/outbrain/out?adroll_fpc=9284a370f31389a828cd589c2c97a878-1660708961616&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS HTTP 302
https://sync.outbrain.com/cookie-sync?p=adroll&uid=ODI2YmI3ZmU5MjUwYzZiZWZjZGExMWMwM2NiYWU4ZjA

Request Chain 153

https://d.adroll.com/cm/pubmatic/out?adroll_fpc=9284a370f31389a828cd589c2c97a878-1660708961616&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=ODI2YmI3ZmU5MjUwYzZiZWZjZGExMWMwM2NiYWU4ZjA&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA

Request Chain 154

https://d.adroll.com/cm/taboola/out?adroll_fpc=9284a370f31389a828cd589c2c97a878-1660708961616&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS HTTP 302
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=ODI2YmI3ZmU5MjUwYzZiZWZjZGExMWMwM2NiYWU4ZjA

Request Chain 155

https://d.adroll.com/cm/triplelift/out?adroll_fpc=9284a370f31389a828cd589c2c97a878-1660708961616&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS HTTP 302
https://eb2.3lift.com/xuid?mid=4714&xuid=ODI2YmI3ZmU5MjUwYzZiZWZjZGExMWMwM2NiYWU4ZjA&dongle=c85e

Request Chain 156

https://d.adroll.com/cm/r/out?adroll_fpc=9284a370f31389a828cd589c2c97a878-1660708961616&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS HTTP 302
https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=ODI2YmI3ZmU5MjUwYzZiZWZjZGExMWMwM2NiYWU4ZjA&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Request Chain 157

https://d.adroll.com/cm/b/out?adroll_fpc=9284a370f31389a828cd589c2c97a878-1660708961616&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS HTTP 302
https://x.bidswitch.net/sync?dsp_id=44&user_id=ODI2YmI3ZmU5MjUwYzZiZWZjZGExMWMwM2NiYWU4ZjA HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=ODI2YmI3ZmU5MjUwYzZiZWZjZGExMWMwM2NiYWU4ZjA

Request Chain 158

https://d.adroll.com/cm/x/out?adroll_fpc=9284a370f31389a828cd589c2c97a878-1660708961616&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS HTTP 302
https://ib.adnxs.com/setuid?entity=172&code=ODI2YmI3ZmU5MjUwYzZiZWZjZGExMWMwM2NiYWU4ZjA HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DODI2YmI3ZmU5MjUwYzZiZWZjZGExMWMwM2NiYWU4ZjA

Request Chain 160

https://d.adroll.com/cm/o/out?adroll_fpc=9284a370f31389a828cd589c2c97a878-1660708961616&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537103138&val=826bb7fe9250c6befcda11c03cbae8f0&gdpr=1&gdpr_consent=

Request Chain 161

https://d.adroll.com/cm/g/out?adroll_fpc=9284a370f31389a828cd589c2c97a878-1660708961616&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS&google_nid=adroll5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=gmu3_pJQxr782hHAPLro8A HTTP 302
https://d.adroll.com/cm/g/in

Request Chain 200

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=B2A1FE66F3D84361B129A53BD90A0D39&RedC=c.clarity.ms&MXFR=2457AE193B766B97306BBC1A3F7665FB HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=B2A1FE66F3D84361B129A53BD90A0D39&MUID=151F3D787F726C6018E52F7B7E196D4F

200 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
fraud.net/
Redirect Chain

https://fraudnet.tellwise.com/rest/v1/url/redirect/eyJJZCI6MTA4NDUyNDE2Mzk3ODIyOCwiSW52aXRhdGlvbklkIjoxMTE0MjUzNzA1MDMyOTE3fQ
http://fraud.net/
https://fraud.net/

155 KB
25 KB

1351ms
1307ms

Document
text/html

199.16.173.27
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.173.27 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

d204f93733c912ed547bb2cb358c3eb14cdb8431717c100cfc272d141e889f08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: false
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 17 Aug 2022 04:02:39 GMT
host-header: Pressable
link: <https://fraud.net/wp-json/>; rel="https://api.w.org/" <https://fraud.net/wp-json/wp/v2/pages/89913>; rel="alternate"; type="application/json" <https://fraud.net/>; rel=shortlink
referrer-policy: no-referrer-when-downgrade
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding Cookie
x-ac: 1.hhn _atomic_ams
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Wed, 17 Aug 2022 04:02:38 GMT
Location: https://fraud.net/
Server: nginx
X-ac: 1.hhn _atomic_ams

GET
H2 200 1652993086-cssff82264811ee29f5a4261ccae8ec30b852a82d9850cd07102d9d31abadbf4.css
fraud.net/wp-content/cache/fvm/min/ 87 KB
12 KB 129ms
125ms Stylesheet
text/css 199.16.173.27
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-content/cache/fvm/min/1652993086-cssff82264811ee29f5a4261ccae8ec30b852a82d9850cd07102d9d31abadbf4.css

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.173.27 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

ba7b82d9d16ac950df1afaa1e10d1abcc431ec28da55a60c4fce1ff179cd1f43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 12 Jul 2022 18:49:54 GMT
server: nginx
etag: W/"62cdc252-15b7b"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
date: Wed, 17 Aug 2022 04:02:39 GMT
x-ac: 1.hhn _atomic_ams
expires: Wed, 24 Aug 2022 04:02:39 GMT

GET
H2 200 1652993086-css8c72dae05514e89988af6d08b5f840e573a18d8f01c21b798c83084958180.css
fraud.net/wp-content/cache/fvm/min/ 5 KB
660 B 126ms
123ms Stylesheet
text/css 199.16.173.27
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-content/cache/fvm/min/1652993086-css8c72dae05514e89988af6d08b5f840e573a18d8f01c21b798c83084958180.css

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.173.27 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

708eda67c33efe4faab84ee6f81f69d28c38d7584c8716b2dc16a049d133c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Thu, 19 May 2022 20:46:16 GMT
server: nginx
etag: W/"6286ac98-142d"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
date: Wed, 17 Aug 2022 04:02:39 GMT
x-ac: 1.hhn _atomic_ams
expires: Wed, 24 Aug 2022 04:02:39 GMT

GET
H2 200 1652993086-css0cea05994268f5cf3a543462546f87bf1b2782e59a31f13d18645885a0da1.css
fraud.net/wp-content/cache/fvm/min/ 7 KB
1 KB 125ms
122ms Stylesheet
text/css 199.16.173.27
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-content/cache/fvm/min/1652993086-css0cea05994268f5cf3a543462546f87bf1b2782e59a31f13d18645885a0da1.css

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.173.27 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

924573d57883f97e7634866b0c9156c27f5a4a6bf46c06031939ff0cac612e8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 12 Jul 2022 18:49:54 GMT
server: nginx
etag: W/"62cdc252-1d02"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
date: Wed, 17 Aug 2022 04:02:39 GMT
x-ac: 1.hhn _atomic_ams
expires: Wed, 24 Aug 2022 04:02:39 GMT

GET
H2 200 1652993086-cssd59be971c65a1a7689ac18d7faecdf8b5e4d49904b72ee94abf2dc8bdd075.css
fraud.net/wp-content/cache/fvm/min/ 7 KB
1 KB 127ms
124ms Stylesheet
text/css 199.16.173.27
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-content/cache/fvm/min/1652993086-cssd59be971c65a1a7689ac18d7faecdf8b5e4d49904b72ee94abf2dc8bdd075.css

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.173.27 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

9ff962fdd1bce968cb80b0fbc490d734c8183b952c03db1f6a3639a4a55d7c71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 12 Jul 2022 18:49:55 GMT
server: nginx
etag: W/"62cdc253-1c98"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
date: Wed, 17 Aug 2022 04:02:39 GMT
x-ac: 1.hhn _atomic_ams
expires: Wed, 24 Aug 2022 04:02:39 GMT

GET
H2 200 1652993086-csse4fc62df10e0eab8419c68deea7922c614466483a077098ed1e29b4e26d20.css
fraud.net/wp-content/cache/fvm/min/ 16 KB
3 KB 126ms
124ms Stylesheet
text/css 199.16.173.27
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-content/cache/fvm/min/1652993086-csse4fc62df10e0eab8419c68deea7922c614466483a077098ed1e29b4e26d20.css

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.173.27 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

70e1167580f8ff73e8b5b68d837e09a675216ab29f0bc81931b1ca8c8b0a9a58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Thu, 19 May 2022 20:46:16 GMT
server: nginx
etag: W/"6286ac98-414f"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
date: Wed, 17 Aug 2022 04:02:39 GMT
x-ac: 1.hhn _atomic_ams
expires: Wed, 24 Aug 2022 04:02:39 GMT

GET
H2 200 1652993086-css23b10c7e6f7a47ea03ba6b43a637a787fd9949302ababed4d102392f6c82d.css
fraud.net/wp-content/cache/fvm/min/ 4 KB
945 B 125ms
122ms Stylesheet
text/css 199.16.173.27
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-content/cache/fvm/min/1652993086-css23b10c7e6f7a47ea03ba6b43a637a787fd9949302ababed4d102392f6c82d.css

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.173.27 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

3effa5429ad880eda7a2f410aabc03355ab50bda56390019c0e4577f1b5a00da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Thu, 19 May 2022 20:46:16 GMT
server: nginx
etag: W/"6286ac98-113c"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
date: Wed, 17 Aug 2022 04:02:39 GMT
x-ac: 1.hhn _atomic_ams
expires: Wed, 24 Aug 2022 04:02:39 GMT

GET
H2 200 1652993086-css3faec774ec9f2a220435dd94f8ca21dd95601cf3de8594af4a65c204e457d.css
fraud.net/wp-content/cache/fvm/min/ 492 KB
70 KB 149ms
146ms Stylesheet
text/css 199.16.173.27
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-content/cache/fvm/min/1652993086-css3faec774ec9f2a220435dd94f8ca21dd95601cf3de8594af4a65c204e457d.css

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.173.27 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

44d949ed99fb4895254e9b655291be8096ea66b282d5ab549062b908892f149a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Thu, 19 May 2022 20:46:18 GMT
server: nginx
etag: W/"6286ac9a-7aeba"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
date: Wed, 17 Aug 2022 04:02:39 GMT
x-ac: 1.hhn _atomic_ams
expires: Wed, 24 Aug 2022 04:02:39 GMT

GET
H2 200 1652993086-css3038bff3483d88b1e21cc21310a27b2153d5b8c53fedd9aeb7460d1fbd718.css
fraud.net/wp-content/cache/fvm/min/ 60 KB
12 KB 143ms
141ms Stylesheet
text/css 199.16.173.27
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-content/cache/fvm/min/1652993086-css3038bff3483d88b1e21cc21310a27b2153d5b8c53fedd9aeb7460d1fbd718.css

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.173.27 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

53980dec65aa0766875e758fdee2d1cacca5635158a40638afafde8bcb9c8e7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Thu, 19 May 2022 20:46:18 GMT
server: nginx
etag: W/"6286ac9a-f0cf"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
date: Wed, 17 Aug 2022 04:02:39 GMT
x-ac: 1.hhn _atomic_ams
expires: Wed, 24 Aug 2022 04:02:39 GMT

GET
H2 200 1652993086-css92059d3865e39cf335f76530b61fd438558e905633300c7187686d7981407.css
fraud.net/wp-content/cache/fvm/min/ 246 KB
24 KB 245ms
243ms Stylesheet
text/css 199.16.173.27
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-content/cache/fvm/min/1652993086-css92059d3865e39cf335f76530b61fd438558e905633300c7187686d7981407.css

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.173.27 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

e2a15aea407608171d7de61ae39a04e98e57280800688cc05b54c82006d8cdb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Thu, 19 May 2022 20:46:19 GMT
server: nginx
etag: W/"6286ac9b-3d991"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
date: Wed, 17 Aug 2022 04:02:39 GMT
x-ac: 1.hhn _atomic_ams
expires: Wed, 24 Aug 2022 04:02:39 GMT

GET
H2 200 1652993086-css9e78681b70099089665ad9bd57f6d63d65767f468a15cf1c7ee2ef0226f24.css
fraud.net/wp-content/cache/fvm/min/ 16 KB
5 KB 129ms
127ms Stylesheet
text/css 199.16.173.27
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-content/cache/fvm/min/1652993086-css9e78681b70099089665ad9bd57f6d63d65767f468a15cf1c7ee2ef0226f24.css

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.173.27 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

fec978c0a4d98ce499aec165c8b4f638938b75782fc62d7ae3edd6a53f208a1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Thu, 19 May 2022 20:46:19 GMT
server: nginx
etag: W/"6286ac9b-4102"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
date: Wed, 17 Aug 2022 04:02:39 GMT
x-ac: 1.hhn _atomic_ams
expires: Wed, 24 Aug 2022 04:02:39 GMT

GET
H2 200 jquery.min.js Show response
149360532.v2.pressablecdn.com/wp-includes/js/jquery/ 87 KB
31 KB 68ms
21ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 17 Aug 2022 04:02:39 GMT
content-encoding: br
last-modified: Wed, 10 Mar 2021 15:07:24 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-ac: 1.hhn _atomic_ams
strict-transport-security: max-age=15552000
link: <http://fraud.net/wp-includes/js/jquery/jquery.min.js>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery-migrate.min.js Show response
149360532.v2.pressablecdn.com/wp-includes/js/jquery/ 11 KB
4 KB 68ms
21ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 17 Aug 2022 04:02:39 GMT
content-encoding: br
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-ac: 1.hhn _atomic_ams
strict-transport-security: max-age=15552000
link: <http://fraud.net/wp-includes/js/jquery/jquery-migrate.min.js>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ai-uncode.min.js Show response
fraud.net/wp-content/themes/uncode/library/js/ 4 KB
1 KB 159ms
157ms Script
application/javascript 199.16.173.27
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-content/themes/uncode/library/js/ai-uncode.min.js

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.173.27 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

254eb6b34064b344d643ff7f75101721a3a536d9f77799558b160c2130f8e9a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Mon, 28 Mar 2022 09:12:47 GMT
server: nginx
etag: W/"62417c0f-e27"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
date: Wed, 17 Aug 2022 04:02:39 GMT
x-ac: 1.hhn _atomic_ams
expires: Wed, 24 Aug 2022 04:02:39 GMT

GET
H2 200 init.min.js Show response
149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/ 114 KB
25 KB 68ms
22ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/init.min.js

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

4e41610204ac609bd419f80a40413771b11df011863735a9bdd84f5d51c7c095

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 17 Aug 2022 04:02:39 GMT
content-encoding: br
last-modified: Mon, 28 Mar 2022 09:12:56 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
x-ac: 2.hhn _atomic_ams
strict-transport-security: max-age=15552000
link: <http://fraud.net/wp-content/themes/uncode-for-fraud/library/js/init.min.js>; rel="canonical"
expires: Wed, 24 Aug 2022 04:02:39 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 199 KB
72 KB 95ms
39ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WVZ4N9X

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

627518f1392c7e6896ea558f65692a231ba2514bc582906979bf92c3b6ac3842

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 04:02:40 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72936
x-xss-protection: 0
last-modified: Wed, 17 Aug 2022 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 17 Aug 2022 04:02:40 GMT

GET
H2 200 fnlogo-e1559250900846.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2018/09/ 5 KB
5 KB 51ms
43ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2018/09/fnlogo-e1559250900846.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

9a360fc3b255d7c649ffdd07ab330df23d0018ed8f71c4c619660f97bec81f0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 17 Aug 2022 04:02:40 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Thu, 26 Sep 2019 10:46:54 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2018/09/fnlogo-e1559250900846.png>; rel="canonical"
content-length: 4859
expires: Wed, 24 Aug 2022 04:02:40 GMT

GET
H2 200 fnlogo-white.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2018/09/ 2 KB
2 KB 66ms
58ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2018/09/fnlogo-white.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

e2310cdd13a9432e8234e690dd787286e1daf5603559a8d4eab22d38d4085899

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 17 Aug 2022 04:02:40 GMT
x-ac: 1.hhn _atomic_ams
last-modified: Thu, 26 Sep 2019 10:52:24 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2018/09/fnlogo-white.png>; rel="canonical"
content-length: 2249
expires: Wed, 24 Aug 2022 04:02:40 GMT

GET
H2 200 1280px-Gartner_logo.svg.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 3 KB
3 KB 66ms
59ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/1280px-Gartner_logo.svg.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

89192623f01907db9e2db2a307ae59c0dd5170e1cbbd1f7854e4b5485f24a530

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 17 Aug 2022 04:02:40 GMT
x-ac: 1.hhn _atomic_ams
last-modified: Fri, 03 Sep 2021 16:15:20 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/1280px-Gartner_logo.svg.png>; rel="canonical"
content-length: 2561
expires: Wed, 24 Aug 2022 04:02:40 GMT

GET
H2 200 Arvato_Logo_2016.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 4 KB
4 KB 66ms
59ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Arvato_Logo_2016.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

faaf63b94b9756fc1891adaddce76acddd0be07b78a00c03ac6c60d6a577a684

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 17 Aug 2022 04:02:40 GMT
x-ac: 1.hhn _atomic_ams
last-modified: Fri, 03 Sep 2021 16:15:22 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Arvato_Logo_2016.png>; rel="canonical"
content-length: 3779
expires: Wed, 24 Aug 2022 04:02:40 GMT

GET
H2 200 download-uai-258x74.jpeg
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 8 KB
8 KB 66ms
59ms Image
image/jpeg 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/download-uai-258x74.jpeg

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

654325663f600c925cd64f27cbd3b104bfbd7c731b0f11389d83a3bc1ba40cd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 17 Aug 2022 04:02:40 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Fri, 03 Dec 2021 13:09:11 GMT
server: nginx
strict-transport-security: max-age=15552000
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/download-uai-258x74.jpeg>; rel="canonical"
content-length: 8164
expires: Wed, 24 Aug 2022 04:02:40 GMT

GET
H2 200 icba-logo-blue-uai-258x116.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 7 KB
7 KB 67ms
59ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/icba-logo-blue-uai-258x116.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

44d5486ab2f70ac86114bbe3ba75cca3ec5b407845f08215e0f7c8bf0c75c7a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 17 Aug 2022 04:02:40 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Fri, 03 Dec 2021 13:09:11 GMT
server: nginx
strict-transport-security: max-age=15552000
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/icba-logo-blue-uai-258x116.png>; rel="canonical"
content-length: 7262
expires: Wed, 24 Aug 2022 04:02:40 GMT

GET
H2 200 1200px-AmazonWebservices_Logo.svg.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 4 KB
4 KB 67ms
60ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/1200px-AmazonWebservices_Logo.svg.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

4bffb0db717d36ea70b90a0d672647a3cc8797a93061be9b863d831fa93a9831

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 17 Aug 2022 04:02:40 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Fri, 03 Sep 2021 16:15:29 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/1200px-AmazonWebservices_Logo.svg.png>; rel="canonical"
content-length: 4152
expires: Wed, 24 Aug 2022 04:02:40 GMT

GET
H2 200 microsoft_PNG4.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 3 KB
3 KB 67ms
60ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/microsoft_PNG4.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

725a72e4c7e67bec83f0504963f37d2d0ca9bb7869b6da94749a812c04a23c42

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 17 Aug 2022 04:02:40 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Fri, 03 Sep 2021 16:15:26 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/microsoft_PNG4.png>; rel="canonical"
content-length: 2756
expires: Wed, 24 Aug 2022 04:02:40 GMT

GET
H2 200 mastercard_hrz_pos_300px_2x-e1634923002359-uai-258x47.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 4 KB
4 KB 67ms
60ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/mastercard_hrz_pos_300px_2x-e1634923002359-uai-258x47.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

4752d6ebb987080a0caca87a76e9e159836fc8b63214fa9bdb36a2c335c767c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 17 Aug 2022 04:02:40 GMT
x-ac: 1.hhn _atomic_ams
last-modified: Fri, 03 Dec 2021 13:09:11 GMT
server: nginx
strict-transport-security: max-age=15552000
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/mastercard_hrz_pos_300px_2x-e1634923002359-uai-258x47.png>; rel="canonical"
content-length: 4235
expires: Wed, 24 Aug 2022 04:02:40 GMT

GET
H/1.1 200
OK player.js Show response
player.vimeo.com/api/ 20 KB
7 KB 84ms
37ms Script
application/javascript 162.159.128.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/api/player.js

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.159.128.61 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

32c580e50f2df6739be4d12863694b740885c8aa6edbc80d87768f1af88f1005

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-varnish-cache: 1
Date: Wed, 17 Aug 2022 04:02:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
CF-Cache-Status: DYNAMIC
Age: 615
X-Cache: HIT
p3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
x-host: player-6bcfc944bc-7rlz6
Connection: keep-alive
x-vserver: playproxy-rollout-prod-varnish-0
Content-Length: 6136
x-xss-protection: 1; mode=block
X-Served-By: cache-fra19175-FRA
X-Player-Backend: p
Server: cloudflare
X-Timer: S1660708960.074722,VS0,VE0
x-backend-proxy: playproxy1
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript;charset=utf-8
via: 1.1 varnish, 1.1 varnish
expires: Wed, 17 Aug 2022 04:22:25 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-bapp-server: player-6bcfc944bc-7rlz6
content-security-policy: default-src 'none'; style-src 'unsafe-inline'
Accept-Ranges: bytes
CF-RAY: 73bf83f858be9a30-FRA
access-control-allow-origin: *
X-Cache-Hits: 218

GET
H2 200 Infographic_ApplicationAi.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 7 KB
7 KB 67ms
61ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Infographic_ApplicationAi.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

20428f93f2673efc5b14ddbb8488222dabf85da17bce338c6b791071f1cf597a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 17 Aug 2022 04:02:40 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Fri, 03 Sep 2021 16:15:05 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Infographic_ApplicationAi.png>; rel="canonical"
content-length: 6704
expires: Wed, 24 Aug 2022 04:02:40 GMT

