fraud.net Open in urlscan Pro
199.16.173.27  Public Scan

6 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://fraudnet.tellwise.com/rest/v1/url/redirect/eyJJZCI6MTA4NDUyNDE2Mzk3ODIyOCwiSW52aXRhdGlvbklkIjoxMTE3NDM5MjkzNDQ4NzQ5fQ HTTP 302
   http://fraud.net/ HTTP 301
   https://fraud.net/ Page URL
   

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 96

• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=186217&time=1661407912331&url=https%3A%2F%2Ffraud.net%2F HTTP 302
• https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D186217%26time%3D1661407912331%26url%3Dhttps%253A%252F%252Ffraud.net%252F%26liSync%3Dtrue HTTP 302
• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=186217&time=1661407912331&url=https%3A%2F%2Ffraud.net%2F&liSync=true HTTP 302
• https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=186217&time=1661407912331&url=https%3A%2F%2Ffraud.net%2F&liSync=true&e_ipv6=AQIw4zvWKovJ9AAAAYLToPBjU86lydKtnxolFVSZxlNRZHmRjjpCSZiMzYAwjDDo13Kreqg8

Request Chain 101

• https://s.adroll.com/j/exp/HVT2SOYWOBESJB535C7MUS/index.js HTTP 302
• https://s.adroll.com/j/exp/index.js

Request Chain 102

• https://s.adroll.com/j/pre/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM/fpconsent.js HTTP 302
• https://s.adroll.com/j/pre/index.js

Request Chain 118

• https://aorta.clickagy.com/pixel.gif?ch=278&cm=678a03a7664e090c105d8b2cb841d7fce4629060bb8ec4fffd017e52e7bbdeb1 HTTP 302
• https://sync.crwdcntrl.net/map/c=8545/tp=CKGY/tpid=c:d2c2385b65f3e3b5ecc387359ef54d12/gdpr=0/gdpr_consent=false/?https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D120%26cm%3D%24%7Bprofile_id%7D HTTP 302
• https://sync.crwdcntrl.net/map/ct=y/c=8545/tp=CKGY/tpid=c:d2c2385b65f3e3b5ecc387359ef54d12/gdpr=0/gdpr_consent=false/?https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D120%26cm%3D%24%7Bprofile_id%7D HTTP 302
• https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=120&cm= HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=clickagy&google_sc&google_cm&google_hm=YzpkMmMyMzg1YjY1ZjNlM2I1ZWNjMzg3MzU5ZWY1NGQxMg HTTP 302
• https://aorta.clickagy.com/pixel.gif?ch=8&cm=CAESEMW_MH72zpXhaN7V-_bUtFo&google_cver=1 HTTP 302
• https://sync.crwdcntrl.net/map/c=8545/tp=CKGY/tpid=c:d2c2385b65f3e3b5ecc387359ef54d12/gdpr=0/gdpr_consent=false/?https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D120%26cm%3D%24%7Bprofile_id%7D HTTP 302
• https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=120&cm= HTTP 302
• https://us-u.openx.net/w/1.0/cm?id=af408286-42f3-4d1c-bb48-10bd86dbcd66&r=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fch%3D4%26cm%3D%7BOPENX_ID%7D%26redir%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537073026%2526val%253D%257Bvisitor_id%257D

Request Chain 141

• https://d.adroll.com/pixel/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM?adroll_fpc=e1c4d0a54c94d6d983d00446970aa8bc-1661407913316&arrfrr=https%3A%2F%2Ffraud.net%2F&pv=55512049575.952545&cookie=&adroll_s_ref=&keyw= HTTP 302
• https://s.adroll.com/pixel/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM/6SMH2DHXINFNDD52UNEEKG.js

Request Chain 159

• https://d.adroll.com/cm/index/out?adroll_fpc=e1c4d0a54c94d6d983d00446970aa8bc-1661407913316&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=Njk2NDU3NmUyMjdlMjU1Mjk1ZTI0YjBlZmFmOTQ0NWQ&expiration=1692943916 HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=Njk2NDU3NmUyMjdlMjU1Mjk1ZTI0YjBlZmFmOTQ0NWQ&expiration=1692943916&C=1

Request Chain 160

• https://d.adroll.com/cm/n/out?adroll_fpc=e1c4d0a54c94d6d983d00446970aa8bc-1661407913316&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS HTTP 302
• https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=Njk2NDU3NmUyMjdlMjU1Mjk1ZTI0YjBlZmFmOTQ0NWQ&expires=365

Request Chain 161

• https://d.adroll.com/cm/outbrain/out?adroll_fpc=e1c4d0a54c94d6d983d00446970aa8bc-1661407913316&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS HTTP 302
• https://sync.outbrain.com/cookie-sync?p=adroll&uid=Njk2NDU3NmUyMjdlMjU1Mjk1ZTI0YjBlZmFmOTQ0NWQ

Request Chain 162

• https://d.adroll.com/cm/pubmatic/out?adroll_fpc=e1c4d0a54c94d6d983d00446970aa8bc-1661407913316&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS HTTP 302
• https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=Njk2NDU3NmUyMjdlMjU1Mjk1ZTI0YjBlZmFmOTQ0NWQ&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA

Request Chain 163

• https://d.adroll.com/cm/taboola/out?adroll_fpc=e1c4d0a54c94d6d983d00446970aa8bc-1661407913316&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS HTTP 302
• https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=Njk2NDU3NmUyMjdlMjU1Mjk1ZTI0YjBlZmFmOTQ0NWQ

Request Chain 164

• https://d.adroll.com/cm/triplelift/out?adroll_fpc=e1c4d0a54c94d6d983d00446970aa8bc-1661407913316&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS HTTP 302
• https://eb2.3lift.com/xuid?mid=4714&xuid=Njk2NDU3NmUyMjdlMjU1Mjk1ZTI0YjBlZmFmOTQ0NWQ&dongle=c85e

Request Chain 165

• https://d.adroll.com/cm/r/out?adroll_fpc=e1c4d0a54c94d6d983d00446970aa8bc-1661407913316&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS HTTP 302
• https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=Njk2NDU3NmUyMjdlMjU1Mjk1ZTI0YjBlZmFmOTQ0NWQ&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Request Chain 166

• https://d.adroll.com/cm/b/out?adroll_fpc=e1c4d0a54c94d6d983d00446970aa8bc-1661407913316&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS HTTP 302
• https://x.bidswitch.net/sync?dsp_id=44&user_id=Njk2NDU3NmUyMjdlMjU1Mjk1ZTI0YjBlZmFmOTQ0NWQ HTTP 302
• https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=Njk2NDU3NmUyMjdlMjU1Mjk1ZTI0YjBlZmFmOTQ0NWQ

Request Chain 167

• https://d.adroll.com/cm/x/out?adroll_fpc=e1c4d0a54c94d6d983d00446970aa8bc-1661407913316&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS HTTP 302
• https://ib.adnxs.com/setuid?entity=172&code=Njk2NDU3NmUyMjdlMjU1Mjk1ZTI0YjBlZmFmOTQ0NWQ HTTP 307
• https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DNjk2NDU3NmUyMjdlMjU1Mjk1ZTI0YjBlZmFmOTQ0NWQ

Request Chain 169

• https://d.adroll.com/cm/o/out?adroll_fpc=e1c4d0a54c94d6d983d00446970aa8bc-1661407913316&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS HTTP 302
• https://us-u.openx.net/w/1.0/sd?id=537103138&val=6964576e227e255295e24b0efaf9445d&gdpr=1&gdpr_consent=

Request Chain 170

• https://d.adroll.com/cm/g/out?adroll_fpc=e1c4d0a54c94d6d983d00446970aa8bc-1661407913316&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS&google_nid=adroll5 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=aWRXbiJ-JVKV4ksO-vlEXQ HTTP 302
• https://d.adroll.com/cm/g/in

Request Chain 194

• https://c.clarity.ms/c.gif HTTP 302
• https://c.bing.com/c.gif?CtsSyncId=307CA1BCA0FB49A981C460FDF16DC2A3&RedC=c.clarity.ms&MXFR=1ACCA88EF9AD6B5A27D1BA85FDAD654A HTTP 302
• https://c.clarity.ms/c.gif?CtsSyncId=307CA1BCA0FB49A981C460FDF16DC2A3&MUID=1C2301AC7C916B8C194B13A77DE06A61

206 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
4 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response fraud.net/ Redirect Chain https://fraudnet.tellwise.com/rest/v1/url/redirect/eyJJZCI6MTA4NDUyNDE2Mzk3ODIyOCwiSW52aXRhdGlvbklkIjoxMTE3NDM5MjkzNDQ4NzQ5fQ http://fraud.net/ https://fraud.net/	155 KB 25 KB	1168ms 1146ms	Document text/html	199.16.173.27 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://fraud.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 199.16.173.27 , United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash e876aa9b6e24a210f60fbed9875e6279f462acc24490691f978a947b06e44244 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-credentials false content-encoding br content-type text/html; charset=UTF-8 date Thu, 25 Aug 2022 06:11:54 GMT host-header Pressable link <https://fraud.net/wp-json/>; rel="https://api.w.org/" <https://fraud.net/wp-json/wp/v2/pages/89913>; rel="alternate"; type="application/json" <https://fraud.net/>; rel=shortlink referrer-policy no-referrer-when-downgrade server nginx strict-transport-security max-age=31536000 vary Accept-Encoding Cookie x-ac 2.hhn _atomic_ams x-frame-options SAMEORIGIN x-xss-protection 1; mode=block Redirect headers Connection keep-alive Content-Length 162 Content-Type text/html Date Thu, 25 Aug 2022 06:11:53 GMT Location https://fraud.net/ Server nginx X-ac 1.hhn _atomic_ams
GET H2	200	1661264084-cssff82264811ee29f5a4261ccae8ec30b852a82d9850cd07102d9d31abadbf4.css fraud.net/wp-content/cache/fvm/min/	87 KB 12 KB	123ms 113ms	Stylesheet text/css	199.16.173.27 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://fraud.net/wp-content/cache/fvm/min/1661264084-cssff82264811ee29f5a4261ccae8ec30b852a82d9850cd07102d9d31abadbf4.css Requested by Host: fraud.net URL: https://fraud.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 199.16.173.27 , United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 8cd3d7cc62598ff22614f6f81f4f767b5dd14a391483229bee7e4f711e8ca24b Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding br last-modified Tue, 23 Aug 2022 14:15:06 GMT server nginx etag W/"6304e0ea-15bb9" vary Accept-Encoding access-control-allow-methods GET, HEAD content-type text/css access-control-allow-origin * cache-control max-age=604800 date Thu, 25 Aug 2022 06:11:54 GMT x-ac 2.hhn _atomic_ams expires Thu, 01 Sep 2022 06:11:54 GMT
GET H2	200	1661264084-css8c72dae05514e89988af6d08b5f840e573a18d8f01c21b798c83084958180.css fraud.net/wp-content/cache/fvm/min/	5 KB 658 B	121ms 109ms	Stylesheet text/css	199.16.173.27 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://fraud.net/wp-content/cache/fvm/min/1661264084-css8c72dae05514e89988af6d08b5f840e573a18d8f01c21b798c83084958180.css Requested by Host: fraud.net URL: https://fraud.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 199.16.173.27 , United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 9d34f8298081a69955b3ba36ea4d91830fe792c51176903d7264fde514110256 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding br last-modified Tue, 23 Aug 2022 14:15:06 GMT server nginx etag W/"6304e0ea-142d" vary Accept-Encoding access-control-allow-methods GET, HEAD content-type text/css access-control-allow-origin * cache-control max-age=604800 date Thu, 25 Aug 2022 06:11:54 GMT x-ac 2.hhn _atomic_ams expires Thu, 01 Sep 2022 06:11:54 GMT
GET H2	200	1661264084-css0cea05994268f5cf3a543462546f87bf1b2782e59a31f13d18645885a0da1.css fraud.net/wp-content/cache/fvm/min/	7 KB 1 KB	117ms 107ms	Stylesheet text/css	199.16.173.27 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://fraud.net/wp-content/cache/fvm/min/1661264084-css0cea05994268f5cf3a543462546f87bf1b2782e59a31f13d18645885a0da1.css Requested by Host: fraud.net URL: https://fraud.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 199.16.173.27 , United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 924573d57883f97e7634866b0c9156c27f5a4a6bf46c06031939ff0cac612e8b Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding br last-modified Tue, 23 Aug 2022 14:15:06 GMT server nginx etag W/"6304e0ea-1d02" vary Accept-Encoding access-control-allow-methods GET, HEAD content-type text/css access-control-allow-origin * cache-control max-age=604800 date Thu, 25 Aug 2022 06:11:54 GMT x-ac 2.hhn _atomic_ams expires Thu, 01 Sep 2022 06:11:54 GMT
GET H2	200	1661264084-cssd59be971c65a1a7689ac18d7faecdf8b5e4d49904b72ee94abf2dc8bdd075.css fraud.net/wp-content/cache/fvm/min/	7 KB 1017 B	118ms 108ms	Stylesheet text/css	199.16.173.27 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://fraud.net/wp-content/cache/fvm/min/1661264084-cssd59be971c65a1a7689ac18d7faecdf8b5e4d49904b72ee94abf2dc8bdd075.css Requested by Host: fraud.net URL: https://fraud.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 199.16.173.27 , United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 9ff962fdd1bce968cb80b0fbc490d734c8183b952c03db1f6a3639a4a55d7c71 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding br last-modified Tue, 23 Aug 2022 14:15:06 GMT server nginx etag W/"6304e0ea-1c98" vary Accept-Encoding access-control-allow-methods GET, HEAD content-type text/css access-control-allow-origin * cache-control max-age=604800 date Thu, 25 Aug 2022 06:11:54 GMT x-ac 2.hhn _atomic_ams expires Thu, 01 Sep 2022 06:11:54 GMT
GET H2	200	1661264084-csse4fc62df10e0eab8419c68deea7922c614466483a077098ed1e29b4e26d20.css fraud.net/wp-content/cache/fvm/min/	16 KB 3 KB	214ms 205ms	Stylesheet text/css	199.16.173.27 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://fraud.net/wp-content/cache/fvm/min/1661264084-csse4fc62df10e0eab8419c68deea7922c614466483a077098ed1e29b4e26d20.css Requested by Host: fraud.net URL: https://fraud.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 199.16.173.27 , United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 70e1167580f8ff73e8b5b68d837e09a675216ab29f0bc81931b1ca8c8b0a9a58 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding br last-modified Tue, 23 Aug 2022 14:15:06 GMT server nginx etag W/"6304e0ea-414f" vary Accept-Encoding access-control-allow-methods GET, HEAD content-type text/css access-control-allow-origin * cache-control max-age=604800 date Thu, 25 Aug 2022 06:11:54 GMT x-ac 2.hhn _atomic_ams expires Thu, 01 Sep 2022 06:11:54 GMT
GET H2	200	1661264084-css23b10c7e6f7a47ea03ba6b43a637a787fd9949302ababed4d102392f6c82d.css fraud.net/wp-content/cache/fvm/min/	4 KB 921 B	117ms 109ms	Stylesheet text/css	199.16.173.27 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://fraud.net/wp-content/cache/fvm/min/1661264084-css23b10c7e6f7a47ea03ba6b43a637a787fd9949302ababed4d102392f6c82d.css Requested by Host: fraud.net URL: https://fraud.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 199.16.173.27 , United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 3effa5429ad880eda7a2f410aabc03355ab50bda56390019c0e4577f1b5a00da Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding br last-modified Tue, 23 Aug 2022 14:15:06 GMT server nginx etag W/"6304e0ea-113c" vary Accept-Encoding access-control-allow-methods GET, HEAD content-type text/css access-control-allow-origin * cache-control max-age=604800 date Thu, 25 Aug 2022 06:11:54 GMT x-ac 2.hhn _atomic_ams expires Thu, 01 Sep 2022 06:11:54 GMT
GET H2	200	1661264084-css3faec774ec9f2a220435dd94f8ca21dd95601cf3de8594af4a65c204e457d.css fraud.net/wp-content/cache/fvm/min/	492 KB 70 KB	135ms 127ms	Stylesheet text/css	199.16.173.27 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://fraud.net/wp-content/cache/fvm/min/1661264084-css3faec774ec9f2a220435dd94f8ca21dd95601cf3de8594af4a65c204e457d.css Requested by Host: fraud.net URL: https://fraud.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 199.16.173.27 , United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 44d949ed99fb4895254e9b655291be8096ea66b282d5ab549062b908892f149a Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding br last-modified Tue, 23 Aug 2022 14:15:08 GMT server nginx etag W/"6304e0ec-7aeba" vary Accept-Encoding access-control-allow-methods GET, HEAD content-type text/css access-control-allow-origin * cache-control max-age=604800 date Thu, 25 Aug 2022 06:11:54 GMT x-ac 2.hhn _atomic_ams expires Thu, 01 Sep 2022 06:11:54 GMT
GET H2	200	1661264084-css3038bff3483d88b1e21cc21310a27b2153d5b8c53fedd9aeb7460d1fbd718.css fraud.net/wp-content/cache/fvm/min/	60 KB 12 KB	119ms 112ms	Stylesheet text/css	199.16.173.27 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://fraud.net/wp-content/cache/fvm/min/1661264084-css3038bff3483d88b1e21cc21310a27b2153d5b8c53fedd9aeb7460d1fbd718.css Requested by Host: fraud.net URL: https://fraud.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 199.16.173.27 , United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 53980dec65aa0766875e758fdee2d1cacca5635158a40638afafde8bcb9c8e7e Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding br last-modified Tue, 23 Aug 2022 14:15:08 GMT server nginx etag W/"6304e0ec-f0cf" vary Accept-Encoding access-control-allow-methods GET, HEAD content-type text/css access-control-allow-origin * cache-control max-age=604800 date Thu, 25 Aug 2022 06:11:54 GMT x-ac 2.hhn _atomic_ams expires Thu, 01 Sep 2022 06:11:54 GMT
GET H2	200	1661264084-css92059d3865e39cf335f76530b61fd438558e905633300c7187686d7981407.css fraud.net/wp-content/cache/fvm/min/	246 KB 24 KB	124ms 117ms	Stylesheet text/css	199.16.173.27 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://fraud.net/wp-content/cache/fvm/min/1661264084-css92059d3865e39cf335f76530b61fd438558e905633300c7187686d7981407.css Requested by Host: fraud.net URL: https://fraud.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 199.16.173.27 , United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash e2a15aea407608171d7de61ae39a04e98e57280800688cc05b54c82006d8cdb8 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding br last-modified Tue, 23 Aug 2022 14:15:09 GMT server nginx etag W/"6304e0ed-3d991" vary Accept-Encoding access-control-allow-methods GET, HEAD content-type text/css access-control-allow-origin * cache-control max-age=604800 date Thu, 25 Aug 2022 06:11:54 GMT x-ac 2.hhn _atomic_ams expires Thu, 01 Sep 2022 06:11:54 GMT
GET H2	200	1661264084-css9e78681b70099089665ad9bd57f6d63d65767f468a15cf1c7ee2ef0226f24.css fraud.net/wp-content/cache/fvm/min/	16 KB 5 KB	117ms 110ms	Stylesheet text/css	199.16.173.27 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://fraud.net/wp-content/cache/fvm/min/1661264084-css9e78681b70099089665ad9bd57f6d63d65767f468a15cf1c7ee2ef0226f24.css Requested by Host: fraud.net URL: https://fraud.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 199.16.173.27 , United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash fec978c0a4d98ce499aec165c8b4f638938b75782fc62d7ae3edd6a53f208a1f Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding br last-modified Tue, 23 Aug 2022 14:15:09 GMT server nginx etag W/"6304e0ed-4102" vary Accept-Encoding access-control-allow-methods GET, HEAD content-type text/css access-control-allow-origin * cache-control max-age=604800 date Thu, 25 Aug 2022 06:11:54 GMT x-ac 2.hhn _atomic_ams expires Thu, 01 Sep 2022 06:11:54 GMT
GET H2	200	jquery.min.js Show response 149360532.v2.pressablecdn.com/wp-includes/js/jquery/	87 KB 31 KB	35ms 6ms	Script application/javascript	192.0.77.39 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://149360532.v2.pressablecdn.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0 Requested by Host: fraud.net URL: https://fraud.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-nc HIT hhn 2 date Thu, 25 Aug 2022 06:11:54 GMT content-encoding br last-modified Wed, 10 Mar 2021 15:07:24 GMT server nginx vary Accept-Encoding content-type application/javascript cache-control max-age=315360000 x-ac 2.hhn _atomic_ams strict-transport-security max-age=15552000 link <http://fraud.net/wp-includes/js/jquery/jquery.min.js>; rel="canonical" expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	jquery-migrate.min.js Show response 149360532.v2.pressablecdn.com/wp-includes/js/jquery/	11 KB 4 KB	35ms 7ms	Script application/javascript	192.0.77.39 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://149360532.v2.pressablecdn.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 Requested by Host: fraud.net URL: https://fraud.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-nc HIT hhn 2 date Thu, 25 Aug 2022 06:11:54 GMT content-encoding br last-modified Wed, 18 Nov 2020 09:06:06 GMT server nginx vary Accept-Encoding content-type application/javascript cache-control max-age=315360000 x-ac 1.hhn _atomic_ams strict-transport-security max-age=15552000 link <http://fraud.net/wp-includes/js/jquery/jquery-migrate.min.js>; rel="canonical" expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	ai-uncode.min.js Show response fraud.net/wp-content/themes/uncode/library/js/	4 KB 1 KB	119ms 114ms	Script application/javascript	199.16.173.27 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://fraud.net/wp-content/themes/uncode/library/js/ai-uncode.min.js Requested by Host: fraud.net URL: https://fraud.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 199.16.173.27 , United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 254eb6b34064b344d643ff7f75101721a3a536d9f77799558b160c2130f8e9a4 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding br last-modified Mon, 28 Mar 2022 09:12:47 GMT server nginx etag W/"62417c0f-e27" vary Accept-Encoding access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * cache-control max-age=604800 date Thu, 25 Aug 2022 06:11:54 GMT x-ac 2.hhn _atomic_ams expires Thu, 01 Sep 2022 06:11:54 GMT
GET H2	200	init.min.js Show response 149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/	114 KB 25 KB	34ms 7ms	Script application/javascript	192.0.77.39 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/init.min.js Requested by Host: fraud.net URL: https://fraud.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash 4e41610204ac609bd419f80a40413771b11df011863735a9bdd84f5d51c7c095 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-nc HIT hhn 2 date Thu, 25 Aug 2022 06:11:54 GMT content-encoding br last-modified Mon, 28 Mar 2022 09:12:56 GMT server nginx vary Accept-Encoding access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * cache-control max-age=604800 x-ac 2.hhn _atomic_ams strict-transport-security max-age=15552000 link <http://fraud.net/wp-content/themes/uncode-for-fraud/library/js/init.min.js>; rel="canonical" expires Thu, 01 Sep 2022 06:11:54 GMT
GET H2	200	fnlogo-e1559250900846.png 149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2018/09/	5 KB 5 KB	24ms 15ms	Image image/png	192.0.77.39 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2018/09/fnlogo-e1559250900846.png Requested by Host: fraud.net URL: https://fraud.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash 9a360fc3b255d7c649ffdd07ab330df23d0018ed8f71c4c619660f97bec81f0a Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-nc HIT hhn 2 date Thu, 25 Aug 2022 06:11:55 GMT x-ac 1.hhn _atomic_ams last-modified Thu, 26 Sep 2019 10:46:54 GMT server nginx strict-transport-security max-age=15552000 access-control-allow-methods GET, HEAD content-type image/png access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes link <http://fraud.net/wp-content/uploads/sites/2/2018/09/fnlogo-e1559250900846.png>; rel="canonical" content-length 4859 expires Thu, 01 Sep 2022 06:11:55 GMT