GET
H2 200 Infographic_TransactionAi.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 8 KB
8 KB 67ms
61ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Infographic_TransactionAi.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

234d8bdcdbe8ad7ad55b9dc05062cbba29a8aad1cdae054ac36c77ac0ceca285

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 17 Aug 2022 04:02:40 GMT
x-ac: 1.hhn _atomic_ams
last-modified: Fri, 03 Sep 2021 16:14:54 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Infographic_TransactionAi.png>; rel="canonical"
content-length: 7756
expires: Wed, 24 Aug 2022 04:02:40 GMT

GET
H2 200 Infographic_LoginAi.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 7 KB
7 KB 67ms
61ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Infographic_LoginAi.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

e83dc119745c93e5eb29ffac21b9809af235d091f3d55f909d4e74758a0cd090

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 17 Aug 2022 04:02:40 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Fri, 03 Sep 2021 16:14:52 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Infographic_LoginAi.png>; rel="canonical"
content-length: 7114
expires: Wed, 24 Aug 2022 04:02:40 GMT

GET
H2 200 Infographic_AccountAi.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 7 KB
7 KB 67ms
61ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Infographic_AccountAi.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

b5aae3b92b530b0b751a307b0205461da8993bf520abf775b206004e9cd10108

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 17 Aug 2022 04:02:40 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Fri, 03 Sep 2021 16:14:49 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Infographic_AccountAi.png>; rel="canonical"
content-length: 7022
expires: Wed, 24 Aug 2022 04:02:40 GMT

GET
H2 200 Infographic_DeviceAi.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 7 KB
7 KB 67ms
61ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Infographic_DeviceAi.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

8024acec341dcc8141dd3175d206cbb1c81d8141254363751ad0ab5f91af3e12

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 17 Aug 2022 04:02:40 GMT
x-ac: 1.hhn _atomic_ams
last-modified: Fri, 03 Sep 2021 16:14:47 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Infographic_DeviceAi.png>; rel="canonical"
content-length: 6746
expires: Wed, 24 Aug 2022 04:02:40 GMT

GET
H2 200 Infographic_EmailAi.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 7 KB
7 KB 67ms
62ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Infographic_EmailAi.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

4b3b00234df4da1f9594dd6d05252c7529bfb37548078fc9ecf41c1811df3711

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 17 Aug 2022 04:02:40 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Fri, 03 Sep 2021 16:14:45 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Infographic_EmailAi.png>; rel="canonical"
content-length: 7027
expires: Wed, 24 Aug 2022 04:02:40 GMT

GET
H2 200 Computer-Appstore-e1628881087778-uai-258x160.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 20 KB
20 KB 68ms
62ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Computer-Appstore-e1628881087778-uai-258x160.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

e16e05db60d88b2b5e1866fddf94b16071ac8b61c5dd5028cf401d91f8d6f2c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 17 Aug 2022 04:02:40 GMT
x-ac: 1.hhn _atomic_ams
last-modified: Fri, 03 Dec 2021 13:09:12 GMT
server: nginx
strict-transport-security: max-age=15552000
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Computer-Appstore-e1628881087778-uai-258x160.png>; rel="canonical"
content-length: 20075
expires: Wed, 24 Aug 2022 04:02:40 GMT

GET
H2 200 internet-of-things.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 4 KB
4 KB 68ms
62ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/internet-of-things.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

f93c8551f65ba377f486fa012b49c4fdfbb3247cb0fa9aa1f7f084ea2cb36edf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 17 Aug 2022 04:02:40 GMT
x-ac: 1.hhn _atomic_ams
last-modified: Fri, 03 Sep 2021 16:15:52 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/internet-of-things.png>; rel="canonical"
content-length: 4067
expires: Wed, 24 Aug 2022 04:02:40 GMT

GET
H2 200 money-making.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 3 KB
4 KB 68ms
62ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/money-making.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

b0c5713b0404676e491cdfba01ffd6aaf0dce9227bde577b4178afde264c9841

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 17 Aug 2022 04:02:40 GMT
x-ac: 1.hhn _atomic_ams
last-modified: Fri, 03 Sep 2021 16:15:59 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/money-making.png>; rel="canonical"
content-length: 3493
expires: Wed, 24 Aug 2022 04:02:40 GMT

GET
H2 200 growth.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 2 KB
2 KB 68ms
63ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/growth.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

e3dcd1c22c0109630f06bb782eddd1db4910dbedc483193a7276dcd07e6d4651

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 17 Aug 2022 04:02:40 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Fri, 03 Sep 2021 16:16:01 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/growth.png>; rel="canonical"
content-length: 1789
expires: Wed, 24 Aug 2022 04:02:40 GMT

GET
H2 200 secure.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 3 KB
3 KB 68ms
63ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/secure.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

de599393ee2636d282e2724a638bd0bcb77bef4dad10207b5beb406df96e9847

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 17 Aug 2022 04:02:40 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Fri, 03 Sep 2021 16:16:05 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/secure.png>; rel="canonical"
content-length: 3029
expires: Wed, 24 Aug 2022 04:02:40 GMT

GET
H2 200 Group-370.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 385 B
520 B 68ms
63ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Group-370.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

af40864cb09a9463e558472afa4cb4d935d2bff2fad08e4db4cf33fcd5ccf9de

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 17 Aug 2022 04:02:40 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Mon, 13 Sep 2021 15:45:26 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Group-370.png>; rel="canonical"
content-length: 385
expires: Wed, 24 Aug 2022 04:02:40 GMT

GET
H2 200 featuredcustomers_logo_stars-e1646751392635.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2019/11/ 10 KB
10 KB 68ms
63ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2019/11/featuredcustomers_logo_stars-e1646751392635.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

fef32ae82d6491d9f226abb4babbc2e31abcff70ee4cb29ea2fbf91bd81ed402

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 17 Aug 2022 04:02:40 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Tue, 08 Mar 2022 14:56:32 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2019/11/featuredcustomers_logo_stars-e1646751392635.png>; rel="canonical"
content-length: 10025
expires: Wed, 24 Aug 2022 04:02:40 GMT

GET
H2 200 Juniper_award-uai-258x172.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2022/03/ 37 KB
38 KB 68ms
64ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2022/03/Juniper_award-uai-258x172.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

487edb5b8568e3b54881c2ba7f8b1295c78908f5c53dbe8ef8e6fc737f3e7ca4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 17 Aug 2022 04:02:40 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Mon, 07 Mar 2022 22:40:58 GMT
server: nginx
strict-transport-security: max-age=15552000
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2022/03/Juniper_award-uai-258x172.png>; rel="canonical"
content-length: 38348
expires: Wed, 24 Aug 2022 04:02:40 GMT

GET
H2 200 Group-448.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 3 KB
3 KB 68ms
64ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Group-448.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

41b1c7d6af05be020550025a5e45f94ea6f122654d5c783ce4abddbf66197776

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 17 Aug 2022 04:02:40 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Fri, 03 Sep 2021 16:13:52 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Group-448.png>; rel="canonical"
content-length: 3105
expires: Wed, 24 Aug 2022 04:02:40 GMT

GET
H2 200 Capterra_stars.jpg
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2019/11/ 9 KB
9 KB 68ms
64ms Image
image/jpeg 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2019/11/Capterra_stars.jpg

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

27bb1c46f69b49a4dceb4993432295bdea3769aae7a806b059add3b525def50d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 17 Aug 2022 04:02:40 GMT
x-ac: 1.hhn _atomic_ams
last-modified: Wed, 20 Nov 2019 21:35:31 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2019/11/Capterra_stars.jpg>; rel="canonical"
content-length: 9072
expires: Wed, 24 Aug 2022 04:02:40 GMT

GET
H2 200 MicrosoftTeams-image-e1646750843390-uai-258x122.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 17 KB
17 KB 68ms
64ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/MicrosoftTeams-image-e1646750843390-uai-258x122.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

97f5bc236e0957f97b1cd816c850e067d38d794990644cf0100be692fe47f276

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 17 Aug 2022 04:02:40 GMT
x-ac: 1.hhn _atomic_ams
last-modified: Tue, 08 Mar 2022 14:47:54 GMT
server: nginx
strict-transport-security: max-age=15552000
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/MicrosoftTeams-image-e1646750843390-uai-258x122.png>; rel="canonical"
content-length: 17007
expires: Wed, 24 Aug 2022 04:02:40 GMT

GET
H2 200 g2-new2.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2022/03/ 2 KB
3 KB 68ms
64ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2022/03/g2-new2.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

5d3a9547f3ac1a0f55d23965a04ce04c7abf2caa2cb7e0eb411002e672f1130b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 17 Aug 2022 04:02:40 GMT
x-ac: 1.hhn _atomic_ams
last-modified: Mon, 07 Mar 2022 23:10:02 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2022/03/g2-new2.png>; rel="canonical"
content-length: 2471
expires: Wed, 24 Aug 2022 04:02:40 GMT

GET
H2 200 accenture_new.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2022/03/ 3 KB
3 KB 68ms
64ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2022/03/accenture_new.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

d8e8e121a8ec7359a4284eca6a2f38e711d7c8792436cc0da4dd30275cec0a6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 17 Aug 2022 04:02:40 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Tue, 08 Mar 2022 14:46:15 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2022/03/accenture_new.png>; rel="canonical"
content-length: 3109
expires: Wed, 24 Aug 2022 04:02:40 GMT

GET
H2 200 v2.js Show response
js.hsforms.net/forms/ 585 KB
147 KB 87ms
40ms Script
application/javascript 2606:4700::6811:b949
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/v2.js

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b949 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f26b5633d0577a58588a9c912e7a04badd4df1667411df0266516dedb2a3b7e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 04:02:40 GMT
via: 1.1 979084a90b32fe3f5fdc377fb6e67b76.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 322
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cache-tag: staticjsapp-FormsNext-web-prod,staticjsapp-prod
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 26 Jul 2022 10:57:52 UTC
server: cloudflare
etag: W/"8cfc2a51250daf33edd2e1dda3f1654b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LlpaOQjtdbfDiX5P1GpE8YLxZltVOXMvMT654T4ndMTXs%2Bc2twgDvFiBEBisBRIhFbunbyfyaI9czEurMZIv7IIl4jNyiZHCBPbrbqSnq4cRLjC4E044pWGtUycR1R78NPqgix5NVQBgoHIN"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: elWqSweed2C2dWtDipd3d9hhUaqI4uV.
access-control-allow-origin: *
cache-control: s-maxage=600, max-age=0
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-P1
cf-ray: 73bf83f8eebc5c9e-FRA
x-amz-cf-id: zpZCkeP_rlA2OZ43ILNke6YIlvmYp5gd6AQvFJ_-JkT1c6whRl_cCg==
x-hs-target-asset: FormsNext/static-5.519/bundles/project_with_deps.js

GET
H2 200 tooltipster.bundle.min.js Show response
149360532.v2.pressablecdn.com/wp-content/plugins/encyclopedia-pro/assets/js/ 39 KB
11 KB 23ms
21ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/plugins/encyclopedia-pro/assets/js/tooltipster.bundle.min.js?ver=4.2.6

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

8250a1bc2682e8826ae3d7647ee94059def19643f0034144c9d8e18cf0629ed0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 17 Aug 2022 04:02:40 GMT
content-encoding: br
last-modified: Mon, 09 Mar 2020 08:30:56 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-ac: 2.hhn _atomic_ams
strict-transport-security: max-age=15552000
link: <http://fraud.net/wp-content/plugins/encyclopedia-pro/assets/js/tooltipster.bundle.min.js>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 tooltips.js Show response
149360532.v2.pressablecdn.com/wp-content/plugins/encyclopedia-pro/assets/js/ 1 KB
763 B 30ms
21ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/plugins/encyclopedia-pro/assets/js/tooltips.js

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

7a5b0199c6fb4de2cc1f6f1b1e69ed74fd456472c187b18e88804bae3f82dfc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 17 Aug 2022 04:02:40 GMT
content-encoding: br
last-modified: Mon, 09 Mar 2020 08:30:56 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
x-ac: 2.hhn _atomic_ams
strict-transport-security: max-age=15552000
link: <http://fraud.net/wp-content/plugins/encyclopedia-pro/assets/js/tooltips.js>; rel="canonical"
expires: Wed, 24 Aug 2022 04:02:40 GMT

GET
H2 200 js-cookie.min.js Show response
149360532.v2.pressablecdn.com/wp-content/plugins/uncode-privacy/assets/js/ 3 KB
1 KB 30ms
22ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/plugins/uncode-privacy/assets/js/js-cookie.min.js?ver=2.2.0

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

1b63af7a02c46c6968431dcba892f98a347ad60453f3a6eb801528a1adaf32e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 17 Aug 2022 04:02:40 GMT
content-encoding: br
last-modified: Mon, 20 Dec 2021 14:32:06 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-ac: 2.hhn _atomic_ams
strict-transport-security: max-age=15552000
link: <http://fraud.net/wp-content/plugins/uncode-privacy/assets/js/js-cookie.min.js>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 uncode-privacy-public.min.js Show response
149360532.v2.pressablecdn.com/wp-content/plugins/uncode-privacy/assets/js/ 4 KB
1 KB 30ms
22ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/plugins/uncode-privacy/assets/js/uncode-privacy-public.min.js?ver=2.2.1

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

3ecaf7a3e204b75b122c215abe539ee5e93a5e25fff818a5916760d6f03ea824

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 17 Aug 2022 04:02:40 GMT
content-encoding: br
last-modified: Mon, 20 Dec 2021 14:32:06 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-ac: 2.hhn _atomic_ams
strict-transport-security: max-age=15552000
link: <http://fraud.net/wp-content/plugins/uncode-privacy/assets/js/uncode-privacy-public.min.js>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 mediaelement-and-player.min.js Show response
149360532.v2.pressablecdn.com/wp-includes/js/mediaelement/ 154 KB
38 KB 31ms
22ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.16

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

443ba0af7a7ed827223c7fb3c008c02b9ff1d651b6492e9c270378b07d9f6008

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 17 Aug 2022 04:02:40 GMT
content-encoding: br
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-ac: 1.hhn _atomic_ams
strict-transport-security: max-age=15552000
link: <http://fraud.net/wp-includes/js/mediaelement/mediaelement-and-player.min.js>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 mediaelement-migrate.min.js Show response
149360532.v2.pressablecdn.com/wp-includes/js/mediaelement/ 1 KB
646 B 31ms
22ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=ed8084b5c2480ca4d2847bf27aacb4f7

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

6d161e98e47ae150b51211443eef37040fb6269dcf85ad2048548066dca99e6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 17 Aug 2022 04:02:40 GMT
content-encoding: br
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-ac: 1.hhn _atomic_ams
strict-transport-security: max-age=15552000
link: <http://fraud.net/wp-includes/js/mediaelement/mediaelement-migrate.min.js>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wp-mediaelement.min.js Show response
149360532.v2.pressablecdn.com/wp-includes/js/mediaelement/ 906 B
568 B 31ms
22ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=ed8084b5c2480ca4d2847bf27aacb4f7

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

3e6131330963c472b950b8aaf544ba3829735b8ccb103d614ba7793e3a786550

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 17 Aug 2022 04:02:40 GMT
content-encoding: br
last-modified: Wed, 20 Jan 2021 13:35:18 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-ac: 1.hhn _atomic_ams
strict-transport-security: max-age=15552000
link: <http://fraud.net/wp-includes/js/mediaelement/wp-mediaelement.min.js>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 plugins.min.js Show response
149360532.v2.pressablecdn.com/wp-content/themes/uncode/library/js/ 578 KB
160 KB 31ms
23ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/themes/uncode/library/js/plugins.min.js

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

26bb3223df27d9b62025f9e527d9e348f73e77432560c04a1bfc45d449b61c4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 17 Aug 2022 04:02:40 GMT
content-encoding: br
last-modified: Mon, 28 Mar 2022 09:12:47 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
x-ac: 2.hhn _atomic_ams
strict-transport-security: max-age=15552000
link: <http://fraud.net/wp-content/themes/uncode/library/js/plugins.min.js>; rel="canonical"
expires: Wed, 24 Aug 2022 04:02:40 GMT

GET
H2 200 app.min.js Show response
149360532.v2.pressablecdn.com/wp-content/themes/uncode/library/js/ 178 KB
40 KB 31ms
23ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/themes/uncode/library/js/app.min.js

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

b33deed37e74f16cf17b9164d63a89f7966b78e3ed76b2fdcf0248eb60f0b858

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 17 Aug 2022 04:02:40 GMT
content-encoding: br
last-modified: Mon, 28 Mar 2022 09:12:47 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
x-ac: 1.hhn _atomic_ams
strict-transport-security: max-age=15552000
link: <http://fraud.net/wp-content/themes/uncode/library/js/app.min.js>; rel="canonical"
expires: Wed, 24 Aug 2022 04:02:40 GMT

GET
H2 200 main.js Show response
149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/static/ 1 KB
605 B 31ms
23ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/static/main.js?ver=1.17.0

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

afb60239152b2ab1e5d44c2376662da21a98e3fe19cebdb891660bfa23bb3d4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 17 Aug 2022 04:02:40 GMT
content-encoding: br
last-modified: Mon, 28 Mar 2022 09:12:56 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-ac: 1.hhn _atomic_ams
strict-transport-security: max-age=15552000
link: <http://fraud.net/wp-content/themes/uncode-for-fraud/static/main.js>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1y4k.woff
fonts.gstatic.com/s/opensans/v29/ 69 KB
70 KB 101ms
18ms Font
font/woff 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1y4k.woff

Requested by

Host: fraud.net
URL: https://fraud.net/wp-content/cache/fvm/min/1652993086-css8c72dae05514e89988af6d08b5f840e573a18d8f01c21b798c83084958180.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dfa7e58767024c50ef0fa632e01eba77015cbd603b0692ab483e8270c37b7745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fraud.net/
Origin: https://fraud.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 21:08:24 GMT
x-content-type-options: nosniff
age: 111256
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70716
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Aug 2023 21:08:24 GMT

GET
H2 200 uncode-icons.woff
149360532.v2.pressablecdn.com/wp-content/themes/uncode/library/fonts/ 373 KB
374 KB 70ms
24ms Font
application/font-woff 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/themes/uncode/library/fonts/uncode-icons.woff

Requested by

Host: fraud.net
URL: https://fraud.net/wp-content/cache/fvm/min/1652993086-css3038bff3483d88b1e21cc21310a27b2153d5b8c53fedd9aeb7460d1fbd718.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

59b76a96d782cd0b78b23230e7c44d1773aa8166e3985c96affec9026437aec9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://fraud.net/
Origin: https://fraud.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 17 Aug 2022 04:02:40 GMT
x-ac: 1.hhn _atomic_ams
last-modified: Mon, 28 Mar 2022 09:12:47 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/themes/uncode/library/fonts/uncode-icons.woff>; rel="canonical"
content-length: 382184
expires: Wed, 24 Aug 2022 04:02:40 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0C4k.woff
fonts.gstatic.com/s/opensans/v29/ 69 KB
69 KB 142ms
71ms Font
font/woff 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0C4k.woff

Requested by

Host: fraud.net
URL: https://fraud.net/wp-content/cache/fvm/min/1652993086-css8c72dae05514e89988af6d08b5f840e573a18d8f01c21b798c83084958180.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82a8e0e7680644103491c61687d900ccef00ffe78e3a29d9464ae7424069537b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fraud.net/
Origin: https://fraud.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 17:06:05 GMT
x-content-type-options: nosniff
age: 125795
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70856
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Aug 2023 17:06:05 GMT

POST
H2 200 admin-ajax.php Show response
fraud.net/wp-admin/ 280 B
243 B 5946ms
5946ms XHR
application/json 199.16.173.27
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-admin/admin-ajax.php

Requested by

Host: 149360532.v2.pressablecdn.com
URL: https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/init.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.173.27 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

8f770ca748fdcecde5049fa6b6780bd8092ce089172d17e5e415349f01c237b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fraud.net/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
x-content-type-options: nosniff
host-header: Pressable
referrer-policy: strict-origin-when-cross-origin
server: nginx
x-frame-options: SAMEORIGIN
date: Wed, 17 Aug 2022 04:02:42 GMT
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://fraud.net
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-ac: 1.hhn _atomic_ams
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 MicrosoftTeams-image-2-2-uai-258x110.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 32 KB
32 KB 34ms
31ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/MicrosoftTeams-image-2-2-uai-258x110.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

465726c1fc7cd0e6ff5a19fdf03a20d95e13f8e5c255c157df0428e3370cfd99

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 17 Aug 2022 04:02:40 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Fri, 03 Dec 2021 13:09:11 GMT
server: nginx
strict-transport-security: max-age=15552000
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/MicrosoftTeams-image-2-2-uai-258x110.png>; rel="canonical"
content-length: 32700
expires: Wed, 24 Aug 2022 04:02:40 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0C4k.woff
fonts.gstatic.com/s/opensans/v29/ 69 KB
69 KB 75ms
40ms Font
font/woff 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0C4k.woff

Requested by

Host: fraud.net
URL: https://fraud.net/wp-content/cache/fvm/min/1652993086-css8c72dae05514e89988af6d08b5f840e573a18d8f01c21b798c83084958180.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c6cd85ee4d226f9ccf8d165ec9d44bbed7b3872a007c95567639345f0d511dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fraud.net/
Origin: https://fraud.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:41:37 GMT
x-content-type-options: nosniff
age: 127263
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70572
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Aug 2023 16:41:37 GMT

POST
H2 200 admin-ajax.php Show response
fraud.net/wp-admin/ 2 KB
491 B 1749ms
1748ms XHR
application/json 199.16.173.27
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-admin/admin-ajax.php

Requested by

Host: 149360532.v2.pressablecdn.com
URL: https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/init.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.173.27 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

8e80d936b0262843af36ac6addc5e4177c009d7df8f2c2346572f56c9b448475

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fraud.net/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
x-content-type-options: nosniff
host-header: Pressable
referrer-policy: strict-origin-when-cross-origin
server: nginx
x-frame-options: SAMEORIGIN
date: Wed, 17 Aug 2022 04:02:42 GMT
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://fraud.net
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-ac: 1.hhn _atomic_ams
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1y4k.woff
fonts.gstatic.com/s/opensans/v29/ 67 KB
67 KB 21ms
20ms Font
font/woff 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1y4k.woff

Requested by

Host: fraud.net
URL: https://fraud.net/wp-content/cache/fvm/min/1652993086-css8c72dae05514e89988af6d08b5f840e573a18d8f01c21b798c83084958180.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca8f4dbd438e1cd09c1cc3566b135ec77fc1a553c180057e5e71b832c50cb036

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fraud.net/
Origin: https://fraud.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 14:21:14 GMT
x-content-type-options: nosniff
age: 135686
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68728
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Aug 2023 14:21:14 GMT

POST
H2 200 admin-ajax.php Show response
fraud.net/wp-admin/ 266 B
233 B 5843ms
5841ms XHR
application/json 199.16.173.27
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-admin/admin-ajax.php

Requested by

Host: 149360532.v2.pressablecdn.com
URL: https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/init.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.173.27 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

7d2a4231aa46e69d74fb35ee1728effcc4cbaf4e033b266c5762a73c4dc1636b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fraud.net/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
x-content-type-options: nosniff
host-header: Pressable
referrer-policy: strict-origin-when-cross-origin
server: nginx
x-frame-options: SAMEORIGIN
date: Wed, 17 Aug 2022 04:02:42 GMT
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://fraud.net
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-ac: 1.hhn _atomic_ams
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 Group-2851-uai-258x81.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 14 KB
14 KB 22ms
21ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Group-2851-uai-258x81.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

8ec10bed3af6096be5743e3e5dce99ea22832a46b86f13e19e68966a52fe63b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 17 Aug 2022 04:02:40 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Fri, 03 Dec 2021 13:09:11 GMT
server: nginx
strict-transport-security: max-age=15552000
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Group-2851-uai-258x81.png>; rel="canonical"
content-length: 14086
expires: Wed, 24 Aug 2022 04:02:40 GMT

GET
H/1.1 200
OK 235637953 Show response
player.vimeo.com/video/ Frame 2A2F 16 KB
9 KB 144ms
144ms Document
text/html 162.159.128.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/video/235637953?

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.159.128.61 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ea5240acc94d894c39db98a912bb6e5d95f74e455d2c5331b03de28368a4696

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://.ci.vimeows.com https://csi.gstatic.com https://fresnel-player-staging.vimeows.com https://fresnel-event-staging.vimeows.com https://player-telemetry.vimeo.com https://.akamaized.net https://.akamaized-staging.net https://.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com https://.wirewax.com https://.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; media-src 'self' blob: https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net https://.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://devcaptions.cloud.vimeo.com/; object-src 'self' https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net; default-src 'none'; font-src https://edge-assets.wirewax.com https://player.vimeo.com https://fonts.gstatic.com; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com https://f.vimeocdn.com; frame-src 'self' https://*
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fraud.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Age: 0
CF-Cache-Status: DYNAMIC
CF-RAY: 73bf83fa1a349a30-FRA
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Wed, 17 Aug 2022 04:02:40 GMT
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Cache: MISS
X-Cache-Hits: 0
X-Player-Backend: p
X-Served-By: cache-fra19175-FRA
X-Timer: S1660708960.347332,VS0,VE110
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-security-policy: script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel-player-staging.vimeows.com https://fresnel-event-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://*.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://devcaptions.cloud.vimeo.com/; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; font-src https://edge-assets.wirewax.com https://player.vimeo.com https://fonts.gstatic.com; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com https://f.vimeocdn.com; frame-src 'self' https://*
expires: Wed, 17 Aug 2022 04:11:38 GMT
link: <https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin
p3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
x-backend-proxy: playproxy6
x-bapp-server: player-6bcfc944bc-9bw7z
x-content-type-options: nosniff
x-host: player-6bcfc944bc-9bw7z
x-varnish-cache: 1
x-vserver: playproxy-rollout-prod-varnish-5
x-xss-protection: 1; mode=block

POST
H2 200 admin-ajax.php Show response
fraud.net/wp-admin/ 1 KB
541 B 1160ms
1159ms XHR
application/json 199.16.173.27
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-admin/admin-ajax.php

Requested by

Host: 149360532.v2.pressablecdn.com
URL: https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/init.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.173.27 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

013146e63780a2ffbb256ddbd12639cbec6e681521c7ff9a8648aef2e240be2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fraud.net/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
x-content-type-options: nosniff
host-header: Pressable
referrer-policy: strict-origin-when-cross-origin
server: nginx
x-frame-options: SAMEORIGIN
date: Wed, 17 Aug 2022 04:02:41 GMT
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://fraud.net
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-ac: 1.hhn _atomic_ams
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT

POST
H2 200 admin-ajax.php Show response
fraud.net/wp-admin/ 266 B
231 B 5692ms
5691ms XHR
application/json 199.16.173.27
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-admin/admin-ajax.php

Requested by

Host: 149360532.v2.pressablecdn.com
URL: https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/init.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.173.27 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

48bc6b1a087c19973fa3e8cdc562aa528f36d19b0cc463c0dfb3d248dc3ee39a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fraud.net/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
x-content-type-options: nosniff
host-header: Pressable
referrer-policy: strict-origin-when-cross-origin
server: nginx
x-frame-options: SAMEORIGIN
date: Wed, 17 Aug 2022 04:02:42 GMT
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://fraud.net
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-ac: 1.hhn _atomic_ams
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 Group-2859-uai-258x34.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 5 KB
5 KB 21ms
21ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Group-2859-uai-258x34.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

cdbf143856a375cc4f975c8cd17edc52f04ebf0952d96944bf027290fe9ad28e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 17 Aug 2022 04:02:40 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Fri, 03 Dec 2021 13:09:11 GMT
server: nginx
strict-transport-security: max-age=15552000
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Group-2859-uai-258x34.png>; rel="canonical"
content-length: 5270
expires: Wed, 24 Aug 2022 04:02:40 GMT

GET
H2 200 Group-2858-uai-258x306.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 139 KB
139 KB 22ms
21ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Group-2858-uai-258x306.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

53327d1c55cd5f6aec4c686f3ba84c17c8fdcea1d62760bb61f3d45ef504566d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 17 Aug 2022 04:02:40 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Fri, 03 Dec 2021 13:09:11 GMT
server: nginx
strict-transport-security: max-age=15552000
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Group-2858-uai-258x306.png>; rel="canonical"
content-length: 142152
expires: Wed, 24 Aug 2022 04:02:40 GMT

POST
H2 200 admin-ajax.php Show response
fraud.net/wp-admin/ 265 B
238 B 1382ms
1381ms XHR
application/json 199.16.173.27
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-admin/admin-ajax.php

Requested by

Host: 149360532.v2.pressablecdn.com
URL: https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/init.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.173.27 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

08b9991355a59cbe731df122dbfc797164225298732e7e134da537f66f59ce21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fraud.net/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
x-content-type-options: nosniff
host-header: Pressable
referrer-policy: strict-origin-when-cross-origin
server: nginx
x-frame-options: SAMEORIGIN
date: Wed, 17 Aug 2022 04:02:41 GMT
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://fraud.net
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-ac: 1.hhn _atomic_ams
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT

POST
H2 200 admin-ajax.php Show response
fraud.net/wp-admin/ 296 B
261 B 5646ms
5645ms XHR
application/json 199.16.173.27
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-admin/admin-ajax.php

Requested by

Host: 149360532.v2.pressablecdn.com
URL: https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/init.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.173.27 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

395e0d795b0d7029e3d9826fc8405711b67e1beccbc565798a717bd36d958279

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fraud.net/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
x-content-type-options: nosniff
host-header: Pressable
referrer-policy: strict-origin-when-cross-origin
server: nginx
x-frame-options: SAMEORIGIN
date: Wed, 17 Aug 2022 04:02:42 GMT
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://fraud.net
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-ac: 1.hhn _atomic_ams
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 optimize.js Show response
www.google-analytics.com/gtm/ 120 KB
45 KB 100ms
37ms Script
application/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/optimize.js?id=GTM-PGJR3MN

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVZ4N9X

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

11c85464e36a5a50ebea49c7f504ac09ff34c0aadfd64651cd38969b243be86e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 04:02:40 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45467
x-xss-protection: 0
expires: Wed, 17 Aug 2022 04:02:40 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 40 KB
16 KB 112ms
46ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVZ4N9X

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

ffb169c682184887e61fbb92375424273436b8638ffb1b98779b24842a72cdbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 04:02:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15380
x-xss-protection: 0
server: cafe
etag: 14955335288317425560
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 17 Aug 2022 04:02:40 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 92ms
29ms Script
application/x-javascript 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVZ4N9X
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 04:02:40 GMT
content-encoding: gzip
last-modified: Fri, 12 Aug 2022 20:23:36 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=24890
accept-ranges: bytes
content-length: 3063

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 106ms
50ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVZ4N9X

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7C17FAAF9ECF47DCA71FE0BD6624D9B3 Ref B: FRAEDGE1515 Ref C: 2022-08-17T04:02:40Z
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Wed, 17 Aug 2022 04:02:39 GMT
accept-ranges: bytes
content-length: 11367

GET
H2 200 hotjar-2001329.js Show response
static.hotjar.com/c/ 7 KB
3 KB 87ms
33ms Script
application/javascript 13.225.78.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2001329.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVZ4N9X

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.14 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-14.fra2.r.cloudfront.net

Software

Resource Hash

2989d2b31a33f5d290eea039934266f9608d4de8badef286e6c83e824613c341

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 04:02:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains
access-control-allow-origin: *
x-cache-hit: 1
etag: W/84782a4e70a81c0e729dd763fd1d4ec9
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 ec9e3bc729d9c6d55ed32446408ad62e.cloudfront.net (CloudFront)
cache-control: max-age=60
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: UDWtBFHpkafMCnSESjgr2PMZ0Kmyn2CO_7A6H_03ohdyk2VtIS63rQ==

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 52 KB
17 KB 73ms
21ms Script
application/javascript 2600:9000:225e:e200:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVZ4N9X
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:e200:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9db9265f8119cc29e3011eb69fb5d9bfb6b2b715890351480ac0904059af7f02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

X-Amz-Version-Id: iORgrk9LTMl3w05sDnO.StPor_BzcIZl
Content-Encoding: gzip
Etag: W/"d570d2e0cc47679b5bf3a6f9ff5b9e5b"
Age: 23198
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Access-Control-Max-Age: 600
Connection: keep-alive
Via: 1.1 5b21c56dde1a436b4b6766d2406627d2.cloudfront.net (CloudFront)
Last-Modified: Thu, 04 Aug 2022 16:07:19 GMT
Server: AmazonS3
Date: Tue, 16 Aug 2022 23:29:14 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA60-P4
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: FDugW6wr4CGZx4E7ucpegc8C1Nqxk6UVcBPOYtkqxDLc9PrESbhPQQ==

GET
H2 200 2113031.js Show response
js.hs-scripts.com/ 2 KB
1003 B 210ms
153ms Script
application/javascript 2606:4700::6811:d5cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/2113031.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVZ4N9X
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:d5cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4096271ec3d77e483fe55f2b473f7c37f849c2701c45f4d83685a5ef66c0f95

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 04:02:40 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: EXPIRED
x-hubspot-correlation-id: d0eb11af-ad61-4ebe-970b-2791244554d7
last-modified: Tue, 16 Aug 2022 23:06:21 GMT
server: cloudflare
x-trace: 2B41370ED6716988E60B7893673361F00A5B4ED535000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://fraud.net
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 73bf83fb9b899b94-FRA
expires: Wed, 17 Aug 2022 04:03:40 GMT

GET
H2 200 analytics.js Show response
media.fraud.net/shield/js/v1/ 98 KB
30 KB 85ms
33ms Script
application/javascript 18.66.112.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.fraud.net/shield/js/v1/analytics.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVZ4N9X
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-78.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0f47efcf7e21734e231f323a3d1ecf00c24dee2268687a589042d8de82500dda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 04:02:05 GMT
content-encoding: gzip
last-modified: Thu, 28 Feb 2019 18:42:24 GMT
server: AmazonS3
age: 165
etag: "7479109d61e7cc42fa7496c3a2a11d5e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
cache-control: max-age=300, no-transform, public
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 30572
x-amz-cf-id: ORHFcGuI_Zv3q8ZetmwotRXTxQe1q-y2g7v1WCBhi9FFC_-SXyyOpg==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 100 KB
27 KB 86ms
31ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4ff1b9b91db584b19d20b4d02af9ff7673add161ce3f9ceae9391b3a84fddab1

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26515
x-xss-protection: 0
pragma: public
x-fb-debug: SuJvRC3YuG7u8JpBmcXkrEVe6jKB6jQph2kMdy6VoAKSa8BtkudNL2JJfyOlqsTbBPdjF9XaN3sHx4vgG6pFgQ==
x-fb-trip-id: 2050670934
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 17 Aug 2022 04:02:40 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 60e76b46e4c4e9001293ca88 Show response
ws.zoominfo.com/pixel/ 3 KB
2 KB 218ms
163ms Script
text/javascript 2606:4700::6810:a852
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/60e76b46e4c4e9001293ca88

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a852 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

d9a6f4a28cec3f1b3fe558597c156631fcb53a724367400d84b856347cf2fd0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 04:02:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 73bf83fb9f669256-FRA
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type
via: 1.1 google

POST
H2 200 admin-ajax.php Show response
fraud.net/wp-admin/ 266 B
231 B 1235ms
1235ms XHR
application/json 199.16.173.27
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-admin/admin-ajax.php

Requested by

Host: 149360532.v2.pressablecdn.com
URL: https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/init.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.173.27 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

def51ec9325e5b277921ce5e60f749a2efa12430fa2b8213e0c86d995e7083f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fraud.net/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
x-content-type-options: nosniff
host-header: Pressable
referrer-policy: strict-origin-when-cross-origin
server: nginx
x-frame-options: SAMEORIGIN
date: Wed, 17 Aug 2022 04:02:41 GMT
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://fraud.net
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-ac: 1.hhn _atomic_ams
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT

POST
H2 200 admin-ajax.php Show response
fraud.net/wp-admin/ 266 B
232 B 1478ms
1477ms XHR
application/json 199.16.173.27
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-admin/admin-ajax.php

Requested by

Host: 149360532.v2.pressablecdn.com
URL: https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/init.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.173.27 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

311155848f139434f381609d16d22263ee87846711e3d1969df1b28efc2918af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fraud.net/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
x-content-type-options: nosniff
host-header: Pressable
referrer-policy: strict-origin-when-cross-origin
server: nginx
x-frame-options: SAMEORIGIN
date: Wed, 17 Aug 2022 04:02:41 GMT
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://fraud.net
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-ac: 1.hhn _atomic_ams
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4f3d35c6c4f11dcb2d162feb950a605448fa97de5c9b8d58109ef52eb167d566

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Group-2854-uai-258x74.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 21 KB
21 KB 22ms
22ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Group-2854-uai-258x74.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

97894d5d517bdace45e5737e6288178fe70c289d2b8e326ac82f3fa88ec92c58

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 17 Aug 2022 04:02:40 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Fri, 03 Dec 2021 13:09:12 GMT
server: nginx
strict-transport-security: max-age=15552000
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Group-2854-uai-258x74.png>; rel="canonical"
content-length: 21518
expires: Wed, 24 Aug 2022 04:02:40 GMT

POST
H2 200 admin-ajax.php Show response
fraud.net/wp-admin/ 2 KB
487 B 1330ms
1330ms XHR
application/json 199.16.173.27
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-admin/admin-ajax.php

Requested by

Host: 149360532.v2.pressablecdn.com
URL: https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/init.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.173.27 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

ae0adb5e613ce8d3ee0b6ae2d50da24580f937cbfffa008ecf48ca7341e6f01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fraud.net/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
x-content-type-options: nosniff
host-header: Pressable
referrer-policy: strict-origin-when-cross-origin
server: nginx
x-frame-options: SAMEORIGIN
date: Wed, 17 Aug 2022 04:02:41 GMT
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://fraud.net
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-ac: 1.hhn _atomic_ams
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 Group-2851@2x-uai-258x81.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 14 KB
14 KB 29ms
26ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Group-2851@2x-uai-258x81.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

d23369096b16514e42ec85aa9495bebeed9569aee7d01e2feb52c2fff4e626b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 17 Aug 2022 04:02:40 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Fri, 03 Dec 2021 13:09:12 GMT
server: nginx
strict-transport-security: max-age=15552000
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Group-2851@2x-uai-258x81.png>; rel="canonical"
content-length: 14643
expires: Wed, 24 Aug 2022 04:02:40 GMT

POST
H2 200 admin-ajax.php Show response
fraud.net/wp-admin/ 282 B
244 B 5565ms
5563ms XHR
application/json 199.16.173.27
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-admin/admin-ajax.php

Requested by

Host: 149360532.v2.pressablecdn.com
URL: https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/init.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.173.27 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

b056c4c9b626bc8df12280aa2126c54cb0c7c28938132848d462f7644375e478

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fraud.net/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
x-content-type-options: nosniff
host-header: Pressable
referrer-policy: strict-origin-when-cross-origin
server: nginx
x-frame-options: SAMEORIGIN
date: Wed, 17 Aug 2022 04:02:42 GMT
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://fraud.net
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-ac: 1.hhn _atomic_ams
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 fraud-dot-net-background-dots-bottom-sm-uai-258x194.jpg
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2018/10/ 7 KB
7 KB 25ms
25ms Image
image/jpeg 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2018/10/fraud-dot-net-background-dots-bottom-sm-uai-258x194.jpg

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

be5349d4081fecf915783ec56264da71a51dc0e8171fd4556d1c7ea43ba1ba30

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 17 Aug 2022 04:02:40 GMT
x-ac: 1.hhn _atomic_ams
last-modified: Fri, 03 Dec 2021 13:08:55 GMT
server: nginx
strict-transport-security: max-age=15552000
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2018/10/fraud-dot-net-background-dots-bottom-sm-uai-258x194.jpg>; rel="canonical"
content-length: 7103
expires: Wed, 24 Aug 2022 04:02:40 GMT

GET
H2 200 761269575-6c5f8c54d48457c4a582eb93d22363f05ec10d47e9829dffd8598b02a20ddb61-d.jpg
i.vimeocdn.com/video/ Frame 2A2F 2 KB
2 KB 109ms
33ms Image
image/jpeg 199.232.18.109
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/761269575-6c5f8c54d48457c4a582eb93d22363f05ec10d47e9829dffd8598b02a20ddb61-d.jpg?mw=80&q=85
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/235637953?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.18.109 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 71e71947e14e056db8dfe955894ca7ae88b0dbe55dad48c6b9270de946b2ecb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 04:02:40 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 1271311
x-viewmaster-lossless-format: lossy
x-cache: miss, HIT, HIT
x-backend-server: varnish
content-length: 1659
viewmaster-server: viewmaster-us-central1-x3pt
x-served-by: cache-dfw-kdfw8210033-DFW, cache-vie6346-VIE
x-timer: S1660708961.674663,VS0,VE0
etag: 81c15d4e4ece4e5dff2ba9c297822654
access-control-max-age: 86400
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 player.de-DE.js Show response
f.vimeocdn.com/p/4.9.1/js/ Frame 2A2F 883 KB
208 KB 120ms
49ms Script
application/javascript 199.232.18.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/4.9.1/js/player.de-DE.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/235637953?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.18.109 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 501ab143a27f4ed4f4643992ba3bc5bd7195ee2a924bd535dcf3955d8a3b01b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 04:02:40 GMT
via: 1.1 varnish, 1.1 varnish
age: 128281
x-served-by: cache-iad-kiad7000083-IAD, cache-vie6360-VIE
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: application/javascript
content-encoding: br
cache-control: max-age=1209600
accept-ranges: bytes
x-timer: S1660708961.681740,VS0,VE0
content-length: 212284
x-cache-hits: 1, 18

GET
H2 200 player.css
f.vimeocdn.com/p/4.9.1/css/ Frame 2A2F 184 KB
19 KB 121ms
49ms Stylesheet
text/css 199.232.18.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/4.9.1/css/player.css
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/235637953?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.18.109 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 14f0ea3269a0f3c1d42320426a7bd85b4b75e33424519be14cc2f91588a1456e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 04:02:40 GMT
via: 1.1 varnish, 1.1 varnish
age: 128282
x-served-by: cache-iad-kjyo7100074-IAD, cache-vie6360-VIE
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: text/css
access-control-allow-origin: *
content-encoding: br
cache-control: max-age=1209600
accept-ranges: bytes
x-timer: S1660708961.681662,VS0,VE0
content-length: 19393
x-cache-hits: 1, 28870

GET
H2 200 vuid.min.js Show response
f.vimeocdn.com/js_opt/modules/utils/ Frame 2A2F 2 KB
1 KB 106ms
35ms Script
application/javascript 199.232.18.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/235637953?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.18.109 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c051b8b5eb2a0aef699780f15a449491868faa6f8b39b684b5ae8f64f345b94a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 04:02:40 GMT
via: 1.1 varnish, 1.1 varnish
age: 2285123
x-timer: S1660708961.681731,VS0,VE0
x-served-by: cache-iad-kjyo7100121-IAD, cache-vie6360-VIE
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: application/javascript
content-encoding: gzip
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
content-length: 997
x-cache-hits: 1, 152607