GET H2	200	fnlogo-white.png 149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2018/09/	2 KB 2 KB	24ms 15ms	Image image/png	192.0.77.39 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2018/09/fnlogo-white.png Requested by Host: fraud.net URL: https://fraud.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash e2310cdd13a9432e8234e690dd787286e1daf5603559a8d4eab22d38d4085899 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-nc HIT hhn 2 date Thu, 25 Aug 2022 06:11:55 GMT x-ac 2.hhn _atomic_ams last-modified Thu, 26 Sep 2019 10:52:24 GMT server nginx strict-transport-security max-age=15552000 access-control-allow-methods GET, HEAD content-type image/png access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes link <http://fraud.net/wp-content/uploads/sites/2/2018/09/fnlogo-white.png>; rel="canonical" content-length 2249 expires Thu, 01 Sep 2022 06:11:55 GMT
GET H2	200	1280px-Gartner_logo.svg.png 149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/	3 KB 3 KB	24ms 15ms	Image image/png	192.0.77.39 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/1280px-Gartner_logo.svg.png Requested by Host: fraud.net URL: https://fraud.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash 89192623f01907db9e2db2a307ae59c0dd5170e1cbbd1f7854e4b5485f24a530 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-nc HIT hhn 2 date Thu, 25 Aug 2022 06:11:55 GMT x-ac 1.hhn _atomic_ams last-modified Fri, 03 Sep 2021 16:15:20 GMT server nginx strict-transport-security max-age=15552000 access-control-allow-methods GET, HEAD content-type image/png access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes link <http://fraud.net/wp-content/uploads/sites/2/2021/09/1280px-Gartner_logo.svg.png>; rel="canonical" content-length 2561 expires Thu, 01 Sep 2022 06:11:55 GMT
GET H2	200	Arvato_Logo_2016.png 149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/	4 KB 4 KB	24ms 16ms	Image image/png	192.0.77.39 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Arvato_Logo_2016.png Requested by Host: fraud.net URL: https://fraud.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash faaf63b94b9756fc1891adaddce76acddd0be07b78a00c03ac6c60d6a577a684 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-nc HIT hhn 2 date Thu, 25 Aug 2022 06:11:55 GMT x-ac 1.hhn _atomic_ams last-modified Fri, 03 Sep 2021 16:15:22 GMT server nginx strict-transport-security max-age=15552000 access-control-allow-methods GET, HEAD content-type image/png access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes link <http://fraud.net/wp-content/uploads/sites/2/2021/09/Arvato_Logo_2016.png>; rel="canonical" content-length 3779 expires Thu, 01 Sep 2022 06:11:55 GMT
GET H2	200	download-uai-258x74.jpeg 149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/	8 KB 8 KB	25ms 16ms	Image image/jpeg	192.0.77.39 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/download-uai-258x74.jpeg Requested by Host: fraud.net URL: https://fraud.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash 654325663f600c925cd64f27cbd3b104bfbd7c731b0f11389d83a3bc1ba40cd7 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-nc HIT hhn 2 date Thu, 25 Aug 2022 06:11:55 GMT x-ac 1.hhn _atomic_ams last-modified Fri, 03 Dec 2021 13:09:11 GMT server nginx strict-transport-security max-age=15552000 content-type image/jpeg cache-control max-age=604800 accept-ranges bytes link <http://fraud.net/wp-content/uploads/sites/2/2021/09/download-uai-258x74.jpeg>; rel="canonical" content-length 8164 expires Thu, 01 Sep 2022 06:11:55 GMT
GET H2	200	icba-logo-blue-uai-258x116.png 149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/	7 KB 7 KB	25ms 16ms	Image image/png	192.0.77.39 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/icba-logo-blue-uai-258x116.png Requested by Host: fraud.net URL: https://fraud.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash 44d5486ab2f70ac86114bbe3ba75cca3ec5b407845f08215e0f7c8bf0c75c7a2 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-nc HIT hhn 2 date Thu, 25 Aug 2022 06:11:55 GMT x-ac 1.hhn _atomic_ams last-modified Fri, 03 Dec 2021 13:09:11 GMT server nginx strict-transport-security max-age=15552000 content-type image/png cache-control max-age=604800 accept-ranges bytes link <http://fraud.net/wp-content/uploads/sites/2/2021/09/icba-logo-blue-uai-258x116.png>; rel="canonical" content-length 7262 expires Thu, 01 Sep 2022 06:11:55 GMT
GET H2	200	1200px-AmazonWebservices_Logo.svg.png 149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/	4 KB 4 KB	25ms 17ms	Image image/png	192.0.77.39 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/1200px-AmazonWebservices_Logo.svg.png Requested by Host: fraud.net URL: https://fraud.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash 4bffb0db717d36ea70b90a0d672647a3cc8797a93061be9b863d831fa93a9831 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-nc HIT hhn 2 date Thu, 25 Aug 2022 06:11:55 GMT x-ac 2.hhn _atomic_ams last-modified Fri, 03 Sep 2021 16:15:29 GMT server nginx strict-transport-security max-age=15552000 access-control-allow-methods GET, HEAD content-type image/png access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes link <http://fraud.net/wp-content/uploads/sites/2/2021/09/1200px-AmazonWebservices_Logo.svg.png>; rel="canonical" content-length 4152 expires Thu, 01 Sep 2022 06:11:55 GMT
GET H2	200	microsoft_PNG4.png 149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/	3 KB 3 KB	25ms 17ms	Image image/png	192.0.77.39 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/microsoft_PNG4.png Requested by Host: fraud.net URL: https://fraud.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash 725a72e4c7e67bec83f0504963f37d2d0ca9bb7869b6da94749a812c04a23c42 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-nc HIT hhn 2 date Thu, 25 Aug 2022 06:11:55 GMT x-ac 2.hhn _atomic_ams last-modified Fri, 03 Sep 2021 16:15:26 GMT server nginx strict-transport-security max-age=15552000 access-control-allow-methods GET, HEAD content-type image/png access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes link <http://fraud.net/wp-content/uploads/sites/2/2021/09/microsoft_PNG4.png>; rel="canonical" content-length 2756 expires Thu, 01 Sep 2022 06:11:55 GMT
GET H2	200	mastercard_hrz_pos_300px_2x-e1634923002359-uai-258x47.png 149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/	4 KB 4 KB	25ms 17ms	Image image/png	192.0.77.39 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/mastercard_hrz_pos_300px_2x-e1634923002359-uai-258x47.png Requested by Host: fraud.net URL: https://fraud.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash 4752d6ebb987080a0caca87a76e9e159836fc8b63214fa9bdb36a2c335c767c0 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-nc HIT hhn 2 date Thu, 25 Aug 2022 06:11:55 GMT x-ac 2.hhn _atomic_ams last-modified Fri, 03 Dec 2021 13:09:11 GMT server nginx strict-transport-security max-age=15552000 content-type image/png cache-control max-age=604800 accept-ranges bytes link <http://fraud.net/wp-content/uploads/sites/2/2021/09/mastercard_hrz_pos_300px_2x-e1634923002359-uai-258x47.png>; rel="canonical" content-length 4235 expires Thu, 01 Sep 2022 06:11:55 GMT
GET H/1.1	200 OK	player.js Show response player.vimeo.com/api/	20 KB 7 KB	63ms 38ms	Script application/javascript	162.159.138.60 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://player.vimeo.com/api/player.js Requested by Host: fraud.net URL: https://fraud.net/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.159.138.60 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 32c580e50f2df6739be4d12863694b740885c8aa6edbc80d87768f1af88f1005 Security Headers Name Value Content-Security-Policy default-src 'none'; style-src 'unsafe-inline' Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-varnish-cache 1 Date Thu, 25 Aug 2022 06:11:54 GMT content-encoding gzip x-content-type-options nosniff CF-Cache-Status DYNAMIC Age 670 X-Cache HIT p3p CP="This is not a P3P policy! See https://vimeo.com/privacy" x-host player-f46789f8c-k255x Connection keep-alive x-vserver playproxy-rollout-prod-varnish-0 Content-Length 6136 x-xss-protection 1; mode=block X-Served-By cache-fra19164-FRA X-Player-Backend p Server cloudflare X-Timer S1661407915.967102,VS0,VE0 x-backend-proxy playproxy1 Expect-CT max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" Vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload Content-Type application/javascript;charset=utf-8 via 1.1 varnish, 1.1 varnish expires Thu, 25 Aug 2022 06:22:49 GMT cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 x-bapp-server player-f46789f8c-k255x content-security-policy default-src 'none'; style-src 'unsafe-inline' Accept-Ranges bytes CF-RAY 74022c4c5c0d9064-FRA access-control-allow-origin * X-Cache-Hits 509
GET H2	200	Infographic_ApplicationAi.png 149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/	7 KB 7 KB	25ms 17ms	Image image/png	192.0.77.39 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Infographic_ApplicationAi.png Requested by Host: fraud.net URL: https://fraud.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash 20428f93f2673efc5b14ddbb8488222dabf85da17bce338c6b791071f1cf597a Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-nc HIT hhn 2 date Thu, 25 Aug 2022 06:11:55 GMT x-ac 1.hhn _atomic_ams last-modified Fri, 03 Sep 2021 16:15:05 GMT server nginx strict-transport-security max-age=15552000 access-control-allow-methods GET, HEAD content-type image/png access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes link <http://fraud.net/wp-content/uploads/sites/2/2021/09/Infographic_ApplicationAi.png>; rel="canonical" content-length 6704 expires Thu, 01 Sep 2022 06:11:55 GMT
GET H2	200	Infographic_TransactionAi.png 149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/	8 KB 8 KB	25ms 18ms	Image image/png	192.0.77.39 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Infographic_TransactionAi.png Requested by Host: fraud.net URL: https://fraud.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash 234d8bdcdbe8ad7ad55b9dc05062cbba29a8aad1cdae054ac36c77ac0ceca285 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-nc HIT hhn 2 date Thu, 25 Aug 2022 06:11:55 GMT x-ac 2.hhn _atomic_ams last-modified Fri, 03 Sep 2021 16:14:54 GMT server nginx strict-transport-security max-age=15552000 access-control-allow-methods GET, HEAD content-type image/png access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes link <http://fraud.net/wp-content/uploads/sites/2/2021/09/Infographic_TransactionAi.png>; rel="canonical" content-length 7756 expires Thu, 01 Sep 2022 06:11:55 GMT
GET H2	200	Infographic_LoginAi.png 149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/	7 KB 7 KB	26ms 18ms	Image image/png	192.0.77.39 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Infographic_LoginAi.png Requested by Host: fraud.net URL: https://fraud.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash e83dc119745c93e5eb29ffac21b9809af235d091f3d55f909d4e74758a0cd090 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-nc HIT hhn 2 date Thu, 25 Aug 2022 06:11:55 GMT x-ac 1.hhn _atomic_ams last-modified Fri, 03 Sep 2021 16:14:52 GMT server nginx strict-transport-security max-age=15552000 access-control-allow-methods GET, HEAD content-type image/png access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes link <http://fraud.net/wp-content/uploads/sites/2/2021/09/Infographic_LoginAi.png>; rel="canonical" content-length 7114 expires Thu, 01 Sep 2022 06:11:55 GMT
GET H2	200	Infographic_AccountAi.png 149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/	7 KB 7 KB	26ms 18ms	Image image/png	192.0.77.39 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Infographic_AccountAi.png Requested by Host: fraud.net URL: https://fraud.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash b5aae3b92b530b0b751a307b0205461da8993bf520abf775b206004e9cd10108 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-nc HIT hhn 2 date Thu, 25 Aug 2022 06:11:55 GMT x-ac 2.hhn _atomic_ams last-modified Fri, 03 Sep 2021 16:14:49 GMT server nginx strict-transport-security max-age=15552000 access-control-allow-methods GET, HEAD content-type image/png access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes link <http://fraud.net/wp-content/uploads/sites/2/2021/09/Infographic_AccountAi.png>; rel="canonical" content-length 7022 expires Thu, 01 Sep 2022 06:11:55 GMT
GET H2	200	Infographic_DeviceAi.png 149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/	7 KB 7 KB	26ms 19ms	Image image/png	192.0.77.39 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Infographic_DeviceAi.png Requested by Host: fraud.net URL: https://fraud.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash 8024acec341dcc8141dd3175d206cbb1c81d8141254363751ad0ab5f91af3e12 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-nc HIT hhn 2 date Thu, 25 Aug 2022 06:11:55 GMT x-ac 1.hhn _atomic_ams last-modified Fri, 03 Sep 2021 16:14:47 GMT server nginx strict-transport-security max-age=15552000 access-control-allow-methods GET, HEAD content-type image/png access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes link <http://fraud.net/wp-content/uploads/sites/2/2021/09/Infographic_DeviceAi.png>; rel="canonical" content-length 6746 expires Thu, 01 Sep 2022 06:11:55 GMT
GET H2	200	Infographic_EmailAi.png 149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/	7 KB 7 KB	26ms 19ms	Image image/png	192.0.77.39 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Infographic_EmailAi.png Requested by Host: fraud.net URL: https://fraud.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash 4b3b00234df4da1f9594dd6d05252c7529bfb37548078fc9ecf41c1811df3711 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-nc HIT hhn 2 date Thu, 25 Aug 2022 06:11:55 GMT x-ac 1.hhn _atomic_ams last-modified Fri, 03 Sep 2021 16:14:45 GMT server nginx strict-transport-security max-age=15552000 access-control-allow-methods GET, HEAD content-type image/png access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes link <http://fraud.net/wp-content/uploads/sites/2/2021/09/Infographic_EmailAi.png>; rel="canonical" content-length 7027 expires Thu, 01 Sep 2022 06:11:55 GMT
GET H2	200	Computer-Appstore-e1628881087778-uai-258x160.png 149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/	20 KB 20 KB	26ms 19ms	Image image/png	192.0.77.39 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Computer-Appstore-e1628881087778-uai-258x160.png Requested by Host: fraud.net URL: https://fraud.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash e16e05db60d88b2b5e1866fddf94b16071ac8b61c5dd5028cf401d91f8d6f2c1 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-nc HIT hhn 2 date Thu, 25 Aug 2022 06:11:55 GMT x-ac 2.hhn _atomic_ams last-modified Fri, 03 Dec 2021 13:09:12 GMT server nginx strict-transport-security max-age=15552000 content-type image/png cache-control max-age=604800 accept-ranges bytes link <http://fraud.net/wp-content/uploads/sites/2/2021/09/Computer-Appstore-e1628881087778-uai-258x160.png>; rel="canonical" content-length 20075 expires Thu, 01 Sep 2022 06:11:55 GMT