OPTIONS
H2 200 json
forms.hsforms.com/embed/v3/form/2113031/e7da54a7-2f38-4f6a-9f57-178fe485ef3c/ Frame 0
0 175ms
129ms Preflight
text/plain 2606:4700::6810:5905
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/2113031/e7da54a7-2f38-4f6a-9f57-178fe485ef3c/json?hutk=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5905 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: x-requested-with
Access-Control-Request-Method: GET
Origin: https://fraud.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: x-requested-with
access-control-allow-methods: OPTIONS, GET
access-control-allow-origin: https://fraud.net
access-control-expose-headers: X-Origin-Hublet
access-control-max-age: 180
allow: HEAD,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=0, no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 73bf83fc687c68f7-FRA
content-length: 18
content-type: text/plain; charset=utf-8
date: Wed, 17 Aug 2022 04:02:40 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-hubspot-correlation-id: e2e651af-531a-4b94-8dfc-9209c532e37b
x-robots-tag: none
x-trace: 2B0E753B203734C6D3FD621897EF0F89B5BA5A81FC000000000000000000

GET
H3 200 json Show response
forms.hsforms.com/embed/v3/form/2113031/e7da54a7-2f38-4f6a-9f57-178fe485ef3c/ 5 KB
2 KB 168ms
140ms XHR
application/json 2606:4700::6810:5905
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/2113031/e7da54a7-2f38-4f6a-9f57-178fe485ef3c/json?hutk=

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5905 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

190cd3163a94f7669989c575433e11e7736b098f3fb43bee2b48c5f91da5c35b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/javascript
Referer: https://fraud.net/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-origin-hublet: na1
date: Wed, 17 Aug 2022 04:02:40 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
x-hubspot-correlation-id: 8ec48dc7-a937-4354-9e90-50579ad41a97
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-robots-tag: none
server: cloudflare
x-trace: 2B5DA0CA71CE2D8441F9D46280AAF424734DBCB0CC000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-allow-origin: https://fraud.net
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
cf-ray: 73bf83fd5d485c68-FRA
access-control-allow-headers: *

POST
H2 200 admin-ajax.php Show response
fraud.net/wp-admin/ 296 B
253 B 1132ms
1131ms XHR
application/json 199.16.173.27
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-admin/admin-ajax.php

Requested by

Host: 149360532.v2.pressablecdn.com
URL: https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/init.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.173.27 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

f09f0c1a5fd0d77e0994510c6da3333639007945db3179a304cf5406b991d016

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fraud.net/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
x-content-type-options: nosniff
host-header: Pressable
referrer-policy: strict-origin-when-cross-origin
server: nginx
x-frame-options: SAMEORIGIN
date: Wed, 17 Aug 2022 04:02:41 GMT
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://fraud.net
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-ac: 1.hhn _atomic_ams
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 icallback.js Show response
app.convolo.ai/js/ 23 B
226 B 106ms
40ms Script
text/javascript 134.122.57.141
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://app.convolo.ai/js/icallback.js?v=0.25630051456532943&key=722eceab7f60d18ed20b7092f33c4d77&uri=https%3A%2F%2Ffraud.net%2F
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 134.122.57.141 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 / Express
Resource Hash: d917f30fbde14db0d04a5d354166e181e30a9096350b782bc4ebf192d7348070

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 04:02:40 GMT
content-encoding: gzip
etag: W/"17-c1xyfep/PfeezbbVu1iEy4ix7AU"
server: nginx/1.18.0
x-powered-by: Express
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *

GET
H2 200 preload.js Show response
front.optimonk.com/public/177110/js/ 4 KB
2 KB 74ms
29ms Script
application/javascript 167.99.251.246
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://front.optimonk.com/public/177110/js/preload.js

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

167.99.251.246 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

40afae4487d00e3a8c80387f53bef652660d09d0233fe5c02d0ff524ba78c154

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 04:02:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
etag: W/"ffc-qbG7Q9bGmjqBCaLwl1rUFIfcDSU"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=1350
strict-transport-security: max-age=15552000; includeSubDomains
x-dns-prefetch-control: off
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK track.js Show response
secure.gaug.es/ 4 KB
4 KB 430ms
107ms Script
application/javascript 52.22.228.39
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gaug.es/track.js
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.228.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-228-39.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: df2698e6cf74ed890afa92da10051f880df2ce0b3257b73c5d9ae2f6bea82d3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 17 Aug 2022 04:02:41 GMT
Last-Modified: Tue, 16 Aug 2022 10:33:40 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "62fb7284-ef5"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3829

GET
H2 200 modules.8b83be320cd47888a36c.js Show response
script.hotjar.com/ 249 KB
64 KB 70ms
24ms Script
application/javascript 13.224.189.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.8b83be320cd47888a36c.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2001329.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-42.fra2.r.cloudfront.net

Software

Resource Hash

3395548d12c45b3163fe2231ff03b0ced049771aeae73bacb45b2726e2f61010

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 10:54:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 407314
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains
content-length: 65169
access-control-allow-origin: *
last-modified: Fri, 12 Aug 2022 10:53:25 GMT
etag: "aa31991b0402338880bb68565eec8d76"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 7a3193ebce69450274ae629ce856b09c.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: OfYb_jeXzjz6Ie38RqxyPYFwKchd75-H6pK3SsvrmSGfDhO20gaiTA==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=186217&time=1660708960923&url=https%3A%2F%2Ffraud.net%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D186217%26time%3D1660708960923%26url%3Dhttps%253A%252F%252Ffraud.net%252F%26liSync...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=186217&time=1660708960923&url=https%3A%2F%2Ffraud.net%2F&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=186217&time=1660708960923&url=https%3A%2F%2Ffraud.net%2F&liSync=true&e_ipv6=AQIT3Ad32OXoXwAAAYKp970vGvbi2Yi-PjrzSNHGG36PVdpaQyZu_BB8x0aDZJUJprZtf...

0
266 B

220ms
170ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=186217&time=1660708960923&url=https%3A%2F%2Ffraud.net%2F&liSync=true&e_ipv6=AQIT3Ad32OXoXwAAAYKp970vGvbi2Yi-PjrzSNHGG36PVdpaQyZu_BB8x0aDZJUJprZtf_6LLzF2
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 04:02:41 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 21194F7772824BA39AA947E00190FD20 Ref B: FRAEDGE1113 Ref C: 2022-08-17T04:02:41Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXmZ+++MdPEGSIMAqbbFA==
x-li-fabric: prod-ltx1

Redirect headers

date: Wed, 17 Aug 2022 04:02:40 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 66601B5EBB3B4994BEADBC37ACF59AB3 Ref B: FRAEDGE1407 Ref C: 2022-08-17T04:02:41Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=186217&time=1660708960923&url=https%3A%2F%2Ffraud.net%2F&liSync=true&e_ipv6=AQIT3Ad32OXoXwAAAYKp970vGvbi2Yi-PjrzSNHGG36PVdpaQyZu_BB8x0aDZJUJprZtf_6LLzF2
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXmZ++6ycW3nFYec3Q9Nw==

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/exp/
Redirect Chain

https://s.adroll.com/j/exp/HVT2SOYWOBESJB535C7MUS/index.js
https://s.adroll.com/j/exp/index.js

28 B
785 B

21ms
20ms

Script
application/javascript

2600:9000:225e:e200:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: HTTP/1.1
Server: 2600:9000:225e:e200:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

X-Amz-Version-Id: 54CR.I9BC9Znk_eUBi_4NwuScKvxGyTv
Via: 1.1 5b21c56dde1a436b4b6766d2406627d2.cloudfront.net (CloudFront)
Etag: "5816cced8568d223aa09d889f300692b"
Age: 26065
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 28
Last-Modified: Thu, 04 Aug 2022 20:10:45 GMT
Server: AmazonS3
Date: Tue, 16 Aug 2022 21:05:58 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA60-P4
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: EFg4DAMjTN6MfmxLwHem4qv7f8n84fbLx-qremPiMIcphgnLvoGAZQ==

Redirect headers

Date: Tue, 16 Aug 2022 20:23:31 GMT
Via: 1.1 5b21c56dde1a436b4b6766d2406627d2.cloudfront.net (CloudFront)
Age: 27549
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA60-P4
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: rTZG-036LL2d7bDxMe5D7dXoR5UOD9LEEv7xG6w5F73P66LwefgWow==

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/pre/
Redirect Chain

https://s.adroll.com/j/pre/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM/fpconsent.js
https://s.adroll.com/j/pre/index.js

0
756 B

28ms
28ms

Script
application/javascript

2600:9000:225e:e200:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/index.js
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: HTTP/1.1
Server: 2600:9000:225e:e200:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

X-Amz-Version-Id: nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Via: 1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront)
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Age: 27044
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 0
Last-Modified: Wed, 15 Jan 2020 23:54:18 GMT
Server: AmazonS3
Date: Tue, 16 Aug 2022 21:05:04 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA60-P4
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: c6gpeD2xr615liS9Rr1jEXxioYhIpIEn-UEB0b4m-zy8maMIq9ahfw==

Redirect headers

Date: Tue, 16 Aug 2022 23:35:31 GMT
Via: 1.1 5b21c56dde1a436b4b6766d2406627d2.cloudfront.net (CloudFront)
Age: 16029
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Location: https://s.adroll.com/j/pre/index.js
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA60-P4
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: 8gOp2TuyfeMYUPXIFKq--msKn4PKWIhFlQABEhlnXt0c7KlKvQZdpQ==

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM/ 0
809 B 62ms
20ms Script
text/javascript 2600:9000:225e:e200:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:e200:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

X-Amz-Version-Id: ewq3xnmna3FdSZO6U_XLiMQ7KM4aRRgT
Via: 1.1 5b21c56dde1a436b4b6766d2406627d2.cloudfront.net (CloudFront)
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Age: 1089
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 0
Last-Modified: Tue, 02 Aug 2022 02:38:43 GMT
Server: AmazonS3
Date: Wed, 17 Aug 2022 03:44:32 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA60-P4
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: WrLFcUOxGXipyfYR7qRJLXHaYGU7w7tDy-ja88vuEhHh71PRfpLgQQ==

GET
H3 200 1567786626743241 Show response
connect.facebook.net/signals/config/ 292 KB
84 KB 46ms
22ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1567786626743241?v=2.9.75&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0e900f777bb9ca536729d81c6528075fbc93fc32d66b6c96af1e603ade07487c

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 85848
x-xss-protection: 0
pragma: public
x-fb-debug: fGUqqr2RA8QCsrMx5Ifb5lyaaeGoOSq9LA2gz9ID7BMrVYmsc8cESUSJjaKV1/8CwGPnmwuNs/WI4HFuQJCNnA==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 17 Aug 2022 04:02:40 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/998743206/ 2 KB
2 KB 83ms
34ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/998743206/?random=1660708960934&cv=9&fst=1660708960934&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg8f0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Ffraud.net%2F&tiba=Fraud.net%20%7C%20AI%20Fraud%20Detection%20and%20Prevention%20for%20Enterprises&auid=1609630672.1660708960&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ad37ad7e9114460877b15e6b010ec28893d002495190460e8762c11ec3e0257

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Aug 2022 04:02:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1034
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 68ms
22ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVZ4N9X

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 3641
date: Wed, 17 Aug 2022 03:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 17 Aug 2022 05:02:00 GMT

GET
H2 200 4000327.js Show response
bat.bing.com/p/action/ 1 KB
842 B 197ms
197ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/4000327.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

622f0c7e5a45a3acbec3e95c26851d305216d5bfb653a4736d524c7052ee8334

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1589A92A6C5B4CAC92DF3A332CE1F7D0 Ref B: FRAEDGE1515 Ref C: 2022-08-17T04:02:40Z
date: Wed, 17 Aug 2022 04:02:40 GMT
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private,max-age=60
content-length: 666

GET
H2 204 0
bat.bing.com/action/ 0
175 B 44ms
43ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=4000327&tm=gtm002&Ver=2&mid=2952e52e-42af-4d71-8401-c96c0890990a&sid=7074b9001de111ed9609876081cef2f8&vid=7074f8601de111eda3b4452bb9be0901&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Fraud.net%20%7C%20AI%20Fraud%20Detection%20and%20Prevention%20for%20Enterprises&p=https%3A%2F%2Ffraud.net%2F&r=&lt=2884&evt=pageLoad&sv=1&rn=601000

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 73142EE7A72C44BA9E97DEF4C882E5E2 Ref B: FRAEDGE1515 Ref C: 2022-08-17T04:02:41Z
date: Wed, 17 Aug 2022 04:02:40 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content vuid
vimeo.com/ablincoln/ Frame 2A2F 0
993 B 390ms
343ms Ping
text/plain 162.159.138.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vimeo.com/ablincoln/vuid?pid=10fadfe7646aa79d75c2cdd8def2af9296debe0e1660708960

Requested by

Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.159.138.60 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 17 Aug 2022 04:02:41 GMT
Via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
CF-Cache-Status: DYNAMIC
content-security-policy-report-only: default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /_csp
X-Cache: MISS, MISS
Connection: keep-alive
Vary: User-Agent
x-xss-protection: 1; mode=block
X-Served-By: cache-iad-kiad7000179-IAD, cache-hhn4020-HHN
x-vimeo-device: d
Server: cloudflare
X-Timer: S1660708961.063964,VS0,VE308
x-frame-options: sameorigin
x-backend-proxy: webproxy2
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
expires: Tue, 16 Aug 2022 16:02:41 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-bapp-server: pweb-5698f54bf-5sm99
x-ua-compatible: IE=edge
Accept-Ranges: bytes
CF-RAY: 73bf83fe9d6c995d-FRA
X-Cache-Hits: 0, 0

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 72 KB
25 KB 79ms
31ms Script
application/javascript 2606:4700::6811:81ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hscollectedforms.net/collectedforms.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2113031.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:81ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e0a88a680075dec852a87e3caa62bbb27bc77affb238de1778e1a8dca88e088

Request headers

Referer: https://fraud.net/
Origin: https://fraud.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 04:02:41 GMT
via: 1.1 470d4277236d0557f3e42c6bfe9dac78.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 61558
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.285/bundles/project.js&cfRay=73b9a51ea9ab91ea-IAD
x-cache: Hit from cloudfront
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
content-encoding: br
cf-ray: 73bf83fe9cb69241-FRA
last-modified: Mon, 18 Jul 2022 02:17:32 UTC
server: cloudflare
etag: W/"877e5f54a66a69786dec54038d0864c4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
x-amz-version-id: gdKWpz_yvObw8s97wY_QgOhrdmJzIElp
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=0
x-hs-cache-status: MISS
x-amz-cf-pop: IAD89-P1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: C19nOHuJQT2GcU3z_f2ZrRlA95SbKV5McDLRSSCuoQ72e9Bfwk1TFw==
x-hs-target-asset: collected-forms-embed-js/static-1.285/bundles/project.js

GET
H2 200 2113031.js Show response
js.hs-analytics.net/analytics/1660708800000/ 62 KB
20 KB 74ms
28ms Script
text/javascript 2606:4700::6811:43b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1660708800000/2113031.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2113031.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:43b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62d89588588a8dfb2b6db5704f2ef856c5435ff2d32c4dda09cbf6a50eac0a5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 04:02:41 GMT
content-encoding: br
cf-cache-status: HIT
age: 1
x-amz-server-side-encryption: AES256
x-amz-request-id: 5KNG19HQS75MCCKX
x-amz-id-2: M9ufamGMNVjf8ifbDaxE1wrz2NU9hbXYJUN1KPVeRzv6tnfWIozcikHWROKStSvfH6KJhZOwvBbXBvnpi32iPw==
last-modified: Tue, 26 Jul 2022 14:49:15 GMT
server: cloudflare
etag: W/"9c3332b2d941df4bc7cd93aaf555e8f7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=300, public
access-control-allow-credentials: false
x-amz-version-id: null
cf-ray: 73bf83fe9de49bfa-FRA
expires: Wed, 17 Aug 2022 04:07:40 GMT

GET
H2 200 2113031.js Show response
js.hs-banner.com/ 60 KB
16 KB 75ms
30ms Script
text/javascript 2606:4700:4400::ac40:9a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/2113031.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2113031.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea7f3980529b89910d44c60942deaeb876f8228cd7a71dbf768c72f382b54917

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 04:02:41 GMT
content-encoding: br
cf-cache-status: HIT
age: 1
x-amz-server-side-encryption: AES256
content-type: text/javascript; charset=UTF-8
access-control-max-age: 604800
x-amz-request-id: 8MDXM6H8748AGKR0
x-amz-id-2: zJiEbqMx63vp9AoZVGmVIMQ42qCYiyMD0XhATK0vKlxMymE7SX0wwLhR/X4gbtNStkFj+vWiYz0=
timing-allow-origin: *
last-modified: Tue, 16 Aug 2022 20:54:33 GMT
server: cloudflare
etag: W/"42d1d2760b564e328c6950b17c92c7e7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id: sYVxNfIdEWN7O0EZ2p4qiQuSviCsK23.
access-control-allow-origin: https://fraud.net
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
cf-ray: 73bf83fe99675b98-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Wed, 17 Aug 2022 04:07:40 GMT

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 547 KB
88 KB 81ms
35ms Script
application/javascript 2606:4700::6811:eacc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsleadflows.net/leadflows.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2113031.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:eacc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8598f014db2cb1ee468796657129c4d2319715d818ad6a0ea1049b7873b19fe

Request headers

Referer: https://fraud.net/
Origin: https://fraud.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 04:02:41 GMT
via: 1.1 aa6e16f47d6a0519f52b8dcfca2d841a.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 30730
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=lead-flows-js/static-1.1101/bundle/main/lead-flows-release.js&cfRay=73bc95c4ea4b92ba-IAD
x-cache: Hit from cloudfront
cache-tag: staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
content-encoding: br
cf-ray: 73bf83fe9c1492ad-FRA
last-modified: Mon, 18 Jul 2022 01:14:17 UTC
server: cloudflare
etag: W/"46823b230a10099f9c99f5d6e551b1de"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
x-amz-version-id: yT2X7qjRd3nfD17wwjIyU26GMxKILzTr
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=0
x-hs-cache-status: MISS
x-amz-cf-pop: IAD89-P1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: il09cVjmxruUk3hRuhJpnoXPP9EVgOSUvDKBOamCJce3I8vcXzOCwA==
x-hs-target-asset: lead-flows-js/static-1.1101/bundle/main/lead-flows-release.js

OPTIONS
H2 200 tp2
device.fraud.net/com.snowplowanalytics.snowplow/ Frame 0
0 326ms
108ms Preflight 52.0.155.81
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://device.fraud.net/com.snowplowanalytics.snowplow/tp2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.0.155.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-0-155-81.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://fraud.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-allow-origin: https://fraud.net
access-control-max-age: 5
content-length: 0
date: Wed, 17 Aug 2022 04:02:41 GMT
server: nginx

POST
H2 200 tp2 Show response
device.fraud.net/com.snowplowanalytics.snowplow/ 2 B
323 B 323ms
108ms XHR
text/plain 52.0.155.81
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://device.fraud.net/com.snowplowanalytics.snowplow/tp2
Requested by: Host: media.fraud.net
URL: https://media.fraud.net/shield/js/v1/analytics.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.0.155.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-0-155-81.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://fraud.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

access-control-allow-origin: https://fraud.net
date: Wed, 17 Aug 2022 04:02:41 GMT
access-control-allow-credentials: true
server: nginx
content-type: text/plain; charset=UTF-8
content-length: 2
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"

GET
H2

200

51557
stags.bluekai.com/site/
Redirect Chain

https://aorta.clickagy.com/pixel.gif?ch=278&cm=1b87f4263451535d0b245f25812af4453c5d66d42f5735ca5d8fdb84f9225bf6
https://stags.bluekai.com/site/51557?id=c:d54587c0c39889b37442c588d37a454f&redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D122%26cm%3D$_BK_UUID&BKUUID=$_BK_UUID&limit=1

62 B
227 B

202ms
161ms

Image
image/gif

104.111.215.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/51557?id=c:d54587c0c39889b37442c588d37a454f&redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D122%26cm%3D$_BK_UUID&BKUUID=$_BK_UUID&limit=1
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: H2
Server: 104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-191.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 04:02:41 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
content-length: 62
content-type: image/gif

Redirect headers

date: Wed, 17 Aug 2022 04:02:41 GMT
server: Aorta/20220801.70a5aba4
location: https://stags.bluekai.com/site/51557?id=c:d54587c0c39889b37442c588d37a454f&redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D122%26cm%3D$_BK_UUID&BKUUID=$_BK_UUID&limit=1
expect: 0
access-control-max-age: 31536000
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin
access-control-expose-headers: Set-Cookie
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-aorta-region: us-east-1
x-aorta-host: 9f8b5b36b98d
access-control-allow-headers: Origin,cache-control,content-type,man,messagetype,soapaction
content-length: 0

GET
H2 200 box-1ada912494ba7fc7aca15fcef1c2a7ae.html Show response
vars.hotjar.com/ Frame 5EED 2 KB
1 KB 66ms
21ms Document
text/html 13.224.189.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-1ada912494ba7fc7aca15fcef1c2a7ae.html

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2001329.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.10 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-10.fra2.r.cloudfront.net

Software

Resource Hash

90438997aa817bad94f49d367b04dbaaaa387493ef5a1f5b5d5f7b953b76c1ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://fraud.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3007775
cache-control: max-age=31536000
content-encoding: br
content-length: 1044
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 13 Jul 2022 08:33:06 GMT
etag: "0b3d3f4206ab84d8861a8cc4b2ddbe66"
last-modified: Wed, 13 Jul 2022 08:32:20 GMT
strict-transport-security: max-age=86400; includeSubDomains
vary: Accept-Encoding
via: 1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
x-amz-cf-id: 6vbDV4SNCor3S5UGpMfz84E18yP8k12cYgGhRqtv_1I1Lq1gXah-tw==
x-amz-cf-pop: FRA2-C1
x-cache: Hit from cloudfront
x-robots-tag: none