GET H2	200	internet-of-things.png 149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/	4 KB 4 KB	26ms 19ms	Image image/png	192.0.77.39 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/internet-of-things.png Requested by Host: fraud.net URL: https://fraud.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash f93c8551f65ba377f486fa012b49c4fdfbb3247cb0fa9aa1f7f084ea2cb36edf Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-nc HIT hhn 2 date Thu, 25 Aug 2022 06:11:55 GMT x-ac 1.hhn _atomic_ams last-modified Fri, 03 Sep 2021 16:15:52 GMT server nginx strict-transport-security max-age=15552000 access-control-allow-methods GET, HEAD content-type image/png access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes link <http://fraud.net/wp-content/uploads/sites/2/2021/09/internet-of-things.png>; rel="canonical" content-length 4067 expires Thu, 01 Sep 2022 06:11:55 GMT
GET H2	200	money-making.png 149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/	3 KB 4 KB	26ms 20ms	Image image/png	192.0.77.39 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/money-making.png Requested by Host: fraud.net URL: https://fraud.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash b0c5713b0404676e491cdfba01ffd6aaf0dce9227bde577b4178afde264c9841 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-nc HIT hhn 2 date Thu, 25 Aug 2022 06:11:55 GMT x-ac 1.hhn _atomic_ams last-modified Fri, 03 Sep 2021 16:15:59 GMT server nginx strict-transport-security max-age=15552000 access-control-allow-methods GET, HEAD content-type image/png access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes link <http://fraud.net/wp-content/uploads/sites/2/2021/09/money-making.png>; rel="canonical" content-length 3493 expires Thu, 01 Sep 2022 06:11:55 GMT
GET H2	200	growth.png 149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/	2 KB 2 KB	26ms 20ms	Image image/png	192.0.77.39 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/growth.png Requested by Host: fraud.net URL: https://fraud.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash e3dcd1c22c0109630f06bb782eddd1db4910dbedc483193a7276dcd07e6d4651 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-nc HIT hhn 2 date Thu, 25 Aug 2022 06:11:55 GMT x-ac 1.hhn _atomic_ams last-modified Fri, 03 Sep 2021 16:16:01 GMT server nginx strict-transport-security max-age=15552000 access-control-allow-methods GET, HEAD content-type image/png access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes link <http://fraud.net/wp-content/uploads/sites/2/2021/09/growth.png>; rel="canonical" content-length 1789 expires Thu, 01 Sep 2022 06:11:55 GMT
GET H2	200	secure.png 149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/	3 KB 3 KB	27ms 20ms	Image image/png	192.0.77.39 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/secure.png Requested by Host: fraud.net URL: https://fraud.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash de599393ee2636d282e2724a638bd0bcb77bef4dad10207b5beb406df96e9847 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-nc HIT hhn 2 date Thu, 25 Aug 2022 06:11:55 GMT x-ac 1.hhn _atomic_ams last-modified Fri, 03 Sep 2021 16:16:05 GMT server nginx strict-transport-security max-age=15552000 access-control-allow-methods GET, HEAD content-type image/png access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes link <http://fraud.net/wp-content/uploads/sites/2/2021/09/secure.png>; rel="canonical" content-length 3029 expires Thu, 01 Sep 2022 06:11:55 GMT
GET H2	200	Group-370.png 149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/	385 B 520 B	27ms 21ms	Image image/png	192.0.77.39 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Group-370.png Requested by Host: fraud.net URL: https://fraud.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash af40864cb09a9463e558472afa4cb4d935d2bff2fad08e4db4cf33fcd5ccf9de Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-nc HIT hhn 2 date Thu, 25 Aug 2022 06:11:55 GMT x-ac 1.hhn _atomic_ams last-modified Mon, 13 Sep 2021 15:45:26 GMT server nginx strict-transport-security max-age=15552000 access-control-allow-methods GET, HEAD content-type image/png access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes link <http://fraud.net/wp-content/uploads/sites/2/2021/09/Group-370.png>; rel="canonical" content-length 385 expires Thu, 01 Sep 2022 06:11:55 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	200 KB 72 KB	145ms 54ms	Script application/javascript	2a00:1450:4001:806::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-WVZ4N9X Requested by Host: fraud.net URL: https://fraud.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 15bb75da43b51b2890cc2bd4731021791644ac0e6667ae90b367ac1e82683326 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 25 Aug 2022 06:11:55 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 73260 x-xss-protection 0 expires Thu, 25 Aug 2022 06:11:55 GMT
GET H2	200	featuredcustomers_logo_stars-e1646751392635.png 149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2019/11/	10 KB 10 KB	27ms 21ms	Image image/png	192.0.77.39 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2019/11/featuredcustomers_logo_stars-e1646751392635.png Requested by Host: fraud.net URL: https://fraud.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash fef32ae82d6491d9f226abb4babbc2e31abcff70ee4cb29ea2fbf91bd81ed402 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-nc HIT hhn 2 date Thu, 25 Aug 2022 06:11:55 GMT x-ac 1.hhn _atomic_ams last-modified Tue, 08 Mar 2022 14:56:32 GMT server nginx strict-transport-security max-age=15552000 access-control-allow-methods GET, HEAD content-type image/png access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes link <http://fraud.net/wp-content/uploads/sites/2/2019/11/featuredcustomers_logo_stars-e1646751392635.png>; rel="canonical" content-length 10025 expires Thu, 01 Sep 2022 06:11:55 GMT
GET H2	200	Juniper_award-uai-258x172.png 149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2022/03/	37 KB 38 KB	27ms 21ms	Image image/png	192.0.77.39 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2022/03/Juniper_award-uai-258x172.png Requested by Host: fraud.net URL: https://fraud.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash 487edb5b8568e3b54881c2ba7f8b1295c78908f5c53dbe8ef8e6fc737f3e7ca4 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-nc HIT hhn 2 date Thu, 25 Aug 2022 06:11:55 GMT x-ac 2.hhn _atomic_ams last-modified Mon, 07 Mar 2022 22:40:58 GMT server nginx strict-transport-security max-age=15552000 content-type image/png cache-control max-age=604800 accept-ranges bytes link <http://fraud.net/wp-content/uploads/sites/2/2022/03/Juniper_award-uai-258x172.png>; rel="canonical" content-length 38348 expires Thu, 01 Sep 2022 06:11:55 GMT
GET H2	200	Group-448.png 149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/	3 KB 3 KB	27ms 22ms	Image image/png	192.0.77.39 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Group-448.png Requested by Host: fraud.net URL: https://fraud.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash 41b1c7d6af05be020550025a5e45f94ea6f122654d5c783ce4abddbf66197776 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-nc HIT hhn 2 date Thu, 25 Aug 2022 06:11:55 GMT x-ac 1.hhn _atomic_ams last-modified Fri, 03 Sep 2021 16:13:52 GMT server nginx strict-transport-security max-age=15552000 access-control-allow-methods GET, HEAD content-type image/png access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes link <http://fraud.net/wp-content/uploads/sites/2/2021/09/Group-448.png>; rel="canonical" content-length 3105 expires Thu, 01 Sep 2022 06:11:55 GMT
GET H2	200	Capterra_stars.jpg 149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2019/11/	9 KB 9 KB	28ms 22ms	Image image/jpeg	192.0.77.39 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2019/11/Capterra_stars.jpg Requested by Host: fraud.net URL: https://fraud.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash 27bb1c46f69b49a4dceb4993432295bdea3769aae7a806b059add3b525def50d Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-nc HIT hhn 2 date Thu, 25 Aug 2022 06:11:55 GMT x-ac 2.hhn _atomic_ams last-modified Wed, 20 Nov 2019 21:35:31 GMT server nginx strict-transport-security max-age=15552000 access-control-allow-methods GET, HEAD content-type image/jpeg access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes link <http://fraud.net/wp-content/uploads/sites/2/2019/11/Capterra_stars.jpg>; rel="canonical" content-length 9072 expires Thu, 01 Sep 2022 06:11:55 GMT
GET H2	200	MicrosoftTeams-image-e1646750843390-uai-258x122.png 149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/	17 KB 17 KB	28ms 23ms	Image image/png	192.0.77.39 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/MicrosoftTeams-image-e1646750843390-uai-258x122.png Requested by Host: fraud.net URL: https://fraud.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash 97f5bc236e0957f97b1cd816c850e067d38d794990644cf0100be692fe47f276 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-nc HIT hhn 2 date Thu, 25 Aug 2022 06:11:55 GMT x-ac 2.hhn _atomic_ams last-modified Tue, 08 Mar 2022 14:47:54 GMT server nginx strict-transport-security max-age=15552000 content-type image/png cache-control max-age=604800 accept-ranges bytes link <http://fraud.net/wp-content/uploads/sites/2/2021/09/MicrosoftTeams-image-e1646750843390-uai-258x122.png>; rel="canonical" content-length 17007 expires Thu, 01 Sep 2022 06:11:55 GMT
GET H2	200	g2-new2.png 149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2022/03/	2 KB 3 KB	28ms 23ms	Image image/png	192.0.77.39 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2022/03/g2-new2.png Requested by Host: fraud.net URL: https://fraud.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash 5d3a9547f3ac1a0f55d23965a04ce04c7abf2caa2cb7e0eb411002e672f1130b Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-nc HIT hhn 2 date Thu, 25 Aug 2022 06:11:55 GMT x-ac 2.hhn _atomic_ams last-modified Mon, 07 Mar 2022 23:10:02 GMT server nginx strict-transport-security max-age=15552000 access-control-allow-methods GET, HEAD content-type image/png access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes link <http://fraud.net/wp-content/uploads/sites/2/2022/03/g2-new2.png>; rel="canonical" content-length 2471 expires Thu, 01 Sep 2022 06:11:55 GMT
GET H2	200	accenture_new.png 149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2022/03/	3 KB 3 KB	28ms 23ms	Image image/png	192.0.77.39 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2022/03/accenture_new.png Requested by Host: fraud.net URL: https://fraud.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash d8e8e121a8ec7359a4284eca6a2f38e711d7c8792436cc0da4dd30275cec0a6e Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-nc HIT hhn 2 date Thu, 25 Aug 2022 06:11:55 GMT x-ac 2.hhn _atomic_ams last-modified Tue, 08 Mar 2022 14:46:15 GMT server nginx strict-transport-security max-age=15552000 access-control-allow-methods GET, HEAD content-type image/png access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes link <http://fraud.net/wp-content/uploads/sites/2/2022/03/accenture_new.png>; rel="canonical" content-length 3109 expires Thu, 01 Sep 2022 06:11:55 GMT
GET H2	200	v2.js Show response js.hsforms.net/forms/	585 KB 147 KB	57ms 30ms	Script application/javascript	2606:4700::6811:b749 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hsforms.net/forms/v2.js Requested by Host: fraud.net URL: https://fraud.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:b749 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f26b5633d0577a58588a9c912e7a04badd4df1667411df0266516dedb2a3b7e5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 25 Aug 2022 06:11:54 GMT via 1.1 4ee1745ee3cece0fab563f5a32ba165a.cloudfront.net (CloudFront) vary Accept-Encoding cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 162 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront cache-tag staticjsapp-FormsNext-web-prod,staticjsapp-prod content-type application/javascript; charset=utf-8 x-amz-replication-status COMPLETED content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Tue, 26 Jul 2022 10:57:52 UTC server cloudflare etag W/"8cfc2a51250daf33edd2e1dda3f1654b" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vzcrltkDpQR6wPE9P2LqtqF5s6x8zd9zDFXUw3IohvRhX5DWlRc2W39xHHdPwKtI0eBNJYRpdtJ%2BPxjWXkqiLDFKWNYMvrW4DEv%2FMyLUitnTTyaipvWmPINHtfaN28zjdiXQE0hIucSU9ls1"}],"group":"cf-nel","max_age":604800} x-amz-version-id elWqSweed2C2dWtDipd3d9hhUaqI4uV. access-control-allow-origin * cache-control s-maxage=600, max-age=0 x-hs-cache-status HIT x-amz-cf-pop IAD89-P1 cf-ray 74022c4c984a9b58-FRA x-amz-cf-id 99AIpaSCMXtdLrE8U_vOMkI3Ys56xoTrFeK7MHAF921aAdgcM53QGA== x-hs-target-asset FormsNext/static-5.519/bundles/project_with_deps.js
GET H2	200	tooltipster.bundle.min.js Show response 149360532.v2.pressablecdn.com/wp-content/plugins/encyclopedia-pro/assets/js/	39 KB 11 KB	17ms 6ms	Script application/javascript	192.0.77.39 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://149360532.v2.pressablecdn.com/wp-content/plugins/encyclopedia-pro/assets/js/tooltipster.bundle.min.js?ver=4.2.6 Requested by Host: fraud.net URL: https://fraud.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash 8250a1bc2682e8826ae3d7647ee94059def19643f0034144c9d8e18cf0629ed0 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-nc HIT hhn 2 date Thu, 25 Aug 2022 06:11:55 GMT content-encoding br last-modified Mon, 09 Mar 2020 08:30:56 GMT server nginx vary Accept-Encoding content-type application/javascript cache-control max-age=315360000 x-ac 1.hhn _atomic_ams strict-transport-security max-age=15552000 link <http://fraud.net/wp-content/plugins/encyclopedia-pro/assets/js/tooltipster.bundle.min.js>; rel="canonical" expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	tooltips.js Show response 149360532.v2.pressablecdn.com/wp-content/plugins/encyclopedia-pro/assets/js/	1 KB 763 B	17ms 6ms	Script application/javascript	192.0.77.39 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://149360532.v2.pressablecdn.com/wp-content/plugins/encyclopedia-pro/assets/js/tooltips.js Requested by Host: fraud.net URL: https://fraud.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash 7a5b0199c6fb4de2cc1f6f1b1e69ed74fd456472c187b18e88804bae3f82dfc8 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-nc HIT hhn 2 date Thu, 25 Aug 2022 06:11:55 GMT content-encoding br last-modified Mon, 09 Mar 2020 08:30:56 GMT server nginx vary Accept-Encoding access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * cache-control max-age=604800 x-ac 1.hhn _atomic_ams strict-transport-security max-age=15552000 link <http://fraud.net/wp-content/plugins/encyclopedia-pro/assets/js/tooltips.js>; rel="canonical" expires Thu, 01 Sep 2022 06:11:55 GMT