POST
H2 200 player-test-impression
fresnel.vimeocdn.com/add/ Frame 2A2F 0
142 B 166ms
122ms Ping
text/plain 34.120.202.204
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fresnel.vimeocdn.com/add/player-test-impression?beacon=1
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.9.1/js/player.de-DE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Wed, 17 Aug 2022 04:02:41 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 761269575-6c5f8c54d48457c4a582eb93d22363f05ec10d47e9829dffd8598b02a20ddb61-d
i.vimeocdn.com/video/ Frame 2A2F 27 KB
27 KB 34ms
33ms Image
image/avif 199.232.18.109
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/761269575-6c5f8c54d48457c4a582eb93d22363f05ec10d47e9829dffd8598b02a20ddb61-d?mw=700&mh=394
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/235637953?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.18.109 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5a8fec3c4a16262ecaa3bb9de610f13ba27c1ae1699af37faa43a6cd1ebcc52d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 04:02:41 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 1267946
x-viewmaster-lossless-format: automatic
x-cache: miss, HIT, HIT
access-control-max-age: 86400
x-backend-server: varnish
content-length: 27328
viewmaster-server: viewmaster-us-east1-k0q5
x-served-by: cache-dfw-kdfw8210044-DFW, cache-vie6346-VIE
x-timer: S1660708961.178143,VS0,VE1
etag: f8192317ef45f7d64358bbad45347dbc
vary: Accept
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 1, 1

POST
H2 200 player-stats
fresnel.vimeocdn.com/add/ Frame 2A2F 0
40 B 160ms
124ms Ping
text/plain 34.120.202.204
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=10fadfe7646aa79d75c2cdd8def2af9296debe0e1660708960
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.9.1/js/player.de-DE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Wed, 17 Aug 2022 04:02:41 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 HVT2SOYWOBESJB535C7MUS Show response
d.adroll.com/consent/check/ 461 B
928 B 328ms
107ms Script
application/javascript 3.221.212.10
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/HVT2SOYWOBESJB535C7MUS?arrfrr=https%3A%2F%2Ffraud.net%2F&_s=ccfbfe6b10a77ec51004c1451607d5ba&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.221.212.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-221-212-10.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: d7c47aad3758a6edf49d3743afe36facd814d753e50d2991d60c2d644990a44b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Aug 2022 04:02:41 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.20.0
content-type: application/javascript
content-length: 461
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2 200 enterprise.js Show response
www.google.com/recaptcha/ 1008 B
1 KB 85ms
30ms Script
text/javascript 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit&isolated=true

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

49392984008451601dccb79bc1bb29c6430ee8a22999fc62fe801a64765e5351

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 04:02:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 615
x-xss-protection: 1; mode=block
expires: Wed, 17 Aug 2022 04:02:41 GMT

GET
H2 200 preload-base.116877cf.js Show response
front.optimonk.com/ 52 KB
17 KB 29ms
27ms Script
application/javascript 167.99.251.246
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://front.optimonk.com/preload-base.116877cf.js

Requested by

Host: front.optimonk.com
URL: https://front.optimonk.com/public/177110/js/preload.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

167.99.251.246 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

925a31b46531c0d37d8dc5de183680ca11ba4e1bc842d98c8aff2e34fe3bc8ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 04:02:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
etag: W/"cff2-y/VJOgS1YB8JRzBs6806h3feJnE"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=604800
strict-transport-security: max-age=15552000; includeSubDomains
x-dns-prefetch-control: off
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H3 200 /
www.google.com/pagead/1p-user-list/998743206/ 42 B
64 B 78ms
35ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/998743206/?random=1660708960934&cv=9&fst=1660708800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg8f0&sendb=1&frm=0&url=https%3A%2F%2Ffraud.net%2F&tiba=Fraud.net%20%7C%20AI%20Fraud%20Detection%20and%20Prevention%20for%20Enterprises&async=1&fmt=3&is_vtc=1&random=2733398468&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Aug 2022 04:02:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/998743206/ 42 B
548 B 87ms
34ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/998743206/?random=1660708960934&cv=9&fst=1660708800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg8f0&sendb=1&frm=0&url=https%3A%2F%2Ffraud.net%2F&tiba=Fraud.net%20%7C%20AI%20Fraud%20Detection%20and%20Prevention%20for%20Enterprises&async=1&fmt=3&is_vtc=1&random=2733398468&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Aug 2022 04:02:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 29ms
29ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=769801929&t=pageview&_s=1&dl=https%3A%2F%2Ffraud.net%2F&ul=en-us&de=UTF-8&dt=Fraud.net%20%7C%20AI%20Fraud%20Detection%20and%20Prevention%20for%20Enterprises&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABQAAAAC~&jid=1392673951&gjid=1125535611&cid=2095451449.1660708961&tid=UA-35675858-1&_gid=902694606.1660708961&_r=1&gtm=2wg8f0WVZ4N9X&z=670540182

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://fraud.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 17 Aug 2022 04:02:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fraud.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 63ms
21ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1567786626743241&ev=PageView&dl=https%3A%2F%2Ffraud.net%2F&rl=&if=false&ts=1660708961512&sw=1600&sh=1200&v=2.9.75&r=stable&ec=0&o=30&fbp=fb.1.1660708961510.1015918497&it=1660708960932&coo=false&rqm=GET

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 04:02:41 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Wed, 17 Aug 2022 04:02:41 GMT

GET
H2 200 4000327 Show response
www.clarity.ms/tag/uet/ 2 KB
2 KB 179ms
125ms Script
application/x-javascript 2620:1ec:27::cafe:1644
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/4000327
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/4000327.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1644 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: ab5512fdf7a0215065c5685399aeb89191d34c6ca1c87bb11bc5b74bda3034f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 04:02:40 GMT
x-powered-by: ASP.NET
x-azure-ref: 0YWj8YgAAAACrSTfn1fEnTqiLH4mir93zWlJIRURHRTA2MDkANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
expires: -1
cache-control: no-cache, no-store
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

GET
H2 200 json Show response
forms.hubspot.com/collected-forms/v1/config/ 115 B
1 KB 175ms
130ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/collected-forms/v1/config/json?portalId=2113031&utk=

Requested by

Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4df654661d6a1770cd4d647cf1a16adc085a300d1e521e9bc9f2c133d4e22a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://fraud.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 04:02:41 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 7087d29d-f396-4d03-9b11-e55879a9239f
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IGvSHr1rVjfBV54eyHWRClQjU8AvUUtKxkyvBWPHEkjImoyYTsT35O6tN%2Fe4rD5boc3vjmpSnMl%2FqD488P2noYgD0fHvEy6TzsjqBFo3ZXFS3Vm%2BxqCNe3CS9s7Aw3br482BgW5vtVfZ%2FH0jfKgy"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://fraud.net
x-robots-tag: none
access-control-allow-credentials: false
cf-ray: 73bf840248849b71-FRA
access-control-allow-headers: *

GET
H/1.1 200
OK track.gif
secure.gaug.es/ 35 B
389 B 116ms
115ms Image
image/gif 52.22.228.39
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.gaug.es/track.gif?h[site_id]=5d2ff78cc994471481492bdc&h[resource]=https%3A%2F%2Ffraud.net%2F&h[referrer]=&h[title]=Fraud.net%20%7C%20AI%20Fraud%20Detection%20and%20Prevention%20for%20Enterprises&h[user_agent]=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F104.0.5112.79%20Safari%2F537.36&h[unique]=1&h[unique_hour]=1&h[unique_day]=1&h[unique_month]=1&h[unique_year]=1&h[screenx]=1600&h[browserx]=1600&h[browsery]=1200&timestamp=1660708961599

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.22.228.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-22-228-39.compute-1.amazonaws.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 17 Aug 2022 04:02:41 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 17 Aug 2022 04:02:41 GMT
Server: nginx/1.10.3 (Ubuntu)
Content-Type: image/gif
Cache-Control: no-store, no-cache, must-revalidate, private
Connection: keep-alive
Content-Length: 35
Expires: Sat, 25 Nov 2000 05:00:00 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/ 386 KB
154 KB 68ms
20ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit&isolated=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5cde27396c8c483c599d4162e29f219dbad91728edacc8f91410cc818a91046b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fraud.net/
Origin: https://fraud.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 00:35:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12452
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 157356
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 08:12:45 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 17 Aug 2023 00:35:09 GMT

GET
H/1.1

200
OK

6SMH2DHXINFNDD52UNEEKG.js Show response
s.adroll.com/pixel/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM/
Redirect Chain

https://d.adroll.com/pixel/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM?adroll_fpc=9284a370f31389a828cd589c2c97a878-1660708961616&arrfrr=https%3A%2F%2Ffraud.net%2F&pv=17177436987.624462&cookie=&ad...
https://s.adroll.com/pixel/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM/6SMH2DHXINFNDD52UNEEKG.js

5 KB
3 KB

28ms
28ms

Script
text/javascript

2600:9000:225e:e200:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/pixel/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM/6SMH2DHXINFNDD52UNEEKG.js
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: HTTP/1.1
Server: 2600:9000:225e:e200:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0b94bede2650cab53ab4993aa247e12944317add295da23ac72894a20ec0b448

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

X-Amz-Version-Id: aEzA8ZiD3GBvTEFl97h.zOEnHFJ9yDtC
Content-Encoding: gzip
Etag: W/"8955661fd9b03bac87a8e2e4016e9727"
Age: 1089
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Vary: Accept-Encoding
Via: 1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront)
Last-Modified: Mon, 06 Jun 2022 22:12:13 GMT
Server: AmazonS3
Date: Wed, 17 Aug 2022 03:44:33 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA60-P4
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: 38OKwmmHA69W5YzUdTlhc5Yfb7hJ1h7PvinFRNA7c6DKpt9HUhod5g==

Redirect headers

date: Wed, 17 Aug 2022 04:02:41 GMT
x-segment-display-name: FN Homepage
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
x-rule-type: s
content-length: 0
pragma: no-cache
x-conversion-value: 0.00
server: nginx/1.20.0
x-rule: *fraud.net/*
x-segment-eid: 6SMH2DHXINFNDD52UNEEKG
location: https://s.adroll.com/pixel/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM/6SMH2DHXINFNDD52UNEEKG.js
cache-control: no-store, no-cache, must-revalidate
x-pixel-eid: ML43PNVWLZH6BAVX2UYHRM
x-segment-name: d1dcd5e9
x-advertisable-eid: HVT2SOYWOBESJB535C7MUS
x-conversion-currency

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/2001329/ 147 B
322 B 143ms
50ms XHR
application/json 34.255.240.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/2001329/visit-data?sv=7
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.8b83be320cd47888a36c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.255.240.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-240-59.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a82fc6cdeed37975df9de2eb175b204a15a04b4d7d7ac579a2beb538d18bbca9

Request headers

Referer: https://fraud.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Wed, 17 Aug 2022 04:02:41 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H2 200 jfclientsdk.min.js Show response
gs-cdn.optimonk.com/jfclientsdk/latest/ 95 KB
32 KB 375ms
122ms Script
application/javascript 143.244.60.109
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://gs-cdn.optimonk.com/jfclientsdk/latest/jfclientsdk.min.js?ts=12
Requested by: Host: front.optimonk.com
URL: https://front.optimonk.com/preload-base.116877cf.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 143.244.60.109 Chicago, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-143-244-60-109.datapacket.com
Software: BunnyCDN-IL-807 /
Resource Hash: 85f0b9ca412b1b2c5ce84007871323a0d6f3e532e7b8a726026b458a1656c1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 04:02:41 GMT
content-encoding: br
cdn-edgestorageid: 807
age: 0
x-guploader-uploadid: ADPycdso-_7lH5oQ3p86ez4Vg-lCA1-FiflajuNfWSumN8Z2IWUeej7g72ZMqwk_hWEqswGp12jtjodtghVo8z3v9MmRsGZNtcwK
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
cdn-pullzone: 592317
x-goog-stored-content-encoding: identity
cdn-cachedat: 08/14/2022 15:02:12
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000
server: BunnyCDN-IL-807
last-modified: Thu, 23 Jun 2022 11:01:56 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"0d51daede184576e937e1d8135d6e64d"
content-language: en
vary: Accept-Encoding, Accept-Encoding
x-goog-hash: crc32c=KnNijw==, md5=DVHa7eGEV26Tfh2BNdbmTQ==
x-goog-generation: 1655982116491970
cdn-cache: HIT
cdn-uid: 03887a3a-e2eb-4f9c-b547-bb29001e27f6
cache-control: public, max-age=2592000
x-goog-stored-content-length: 97067
cdn-requestid: 721f07c860c352b9a7b6feff771b790d
content-type: application/javascript
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

POST
H2 200 load Show response
front.optimonk.com/public/177110/js/ 4 KB
2 KB 79ms
34ms XHR
application/javascript 167.99.251.246
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://front.optimonk.com/public/177110/js/load

Requested by

Host: front.optimonk.com
URL: https://front.optimonk.com/preload-base.116877cf.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

167.99.251.246 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

df9dc946e952b0593ded524e37c408a817724e3017c63d2c75566e10fac5ecdb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fraud.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 17 Aug 2022 04:02:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
etag: W/"f34-CfaxZ6qHmitSvHjj2mgAe5u5h+Q"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
strict-transport-security: max-age=15552000; includeSubDomains
x-dns-prefetch-control: off
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 load.72e55f55.js Show response
front.optimonk.com/load.esm/ 207 KB
57 KB 34ms
34ms Script
application/javascript 167.99.251.246
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://front.optimonk.com/load.esm/load.72e55f55.js

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

167.99.251.246 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

7093dde68531ffd1c144d2a49659581bd9682603d08896674bcddbe3d8a3dec3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fraud.net/
Origin: https://fraud.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 04:02:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
etag: W/"33d69-KvYw/nb7zMBHqOmS+CX5fLgxw24"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=604800
strict-transport-security: max-age=15552000; includeSubDomains
x-dns-prefetch-control: off
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H3 200 anchor Show response
www.google.com/recaptcha/enterprise/ Frame B8EF 43 KB
22 KB 51ms
46ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9mcmF1ZC5uZXQ6NDQz&hl=de&v=mq0-U1BHZ5YTcoDC-CvsLPNc&size=invisible&badge=inline&cb=nfzp87z2vdeq

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

26b8796450829f024ec8c299aaa4d502d1521c7686d593229eaf45cb89fb911a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-sHh98k95QJSYT_2hnkzPeg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fraud.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22818
content-security-policy: script-src 'report-sample' 'nonce-sHh98k95QJSYT_2hnkzPeg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 17 Aug 2022 04:02:41 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 counters.gif
perf.hsforms.com/embed/v3/ 35 B
545 B 4356ms
4307ms Image
image/gif 2606:4700::6810:5905
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf.hsforms.com/embed/v3/counters.gif?key=forms-next-recaptcha-viewed&count=1&portalId=2113031

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5905 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 04:02:42 GMT
vary: Accept-Encoding
cf-cache-status: MISS
x-hubspot-correlation-id: 7be3707b-1160-4c37-8d39-2d368aa2d8b8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35
x-robots-tag: none
last-modified: Wed, 17 Aug 2022 04:02:42 GMT
server: cloudflare
x-trace: 2BE9EA6BB1B98146B499CB869DF88532D40EEDA2C0000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/gif
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 73bf84037c43908a-FRA

GET
H2 200 Group-2859.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 84 KB
84 KB 24ms
21ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Group-2859.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

8a5b549f97ff7e1523fed10f7de1b2bd371e1d07a9a5ffb748520609b348bb5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 17 Aug 2022 04:02:41 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Fri, 03 Sep 2021 16:14:37 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Group-2859.png>; rel="canonical"
content-length: 85846
expires: Wed, 24 Aug 2022 04:02:41 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/eus-c/s/0.6.39/ 53 KB
23 KB 121ms
119ms Script
application/javascript 2620:1ec:27::cafe:1644
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus-c/s/0.6.39/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/4000327
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1644 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: f083096f236cb98c87af2abc70707aef6a74bb105074919b0bdc3aeec6964c1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 04:02:40 GMT
content-encoding: br
etag: "1d8b099e3740ca1"
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
x-azure-ref: 0YWj8YgAAAACSyjmne2rdTKNWUclAjKZlWlJIRURHRTA2MDkANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
accept-ranges: bytes
request-context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

GET
H3 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
473 B 166ms
142ms Image
image/gif 2606:4700::6810:5905
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=2

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5905 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 04:02:41 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
x-hubspot-correlation-id: 0222c6b7-a78e-4e89-aa55-a434a57aa5e8
cf-ray: 73bf840359a6697f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35
server: cloudflare
x-trace: 2BAF14E43BEEF303BD85CD8AD1C81958BAAF68DD64000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/gif
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 fraud-dot-net-background-dots-bottom-sm.jpg
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2018/10/ 45 KB
45 KB 21ms
21ms Image
image/jpeg 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2018/10/fraud-dot-net-background-dots-bottom-sm.jpg

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

445d907172a2bf29b119fecb54a2c2cad1a2eda934f9c887e4c1c923789108d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 17 Aug 2022 04:02:41 GMT
x-ac: 1.hhn _atomic_ams
last-modified: Thu, 26 Sep 2019 11:05:29 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2018/10/fraud-dot-net-background-dots-bottom-sm.jpg>; rel="canonical"
content-length: 45696
expires: Wed, 24 Aug 2022 04:02:41 GMT

GET
H/1.1 200
OK onsiteloader.js Show response
s.adroll.com/onsite_personalization/production/0.1/loader/ 2 KB
2 KB 31ms
30ms Script
application/javascript 2600:9000:225e:e200:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/onsite_personalization/production/0.1/loader/onsiteloader.js
Requested by: Host: d.adroll.com
URL: https://d.adroll.com/pixel/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM?adroll_fpc=9284a370f31389a828cd589c2c97a878-1660708961616&arrfrr=https%3A%2F%2Ffraud.net%2F&pv=17177436987.624462&cookie=&adroll_s_ref=&keyw=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:e200:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 61e6bb7dc98f8adb836fc72a8fdd38c6cfb48a0e71d3c58ffc2943217764ef40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

X-Amz-Version-Id: jCG0Y9XUUOQKBmsnFB0TVFtRkjlhb5c.
Content-Encoding: gzip
Etag: W/"73534cc70057d4d96ec3c5a56ad5d4ef"
X-Amz-Cf-Pop: FRA60-P4
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Access-Control-Max-Age: 600
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Thu, 09 Dec 2021 21:03:21 GMT
Server: AmazonS3
Date: Wed, 17 Aug 2022 04:02:41 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Via: 1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront)
Cache-Control: no-cache
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: rlDKYNMyy0-RMSsen5quGtsEUek9iJTrj2JhJ98QVcueFNia4DZh8g==

GET
H/1.1 200
OK sendrolling.js Show response
s.adroll.com/j/ 8 KB
3 KB 21ms
20ms Script
application/javascript 2600:9000:225e:e200:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/sendrolling.js
Requested by: Host: d.adroll.com
URL: https://d.adroll.com/pixel/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM?adroll_fpc=9284a370f31389a828cd589c2c97a878-1660708961616&arrfrr=https%3A%2F%2Ffraud.net%2F&pv=17177436987.624462&cookie=&adroll_s_ref=&keyw=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:e200:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0e5cf82e4a17e79c80c6f17c3fff873756de944e1301fa01c1d03aba1e359669

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

X-Amz-Version-Id: wG3UJevK_dyyBSOJeVU2_V1xC3jx_aLw
Content-Encoding: gzip
Etag: W/"9f2aa6ae991d93164d9512029d813cad"
Age: 74254
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Access-Control-Max-Age: 600
Connection: keep-alive
Via: 1.1 5b21c56dde1a436b4b6766d2406627d2.cloudfront.net (CloudFront)
Last-Modified: Thu, 30 Jun 2022 21:48:50 GMT
Server: AmazonS3
Date: Tue, 16 Aug 2022 07:25:29 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA60-P4
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: e9nnNRQccgYcSw32iRhlHVsSvP-s3kOuQwmFFv9JT-msvUD6-NvZIQ==

GET
H3 200 411617989444864 Show response
connect.facebook.net/signals/config/ 292 KB
84 KB 22ms
21ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/411617989444864?v=2.9.75&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8726fbb5c4e2bf86f89f28d16c5493387a186d95024f0e81b0547d1421807960

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 85831
x-xss-protection: 0
pragma: public
x-fb-debug: M1p6IoYrEE2dATZB++VG73oPMjHj67OThtouOSVGB7+C+/vZPVSXgDAJtmHEsLSBCXOAP/pPBD6aFflmhUKShQ==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 17 Aug 2022 04:02:41 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/
Redirect Chain

https://d.adroll.com/cm/index/out?adroll_fpc=9284a370f31389a828cd589c2c97a878-1660708961616&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=ODI2YmI3ZmU5MjUwYzZiZWZjZGExMWMwM2NiYWU4ZjA&expiration=1692244961
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=ODI2YmI3ZmU5MjUwYzZiZWZjZGExMWMwM2NiYWU4ZjA&expiration=1692244961&C=1

43 B
942 B

63ms
40ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=ODI2YmI3ZmU5MjUwYzZiZWZjZGExMWMwM2NiYWU4ZjA&expiration=1692244961&C=1
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray: 73bf8404ca80922c-FRA
pragma: no-cache
date: Wed, 17 Aug 2022 04:02:42 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7hr9YZchcKJusPl1om4k2Q1fVtg7xhfBftiZ%2F2OTTZLGvXhnSX9J3GAGvZAn6RWodYz870TYBwpyR0M6Ew5EA9CPnujbZvqY5ajMsnXFkvKzTDzFD52AnkmVl%2FtppoMzYu8WUOuWE3rldg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 17 Aug 2022 04:02:41 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KlAFNx1cHb6a2p0t1jIQZvvUTxaeaYHZKS7W5i76Gjdz%2B1c%2FATolh5XsVtOA385dOp1V%2BsMwmAHGuI7xd9bZhakNQ4m6AOM1cyyrLNRJHw0tlARWSG8jWmgNx166cHO02m1%2FcLi2ANkmYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=105&external_user_id=ODI2YmI3ZmU5MjUwYzZiZWZjZGExMWMwM2NiYWU4ZjA&expiration=1692244961&C=1
cache-control: no-cache
cf-ray: 73bf84044dc06955-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://d.adroll.com/cm/n/out?adroll_fpc=9284a370f31389a828cd589c2c97a878-1660708961616&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=ODI2YmI3ZmU5MjUwYzZiZWZjZGExMWMwM2NiYWU4ZjA&expires=365

0
239 B

104ms
22ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=ODI2YmI3ZmU5MjUwYzZiZWZjZGExMWMwM2NiYWU4ZjA&expires=365
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Content-Type: image/gif

Redirect headers

location: https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=ODI2YmI3ZmU5MjUwYzZiZWZjZGExMWMwM2NiYWU4ZjA&expires=365
pragma: no-cache
date: Wed, 17 Aug 2022 04:02:41 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.20.0
content-length: 124
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/
Redirect Chain

https://d.adroll.com/cm/outbrain/out?adroll_fpc=9284a370f31389a828cd589c2c97a878-1660708961616&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS
https://sync.outbrain.com/cookie-sync?p=adroll&uid=ODI2YmI3ZmU5MjUwYzZiZWZjZGExMWMwM2NiYWU4ZjA

0
308 B

4400ms
102ms

Image
text/plain

70.42.32.95
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=adroll&uid=ODI2YmI3ZmU5MjUwYzZiZWZjZGExMWMwM2NiYWU4ZjA
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: HTTP/1.1
Server: 70.42.32.95 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 17 Aug 2022 04:02:46 GMT
Cache-Control: no-cache
X-TraceId: ab400ec9e5437b441a5b34a5b7114bbf
Content-Length: 0

Redirect headers

location: https://sync.outbrain.com/cookie-sync?p=adroll&uid=ODI2YmI3ZmU5MjUwYzZiZWZjZGExMWMwM2NiYWU4ZjA
pragma: no-cache
date: Wed, 17 Aug 2022 04:02:41 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.20.0
content-length: 100
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

200

Pug
image2.pubmatic.com/AdServer/
Redirect Chain

https://d.adroll.com/cm/pubmatic/out?adroll_fpc=9284a370f31389a828cd589c2c97a878-1660708961616&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=ODI2YmI3ZmU5MjUwYzZiZWZjZGExMWMwM2NiYWU4ZjA&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXy...

42 B
494 B

106ms
30ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=ODI2YmI3ZmU5MjUwYzZiZWZjZGExMWMwM2NiYWU4ZjA&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 04:02:42 GMT
cache-control: no-store, no-cache, private
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=ODI2YmI3ZmU5MjUwYzZiZWZjZGExMWMwM2NiYWU4ZjA&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
pragma: no-cache
date: Wed, 17 Aug 2022 04:02:41 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.20.0
content-length: 212
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

204

rtb-h
sync.taboola.com/sg/adroll-network/1/
Redirect Chain

https://d.adroll.com/cm/taboola/out?adroll_fpc=9284a370f31389a828cd589c2c97a878-1660708961616&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=ODI2YmI3ZmU5MjUwYzZiZWZjZGExMWMwM2NiYWU4ZjA

0
90 B

89ms
28ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=ODI2YmI3ZmU5MjUwYzZiZWZjZGExMWMwM2NiYWU4ZjA
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 04:02:42 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 27747

Redirect headers

location: https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=ODI2YmI3ZmU5MjUwYzZiZWZjZGExMWMwM2NiYWU4ZjA
pragma: no-cache
date: Wed, 17 Aug 2022 04:02:41 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.20.0
content-length: 111
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

200

xuid
eb2.3lift.com/
Redirect Chain

https://d.adroll.com/cm/triplelift/out?adroll_fpc=9284a370f31389a828cd589c2c97a878-1660708961616&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS
https://eb2.3lift.com/xuid?mid=4714&xuid=ODI2YmI3ZmU5MjUwYzZiZWZjZGExMWMwM2NiYWU4ZjA&dongle=c85e

37 B
140 B

64ms
22ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=4714&xuid=ODI2YmI3ZmU5MjUwYzZiZWZjZGExMWMwM2NiYWU4ZjA&dongle=c85e
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 04:02:41 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

location: https://eb2.3lift.com/xuid?mid=4714&xuid=ODI2YmI3ZmU5MjUwYzZiZWZjZGExMWMwM2NiYWU4ZjA&dongle=c85e
pragma: no-cache
date: Wed, 17 Aug 2022 04:02:41 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.20.0
content-length: 102
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55980/
Redirect Chain

https://d.adroll.com/cm/r/out?adroll_fpc=9284a370f31389a828cd589c2c97a878-1660708961616&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS
https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=ODI2YmI3ZmU5MjUwYzZiZWZjZGExMWMwM2NiYWU4ZjA&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

0
124 B

4393ms
111ms

Image
text/plain

52.45.33.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=ODI2YmI3ZmU5MjUwYzZiZWZjZGExMWMwM2NiYWU4ZjA&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Server

52.45.33.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-45-33-138.compute-1.amazonaws.com

Software

ATS/9.1.0.46 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 04:02:46 GMT
server: ATS/9.1.0.46
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=ODI2YmI3ZmU5MjUwYzZiZWZjZGExMWMwM2NiYWU4ZjA&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
pragma: no-cache
date: Wed, 17 Aug 2022 04:02:41 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.20.0
content-length: 169
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/
Redirect Chain

https://d.adroll.com/cm/b/out?adroll_fpc=9284a370f31389a828cd589c2c97a878-1660708961616&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS
https://x.bidswitch.net/sync?dsp_id=44&user_id=ODI2YmI3ZmU5MjUwYzZiZWZjZGExMWMwM2NiYWU4ZjA
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=ODI2YmI3ZmU5MjUwYzZiZWZjZGExMWMwM2NiYWU4ZjA

43 B
510 B

124ms
124ms

Image
image/gif

35.211.178.172
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=ODI2YmI3ZmU5MjUwYzZiZWZjZGExMWMwM2NiYWU4ZjA
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: HTTP/1.1
Server: 35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 172.178.211.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 17 Aug 2022 04:02:46 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=ODI2YmI3ZmU5MjUwYzZiZWZjZGExMWMwM2NiYWU4ZjA
Date: Wed, 17 Aug 2022 04:02:46 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

bounce
ib.adnxs.com/
Redirect Chain

https://d.adroll.com/cm/x/out?adroll_fpc=9284a370f31389a828cd589c2c97a878-1660708961616&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS
https://ib.adnxs.com/setuid?entity=172&code=ODI2YmI3ZmU5MjUwYzZiZWZjZGExMWMwM2NiYWU4ZjA
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DODI2YmI3ZmU5MjUwYzZiZWZjZGExMWMwM2NiYWU4ZjA

43 B
1 KB

42ms
29ms

Image
image/gif

185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DODI2YmI3ZmU5MjUwYzZiZWZjZGExMWMwM2NiYWU4ZjA

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

HTTP/1.1

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 17 Aug 2022 04:02:46 GMT
X-Proxy-Origin: 217.114.218.27; 217.114.218.27; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: d0674cb9-15a6-4c6a-a42f-a8d0f203cf22
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 17 Aug 2022 04:02:42 GMT
X-Proxy-Origin: 217.114.218.27; 217.114.218.27; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 7f37bb73-7b78-4bbf-b1e7-c2dd78b24555
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DODI2YmI3ZmU5MjUwYzZiZWZjZGExMWMwM2NiYWU4ZjA
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 out
d.adroll.com/cm/l/ 42 B
180 B 213ms
211ms Image
image/gif 3.221.212.10
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/l/out?adroll_fpc=9284a370f31389a828cd589c2c97a878-1660708961616&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.221.212.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-221-212-10.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 04:02:41 GMT
cache-control: no-transform,public,max-age=300,s-maxage=900
server: nginx/1.20.0
content-length: 42
vary: Cookie
content-type: image/gif

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://d.adroll.com/cm/o/out?adroll_fpc=9284a370f31389a828cd589c2c97a878-1660708961616&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS
https://us-u.openx.net/w/1.0/sd?id=537103138&val=826bb7fe9250c6befcda11c03cbae8f0&gdpr=1&gdpr_consent=

43 B
273 B

4081ms
4037ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537103138&val=826bb7fe9250c6befcda11c03cbae8f0&gdpr=1&gdpr_consent=
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Aug 2022 04:02:42 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?id=537103138&val=826bb7fe9250c6befcda11c03cbae8f0&gdpr=1&gdpr_consent=
pragma: no-cache
date: Wed, 17 Aug 2022 04:02:41 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.20.0
content-length: 108
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

200

in
d.adroll.com/cm/g/
Redirect Chain

https://d.adroll.com/cm/g/out?adroll_fpc=9284a370f31389a828cd589c2c97a878-1660708961616&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS&google_nid=adroll5
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=gmu3_pJQxr782hHAPLro8A
https://d.adroll.com/cm/g/in

42 B
535 B

122ms
106ms

Image
image/gif

3.221.212.10
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/g/in
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: H2
Server: 3.221.212.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-221-212-10.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Aug 2022 04:02:46 GMT
server: nginx/1.20.0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-store, no-cache, must-revalidate
content-type: image/gif
content-length: 42
x-result: g.-1.-1.-1

Redirect headers

pragma: no-cache
date: Wed, 17 Aug 2022 04:02:42 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://d.adroll.com/cm/g/in
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 225
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 optimonk.5d3c34f7.js Show response
front.optimonk.com/load.esm/ 44 B
434 B 26ms
25ms Script
application/javascript 167.99.251.246
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://front.optimonk.com/load.esm/optimonk.5d3c34f7.js

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

167.99.251.246 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

304adf5eb6dd395fd121fb062ffc6d507859591fdd6dbc792b2e1fe5145ab4b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://front.optimonk.com/load.esm/load.72e55f55.js
Origin: https://fraud.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 04:02:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"2c-PP9xovXOpjsVds3Gr04DXoLaxdY"
x-download-options: noopen
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=604800
strict-transport-security: max-age=15552000; includeSubDomains
x-dns-prefetch-control: off
x-xss-protection: 1; mode=block

GET
H2 200 videoFactory.1fc45964.js Show response
front.optimonk.com/load.esm/ 171 B
533 B 24ms
23ms Script
application/javascript 167.99.251.246
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://front.optimonk.com/load.esm/videoFactory.1fc45964.js

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

167.99.251.246 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

9be2d6412eae24dc1e616cc56dcdef97920513dff73c3136b1a808622989aeb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://front.optimonk.com/load.esm/load.72e55f55.js
Origin: https://fraud.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 04:02:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"ab-7+puoeInCgrrEYILjxVDJpCdVEA"
x-download-options: noopen
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=604800
strict-transport-security: max-age=15552000; includeSubDomains
x-dns-prefetch-control: off
x-xss-protection: 1; mode=block

GET
H2 200 subscriptionFactory.5a6620dc.js Show response
front.optimonk.com/load.esm/ 742 B
767 B 24ms
23ms Script
application/javascript 167.99.251.246
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://front.optimonk.com/load.esm/subscriptionFactory.5a6620dc.js

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

167.99.251.246 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

90949c6a5f0949e8f6931420f8523cb1c32ed3058e2e330710bfebd06e4122da

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://front.optimonk.com/load.esm/load.72e55f55.js
Origin: https://fraud.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 04:02:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"2e6-tercF6IpFnzONDgoTMv4+cIuK0s"
x-download-options: noopen
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=604800
strict-transport-security: max-age=15552000; includeSubDomains
x-dns-prefetch-control: off
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK main.39c29e42.js Show response
s.adroll.com/onsite_personalization/production/0.1/static/js/ 336 KB
100 KB 82ms
28ms Script
application/javascript 2600:9000:225e:e200:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/onsite_personalization/production/0.1/static/js/main.39c29e42.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/onsite_personalization/production/0.1/loader/onsiteloader.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:e200:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 07db2104bff88b827b7d0dc6c06ec4b2d6fe59c2633680546dbddb3be400285f

Request headers

Referer: https://fraud.net/
Origin: https://fraud.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

X-Amz-Version-Id: VbMgk_gXghimoZRhj6QFui2WfE6aoopb
Content-Encoding: gzip
Etag: W/"86fbdc8ff56a043dffe520cd42b1e7b9"
Age: 26990
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Access-Control-Max-Age: 600
Connection: keep-alive
Via: 1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
Last-Modified: Wed, 22 Dec 2021 19:15:34 GMT
Server: AmazonS3
Date: Tue, 16 Aug 2022 21:05:19 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA60-P4
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: zjKgb7yNbaME7hl3wi0yTxDcGELUct1Y7-W3DdRIZ99EoxchbfR-Hw==

GET
H/1.1 200
OK main.2a90a3dd.css
s.adroll.com/onsite_personalization/production/0.1/static/css/ 25 KB
4 KB 29ms
29ms Stylesheet
text/css 2600:9000:225e:e200:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/onsite_personalization/production/0.1/static/css/main.2a90a3dd.css
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/onsite_personalization/production/0.1/loader/onsiteloader.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:e200:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 59c48654847cab7c894b4e49aed73de1a4141c27e501d72dd1117a356ef0f069

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

X-Amz-Version-Id: stG5rI47SkR3xxZTGnejIIBdHw6mvWlq
Content-Encoding: gzip
Etag: W/"3b96be16936102d8935969d4c53c212f"
X-Amz-Cf-Pop: FRA60-P4
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Access-Control-Max-Age: 600
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Thu, 09 Dec 2021 21:03:21 GMT
Server: AmazonS3
Date: Wed, 17 Aug 2022 04:02:41 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/css
Via: 1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront)
Cache-Control: no-cache
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: 5f2RX6b-2_A_GJQ3xGIehVsIeqVo_HF7EVMSAXd49TZQW-PNPWK3jg==

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/ Frame B8EF 52 KB
24 KB 60ms
20ms Stylesheet
text/css 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9mcmF1ZC5uZXQ6NDQz&hl=de&v=mq0-U1BHZ5YTcoDC-CvsLPNc&size=invisible&badge=inline&cb=nfzp87z2vdeq

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 02:24:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5892
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24251
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 08:12:45 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 17 Aug 2023 02:24:29 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/ Frame B8EF 386 KB
154 KB 70ms
30ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5cde27396c8c483c599d4162e29f219dbad91728edacc8f91410cc818a91046b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 00:35:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12452
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 157356
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 08:12:45 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 17 Aug 2023 00:35:09 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
90 B 47ms
21ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=411617989444864&ev=PageView&dl=https%3A%2F%2Ffraud.net%2F&rl=&if=false&ts=1660708961842&cd[segment_eid]=6SMH2DHXINFNDD52UNEEKG&sw=1600&sh=1200&v=2.9.75&r=stable&ec=0&o=29&fbp=fb.1.1660708961510.1015918497&it=1660708960932&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 04:02:41 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 17 Aug 2022 04:02:41 GMT

GET
H2 200 Group-2858.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 235 KB
236 KB 21ms
21ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Group-2858.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

f557768dc0c8791b80b0d6415b9c5d292503431d5c48f155e23f335883c7fe4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 17 Aug 2022 04:02:41 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Fri, 03 Sep 2021 16:14:30 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Group-2858.png>; rel="canonical"
content-length: 241112
expires: Wed, 24 Aug 2022 04:02:41 GMT

GET
H2 200 optimonk.min.css
cdn-asset.optimonk.com/bundles/wseoptimonk/css/ 15 KB
3 KB 4344ms
129ms Stylesheet
text/css 143.244.60.109
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-asset.optimonk.com/bundles/wseoptimonk/css/optimonk.min.css?v=b2efbc5949

Requested by

Host: front.optimonk.com
URL: https://front.optimonk.com/load.esm/load.72e55f55.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

143.244.60.109 Chicago, United States, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

unn-143-244-60-109.datapacket.com

Software

BunnyCDN-IL-807 /

Resource Hash

7bc2093fddc50bfc2e60a164b34bff71975b3d3d467d8d6b657f4c6324b1a76a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 04:02:46 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 807
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-dns-prefetch-control: off
cdn-cachedat: 08/14/2022 15:01:41
cdn-pullzone: 580384
strict-transport-security: max-age=15552000; includeSubDomains
x-xss-protection: 1; mode=block
server: BunnyCDN-IL-807
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-proxyver: 1.02
cdn-requestpullcode: 200
x-frame-options: SAMEORIGIN
etag: W/"3c5f-+aJzZURpEvNsmjMFlnXjMeoe03w"
x-download-options: noopen
vary: Accept-Encoding, Accept-Encoding
content-type: text/css; charset=utf-8
cdn-cache: HIT
cdn-uid: 03887a3a-e2eb-4f9c-b547-bb29001e27f6
cache-control: public, max-age=2592000
cdn-requestid: 2def8a82546ce604626879ae02cfee0e
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 62f2b0b960ab400023076b7b.html Show response
cdn-renderer.optimonk.com/ssr/177110/ Frame A492 31 KB
5 KB 4345ms
132ms XHR
text/html 143.244.60.109
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-renderer.optimonk.com/ssr/177110/62f2b0b960ab400023076b7b.html?v=1660245683

Requested by

Host: front.optimonk.com
URL: https://front.optimonk.com/load.esm/load.72e55f55.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

143.244.60.109 Chicago, United States, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

unn-143-244-60-109.datapacket.com

Software

BunnyCDN-IL-807 /

Resource Hash

7abb0124102db457ae0532f28c0aac7bb4a3278566e9a14fa1e2fec99ff448dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 04:02:46 GMT
content-encoding: br
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-dns-prefetch-control: off
cdn-cachedat: 08/16/2022 21:37:03
cdn-pullzone: 736120
strict-transport-security: max-age=15552000; includeSubDomains
x-xss-protection: 0
server: BunnyCDN-IL-807
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-edgestorageid: 807
referrer-policy: no-referrer
cdn-proxyver: 1.02
cdn-requestpullcode: 200
x-frame-options: SAMEORIGIN
etag: W/"7a8e-OF6Nkl24KAf4h6Ng3DIwztS8FRg"
expect-ct: max-age=0
vary: Accept-Encoding
x-download-options: noopen
content-type: text/html; charset=utf-8
cdn-cache: HIT
cdn-uid: 03887a3a-e2eb-4f9c-b547-bb29001e27f6
cache-control: public, max-age=2592000
access-control-allow-credentials: true
cdn-requestid: d13cb689a8540f4cf2e33cb849bb1f15
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 Group-2854.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 265 KB
265 KB 22ms
21ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Group-2854.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

78cada0d0ef4f1560d0bf4022a53790fad68297d09099dbbb3628d8dc62c9275

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 17 Aug 2022 04:02:42 GMT
x-ac: 1.hhn _atomic_ams
last-modified: Fri, 03 Sep 2021 16:14:08 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Group-2854.png>; rel="canonical"
content-length: 271391
expires: Wed, 24 Aug 2022 04:02:42 GMT

GET
H/1.1 200
OK no_builder_customizations.json Show response
s.adroll.com/onsite_personalization/production/advertiser-personalizations/HVT2SOYWOBESJB535C7MUS/ 2 B
768 B 32ms
32ms XHR
binary/octet-stream 2600:9000:225e:e200:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/onsite_personalization/production/advertiser-personalizations/HVT2SOYWOBESJB535C7MUS/no_builder_customizations.json
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/onsite_personalization/production/0.1/static/js/main.39c29e42.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:e200:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

X-Amz-Version-Id: Qq4r8F1tiHtgStZBEhtkqfS84yGuBoes
Via: 1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
Etag: "99914b932bd37a50b983c5e7c90ae93b"
X-Amz-Cf-Pop: FRA60-P4
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Access-Control-Max-Age: 600
Connection: keep-alive
Content-Length: 2
Last-Modified: Tue, 07 Sep 2021 06:39:56 GMT
Server: AmazonS3
Date: Wed, 17 Aug 2022 04:02:42 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: wXSaRsSue3r14_Xs-bxbESz0b4HmRrEeLCX5JkSjyqxmXvbJ_w-pow==

GET
H/1.1 200
OK config.json Show response
s.adroll.com/onsite_personalization/production/advertiser-personalizations/HVT2SOYWOBESJB535C7MUS/ 2 KB
2 KB 4660ms
4627ms XHR
binary/octet-stream 2600:9000:225e:e200:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/onsite_personalization/production/advertiser-personalizations/HVT2SOYWOBESJB535C7MUS/config.json
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/onsite_personalization/production/0.1/static/js/main.39c29e42.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:e200:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0b7cc6c8b7fefd78a6ae414419fedf7a729897da31dd6a95d350d3cd5633005c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

X-Amz-Version-Id: gdsCJ91e36preZqcIA6RaB5svplwGuhr
Via: 1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
Etag: "04a72a37c10f648fb8263045b284cb6c"
X-Amz-Cf-Pop: FRA60-P4
X-Amz-Server-Side-Encryption: AES256
X-Cache: RefreshHit from cloudfront
Access-Control-Max-Age: 600
Connection: keep-alive
Content-Length: 1697
Last-Modified: Tue, 07 Sep 2021 06:39:56 GMT
Server: AmazonS3
Date: Wed, 17 Aug 2022 04:02:47 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: Po3YzpVnBTj-NIW9Wr_T46ZPp5-LuLr-wzP6JoGyjHUIR6vGq321Eg==

GET
H3 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
435 B 4048ms
4048ms Image
image/gif 2606:4700::6810:5905
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5905 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 04:02:42 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
x-hubspot-correlation-id: cd0afdb1-d0f1-4ef0-ab23-fe9f7005de64
cf-ray: 73bf84051abc697f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35
server: cloudflare
x-trace: 2BBF12374AF112E85693205212DFC5FFAE78063FF4000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/gif
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none

GET
H3 200 webworker.js
www.google.com/recaptcha/enterprise/ Frame B8EF 102 B
134 B 4043ms
4043ms Other
text/javascript 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/webworker.js?hl=de&v=mq0-U1BHZ5YTcoDC-CvsLPNc