GET H2	200	js-cookie.min.js Show response 149360532.v2.pressablecdn.com/wp-content/plugins/uncode-privacy/assets/js/	3 KB 1 KB	17ms 6ms	Script application/javascript	192.0.77.39 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://149360532.v2.pressablecdn.com/wp-content/plugins/uncode-privacy/assets/js/js-cookie.min.js?ver=2.2.0 Requested by Host: fraud.net URL: https://fraud.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash 1b63af7a02c46c6968431dcba892f98a347ad60453f3a6eb801528a1adaf32e8 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-nc HIT hhn 2 date Thu, 25 Aug 2022 06:11:55 GMT content-encoding br last-modified Mon, 20 Dec 2021 14:32:06 GMT server nginx vary Accept-Encoding content-type application/javascript cache-control max-age=315360000 x-ac 1.hhn _atomic_ams strict-transport-security max-age=15552000 link <http://fraud.net/wp-content/plugins/uncode-privacy/assets/js/js-cookie.min.js>; rel="canonical" expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	uncode-privacy-public.min.js Show response 149360532.v2.pressablecdn.com/wp-content/plugins/uncode-privacy/assets/js/	4 KB 1 KB	17ms 7ms	Script application/javascript	192.0.77.39 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://149360532.v2.pressablecdn.com/wp-content/plugins/uncode-privacy/assets/js/uncode-privacy-public.min.js?ver=2.2.1 Requested by Host: fraud.net URL: https://fraud.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash 3ecaf7a3e204b75b122c215abe539ee5e93a5e25fff818a5916760d6f03ea824 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-nc HIT hhn 2 date Thu, 25 Aug 2022 06:11:55 GMT content-encoding br last-modified Mon, 20 Dec 2021 14:32:06 GMT server nginx vary Accept-Encoding content-type application/javascript cache-control max-age=315360000 x-ac 2.hhn _atomic_ams strict-transport-security max-age=15552000 link <http://fraud.net/wp-content/plugins/uncode-privacy/assets/js/uncode-privacy-public.min.js>; rel="canonical" expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	mediaelement-and-player.min.js Show response 149360532.v2.pressablecdn.com/wp-includes/js/mediaelement/	154 KB 38 KB	18ms 8ms	Script application/javascript	192.0.77.39 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://149360532.v2.pressablecdn.com/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.16 Requested by Host: fraud.net URL: https://fraud.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash 443ba0af7a7ed827223c7fb3c008c02b9ff1d651b6492e9c270378b07d9f6008 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-nc HIT hhn 2 date Thu, 25 Aug 2022 06:11:55 GMT content-encoding br last-modified Tue, 29 Sep 2020 15:53:06 GMT server nginx vary Accept-Encoding content-type application/javascript cache-control max-age=315360000 x-ac 1.hhn _atomic_ams strict-transport-security max-age=15552000 link <http://fraud.net/wp-includes/js/mediaelement/mediaelement-and-player.min.js>; rel="canonical" expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	mediaelement-migrate.min.js Show response 149360532.v2.pressablecdn.com/wp-includes/js/mediaelement/	1 KB 646 B	18ms 8ms	Script application/javascript	192.0.77.39 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://149360532.v2.pressablecdn.com/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=ed8084b5c2480ca4d2847bf27aacb4f7 Requested by Host: fraud.net URL: https://fraud.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash 6d161e98e47ae150b51211443eef37040fb6269dcf85ad2048548066dca99e6f Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-nc HIT hhn 2 date Thu, 25 Aug 2022 06:11:55 GMT content-encoding br last-modified Fri, 08 Apr 2022 20:07:18 GMT server nginx vary Accept-Encoding access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * cache-control max-age=315360000 x-ac 1.hhn _atomic_ams strict-transport-security max-age=15552000 link <http://fraud.net/wp-includes/js/mediaelement/mediaelement-migrate.min.js>; rel="canonical" expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	wp-mediaelement.min.js Show response 149360532.v2.pressablecdn.com/wp-includes/js/mediaelement/	906 B 568 B	18ms 8ms	Script application/javascript	192.0.77.39 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://149360532.v2.pressablecdn.com/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=ed8084b5c2480ca4d2847bf27aacb4f7 Requested by Host: fraud.net URL: https://fraud.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash 3e6131330963c472b950b8aaf544ba3829735b8ccb103d614ba7793e3a786550 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-nc HIT hhn 2 date Thu, 25 Aug 2022 06:11:55 GMT content-encoding br last-modified Wed, 20 Jan 2021 13:35:18 GMT server nginx vary Accept-Encoding access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * cache-control max-age=315360000 x-ac 2.hhn _atomic_ams strict-transport-security max-age=15552000 link <http://fraud.net/wp-includes/js/mediaelement/wp-mediaelement.min.js>; rel="canonical" expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	plugins.min.js Show response 149360532.v2.pressablecdn.com/wp-content/themes/uncode/library/js/	578 KB 160 KB	18ms 9ms	Script application/javascript	192.0.77.39 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://149360532.v2.pressablecdn.com/wp-content/themes/uncode/library/js/plugins.min.js Requested by Host: fraud.net URL: https://fraud.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash 26bb3223df27d9b62025f9e527d9e348f73e77432560c04a1bfc45d449b61c4c Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-nc HIT hhn 2 date Thu, 25 Aug 2022 06:11:55 GMT content-encoding br last-modified Mon, 28 Mar 2022 09:12:47 GMT server nginx vary Accept-Encoding access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * cache-control max-age=604800 x-ac 2.hhn _atomic_ams strict-transport-security max-age=15552000 link <http://fraud.net/wp-content/themes/uncode/library/js/plugins.min.js>; rel="canonical" expires Thu, 01 Sep 2022 06:11:55 GMT
GET H2	200	app.min.js Show response 149360532.v2.pressablecdn.com/wp-content/themes/uncode/library/js/	178 KB 40 KB	18ms 9ms	Script application/javascript	192.0.77.39 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://149360532.v2.pressablecdn.com/wp-content/themes/uncode/library/js/app.min.js Requested by Host: fraud.net URL: https://fraud.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash b33deed37e74f16cf17b9164d63a89f7966b78e3ed76b2fdcf0248eb60f0b858 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-nc HIT hhn 2 date Thu, 25 Aug 2022 06:11:55 GMT content-encoding br last-modified Mon, 28 Mar 2022 09:12:47 GMT server nginx vary Accept-Encoding access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * cache-control max-age=604800 x-ac 2.hhn _atomic_ams strict-transport-security max-age=15552000 link <http://fraud.net/wp-content/themes/uncode/library/js/app.min.js>; rel="canonical" expires Thu, 01 Sep 2022 06:11:55 GMT
GET H2	200	main.js Show response 149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/static/	1 KB 605 B	18ms 9ms	Script application/javascript	192.0.77.39 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/static/main.js?ver=1.17.0 Requested by Host: fraud.net URL: https://fraud.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash afb60239152b2ab1e5d44c2376662da21a98e3fe19cebdb891660bfa23bb3d4b Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-nc HIT hhn 2 date Thu, 25 Aug 2022 06:11:55 GMT content-encoding br last-modified Mon, 28 Mar 2022 09:12:56 GMT server nginx vary Accept-Encoding content-type application/javascript cache-control max-age=315360000 x-ac 1.hhn _atomic_ams strict-transport-security max-age=15552000 link <http://fraud.net/wp-content/themes/uncode-for-fraud/static/main.js>; rel="canonical" expires Thu, 31 Dec 2037 23:55:55 GMT
GET DATA	200 OK	truncated /	34 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Content-Type image/gif
GET DATA	200 OK	truncated /	42 B 0		Image image/webp
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Content-Type image/webp
GET DATA	200 OK	truncated /	34 B 0		Image image/webp
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Content-Type image/webp
GET H2	200	memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1y4k.woff fonts.gstatic.com/s/opensans/v34/	69 KB 69 KB	166ms 79ms	Font font/woff	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1y4k.woff Requested by Host: fraud.net URL: https://fraud.net/wp-content/cache/fvm/min/1661264084-css8c72dae05514e89988af6d08b5f840e573a18d8f01c21b798c83084958180.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ad9899b9c9fc6e95046a3e2ba2ff4a9ef9cd9aac86eb2dfb15835befa2a5a1e1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fraud.net/ Origin https://fraud.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Tue, 23 Aug 2022 00:02:06 GMT x-content-type-options nosniff age 194989 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 70724 x-xss-protection 0 last-modified Mon, 15 Aug 2022 18:11:59 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 23 Aug 2023 00:02:06 GMT
GET H2	200	uncode-icons.woff 149360532.v2.pressablecdn.com/wp-content/themes/uncode/library/fonts/	373 KB 374 KB	37ms 6ms	Font application/font-woff	192.0.77.39 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://149360532.v2.pressablecdn.com/wp-content/themes/uncode/library/fonts/uncode-icons.woff Requested by Host: fraud.net URL: https://fraud.net/wp-content/cache/fvm/min/1661264084-css3038bff3483d88b1e21cc21310a27b2153d5b8c53fedd9aeb7460d1fbd718.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash 59b76a96d782cd0b78b23230e7c44d1773aa8166e3985c96affec9026437aec9 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Referer https://fraud.net/ Origin https://fraud.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-nc HIT hhn 1 date Thu, 25 Aug 2022 06:11:55 GMT x-ac 2.hhn _atomic_ams last-modified Mon, 28 Mar 2022 09:12:47 GMT server nginx strict-transport-security max-age=15552000 access-control-allow-methods GET, HEAD content-type application/font-woff access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes link <http://fraud.net/wp-content/themes/uncode/library/fonts/uncode-icons.woff>; rel="canonical" content-length 382184 expires Thu, 01 Sep 2022 06:11:55 GMT
GET H2	200	memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0C4k.woff fonts.gstatic.com/s/opensans/v34/	69 KB 70 KB	113ms 38ms	Font font/woff	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0C4k.woff Requested by Host: fraud.net URL: https://fraud.net/wp-content/cache/fvm/min/1661264084-css8c72dae05514e89988af6d08b5f840e573a18d8f01c21b798c83084958180.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 17d899f5cfdbf624b2a124d0b2b8404e331424ece648c5c5c0e7b3d03ccc6a40 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fraud.net/ Origin https://fraud.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 22 Aug 2022 19:07:49 GMT x-content-type-options nosniff age 212646 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 70856 x-xss-protection 0 last-modified Mon, 15 Aug 2022 18:12:26 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 22 Aug 2023 19:07:49 GMT
POST H2	200	admin-ajax.php Show response fraud.net/wp-admin/	280 B 422 B	742ms 741ms	XHR application/json	199.16.173.27 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://fraud.net/wp-admin/admin-ajax.php Requested by Host: 149360532.v2.pressablecdn.com URL: https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/init.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 199.16.173.27 , United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash b3aa1b1cef12f348a783027f2276fe94eeb537a47a183a2a81cc391dddb23fe9 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://fraud.net/ X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers strict-transport-security max-age=31536000 content-encoding br x-content-type-options nosniff host-header Pressable referrer-policy strict-origin-when-cross-origin server nginx x-frame-options SAMEORIGIN date Thu, 25 Aug 2022 06:11:55 GMT vary Accept-Encoding content-type application/json; charset=UTF-8 access-control-allow-origin https://fraud.net cache-control no-cache, must-revalidate, max-age=0 access-control-allow-credentials true x-ac 2.hhn _atomic_ams x-robots-tag noindex expires Wed, 11 Jan 1984 05:00:00 GMT
GET H2	200	MicrosoftTeams-image-2-2-uai-258x110.png 149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/	32 KB 32 KB	7ms 6ms	Image image/png	192.0.77.39 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/MicrosoftTeams-image-2-2-uai-258x110.png Requested by Host: fraud.net URL: https://fraud.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash 465726c1fc7cd0e6ff5a19fdf03a20d95e13f8e5c255c157df0428e3370cfd99 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-nc HIT hhn 2 date Thu, 25 Aug 2022 06:11:55 GMT x-ac 1.hhn _atomic_ams last-modified Fri, 03 Dec 2021 13:09:11 GMT server nginx strict-transport-security max-age=15552000 content-type image/png cache-control max-age=604800 accept-ranges bytes link <http://fraud.net/wp-content/uploads/sites/2/2021/09/MicrosoftTeams-image-2-2-uai-258x110.png>; rel="canonical" content-length 32700 expires Thu, 01 Sep 2022 06:11:55 GMT
GET H2	200	memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0C4k.woff fonts.gstatic.com/s/opensans/v34/	69 KB 69 KB	149ms 141ms	Font font/woff	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0C4k.woff Requested by Host: fraud.net URL: https://fraud.net/wp-content/cache/fvm/min/1661264084-css8c72dae05514e89988af6d08b5f840e573a18d8f01c21b798c83084958180.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 079d4b87e1e628fc0b7c55b6235505f32dd741cc5bd81520eacd150d3b89d3fe Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fraud.net/ Origin https://fraud.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Tue, 23 Aug 2022 00:59:59 GMT x-content-type-options nosniff age 191516 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 70568 x-xss-protection 0 last-modified Mon, 15 Aug 2022 18:12:25 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 23 Aug 2023 00:59:59 GMT
POST H2	200	admin-ajax.php Show response fraud.net/wp-admin/	2 KB 465 B	815ms 815ms	XHR application/json	199.16.173.27 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://fraud.net/wp-admin/admin-ajax.php Requested by Host: 149360532.v2.pressablecdn.com URL: https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/init.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 199.16.173.27 , United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash bb5126f6e6f8a6e71a925dbdeda433b97ea7668649ecd9a1772cf2997d1544e3 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://fraud.net/ X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers strict-transport-security max-age=31536000 content-encoding br x-content-type-options nosniff host-header Pressable referrer-policy strict-origin-when-cross-origin server nginx x-frame-options SAMEORIGIN date Thu, 25 Aug 2022 06:11:55 GMT vary Accept-Encoding content-type application/json; charset=UTF-8 access-control-allow-origin https://fraud.net cache-control no-cache, must-revalidate, max-age=0 access-control-allow-credentials true x-ac 2.hhn _atomic_ams x-robots-tag noindex expires Wed, 11 Jan 1984 05:00:00 GMT
GET H2	200	memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1y4k.woff fonts.gstatic.com/s/opensans/v34/	67 KB 67 KB	95ms 95ms	Font font/woff	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1y4k.woff Requested by Host: fraud.net URL: https://fraud.net/wp-content/cache/fvm/min/1661264084-css8c72dae05514e89988af6d08b5f840e573a18d8f01c21b798c83084958180.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 87eac34942c2940c12cc806fdb812efdf2c2f357c37984ad2c24258ccf806b87 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fraud.net/ Origin https://fraud.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 22 Aug 2022 20:02:26 GMT x-content-type-options nosniff age 209369 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 68728 x-xss-protection 0 last-modified Mon, 15 Aug 2022 18:16:15 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 22 Aug 2023 20:02:26 GMT
POST H2	200	admin-ajax.php Show response fraud.net/wp-admin/	266 B 256 B	843ms 843ms	XHR application/json	199.16.173.27 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://fraud.net/wp-admin/admin-ajax.php Requested by Host: 149360532.v2.pressablecdn.com URL: https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/init.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 199.16.173.27 , United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 22dbb26a1cf97123c235ccd09506b214ca0fbfa9b018401338e6f9ccc231d83e Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://fraud.net/ X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers strict-transport-security max-age=31536000 content-encoding br x-content-type-options nosniff host-header Pressable referrer-policy strict-origin-when-cross-origin server nginx x-frame-options SAMEORIGIN date Thu, 25 Aug 2022 06:11:56 GMT vary Accept-Encoding content-type application/json; charset=UTF-8 access-control-allow-origin https://fraud.net cache-control no-cache, must-revalidate, max-age=0 access-control-allow-credentials true x-ac 2.hhn _atomic_ams x-robots-tag noindex expires Wed, 11 Jan 1984 05:00:00 GMT
GET H2	200	Group-2851-uai-258x81.png 149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/	14 KB 14 KB	7ms 6ms	Image image/png	192.0.77.39 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Group-2851-uai-258x81.png Requested by Host: fraud.net URL: https://fraud.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash 8ec10bed3af6096be5743e3e5dce99ea22832a46b86f13e19e68966a52fe63b8 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-nc HIT hhn 2 date Thu, 25 Aug 2022 06:11:55 GMT x-ac 1.hhn _atomic_ams last-modified Fri, 03 Dec 2021 13:09:11 GMT server nginx strict-transport-security max-age=15552000 content-type image/png cache-control max-age=604800 accept-ranges bytes link <http://fraud.net/wp-content/uploads/sites/2/2021/09/Group-2851-uai-258x81.png>; rel="canonical" content-length 14086 expires Thu, 01 Sep 2022 06:11:55 GMT
GET H/1.1	200 OK	235637953 Show response player.vimeo.com/video/ Frame 55E7	16 KB 9 KB	259ms 259ms	Document text/html	162.159.138.60 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://player.vimeo.com/video/235637953? Requested by Host: fraud.net URL: https://fraud.net/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.159.138.60 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c29e9f61df089312c19912016587e4e056059930e1cfd4283321916a1c3a3259 Security Headers Name Value Content-Security-Policy script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel-player-staging.vimeows.com https://fresnel-event-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://*.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://devcaptions.cloud.vimeo.com/; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; font-src https://edge-assets.wirewax.com https://player.vimeo.com https://fonts.gstatic.com; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com https://f.vimeocdn.com; frame-src 'self' https://* Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://fraud.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Age 0 CF-Cache-Status DYNAMIC CF-RAY 74022c4e0e149064-FRA Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Thu, 25 Aug 2022 06:11:55 GMT Expect-CT max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" Server cloudflare Transfer-Encoding chunked Vary Accept-Encoding X-Cache MISS X-Cache-Hits 0 X-Player-Backend p X-Served-By cache-fra19158-FRA X-Timer S1661407915.220863,VS0,VE240 cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 content-security-policy script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel-player-staging.vimeows.com https://fresnel-event-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://*.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://devcaptions.cloud.vimeo.com/; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; font-src https://edge-assets.wirewax.com https://player.vimeo.com https://fonts.gstatic.com; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com https://f.vimeocdn.com; frame-src 'self' https://* expires Thu, 25 Aug 2022 06:21:55 GMT link <https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin p3p CP="This is not a P3P policy! See https://vimeo.com/privacy" strict-transport-security max-age=31536000; includeSubDomains; preload via 1.1 varnish, 1.1 varnish x-backend-proxy playproxy6 x-bapp-server player-f46789f8c-wr28d x-content-type-options nosniff x-host player-f46789f8c-wr28d x-varnish-cache 0 x-vserver playproxy-rollout-prod-varnish-5 x-xss-protection 1; mode=block
POST H2	200	admin-ajax.php Show response fraud.net/wp-admin/	1 KB 362 B	771ms 771ms	XHR application/json	199.16.173.27 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://fraud.net/wp-admin/admin-ajax.php Requested by Host: 149360532.v2.pressablecdn.com URL: https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/init.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 199.16.173.27 , United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash a6e61ff9d721df69fd75e4d5c708f0aad48b4336a222d682c28aac03900feb1d Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://fraud.net/ X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers strict-transport-security max-age=31536000 content-encoding br x-content-type-options nosniff host-header Pressable referrer-policy strict-origin-when-cross-origin server nginx x-frame-options SAMEORIGIN date Thu, 25 Aug 2022 06:11:56 GMT vary Accept-Encoding content-type application/json; charset=UTF-8 access-control-allow-origin https://fraud.net cache-control no-cache, must-revalidate, max-age=0 access-control-allow-credentials true x-ac 2.hhn _atomic_ams x-robots-tag noindex expires Wed, 11 Jan 1984 05:00:00 GMT
POST H2	200	admin-ajax.php Show response fraud.net/wp-admin/	266 B 233 B	818ms 817ms	XHR application/json	199.16.173.27 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://fraud.net/wp-admin/admin-ajax.php Requested by Host: 149360532.v2.pressablecdn.com URL: https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/init.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 199.16.173.27 , United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash e431a461322e773b99ca69a18a383bae923208aa4190414bf50baa33b842adea Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://fraud.net/ X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers strict-transport-security max-age=31536000 content-encoding br x-content-type-options nosniff host-header Pressable referrer-policy strict-origin-when-cross-origin server nginx x-frame-options SAMEORIGIN date Thu, 25 Aug 2022 06:11:56 GMT vary Accept-Encoding content-type application/json; charset=UTF-8 access-control-allow-origin https://fraud.net cache-control no-cache, must-revalidate, max-age=0 access-control-allow-credentials true x-ac 2.hhn _atomic_ams x-robots-tag noindex expires Wed, 11 Jan 1984 05:00:00 GMT
GET H2	200	Group-2859-uai-258x34.png 149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/	5 KB 5 KB	6ms 6ms	Image image/png	192.0.77.39 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Group-2859-uai-258x34.png Requested by Host: fraud.net URL: https://fraud.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash cdbf143856a375cc4f975c8cd17edc52f04ebf0952d96944bf027290fe9ad28e Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-nc HIT hhn 2 date Thu, 25 Aug 2022 06:11:55 GMT x-ac 2.hhn _atomic_ams last-modified Fri, 03 Dec 2021 13:09:11 GMT server nginx strict-transport-security max-age=15552000 content-type image/png cache-control max-age=604800 accept-ranges bytes link <http://fraud.net/wp-content/uploads/sites/2/2021/09/Group-2859-uai-258x34.png>; rel="canonical" content-length 5270 expires Thu, 01 Sep 2022 06:11:55 GMT
GET H2	200	Group-2858-uai-258x306.png 149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/	139 KB 139 KB	7ms 6ms	Image image/png	192.0.77.39 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Group-2858-uai-258x306.png Requested by Host: fraud.net URL: https://fraud.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash 53327d1c55cd5f6aec4c686f3ba84c17c8fdcea1d62760bb61f3d45ef504566d Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-nc HIT hhn 2 date Thu, 25 Aug 2022 06:11:55 GMT x-ac 1.hhn _atomic_ams last-modified Fri, 03 Dec 2021 13:09:11 GMT server nginx strict-transport-security max-age=15552000 content-type image/png cache-control max-age=604800 accept-ranges bytes link <http://fraud.net/wp-content/uploads/sites/2/2021/09/Group-2858-uai-258x306.png>; rel="canonical" content-length 142152 expires Thu, 01 Sep 2022 06:11:55 GMT
POST H2	200	admin-ajax.php Show response fraud.net/wp-admin/	265 B 238 B	779ms 779ms	XHR application/json	199.16.173.27 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://fraud.net/wp-admin/admin-ajax.php Requested by Host: 149360532.v2.pressablecdn.com URL: https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/init.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 199.16.173.27 , United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 48c54ccf2a66c1dd2183131745b1b9531a42608d0d9564f9d137850d29177912 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://fraud.net/ X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers strict-transport-security max-age=31536000 content-encoding br x-content-type-options nosniff host-header Pressable referrer-policy strict-origin-when-cross-origin server nginx x-frame-options SAMEORIGIN date Thu, 25 Aug 2022 06:11:56 GMT vary Accept-Encoding content-type application/json; charset=UTF-8 access-control-allow-origin https://fraud.net cache-control no-cache, must-revalidate, max-age=0 access-control-allow-credentials true x-ac 2.hhn _atomic_ams x-robots-tag noindex expires Wed, 11 Jan 1984 05:00:00 GMT
POST H2	200	admin-ajax.php Show response fraud.net/wp-admin/	296 B 261 B	810ms 809ms	XHR application/json	199.16.173.27 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://fraud.net/wp-admin/admin-ajax.php Requested by Host: 149360532.v2.pressablecdn.com URL: https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/init.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 199.16.173.27 , United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 48d2519f4ed9cdc36acc3d0420fd97dbbfd65d4ab2b84e9710511c4cf0e58e70 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://fraud.net/ X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers strict-transport-security max-age=31536000 content-encoding br x-content-type-options nosniff host-header Pressable referrer-policy strict-origin-when-cross-origin server nginx x-frame-options SAMEORIGIN date Thu, 25 Aug 2022 06:11:56 GMT vary Accept-Encoding content-type application/json; charset=UTF-8 access-control-allow-origin https://fraud.net cache-control no-cache, must-revalidate, max-age=0 access-control-allow-credentials true x-ac 2.hhn _atomic_ams x-robots-tag noindex expires Wed, 11 Jan 1984 05:00:00 GMT
GET H2	200	optimize.js Show response www.google-analytics.com/gtm/	112 KB 43 KB	134ms 52ms	Script application/javascript	2a00:1450:4001:82a::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/gtm/optimize.js?id=GTM-PGJR3MN Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVZ4N9X Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 4cc4df4bbfbe198100686b960b071c1ae74b076e5eb0ce5a3cdc79a719bf1ccd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 25 Aug 2022 06:11:55 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 43507 x-xss-protection 0 expires Thu, 25 Aug 2022 06:11:55 GMT
GET H2	200	conversion_async.js Show response www.googleadservices.com/pagead/	41 KB 16 KB	126ms 44ms	Script text/javascript	142.250.186.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/conversion_async.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVZ4N9X Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f2.1e100.net Software cafe / Resource Hash 421ff7b6d660296443895950bff55ddb81a9eeb3d8c76e8cd067d3757bf249cb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 25 Aug 2022 06:11:55 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15682 x-xss-protection 0 server cafe etag 14097944420163075165 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 timing-allow-origin * expires Thu, 25 Aug 2022 06:11:55 GMT
GET H2	200	insight.min.js Show response snap.licdn.com/li.lms-analytics/	8 KB 3 KB	33ms 7ms	Script application/x-javascript	2a02:26f0:3500:16::215:149b AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://snap.licdn.com/li.lms-analytics/insight.min.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVZ4N9X Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 25 Aug 2022 06:11:55 GMT content-encoding gzip last-modified Fri, 12 Aug 2022 20:23:36 GMT x-cdn AKAM vary Accept-Encoding content-type application/x-javascript;charset=utf-8 cache-control max-age=26186 accept-ranges bytes content-length 3063
GET H2	200	bat.js Show response bat.bing.com/	38 KB 12 KB	60ms 31ms	Script application/javascript	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/bat.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVZ4N9X Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip last-modified Thu, 28 Jul 2022 17:32:37 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: F22AB1AD41724C50871DBCAE4E42E646 Ref B: FRAEDGE1107 Ref C: 2022-08-25T06:11:55Z etag "80a8697a8a2d81:0" vary Accept-Encoding x-cache CONFIG_NOCACHE content-type application/javascript access-control-allow-origin * cache-control private,max-age=1800 date Thu, 25 Aug 2022 06:11:54 GMT accept-ranges bytes content-length 11367
GET H2	200	hotjar-2001329.js Show response static.hotjar.com/c/	7 KB 3 KB	80ms 40ms	Script application/javascript	13.225.78.69 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.hotjar.com/c/hotjar-2001329.js?sv=7 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVZ4N9X Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.78.69 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-78-69.fra2.r.cloudfront.net Software / Resource Hash 4d49e2dad638a8966865ed4974181cf19a6e104b53b1a140c6dedb81a760abb7 Security Headers Name Value Strict-Transport-Security max-age=86400; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 25 Aug 2022 06:11:55 GMT content-encoding br x-content-type-options nosniff cache-control max-age=60 x-amz-cf-pop FRA2-C2 etag W/494cedfbaf73b3731af9e60d23377029 strict-transport-security max-age=86400; includeSubDomains x-cache Miss from cloudfront content-type application/javascript; charset=UTF-8 access-control-allow-origin * x-cache-hit 1 cross-origin-resource-policy cross-origin vary Accept-Encoding x-amz-cf-id ExdSmUHG5vxum7XnpOolGZPdcn6bixGVzv4R64NJd7mw4XAtS4k00w== via 1.1 286eb4b50e0acf373dd03645aee00b7e.cloudfront.net (CloudFront)