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

09e9f45fec1d72935da9e29cb86b70918771a22f1a30ab9d46a6c46ac17b8c26

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9mcmF1ZC5uZXQ6NDQz&hl=de&v=mq0-U1BHZ5YTcoDC-CvsLPNc&size=invisible&badge=inline&cb=nfzp87z2vdeq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 04:02:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Wed, 17 Aug 2022 04:02:42 GMT

POST
H2 204 collect Show response
h.clarity.ms/ 0
172 B 4427ms
212ms XHR
text/plain 52.224.31.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://h.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus-c/s/0.6.39/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.224.31.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://fraud.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin: https://fraud.net
date: Wed, 17 Aug 2022 04:02:46 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 96AD 0
15 B 4028ms
4028ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://fraud.net
Referer: https://fraud.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://fraud.net
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Wed, 17 Aug 2022 04:02:46 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H3 200 bframe Show response
www.google.com/recaptcha/enterprise/ Frame 1969 7 KB
1 KB 3952ms
3951ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/bframe?hl=de&v=mq0-U1BHZ5YTcoDC-CvsLPNc&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7945295e2b03b709fd6de186d19585dd6556c9e6cd5515c67a0a375a6db0478e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-VEoOTk_2dRBiAyQJgNzg2g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fraud.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1116
content-security-policy: script-src 'report-sample' 'nonce-VEoOTk_2dRBiAyQJgNzg2g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 17 Aug 2022 04:02:46 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 204 collect Show response
h.clarity.ms/ 0
25 B 4420ms
531ms XHR
text/plain 52.224.31.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://h.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus-c/s/0.6.39/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.224.31.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://fraud.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin: https://fraud.net
date: Wed, 17 Aug 2022 04:02:46 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

GET
H2 200 Computer-Appstore-e1628881087778-uai-1032x638.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 191 KB
191 KB 32ms
21ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Computer-Appstore-e1628881087778-uai-1032x638.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

d34714f028b8a056625c6cc214a4a2456052e03cee9bac45c19b138f4560b368

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 17 Aug 2022 04:02:46 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Fri, 03 Dec 2021 13:48:14 GMT
server: nginx
strict-transport-security: max-age=15552000
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Computer-Appstore-e1628881087778-uai-1032x638.png>; rel="canonical"
content-length: 195680
expires: Wed, 24 Aug 2022 04:02:46 GMT

GET
H2 200 MicrosoftTeams-image-2-2.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 192 KB
192 KB 31ms
21ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/MicrosoftTeams-image-2-2.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

bde3b71f93b22cd94edb3a80c7ca8dc84e6e90f0609084d6254c7b82a1f59fb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 17 Aug 2022 04:02:46 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Fri, 03 Sep 2021 16:33:05 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/MicrosoftTeams-image-2-2.png>; rel="canonical"
content-length: 196542
expires: Wed, 24 Aug 2022 04:02:46 GMT

GET
H2 200 Group-2851@2x-uai-2064x645.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 500 KB
501 KB 30ms
21ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Group-2851@2x-uai-2064x645.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

c7d26650e92cefe3dca2d12dbc1524fbbed818e854aa3a18a7c74520873f8441

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 17 Aug 2022 04:02:46 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Fri, 03 Dec 2021 13:48:15 GMT
server: nginx
strict-transport-security: max-age=15552000
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Group-2851@2x-uai-2064x645.png>; rel="canonical"
content-length: 512361
expires: Wed, 24 Aug 2022 04:02:46 GMT

GET
H2 200 Group-2851.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 304 KB
305 KB 24ms
24ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Group-2851.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

2d94d3066a34b525976103a941c069e16f5ed11534466b0070d88f83a63c9ef7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 17 Aug 2022 04:02:46 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Fri, 03 Sep 2021 16:15:11 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Group-2851.png>; rel="canonical"
content-length: 311451
expires: Wed, 24 Aug 2022 04:02:46 GMT

POST
H2 200 / Show response
jfapiprod.optimonk.com/v2/ 26 B
196 B 204ms
156ms Fetch
application/json 34.117.177.207
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://jfapiprod.optimonk.com/v2/
Requested by: Host: gs-cdn.optimonk.com
URL: https://gs-cdn.optimonk.com/jfclientsdk/latest/jfclientsdk.min.js?ts=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.177.207 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 207.177.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 3e9b76cd18916b141392804403064f5b92bcbf054ca0b20036d44b04405fd854

Request headers

Referer: https://fraud.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 17 Aug 2022 04:02:46 GMT
via: 1.1 google
etag: W/"1a-oDk6RB3+SLV96sulj5WuSYroQto"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26
content-type: application/json; charset=utf-8

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/ Frame 1969 52 KB
24 KB 20ms
20ms Stylesheet
text/css 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/bframe?hl=de&v=mq0-U1BHZ5YTcoDC-CvsLPNc&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 02:24:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5897
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24251
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 08:12:45 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 17 Aug 2023 02:24:29 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/ Frame 1969 386 KB
154 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/bframe?hl=de&v=mq0-U1BHZ5YTcoDC-CvsLPNc&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5cde27396c8c483c599d4162e29f219dbad91728edacc8f91410cc818a91046b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 00:35:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12457
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 157356
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 08:12:45 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 17 Aug 2023 00:35:09 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/enterprise/ Frame 1969 38 KB
23 KB 57ms
57ms XHR
application/json 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/reload?k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

366fd9f44506a7288ce733303179150a1ac6b2838d27b94cb7f0094caabc8e2e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/enterprise/bframe?hl=de&v=mq0-U1BHZ5YTcoDC-CvsLPNc&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Wed, 17 Aug 2022 04:02:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23533
x-xss-protection: 1; mode=block
expires: Wed, 17 Aug 2022 04:02:46 GMT

GET
H2 200 Teaser.765bb78d.js Show response
front.optimonk.com/load.esm/ 3 KB
2 KB 24ms
24ms Script
application/javascript 167.99.251.246
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://front.optimonk.com/load.esm/Teaser.765bb78d.js

Requested by

Host: front.optimonk.com
URL: https://front.optimonk.com/load.esm/load.72e55f55.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

167.99.251.246 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

d4555c4f27e758749d0ae9eba2d5bd6bfce212a45d83cd2b2fb17625db6c105b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fraud.net/
Origin: https://fraud.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 04:02:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
etag: W/"cb2-HUBQtTHu88g2V21Gu3Jx64hBvbc"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=604800
strict-transport-security: max-age=15552000; includeSubDomains
x-dns-prefetch-control: off
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H3 200 refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame 1969 600 B
624 B 21ms
20ms Image
image/png 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/refresh_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 09:45:36 GMT
x-content-type-options: nosniff
age: 584230
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 600
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Wed, 17 Aug 2022 09:45:36 GMT

GET
H3 200 audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame 1969 530 B
554 B 22ms
21ms Image
image/png 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/audio_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 21:24:07 GMT
x-content-type-options: nosniff
age: 110319
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 530
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Mon, 22 Aug 2022 21:24:07 GMT

GET
H3 200 info_2x.png
www.gstatic.com/recaptcha/api2/ Frame 1969 665 B
689 B 22ms
21ms Image
image/png 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/info_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 18:58:22 GMT
x-content-type-options: nosniff
age: 551064
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 665
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Wed, 17 Aug 2022 18:58:22 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1969 15 KB
15 KB 21ms
20ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 17:06:41 GMT
x-content-type-options: nosniff
age: 39365
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 16 Aug 2023 17:06:41 GMT

GET
H3 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1969 15 KB
15 KB 30ms
30ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 21:19:14 GMT
x-content-type-options: nosniff
age: 110612
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15340
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 15 Aug 2023 21:19:14 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1969 15 KB
15 KB 23ms
22ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 22:21:19 GMT
x-content-type-options: nosniff
age: 106887
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Aug 2023 22:21:19 GMT

GET
H3 200 payload
www.google.com/recaptcha/enterprise/ Frame 1969 27 KB
27 KB 40ms
40ms Image
image/jpeg 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/recaptcha/enterprise/payload?p=06ANYolqtYmP2YvOznvsw7x6xpheF8XvW_ta-6mH_EWD6faIu6KTY5OZXYXHJ8kp2RPwlUkxjYQNcoJGgRi7hJccm-1BxuTpuufXKJQAXLApO4Yx2NW-hphN_FO6u9eZBiQr4aP7vr1_AWivHgsCPAU3dNePRjVz9ynL7Sb0cbBS_iOggVz9lQeoq5OfL-UC7m8N41m5pWs7SiiIumA2YHeLngRq9HVDvRTA&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0703ef4d375678479a78546fe452449015ebe54242902618b0dffc22b7a9c2cd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/enterprise/bframe?hl=de&v=mq0-U1BHZ5YTcoDC-CvsLPNc&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 04:02:46 GMT
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: private, max-age=30
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27489
x-xss-protection: 1; mode=block
expires: Wed, 17 Aug 2022 04:02:46 GMT

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
552 B 186ms
141ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=e7da54a7-2f38-4f6a-9f57-178fe485ef3c&fci=aa19dd55-2667-4422-bc6e-6ece2462cbcc&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=51757497&v=1.1&a=2113031&rcu=https%3A%2F%2Ffraud.net%2F&pu=https%3A%2F%2Ffraud.net%2F&t=Fraud.net+%7C+AI+Fraud+Detection+and+Prevention+for+Enterprises&cts=1660708966607&vi=ecbcc088e5be55d62b4fca3d0f095a35&nc=true&u=57037109.ecbcc088e5be55d62b4fca3d0f095a35.1660708966601.1660708966601.1660708966601.1&b=57037109.1.1660708966601&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 04:02:46 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 9e2d4147-c7db-410e-b980-b535a9658f4d
cf-ray: 73bf8421adcf8ffa-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ihsc92YF0i7LMDi1jXbH7msIB6a2%2BJ7WvqrMMJslX789zgCuf5TjYbn7998goEgH4g4085qg4onqfHRdRs944UUcOiATG7OFgI%2FDPMtOyK3hGFnaxEOzkeKEOBv%2Bh0RsUCT2pj4XqaxgVEvPalbH"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
966 B 185ms
140ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=51757497&v=1.1&a=2113031&rcu=https%3A%2F%2Ffraud.net%2F&pu=https%3A%2F%2Ffraud.net%2F&t=Fraud.net+%7C+AI+Fraud+Detection+and+Prevention+for+Enterprises&cts=1660708966608&vi=ecbcc088e5be55d62b4fca3d0f095a35&nc=true&u=57037109.ecbcc088e5be55d62b4fca3d0f095a35.1660708966601.1660708966601.1660708966601.1&b=57037109.1.1660708966601&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 04:02:46 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 7c700298-2e7e-4912-acd2-db4cd63ca444
cf-ray: 73bf8421add18ffa-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xmRztU0OSq%2Bd0ZV0NbPi0HOuFYyyAjLkSKwBbqkuvFXiLCBzuI%2Fa9y7UmyQMnXfz1enB4Dflb%2FgzoQjmWj1y%2FbhMtDdV5T4hIxswYrqJQx8KpjJCDYFA4kTV8iPGkYmN3slcNG%2B4oPe3wZrTPk5L"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=B2A1FE66F3D84361B129A53BD90A0D39&RedC=c.clarity.ms&MXFR=2457AE193B766B97306BBC1A3F7665FB
https://c.clarity.ms/c.gif?CtsSyncId=B2A1FE66F3D84361B129A53BD90A0D39&MUID=151F3D787F726C6018E52F7B7E196D4F

42 B
369 B

43ms
43ms

Image
image/gif

20.234.93.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=B2A1FE66F3D84361B129A53BD90A0D39&MUID=151F3D787F726C6018E52F7B7E196D4F
Protocol: H2
Server: 20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Aug 2022 04:02:45 GMT
last-modified: Thu, 28 Jul 2022 20:41:52 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "82531c78c2a2d81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Wed, 17 Aug 2022 04:02:46 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8333220D3CF14245B69B59153919960E Ref B: FRAEDGE1515 Ref C: 2022-08-17T04:02:46Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=B2A1FE66F3D84361B129A53BD90A0D39&MUID=151F3D787F726C6018E52F7B7E196D4F
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H3 200 json Show response
forms.hubspot.com/lead-flows-config/v1/config/ 212 B
1 KB 185ms
159ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=2113031&utk=ecbcc088e5be55d62b4fca3d0f095a35&__hstc=57037109.ecbcc088e5be55d62b4fca3d0f095a35.1660708966601.1660708966601.1660708966601.1&__hssc=57037109.1.1660708966601&currentUrl=https%3A%2F%2Ffraud.net%2F

Requested by

Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

27b17912f26a835905e48a68a6e31bf38fd010393ac25c9c96f5a6833ffd1034

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 04:02:46 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 82523b2c-17b0-4e58-86dc-6224e9f09151
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-robots-tag: none
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o7gTO9z0F9h4XLxAD2PogouZi8KNvEf1wd0n5UlsbrBCxoh%2FMe7w8Tp92P5P%2FoqrC8rlcI4lROHqBtAa1t8vu9q10xndJg84XEghAUFA5vwYcrW69qh3Lw6X2OImX5rHRZ0LcbIveO5aCAPcfo31"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://fraud.net
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
cf-ray: 73bf842198cbbbeb-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent

POST
H2 204 collect Show response
h.clarity.ms/ 0
48 B 173ms
172ms XHR
text/plain 52.224.31.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://h.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus-c/s/0.6.39/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.224.31.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://fraud.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin: https://fraud.net
date: Wed, 17 Aug 2022 04:02:48 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

Verdicts & Comments Add Verdict or Comment

246 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

70 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 09:37:40	Name: _GRECAPTCHA Value: 09AMjm62X5JjukGtomGYj7tJPoFAEML8Zv9UCSy2_FC-qe4I2Rh5jO0TIdTBiQUmpa1JTrXspCI6UL-DkeTk76kCI
fraudnet.tellwise.com/	1969-12-31 23:59:59	Name: ss-id Value: ziYukHBwjp5ynGJH6Kgn
fraudnet.tellwise.com/	1970-01-20 14:54:28	Name: ss-pid Value: 2JNvxcpsyJ5sZHlS3owU
fraud.net/	1970-01-20 14:04:04	Name: uncode_privacy[consent_types] Value: %5B%5D
.vimeo.com/	1970-01-20 05:18:30	Name: __cf_bm Value: E1th8HWQfkXXeszSy81kmvyebN.TyoGpUipppnJ3FNk-1660708960-0-Ab/qGGucX8NzqDGInt6/e5bO7IvMocz4lIbhfU49GK4wSf8iqb7W/xxff83y8rUjyX8TO4BPzdn6xWmNNSRuypk=
.fraud.net/	1970-01-20 07:28:04	Name: _gcl_au Value: 1.1.1609630672.1660708960
.bing.com/	1970-01-20 14:40:04	Name: MUID Value: 151F3D787F726C6018E52F7B7E196D4F
.ws.zoominfo.com/	1970-01-20 14:04:04	Name: visitorId Value: 1b87f4263451535d0b245f25812af4453c5d66d42f5735ca5d8fdb84f9225bf6
.zoominfo.com/	1970-01-20 05:18:30	Name: __cf_bm Value: V3WkwjDiGjmqgH.U57T7lBRca8foGK3ArO3.AzP8CUM-1660708960-0-AV1pcVrr219Os+LHmbqfg4B/VmDY3lBQvNF1R0gVO61NbCBY+mb3hdVtE7+O7JNutcyu+P3ZpqXO71j6ZW9ZDGY=
.fraud.net/	1970-01-20 05:19:55	Name: _uetsid Value: 7074b9001de111ed9609876081cef2f8
.fraud.net/	1970-01-20 14:40:04	Name: _uetvid Value: 7074f8601de111eda3b4452bb9be0901
.vimeo.com/	1970-01-20 14:54:28	Name: vuid Value: pl1711507523.469388878
fraud.net/	1970-01-20 05:18:30	Name: _sp_ses.c750 Value: *
fraud.net/	1970-01-20 14:54:28	Name: _sp_id.c750 Value: f068f2c4-143d-496c-b831-2dcd11dd0a73.1660708961.1.1660708961.1660708961.7fe1c780-9b52-47bf-8a54-8a2b3ad0780d
.linkedin.com/	1970-01-20 06:01:40	Name: UserMatchHistory Value: AQIZC0Rq-JMvawAAAYKp97skOdki2yaedZ5S5Q2f2Mg4EjJODWuUz9HJ-BGoVXAJl_UwBmqiioELeQ
.linkedin.com/	1970-01-20 06:01:40	Name: AnalyticsSyncHistory Value: AQL_y5ErNixb3gAAAYKp97sldwTPfBODrNSmOwQ8yVCFRQFVHM59wbl1JgHlZEuTSkWJErLHzo089rSJKurWCw
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 14:04:04	Name: bcookie Value: "v=2&4572bbb6-9bf6-4acb-8941-9c78b831d470"
.linkedin.com/	1970-01-20 05:19:55	Name: lidc Value: "b=TGST07:s=T:r=T:a=T:p=T:g=2411:u=1:x=1:i=1660708961:t=1660795361:v=2:sig=AQExB7vt_mzWSUR-uUhJYvIhBc0070jj"
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 14:04:04	Name: bscookie Value: "v=1&20220817040241769b64d3-ff7b-4543-8ac8-0a65198ef226AQGsEYNdzgbn_Qr9cY5WUsyHc5BWr_YB"
.linkedin.com/	1970-01-20 09:37:40	Name: li_gc Value: MTswOzE2NjA3MDg5NjE7MjswMjEoxyE8f7DOtC9PS2IFcQzBtCmwzjU8qkkWkm67i1M/sA==
.fraud.net/	1970-01-20 14:54:28	Name: _ga Value: GA1.2.2095451449.1660708961
.fraud.net/	1970-01-20 05:19:55	Name: _gid Value: GA1.2.902694606.1660708961
.fraud.net/	1970-01-20 05:18:29	Name: _gat_UA-35675858-1 Value: 1
.fraud.net/	1970-01-20 07:28:04	Name: _fbp Value: fb.1.1660708961510.1015918497
fraud.net/	1970-01-20 05:18:32	Name: _gauges_unique_hour Value: 1
fraud.net/	1970-01-20 05:19:55	Name: _gauges_unique_day Value: 1
fraud.net/	1970-01-20 06:03:07	Name: _gauges_unique_month Value: 1
fraud.net/	1970-01-20 14:04:04	Name: _gauges_unique_year Value: 1
fraud.net/	1970-01-20 14:04:04	Name: _gauges_unique Value: 1
.fraud.net/	1970-01-20 14:04:26	Name: __adroll_fpc Value: 9284a370f31389a828cd589c2c97a878-1660708961616
.fraud.net/	1970-01-20 14:04:04	Name: _hjSessionUser_2001329 Value: eyJpZCI6IjI5NjcyZjc1LTM0N2YtNWU1Mi1iN2ViLWEzMjUwZGUzY2E1YiIsImNyZWF0ZWQiOjE2NjA3MDg5NjE0NzYsImV4aXN0aW5nIjpmYWxzZX0=
.fraud.net/	1970-01-20 05:18:30	Name: _hjFirstSeen Value: 1
fraud.net/	1970-01-20 05:18:29	Name: _hjIncludedInSessionSample Value: 0
.fraud.net/	1970-01-20 05:18:30	Name: _hjSession_2001329 Value: eyJpZCI6IjRjYzAzMTZhLWI3ZWQtNDY1Ny05NGY2LWFmNTAzMGQzM2Y3ZSIsImNyZWF0ZWQiOjE2NjA3MDg5NjE2MjMsImluU2FtcGxlIjpmYWxzZX0=
fraud.net/	1970-01-20 05:18:29	Name: _hjIncludedInPageviewSample Value: 1
.fraud.net/	1970-01-20 05:18:30	Name: _hjAbsoluteSessionInProgress Value: 0
fraud.net/	1970-01-20 14:04:04	Name: optiMonkClientId Value: ce627363-7460-df97-7621-a49fc575319d
.fraud.net/	1970-01-20 14:04:04	Name: sp Value: 8a352c92-b568-4f9e-b5ac-e44000fd16f0
fraud.net/	1970-01-20 14:04:04	Name: optiMonkClient Value: N4IgjA7BZgDCAuUBjAho0AODJXIC6KwA0uADmUacgE6IgBsATAGZMBGs7AnA7KuwAssEUwDMsCA3YR2IUgDsA9gBMiAX3WkWAN0RgGfCLEy8wpADZ6EBoybOKlZa2E1A
www.clarity.ms/	1970-01-20 14:04:04	Name: CLID Value: 7f1dd16563d4467e9a4e77d0ffc63ef1.20220817.20230817
.fraud.net/	1970-01-20 14:04:04	Name: __ar_v4 Value: %7CHVT2SOYWOBESJB535C7MUS%3A20220816%3A1%7CML43PNVWLZH6BAVX2UYHRM%3A20220816%3A1%7C6SMH2DHXINFNDD52UNEEKG%3A20220816%3A1
fraud.net/	1969-12-31 23:59:59	Name: optiMonkSession Value: 1660708961
.fraud.net/	1970-01-20 14:04:04	Name: _clck Value: 2vo2ys\|1\|f43\|0
.casalemedia.com/	1970-01-20 14:04:04	Name: CMID Value: YvxoYTSd-Igu-8es0ip2lwAA
.casalemedia.com/	1970-01-20 07:28:04	Name: CMPS Value: 1170
.casalemedia.com/	1970-01-20 07:28:04	Name: CMPRO Value: 1170
.pubmatic.com/	1970-01-20 07:28:04	Name: KRTBCOOKIE_10 Value: 22808-ODI2YmI3ZmU5MjUwYzZiZWZjZGExMWMwM2NiYWU4ZjA&KRTB&22883-ODI2YmI3ZmU5MjUwYzZiZWZjZGExMWMwM2NiYWU4ZjA
.pubmatic.com/	1970-01-20 06:01:40	Name: PugT Value: 1660708962
.casalemedia.com/	1970-01-20 07:28:04	Name: CMTS Value: 1137
.doubleclick.net/	1970-01-20 14:40:04	Name: IDE Value: AHWqTUnZvFJXXTzOg3Bae-B8TB6Tk9DWoQtTpqwMqc5NCeCZht9odFcYGjN9ApQMwx0
.adnxs.com/	1970-01-20 07:28:04	Name: uuid2 Value: 6007279350515158428
.adnxs.com/	1970-01-20 07:28:04	Name: anj Value: dTM7k!M4/rD>6NRF']wIg2E>6nX)Ws!]tbPl@/@8$-^=$Uf]^jZgv!0ZkB`V[5]b=FV./l@.b-W@-$9vGTCb>Hs6)9C^6ms[FxWYZS5H.2hK>3If)y3KL9D3I?dYeC[B
d.adroll.com/	1970-01-20 14:47:16	Name: __adroll Value: 826bb7fe9250c6befcda11c03cbae8f0-g_1660708966-a_1660708961
.adroll.com/	1970-01-20 14:47:16	Name: __adroll_shared Value: 826bb7fe9250c6befcda11c03cbae8f0-g_1660708966-a_1660708961
.outbrain.com/	1970-01-20 07:28:04	Name: obuid Value: 5381666e-8c41-44fa-9c05-a7bf10c08a7e
.bidswitch.net/	1970-01-20 14:04:04	Name: tuuid Value: 86aa9763-70f8-4206-85bf-2518e620f9d3
.bidswitch.net/	1970-01-20 14:04:04	Name: c Value: 1660708966
.bidswitch.net/	1970-01-20 14:04:04	Name: tuuid_lu Value: 1660708966
.fraud.net/	1970-01-20 09:37:40	Name: __hstc Value: 57037109.ecbcc088e5be55d62b4fca3d0f095a35.1660708966601.1660708966601.1660708966601.1
.fraud.net/	1970-01-20 09:37:40	Name: hubspotutk Value: ecbcc088e5be55d62b4fca3d0f095a35
.fraud.net/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.fraud.net/	1970-01-20 05:18:30	Name: __hssc Value: 57037109.1.1660708966601
.fraud.net/	1970-01-20 05:19:55	Name: _clsk Value: o3ju1r\|1660708966615\|1\|1\|h.clarity.ms/collect
.c.bing.com/	1970-01-20 14:40:04	Name: SRM_B Value: 151F3D787F726C6018E52F7B7E196D4F
.hubspot.com/	1970-01-20 05:18:30	Name: __cf_bm Value: 6WAnUFIHxlxtSMRuwYwko2HftcqAzwsoUO.dDmEXZzA-1660708966-0-AeekTLNWMJ+df1OPhKlUPrRoYX0jsRUtsoC7pZXMRm7NZcFFueYimC9n3uz079hsc4PFsa34juC8mF8cB72vZ1A=
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 14:40:04	Name: MUID Value: 151F3D787F726C6018E52F7B7E196D4F
.c.clarity.ms/	1970-01-20 05:18:29	Name: ANONCHK Value: 0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://fraud.net/(Line 348) Message: Allow attribute will take precedence over 'allowfullscreen'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