GET H/1.1	200 OK	roundtrip.js Show response s.adroll.com/j/	53 KB 17 KB	48ms 8ms	Script text/javascript	2600:9000:20eb:b400:6:9280:1080:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.adroll.com/j/roundtrip.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVZ4N9X Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:b400:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 9181a03603cfaf01c933ac067555d138f639b0690298048063c443e6752c310e Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers X-Amz-Version-Id _.fWzOgNBKywYayFIv_LGuPbUJBSF7So Content-Encoding gzip Etag W/"8c6ba7a787d20ac5a07294ecb85ab053" Age 624 X-Amz-Server-Side-Encryption AES256 Transfer-Encoding chunked X-Cache Hit from cloudfront Connection keep-alive Vary Accept-Encoding Via 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront) Last-Modified Wed, 17 Aug 2022 18:56:53 GMT Server AmazonS3 Date Thu, 25 Aug 2022 06:02:54 GMT Access-Control-Max-Age 600 Access-Control-Allow-Methods GET Content-Type text/javascript Access-Control-Allow-Origin * Cache-Control max-age=3600, must-revalidate Access-Control-Allow-Credentials false X-Amz-Cf-Pop FRA2-C1 Access-Control-Allow-Headers * X-Amz-Cf-Id ZlMY5rcQBd1IMKODpnAdP-VhJhIWypBPLL7acUOpjgYFb72NrqAy2w==
GET H2	200	2113031.js Show response js.hs-scripts.com/	2 KB 989 B	157ms 124ms	Script application/javascript	2606:4700::6811:d6cc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-scripts.com/2113031.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVZ4N9X Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:d6cc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 442d465aef21fe4aefaf1e478aea6323d6fc7aae5f9c3610e6b383a57ff02b68 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 25 Aug 2022 06:11:55 GMT content-encoding br vary Accept-Encoding cf-cache-status EXPIRED x-hubspot-correlation-id 4a0ba5a8-3d16-4ce0-b66f-c6fd9c530548 last-modified Wed, 24 Aug 2022 14:22:14 GMT server cloudflare x-trace 2B71B107CB6A718CB895DE5453B20ADE5B6813C3D8000000000000000000 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 3600 content-type application/javascript;charset=utf-8 access-control-allow-origin https://fraud.net cache-control public, max-age=60 access-control-allow-credentials true cf-ray 74022c4f4ef19025-FRA expires Thu, 25 Aug 2022 06:12:55 GMT
GET H2	200	analytics.js Show response media.fraud.net/shield/js/v1/	98 KB 30 KB	44ms 10ms	Script application/javascript	13.224.189.47 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://media.fraud.net/shield/js/v1/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVZ4N9X Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.189.47 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-189-47.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 0f47efcf7e21734e231f323a3d1ecf00c24dee2268687a589042d8de82500dda Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 25 Aug 2022 06:10:28 GMT content-encoding gzip last-modified Thu, 28 Feb 2019 18:42:24 GMT server AmazonS3 age 98 etag "7479109d61e7cc42fa7496c3a2a11d5e" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript; charset=utf-8 via 1.1 e0efba8a72628bfc3dc6d4d637b28302.cloudfront.net (CloudFront) cache-control max-age=300, no-transform, public x-amz-cf-pop FRA2-C1 accept-ranges bytes content-length 30572 x-amz-cf-id 1QFDQln6nixI_s7TIemiqnbIfj267wljiLzBos93pP0cnhYXmm-yNA==
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	100 KB 27 KB	25ms 8ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: fraud.net URL: https://fraud.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash aba13e76e0dfc68cd2710d1745d55c6b210cb2bec6ecd14a541615b685af8564 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding gzip x-content-type-options nosniff document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 content-length 26535 x-xss-protection 0 pragma public x-fb-debug GJ+ip4jDMfZuucOyyV1LUXopQ0bl5Bzx1NLmiITfgstb75Tjp0fB4Tdu646g7n9L29uEVrS7FmbEwtOkyOJ+OQ== x-fb-trip-id 686109401 cross-origin-opener-policy same-origin-allow-popups x-frame-options DENY date Thu, 25 Aug 2022 06:11:55 GMT strict-transport-security max-age=31536000; preload; includeSubDomains x-content-cdn-origin-ts 1661407912049 content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	60e76b46e4c4e9001293ca88 Show response ws.zoominfo.com/pixel/	3 KB 2 KB	189ms 155ms	Script text/javascript	2606:4700::6810:a852 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ws.zoominfo.com/pixel/60e76b46e4c4e9001293ca88 Requested by Host: fraud.net URL: https://fraud.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:a852 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 1c32a76a432a8495939727d5b39099402a40346e9331c14e987e15b3b35d7f47 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 25 Aug 2022 06:11:55 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status DYNAMIC server cloudflare x-powered-by Express expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/javascript access-control-allow-origin * access-control-allow-credentials true cf-ray 74022c4f4a7e927f-FRA access-control-allow-headers Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type via 1.1 google
POST H2	200	admin-ajax.php Show response fraud.net/wp-admin/	266 B 232 B	875ms 874ms	XHR application/json	199.16.173.27 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://fraud.net/wp-admin/admin-ajax.php Requested by Host: 149360532.v2.pressablecdn.com URL: https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/init.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 199.16.173.27 , United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash da1111f3cd48edcd323e1203dacc575861f96ba915d07485893a65509f634852 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://fraud.net/ X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers strict-transport-security max-age=31536000 content-encoding br x-content-type-options nosniff host-header Pressable referrer-policy strict-origin-when-cross-origin server nginx x-frame-options SAMEORIGIN date Thu, 25 Aug 2022 06:11:56 GMT vary Accept-Encoding content-type application/json; charset=UTF-8 access-control-allow-origin https://fraud.net cache-control no-cache, must-revalidate, max-age=0 access-control-allow-credentials true x-ac 2.hhn _atomic_ams x-robots-tag noindex expires Wed, 11 Jan 1984 05:00:00 GMT
POST H2	200	admin-ajax.php Show response fraud.net/wp-admin/	266 B 233 B	784ms 783ms	XHR application/json	199.16.173.27 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://fraud.net/wp-admin/admin-ajax.php Requested by Host: 149360532.v2.pressablecdn.com URL: https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/init.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 199.16.173.27 , United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash d71c7fc6e46c7803a7e9bacfe1165fdedce658c26950220df967885f467f822f Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://fraud.net/ X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers strict-transport-security max-age=31536000 content-encoding br x-content-type-options nosniff host-header Pressable referrer-policy strict-origin-when-cross-origin server nginx x-frame-options SAMEORIGIN date Thu, 25 Aug 2022 06:11:56 GMT vary Accept-Encoding content-type application/json; charset=UTF-8 access-control-allow-origin https://fraud.net cache-control no-cache, must-revalidate, max-age=0 access-control-allow-credentials true x-ac 2.hhn _atomic_ams x-robots-tag noindex expires Wed, 11 Jan 1984 05:00:00 GMT
GET DATA	200 OK	truncated /	1 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 4f3d35c6c4f11dcb2d162feb950a605448fa97de5c9b8d58109ef52eb167d566 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Content-Type image/png
GET H2	200	Group-2854-uai-258x74.png 149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/	21 KB 21 KB	7ms 7ms	Image image/png	192.0.77.39 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Group-2854-uai-258x74.png Requested by Host: fraud.net URL: https://fraud.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash 97894d5d517bdace45e5737e6288178fe70c289d2b8e326ac82f3fa88ec92c58 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-nc HIT hhn 2 date Thu, 25 Aug 2022 06:11:55 GMT x-ac 1.hhn _atomic_ams last-modified Fri, 03 Dec 2021 13:09:12 GMT server nginx strict-transport-security max-age=15552000 content-type image/png cache-control max-age=604800 accept-ranges bytes link <http://fraud.net/wp-content/uploads/sites/2/2021/09/Group-2854-uai-258x74.png>; rel="canonical" content-length 21518 expires Thu, 01 Sep 2022 06:11:55 GMT
POST H2	200	admin-ajax.php Show response fraud.net/wp-admin/	2 KB 489 B	775ms 775ms	XHR application/json	199.16.173.27 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://fraud.net/wp-admin/admin-ajax.php Requested by Host: 149360532.v2.pressablecdn.com URL: https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/init.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 199.16.173.27 , United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 35c436626ebd0171706ea264784d17f5f243c97b595da099e326ce18b0fed748 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://fraud.net/ X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers strict-transport-security max-age=31536000 content-encoding br x-content-type-options nosniff host-header Pressable referrer-policy strict-origin-when-cross-origin server nginx x-frame-options SAMEORIGIN date Thu, 25 Aug 2022 06:11:56 GMT vary Accept-Encoding content-type application/json; charset=UTF-8 access-control-allow-origin https://fraud.net cache-control no-cache, must-revalidate, max-age=0 access-control-allow-credentials true x-ac 2.hhn _atomic_ams x-robots-tag noindex expires Wed, 11 Jan 1984 05:00:00 GMT
GET H2	200	Group-2851@2x-uai-258x81.png 149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/	14 KB 14 KB	7ms 6ms	Image image/png	192.0.77.39 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Group-2851@2x-uai-258x81.png Requested by Host: fraud.net URL: https://fraud.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash d23369096b16514e42ec85aa9495bebeed9569aee7d01e2feb52c2fff4e626b1 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-nc HIT hhn 2 date Thu, 25 Aug 2022 06:11:55 GMT x-ac 2.hhn _atomic_ams last-modified Fri, 03 Dec 2021 13:09:12 GMT server nginx strict-transport-security max-age=15552000 content-type image/png cache-control max-age=604800 accept-ranges bytes link <http://fraud.net/wp-content/uploads/sites/2/2021/09/Group-2851@2x-uai-258x81.png>; rel="canonical" content-length 14643 expires Thu, 01 Sep 2022 06:11:55 GMT
POST H2	200	admin-ajax.php Show response fraud.net/wp-admin/	282 B 244 B	757ms 756ms	XHR application/json	199.16.173.27 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://fraud.net/wp-admin/admin-ajax.php Requested by Host: 149360532.v2.pressablecdn.com URL: https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/init.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 199.16.173.27 , United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 8f4e6c514391cf23118b7208f8d035deda8c80925c6cbd25bb8456289f3ca698 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://fraud.net/ X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers strict-transport-security max-age=31536000 content-encoding br x-content-type-options nosniff host-header Pressable referrer-policy strict-origin-when-cross-origin server nginx x-frame-options SAMEORIGIN date Thu, 25 Aug 2022 06:11:56 GMT vary Accept-Encoding content-type application/json; charset=UTF-8 access-control-allow-origin https://fraud.net cache-control no-cache, must-revalidate, max-age=0 access-control-allow-credentials true x-ac 2.hhn _atomic_ams x-robots-tag noindex expires Wed, 11 Jan 1984 05:00:00 GMT
GET H2	200	fraud-dot-net-background-dots-bottom-sm-uai-258x194.jpg 149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2018/10/	7 KB 7 KB	6ms 6ms	Image image/jpeg	192.0.77.39 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2018/10/fraud-dot-net-background-dots-bottom-sm-uai-258x194.jpg Requested by Host: fraud.net URL: https://fraud.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash be5349d4081fecf915783ec56264da71a51dc0e8171fd4556d1c7ea43ba1ba30 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-nc HIT hhn 2 date Thu, 25 Aug 2022 06:11:55 GMT x-ac 1.hhn _atomic_ams last-modified Fri, 03 Dec 2021 13:08:55 GMT server nginx strict-transport-security max-age=15552000 content-type image/jpeg cache-control max-age=604800 accept-ranges bytes link <http://fraud.net/wp-content/uploads/sites/2/2018/10/fraud-dot-net-background-dots-bottom-sm-uai-258x194.jpg>; rel="canonical" content-length 7103 expires Thu, 01 Sep 2022 06:11:55 GMT
OPTIONS H2	200	json forms.hsforms.com/embed/v3/form/2113031/e7da54a7-2f38-4f6a-9f57-178fe485ef3c/ Frame	0 0	161ms 130ms	Preflight text/plain	2606:4700::6810:5505 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://forms.hsforms.com/embed/v3/form/2113031/e7da54a7-2f38-4f6a-9f57-178fe485ef3c/json?hutk= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5505 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Accept */* Access-Control-Request-Headers x-requested-with Access-Control-Request-Method GET Origin https://fraud.net Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers access-control-allow-credentials false access-control-allow-headers x-requested-with access-control-allow-methods OPTIONS, GET access-control-allow-origin https://fraud.net access-control-expose-headers X-Origin-Hublet access-control-max-age 180 allow HEAD,GET,OPTIONS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control max-age=0, no-cache, no-store cf-cache-status DYNAMIC cf-ray 74022c4fdafc9b7d-FRA content-length 18 content-type text/plain; charset=utf-8 date Thu, 25 Aug 2022 06:11:55 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare strict-transport-security max-age=31536000; includeSubDomains; preload vary Accept-Encoding x-hubspot-correlation-id 125df33d-268a-4eef-9903-ce54653dfdfc x-robots-tag none x-trace 2BAFFC0E64AF7D3B2F8138714D058E015BF8F9AEDD000000000000000000
GET H3	200	json Show response forms.hsforms.com/embed/v3/form/2113031/e7da54a7-2f38-4f6a-9f57-178fe485ef3c/	5 KB 2 KB	154ms 135ms	XHR application/json	2606:4700::6810:5505 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://forms.hsforms.com/embed/v3/form/2113031/e7da54a7-2f38-4f6a-9f57-178fe485ef3c/json?hutk= Requested by Host: js.hsforms.net URL: https://js.hsforms.net/forms/v2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:5505 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9eb4ece3f4b8a7987a28a43981258ed2b34a3cb886e66ff1be26888e08eb33e9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Accept application/json, text/javascript Referer https://fraud.net/ X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-origin-hublet na1 date Thu, 25 Aug 2022 06:11:55 GMT content-encoding br vary Accept-Encoding cf-cache-status DYNAMIC x-hubspot-correlation-id 0cc2935b-553c-49a8-a081-285894e5b447 strict-transport-security max-age=31536000; includeSubDomains; preload alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-robots-tag none server cloudflare x-trace 2B3F2F9D9C0F4AEDB3AD5698398037DCB9D6A8FB2E000000000000000000 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 180 access-control-allow-methods OPTIONS, GET content-type application/json;charset=utf-8 access-control-allow-origin https://fraud.net access-control-expose-headers X-Origin-Hublet cache-control max-age=0, no-cache, no-store access-control-allow-credentials false cf-ray 74022c50ce42bb4a-FRA access-control-allow-headers *