149360532.v2.pressablecdn.com
aorta.clickagy.com
app.convolo.ai
bat.bing.com
c.bing.com
c.clarity.ms
cdn-asset.optimonk.com
cdn-renderer.optimonk.com
cm.g.doubleclick.net
connect.facebook.net
d.adroll.com
device.fraud.net
dsum-sec.casalemedia.com
eb2.3lift.com
f.vimeocdn.com
fonts.gstatic.com
forms.hsforms.com
forms.hubspot.com
fraud.net
fraudnet.tellwise.com
fresnel.vimeocdn.com
front.optimonk.com
googleads.g.doubleclick.net
gs-cdn.optimonk.com
h.clarity.ms
i.vimeocdn.com
ib.adnxs.com
image2.pubmatic.com
in.hotjar.com
jfapiprod.optimonk.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hscollectedforms.net
js.hsforms.net
js.hsleadflows.net
media.fraud.net
perf.hsforms.com
pixel.rubiconproject.com
player.vimeo.com
px.ads.linkedin.com
px4.ads.linkedin.com
s.adroll.com
script.hotjar.com
secure.gaug.es
snap.licdn.com
stags.bluekai.com
static.hotjar.com
sync.outbrain.com
sync.taboola.com
track.hubspot.com
ups.analytics.yahoo.com
us-u.openx.net
vars.hotjar.com
vimeo.com
ws.zoominfo.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
x.bidswitch.net
104.111.215.191
104.18.19.126
13.107.42.14
13.224.189.10
13.224.189.42
13.225.78.14
134.122.57.141
141.226.228.48
142.250.181.226
142.250.184.194
143.244.60.109
162.159.128.61
162.159.138.60
167.99.251.246
18.66.112.78
185.64.190.80
185.89.210.46
192.0.77.39
199.16.173.27
199.232.18.109
20.234.93.27
2600:9000:225e:e200:6:9280:1080:93a1
2606:4700:4400::ac40:9421
2606:4700:4400::ac40:9a55
2606:4700::6810:5905
2606:4700::6810:a852
2606:4700::6811:43b0
2606:4700::6811:81ab
2606:4700::6811:b949
2606:4700::6811:d5cc
2606:4700::6811:eacc
2606:4700::6813:9a53
2606:4700::6813:9b53
2620:1ec:21::14
2620:1ec:27::cafe:1644
2620:1ec:c11::200
2a00:1450:4001:802::2003
2a00:1450:4001:806::2004
2a00:1450:4001:80e::2002
2a00:1450:4001:812::200e
2a00:1450:4001:813::2008
2a00:1450:4001:828::2003
2a02:26f0:3500:16::215:14a0
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.221.212.10
34.117.177.207
34.120.202.204
34.255.240.59
35.168.171.75
35.211.178.172
35.244.159.8
52.0.155.81
52.22.228.39
52.224.31.34
52.45.33.138
69.173.144.138
70.42.32.95
76.223.111.18
013146e63780a2ffbb256ddbd12639cbec6e681521c7ff9a8648aef2e240be2d
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0703ef4d375678479a78546fe452449015ebe54242902618b0dffc22b7a9c2cd
07db2104bff88b827b7d0dc6c06ec4b2d6fe59c2633680546dbddb3be400285f
08b9991355a59cbe731df122dbfc797164225298732e7e134da537f66f59ce21
09e9f45fec1d72935da9e29cb86b70918771a22f1a30ab9d46a6c46ac17b8c26
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b7cc6c8b7fefd78a6ae414419fedf7a729897da31dd6a95d350d3cd5633005c
0b94bede2650cab53ab4993aa247e12944317add295da23ac72894a20ec0b448
0e5cf82e4a17e79c80c6f17c3fff873756de944e1301fa01c1d03aba1e359669
0e900f777bb9ca536729d81c6528075fbc93fc32d66b6c96af1e603ade07487c
0f47efcf7e21734e231f323a3d1ecf00c24dee2268687a589042d8de82500dda
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11c85464e36a5a50ebea49c7f504ac09ff34c0aadfd64651cd38969b243be86e
14f0ea3269a0f3c1d42320426a7bd85b4b75e33424519be14cc2f91588a1456e
190cd3163a94f7669989c575433e11e7736b098f3fb43bee2b48c5f91da5c35b
1b63af7a02c46c6968431dcba892f98a347ad60453f3a6eb801528a1adaf32e8
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
1ea5240acc94d894c39db98a912bb6e5d95f74e455d2c5331b03de28368a4696
20428f93f2673efc5b14ddbb8488222dabf85da17bce338c6b791071f1cf597a
234d8bdcdbe8ad7ad55b9dc05062cbba29a8aad1cdae054ac36c77ac0ceca285
254eb6b34064b344d643ff7f75101721a3a536d9f77799558b160c2130f8e9a4
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
26b8796450829f024ec8c299aaa4d502d1521c7686d593229eaf45cb89fb911a
26bb3223df27d9b62025f9e527d9e348f73e77432560c04a1bfc45d449b61c4c
27b17912f26a835905e48a68a6e31bf38fd010393ac25c9c96f5a6833ffd1034
27bb1c46f69b49a4dceb4993432295bdea3769aae7a806b059add3b525def50d
2989d2b31a33f5d290eea039934266f9608d4de8badef286e6c83e824613c341
2d94d3066a34b525976103a941c069e16f5ed11534466b0070d88f83a63c9ef7
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
304adf5eb6dd395fd121fb062ffc6d507859591fdd6dbc792b2e1fe5145ab4b9
311155848f139434f381609d16d22263ee87846711e3d1969df1b28efc2918af
32c580e50f2df6739be4d12863694b740885c8aa6edbc80d87768f1af88f1005
3395548d12c45b3163fe2231ff03b0ced049771aeae73bacb45b2726e2f61010
366fd9f44506a7288ce733303179150a1ac6b2838d27b94cb7f0094caabc8e2e
395e0d795b0d7029e3d9826fc8405711b67e1beccbc565798a717bd36d958279
3ad37ad7e9114460877b15e6b010ec28893d002495190460e8762c11ec3e0257
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e6131330963c472b950b8aaf544ba3829735b8ccb103d614ba7793e3a786550
3e9b76cd18916b141392804403064f5b92bcbf054ca0b20036d44b04405fd854
3ecaf7a3e204b75b122c215abe539ee5e93a5e25fff818a5916760d6f03ea824
3effa5429ad880eda7a2f410aabc03355ab50bda56390019c0e4577f1b5a00da
40afae4487d00e3a8c80387f53bef652660d09d0233fe5c02d0ff524ba78c154
41b1c7d6af05be020550025a5e45f94ea6f122654d5c783ce4abddbf66197776
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
443ba0af7a7ed827223c7fb3c008c02b9ff1d651b6492e9c270378b07d9f6008
445d907172a2bf29b119fecb54a2c2cad1a2eda934f9c887e4c1c923789108d7
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
44d5486ab2f70ac86114bbe3ba75cca3ec5b407845f08215e0f7c8bf0c75c7a2
44d949ed99fb4895254e9b655291be8096ea66b282d5ab549062b908892f149a
465726c1fc7cd0e6ff5a19fdf03a20d95e13f8e5c255c157df0428e3370cfd99
4752d6ebb987080a0caca87a76e9e159836fc8b63214fa9bdb36a2c335c767c0
487edb5b8568e3b54881c2ba7f8b1295c78908f5c53dbe8ef8e6fc737f3e7ca4
48bc6b1a087c19973fa3e8cdc562aa528f36d19b0cc463c0dfb3d248dc3ee39a
49392984008451601dccb79bc1bb29c6430ee8a22999fc62fe801a64765e5351
4b3b00234df4da1f9594dd6d05252c7529bfb37548078fc9ecf41c1811df3711
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bffb0db717d36ea70b90a0d672647a3cc8797a93061be9b863d831fa93a9831
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e41610204ac609bd419f80a40413771b11df011863735a9bdd84f5d51c7c095
4f3d35c6c4f11dcb2d162feb950a605448fa97de5c9b8d58109ef52eb167d566
4ff1b9b91db584b19d20b4d02af9ff7673add161ce3f9ceae9391b3a84fddab1
501ab143a27f4ed4f4643992ba3bc5bd7195ee2a924bd535dcf3955d8a3b01b7
53327d1c55cd5f6aec4c686f3ba84c17c8fdcea1d62760bb61f3d45ef504566d
53980dec65aa0766875e758fdee2d1cacca5635158a40638afafde8bcb9c8e7e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
59b76a96d782cd0b78b23230e7c44d1773aa8166e3985c96affec9026437aec9
59c48654847cab7c894b4e49aed73de1a4141c27e501d72dd1117a356ef0f069
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5a8fec3c4a16262ecaa3bb9de610f13ba27c1ae1699af37faa43a6cd1ebcc52d
5cde27396c8c483c599d4162e29f219dbad91728edacc8f91410cc818a91046b
5d3a9547f3ac1a0f55d23965a04ce04c7abf2caa2cb7e0eb411002e672f1130b
5e0a88a680075dec852a87e3caa62bbb27bc77affb238de1778e1a8dca88e088
61e6bb7dc98f8adb836fc72a8fdd38c6cfb48a0e71d3c58ffc2943217764ef40
622f0c7e5a45a3acbec3e95c26851d305216d5bfb653a4736d524c7052ee8334
627518f1392c7e6896ea558f65692a231ba2514bc582906979bf92c3b6ac3842
62d89588588a8dfb2b6db5704f2ef856c5435ff2d32c4dda09cbf6a50eac0a5e
654325663f600c925cd64f27cbd3b104bfbd7c731b0f11389d83a3bc1ba40cd7
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d161e98e47ae150b51211443eef37040fb6269dcf85ad2048548066dca99e6f
708eda67c33efe4faab84ee6f81f69d28c38d7584c8716b2dc16a049d133c7bf
7093dde68531ffd1c144d2a49659581bd9682603d08896674bcddbe3d8a3dec3
70e1167580f8ff73e8b5b68d837e09a675216ab29f0bc81931b1ca8c8b0a9a58
71e71947e14e056db8dfe955894ca7ae88b0dbe55dad48c6b9270de946b2ecb8
725a72e4c7e67bec83f0504963f37d2d0ca9bb7869b6da94749a812c04a23c42
78cada0d0ef4f1560d0bf4022a53790fad68297d09099dbbb3628d8dc62c9275
7945295e2b03b709fd6de186d19585dd6556c9e6cd5515c67a0a375a6db0478e
7a5b0199c6fb4de2cc1f6f1b1e69ed74fd456472c187b18e88804bae3f82dfc8
7abb0124102db457ae0532f28c0aac7bb4a3278566e9a14fa1e2fec99ff448dc
7bc2093fddc50bfc2e60a164b34bff71975b3d3d467d8d6b657f4c6324b1a76a
7c6cd85ee4d226f9ccf8d165ec9d44bbed7b3872a007c95567639345f0d511dc
7d2a4231aa46e69d74fb35ee1728effcc4cbaf4e033b266c5762a73c4dc1636b
8024acec341dcc8141dd3175d206cbb1c81d8141254363751ad0ab5f91af3e12
8250a1bc2682e8826ae3d7647ee94059def19643f0034144c9d8e18cf0629ed0
82a8e0e7680644103491c61687d900ccef00ffe78e3a29d9464ae7424069537b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85f0b9ca412b1b2c5ce84007871323a0d6f3e532e7b8a726026b458a1656c1df
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
8726fbb5c4e2bf86f89f28d16c5493387a186d95024f0e81b0547d1421807960
89192623f01907db9e2db2a307ae59c0dd5170e1cbbd1f7854e4b5485f24a530
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
8a5b549f97ff7e1523fed10f7de1b2bd371e1d07a9a5ffb748520609b348bb5d
8e80d936b0262843af36ac6addc5e4177c009d7df8f2c2346572f56c9b448475
8ec10bed3af6096be5743e3e5dce99ea22832a46b86f13e19e68966a52fe63b8
8f770ca748fdcecde5049fa6b6780bd8092ce089172d17e5e415349f01c237b0
90438997aa817bad94f49d367b04dbaaaa387493ef5a1f5b5d5f7b953b76c1ac
90949c6a5f0949e8f6931420f8523cb1c32ed3058e2e330710bfebd06e4122da
924573d57883f97e7634866b0c9156c27f5a4a6bf46c06031939ff0cac612e8b
925a31b46531c0d37d8dc5de183680ca11ba4e1bc842d98c8aff2e34fe3bc8ce
97894d5d517bdace45e5737e6288178fe70c289d2b8e326ac82f3fa88ec92c58
97f5bc236e0957f97b1cd816c850e067d38d794990644cf0100be692fe47f276
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a360fc3b255d7c649ffdd07ab330df23d0018ed8f71c4c619660f97bec81f0a
9be2d6412eae24dc1e616cc56dcdef97920513dff73c3136b1a808622989aeb0
9db9265f8119cc29e3011eb69fb5d9bfb6b2b715890351480ac0904059af7f02
9ff962fdd1bce968cb80b0fbc490d734c8183b952c03db1f6a3639a4a55d7c71
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4df654661d6a1770cd4d647cf1a16adc085a300d1e521e9bc9f2c133d4e22a5
a82fc6cdeed37975df9de2eb175b204a15a04b4d7d7ac579a2beb538d18bbca9
ab5512fdf7a0215065c5685399aeb89191d34c6ca1c87bb11bc5b74bda3034f6
ae0adb5e613ce8d3ee0b6ae2d50da24580f937cbfffa008ecf48ca7341e6f01b
af40864cb09a9463e558472afa4cb4d935d2bff2fad08e4db4cf33fcd5ccf9de
afb60239152b2ab1e5d44c2376662da21a98e3fe19cebdb891660bfa23bb3d4b
b056c4c9b626bc8df12280aa2126c54cb0c7c28938132848d462f7644375e478
b0c5713b0404676e491cdfba01ffd6aaf0dce9227bde577b4178afde264c9841
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b33deed37e74f16cf17b9164d63a89f7966b78e3ed76b2fdcf0248eb60f0b858
b4096271ec3d77e483fe55f2b473f7c37f849c2701c45f4d83685a5ef66c0f95
b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1
b5aae3b92b530b0b751a307b0205461da8993bf520abf775b206004e9cd10108
ba7b82d9d16ac950df1afaa1e10d1abcc431ec28da55a60c4fce1ff179cd1f43
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bde3b71f93b22cd94edb3a80c7ca8dc84e6e90f0609084d6254c7b82a1f59fb5
be5349d4081fecf915783ec56264da71a51dc0e8171fd4556d1c7ea43ba1ba30
c051b8b5eb2a0aef699780f15a449491868faa6f8b39b684b5ae8f64f345b94a
c7d26650e92cefe3dca2d12dbc1524fbbed818e854aa3a18a7c74520873f8441
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
ca8f4dbd438e1cd09c1cc3566b135ec77fc1a553c180057e5e71b832c50cb036
caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10
cdbf143856a375cc4f975c8cd17edc52f04ebf0952d96944bf027290fe9ad28e
d204f93733c912ed547bb2cb358c3eb14cdb8431717c100cfc272d141e889f08
d23369096b16514e42ec85aa9495bebeed9569aee7d01e2feb52c2fff4e626b1
d34714f028b8a056625c6cc214a4a2456052e03cee9bac45c19b138f4560b368
d4555c4f27e758749d0ae9eba2d5bd6bfce212a45d83cd2b2fb17625db6c105b
d7c47aad3758a6edf49d3743afe36facd814d753e50d2991d60c2d644990a44b
d8e8e121a8ec7359a4284eca6a2f38e711d7c8792436cc0da4dd30275cec0a6e
d917f30fbde14db0d04a5d354166e181e30a9096350b782bc4ebf192d7348070
d9a6f4a28cec3f1b3fe558597c156631fcb53a724367400d84b856347cf2fd0f
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
de599393ee2636d282e2724a638bd0bcb77bef4dad10207b5beb406df96e9847
def51ec9325e5b277921ce5e60f749a2efa12430fa2b8213e0c86d995e7083f7
df2698e6cf74ed890afa92da10051f880df2ce0b3257b73c5d9ae2f6bea82d3c
df9dc946e952b0593ded524e37c408a817724e3017c63d2c75566e10fac5ecdb
dfa7e58767024c50ef0fa632e01eba77015cbd603b0692ab483e8270c37b7745
e16e05db60d88b2b5e1866fddf94b16071ac8b61c5dd5028cf401d91f8d6f2c1
e2310cdd13a9432e8234e690dd787286e1daf5603559a8d4eab22d38d4085899
e2a15aea407608171d7de61ae39a04e98e57280800688cc05b54c82006d8cdb8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3dcd1c22c0109630f06bb782eddd1db4910dbedc483193a7276dcd07e6d4651
e83dc119745c93e5eb29ffac21b9809af235d091f3d55f909d4e74758a0cd090
e8598f014db2cb1ee468796657129c4d2319715d818ad6a0ea1049b7873b19fe
ea7f3980529b89910d44c60942deaeb876f8228cd7a71dbf768c72f382b54917
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f083096f236cb98c87af2abc70707aef6a74bb105074919b0bdc3aeec6964c1d
f09f0c1a5fd0d77e0994510c6da3333639007945db3179a304cf5406b991d016
f26b5633d0577a58588a9c912e7a04badd4df1667411df0266516dedb2a3b7e5
f557768dc0c8791b80b0d6415b9c5d292503431d5c48f155e23f335883c7fe4c
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f93c8551f65ba377f486fa012b49c4fdfbb3247cb0fa9aa1f7f084ea2cb36edf
faaf63b94b9756fc1891adaddce76acddd0be07b78a00c03ac6c60d6a577a684
fec978c0a4d98ce499aec165c8b4f638938b75782fc62d7ae3edd6a53f208a1f
fef32ae82d6491d9f226abb4babbc2e31abcff70ee4cb29ea2fbf91bd81ed402
ffb169c682184887e61fbb92375424273436b8638ffb1b98779b24842a72cdbf

fraud.net Open in urlscan Pro 199.16.173.27 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

200 Requests

92 %HTTPS

41 %IPv6

44 Domains

66 Subdomains

56 IPs

7 Countries

5341 kBTransfer

11463 kBSize

70 Cookies

5 Outgoing links

Page URL History

Redirected requests

200 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

fraud.net Open in urlscan Pro
199.16.173.27 Public Scan

Screenshot
Live screenshot

Full Image

200
Requests

92 %
HTTPS

41 %
IPv6

44
Domains

66
Subdomains

56
IPs

7
Countries

5341 kB
Transfer

11463 kB
Size

70
Cookies

200 HTTP transactions
4 data transactions