POST H2	200	admin-ajax.php Show response fraud.net/wp-admin/	296 B 253 B	836ms 836ms	XHR application/json	199.16.173.27 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://fraud.net/wp-admin/admin-ajax.php Requested by Host: 149360532.v2.pressablecdn.com URL: https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/init.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 199.16.173.27 , United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash aec7103174f417cd268c7c27dfbbcf6c5f1f58d3263dd86bd39b1b5899379132 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://fraud.net/ X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers strict-transport-security max-age=31536000 content-encoding br x-content-type-options nosniff host-header Pressable referrer-policy strict-origin-when-cross-origin server nginx x-frame-options SAMEORIGIN date Thu, 25 Aug 2022 06:11:56 GMT vary Accept-Encoding content-type application/json; charset=UTF-8 access-control-allow-origin https://fraud.net cache-control no-cache, must-revalidate, max-age=0 access-control-allow-credentials true x-ac 2.hhn _atomic_ams x-robots-tag noindex expires Wed, 11 Jan 1984 05:00:00 GMT
GET H2	200	collect px4.ads.linkedin.com/ Redirect Chain https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=186217&time=1661407912331&url=https%3A%2F%2Ffraud.net%2F https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D186217%26time%3D1661407912331%26url%3Dhttps%253A%252F%252Ffraud.net%252F%26liSync... https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=186217&time=1661407912331&url=https%3A%2F%2Ffraud.net%2F&liSync=true https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=186217&time=1661407912331&url=https%3A%2F%2Ffraud.net%2F&liSync=true&e_ipv6=AQIw4zvWKovJ9AAAAYLToPBjU86lydKtnxolFVSZxlNRZHmRjjpCSZiMzYAwjDDo13Kreqg8	0 264 B	226ms 183ms	Image application/javascript	13.107.42.14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=186217&time=1661407912331&url=https%3A%2F%2Ffraud.net%2F&liSync=true&e_ipv6=AQIw4zvWKovJ9AAAAYLToPBjU86lydKtnxolFVSZxlNRZHmRjjpCSZiMzYAwjDDo13Kreqg8 Requested by Host: fraud.net URL: https://fraud.net/ Protocol H2 Server 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 25 Aug 2022 06:11:56 GMT x-li-pop afd-prod-lor1-x x-msedge-ref Ref A: 9608BF42930E4C5998C8FBDDE54F8535 Ref B: FRAEDGE1115 Ref C: 2022-08-25T06:11:56Z linkedin-action 1 x-cache CONFIG_NOCACHE content-type application/javascript x-li-proto http/2 content-length 0 x-li-uuid AAXnCqywsdmqFl1653tY5g== x-li-fabric prod-lor1 Redirect headers date Thu, 25 Aug 2022 06:11:56 GMT x-li-pop afd-prod-lor1-x x-msedge-ref Ref A: 61E3BCB9D5054E6E90F6D5ED47F8ABBF Ref B: FRAEDGE1311 Ref C: 2022-08-25T06:11:56Z linkedin-action 1 x-cache CONFIG_NOCACHE x-li-fabric prod-lor1 location https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=186217&time=1661407912331&url=https%3A%2F%2Ffraud.net%2F&liSync=true&e_ipv6=AQIw4zvWKovJ9AAAAYLToPBjU86lydKtnxolFVSZxlNRZHmRjjpCSZiMzYAwjDDo13Kreqg8 x-li-proto http/2 content-length 0 x-li-uuid AAXnCqyqd8cP6XakOpe1QA==
GET H3	200	1567786626743241 Show response connect.facebook.net/signals/config/	292 KB 84 KB	57ms 47ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/1567786626743241?v=2.9.77&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 0e900f777bb9ca536729d81c6528075fbc93fc32d66b6c96af1e603ade07487c Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; content-encoding gzip x-content-type-options nosniff document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 x-xss-protection 0 pragma public x-fb-debug 4D7e2GrtPbv3LxjxhdKbcB8TqUWdAVPbgD6hTshSVqmyJoQukSQO8j1xuksyJbEqhHshr1IpUFUM8OIIhqjPng== cross-origin-opener-policy same-origin-allow-popups x-frame-options DENY date Thu, 25 Aug 2022 06:11:55 GMT strict-transport-security max-age=31536000; preload; includeSubDomains x-content-cdn-origin-ts 1661407915549 content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	icallback.js Show response app.convolo.ai/js/	31 KB 8 KB	272ms 60ms	Script text/javascript	134.122.57.141 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://app.convolo.ai/js/icallback.js?v=0.7361156327968554&key=722eceab7f60d18ed20b7092f33c4d77&uri=https%3A%2F%2Ffraud.net%2F Requested by Host: fraud.net URL: https://fraud.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 134.122.57.141 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.18.0 / Express Resource Hash 4e7ff4873562daf3cba29763a7a1b43b448b311b934e9d430401780ab39a818a Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 25 Aug 2022 06:11:55 GMT content-encoding gzip etag W/"7bfe-RBSHf+YMXJyfMG/10vDtetjO5ZM" server nginx/1.18.0 x-powered-by Express vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin *
GET H2	200	preload.js Show response front.optimonk.com/public/177110/js/	4 KB 2 KB	40ms 19ms	Script application/javascript	157.245.25.14 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://front.optimonk.com/public/177110/js/preload.js Requested by Host: fraud.net URL: https://fraud.net/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 157.245.25.14 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash 4bf89233fc03abb0fcff3dc77a6d8b724c628aa5213aab3f95e80d06206d15be Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 25 Aug 2022 06:11:55 GMT content-encoding gzip x-content-type-options nosniff server nginx etag W/"1022-Xcdbhd9Btjfvr/LRn1EibwwsaU8" x-download-options noopen x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=1350 strict-transport-security max-age=15552000; includeSubDomains x-dns-prefetch-control off vary Accept-Encoding x-xss-protection 1; mode=block
GET H/1.1	200 OK	track.js Show response secure.gaug.es/	4 KB 4 KB	448ms 106ms	Script application/javascript	3.229.169.85 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://secure.gaug.es/track.js Requested by Host: fraud.net URL: https://fraud.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.229.169.85 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-229-169-85.compute-1.amazonaws.com Software nginx/1.10.3 (Ubuntu) / Resource Hash df2698e6cf74ed890afa92da10051f880df2ce0b3257b73c5d9ae2f6bea82d3c Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Thu, 25 Aug 2022 06:11:56 GMT Last-Modified Tue, 16 Aug 2022 10:33:40 GMT Server nginx/1.10.3 (Ubuntu) ETag "62fb7284-ef5" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 3829
GET H/1.1	200 OK	index.js Show response s.adroll.com/j/exp/ Redirect Chain https://s.adroll.com/j/exp/HVT2SOYWOBESJB535C7MUS/index.js https://s.adroll.com/j/exp/index.js	28 B 784 B	9ms 8ms	Script application/javascript	2600:9000:20eb:b400:6:9280:1080:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.adroll.com/j/exp/index.js Requested by Host: fraud.net URL: https://fraud.net/ Protocol HTTP/1.1 Server 2600:9000:20eb:b400:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers X-Amz-Version-Id BTP2rshxaRFWPNdrItPYEau9DI6Y8oce Via 1.1 42b60ee17f7593fff72ca1cb725d6c9a.cloudfront.net (CloudFront) Etag "5816cced8568d223aa09d889f300692b" Age 41155 X-Amz-Server-Side-Encryption AES256 X-Cache Hit from cloudfront Connection keep-alive Vary Accept-Encoding Content-Length 28 Last-Modified Wed, 06 Jul 2022 18:15:57 GMT Server AmazonS3 Date Thu, 25 Aug 2022 06:09:14 GMT Access-Control-Max-Age 600 Access-Control-Allow-Methods GET Content-Type application/javascript Access-Control-Allow-Origin * Access-Control-Allow-Credentials false X-Amz-Cf-Pop FRA2-C1 Accept-Ranges bytes Access-Control-Allow-Headers * X-Amz-Cf-Id rpbdx3ADYNSYE_fLfRv6RYw3zribeCijNqfklZiM5-FjEB_1ZhTz3Q== Redirect headers Date Thu, 25 Aug 2022 06:08:37 GMT Via 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront) Age 197 X-Cache Hit from cloudfront Connection keep-alive Content-Length 0 Server AmazonS3 Location https://s.adroll.com/j/exp/index.js Access-Control-Max-Age 600 Access-Control-Allow-Methods GET Content-Type application/xml Access-Control-Allow-Origin * Access-Control-Allow-Credentials false X-Amz-Cf-Pop FRA2-C1 Access-Control-Allow-Headers * X-Amz-Cf-Id gu7NleUDKOT3H3sfl4cenMA58sf8r55fRTTgOf03rJmNKIXqVNQw2w==
GET H/1.1	200 OK	index.js Show response s.adroll.com/j/pre/ Redirect Chain https://s.adroll.com/j/pre/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM/fpconsent.js https://s.adroll.com/j/pre/index.js	0 754 B	9ms 8ms	Script application/javascript	2600:9000:20eb:b400:6:9280:1080:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.adroll.com/j/pre/index.js Requested by Host: fraud.net URL: https://fraud.net/ Protocol HTTP/1.1 Server 2600:9000:20eb:b400:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers X-Amz-Version-Id nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy Via 1.1 42b60ee17f7593fff72ca1cb725d6c9a.cloudfront.net (CloudFront) Etag "d41d8cd98f00b204e9800998ecf8427e" Age 5256 X-Amz-Server-Side-Encryption AES256 X-Cache Hit from cloudfront Connection keep-alive Vary Accept-Encoding Content-Length 0 Last-Modified Wed, 15 Jan 2020 23:54:18 GMT Server AmazonS3 Date Thu, 25 Aug 2022 04:44:44 GMT Access-Control-Max-Age 600 Access-Control-Allow-Methods GET Content-Type application/javascript Access-Control-Allow-Origin * Access-Control-Allow-Credentials false X-Amz-Cf-Pop FRA2-C1 Accept-Ranges bytes Access-Control-Allow-Headers * X-Amz-Cf-Id sMDEDt1IdmoSMxKODJ_KYgGxX-Gce7wSGMajGtlBs3VEP9EwlZR4gg== Redirect headers Date Thu, 25 Aug 2022 00:09:08 GMT Via 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront) Age 21767 X-Cache Hit from cloudfront Connection keep-alive Content-Length 0 Server AmazonS3 Location https://s.adroll.com/j/pre/index.js Access-Control-Max-Age 600 Access-Control-Allow-Methods GET Content-Type application/xml Access-Control-Allow-Origin * Access-Control-Allow-Credentials false X-Amz-Cf-Pop FRA2-C1 Access-Control-Allow-Headers * X-Amz-Cf-Id 4p6l3XZtUiZRlv4zzaY1ur1YMwnCaME_3Fv1MeVIeJQZ4kg1BUkCbA==
GET H/1.1	200 OK	index.js Show response s.adroll.com/j/pre/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM/	0 807 B	25ms 10ms	Script text/javascript	2600:9000:20eb:b400:6:9280:1080:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.adroll.com/j/pre/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM/index.js Requested by Host: s.adroll.com URL: https://s.adroll.com/j/roundtrip.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:b400:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers X-Amz-Version-Id IqpJo59hTZaXSzvtS6IpBSfvHG56VGZw Via 1.1 42b60ee17f7593fff72ca1cb725d6c9a.cloudfront.net (CloudFront) Etag "d41d8cd98f00b204e9800998ecf8427e" Age 197 X-Amz-Server-Side-Encryption AES256 X-Cache Hit from cloudfront Connection keep-alive Vary Accept-Encoding Content-Length 0 Last-Modified Mon, 22 Aug 2022 03:30:45 GMT Server AmazonS3 Date Thu, 25 Aug 2022 06:08:39 GMT Access-Control-Max-Age 600 Access-Control-Allow-Methods GET Content-Type text/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control max-age=3600, must-revalidate Access-Control-Allow-Credentials false X-Amz-Cf-Pop FRA2-C1 Accept-Ranges bytes Access-Control-Allow-Headers * X-Amz-Cf-Id tKxDLx7lgozt_mH9RMGq7_zjxnSudD275BHrtTep-QZuwnUAOn98MQ==
GET H2	200	modules.037fa2a5f9634344bb40.js Show response script.hotjar.com/	252 KB 64 KB	58ms 8ms	Script application/javascript	13.224.189.42 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/modules.037fa2a5f9634344bb40.js Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-2001329.js?sv=7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.189.42 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-189-42.fra2.r.cloudfront.net Software / Resource Hash 0ebe2c16dd702fb36cb07dc99f2d813d0beaf371fbe3a642a2fdf81e0935e278 Security Headers Name Value Strict-Transport-Security max-age=86400; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Tue, 23 Aug 2022 09:09:06 GMT content-encoding br x-content-type-options nosniff age 162169 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin strict-transport-security max-age=86400; includeSubDomains content-length 65462 access-control-allow-origin * last-modified Tue, 23 Aug 2022 09:08:13 GMT etag "09f4d29c25bcfe4e00b570bb04ce589d" vary Accept-Encoding content-type application/javascript via 1.1 e976f829f2d1c4787d42d0595ae7cf74.cloudfront.net (CloudFront) cache-control max-age=31536000 x-amz-cf-pop FRA2-C1 accept-ranges bytes x-robots-tag none x-amz-cf-id lhptVnyYBGMhYNy2l7hbFhtvKguv3rmaZV8W9q6SE5Cps0kBOMk3qg==
GET H2	200	761269575-6c5f8c54d48457c4a582eb93d22363f05ec10d47e9829dffd8598b02a20ddb61-d.jpg i.vimeocdn.com/video/ Frame 55E7	2 KB 2 KB	35ms 12ms	Image image/jpeg	151.101.14.109 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.vimeocdn.com/video/761269575-6c5f8c54d48457c4a582eb93d22363f05ec10d47e9829dffd8598b02a20ddb61-d.jpg?mw=80&q=85 Requested by Host: player.vimeo.com URL: https://player.vimeo.com/video/235637953? Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 71e71947e14e056db8dfe955894ca7ae88b0dbe55dad48c6b9270de946b2ecb8 Request headers accept-language de-DE,de;q=0.9 Referer https://player.vimeo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 25 Aug 2022 06:11:55 GMT via vvarnish, 1.1 varnish, 1.1 varnish age 1970266 x-viewmaster-lossless-format lossy x-cache miss, HIT, HIT x-backend-server varnish content-length 1659 viewmaster-server viewmaster-us-central1-x3pt x-served-by cache-dfw-kdfw8210098-DFW, cache-fra19170-FRA x-timer S1661407916.770423,VS0,VE2 etag 81c15d4e4ece4e5dff2ba9c297822654 access-control-max-age 86400 content-type image/jpeg access-control-allow-origin * access-control-expose-headers X-Viewmaster-Status cache-control public, max-age=2592000 accept-ranges bytes x-cache-hits 1, 1
GET H2	200	player.de-DE.js Show response f.vimeocdn.com/p/4.9.3/js/ Frame 55E7	884 KB 208 KB	32ms 9ms	Script application/javascript	151.101.114.109 FASTLY
General Check archive.org Show headers Download Go to Full URL https://f.vimeocdn.com/p/4.9.3/js/player.de-DE.js Requested by Host: player.vimeo.com URL: https://player.vimeo.com/video/235637953? Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash ebcce4fd584085554dd3ef628470e4f2ba94066bcf2d0b1d6b9887f3aa9cbdf9 Request headers accept-language de-DE,de;q=0.9 Referer https://player.vimeo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 25 Aug 2022 06:11:55 GMT via 1.1 varnish, 1.1 varnish age 480984 x-served-by cache-iad-kiad7000055-IAD, cache-hhn4030-HHN vary Accept-Encoding,x-http-method-override x-cache HIT, HIT content-type application/javascript content-encoding br cache-control max-age=1209600 accept-ranges bytes x-timer S1661407916.770686,VS0,VE0 content-length 212451 x-cache-hits 1, 50410
GET H2	200	player.css f.vimeocdn.com/p/4.9.3/css/ Frame 55E7	184 KB 19 KB	30ms 7ms	Stylesheet text/css	151.101.114.109 FASTLY
General Check archive.org Show headers Download Go to Full URL https://f.vimeocdn.com/p/4.9.3/css/player.css Requested by Host: player.vimeo.com URL: https://player.vimeo.com/video/235637953? Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 62273854e47f98d81fa72d07b0a067d2d3afd04dafe6644ebffb1f61105f671b Request headers accept-language de-DE,de;q=0.9 Referer https://player.vimeo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 25 Aug 2022 06:11:55 GMT via 1.1 varnish, 1.1 varnish age 480987 x-served-by cache-iad-kjyo7100050-IAD, cache-hhn4030-HHN vary Accept-Encoding,x-http-method-override x-cache HIT, HIT content-type text/css access-control-allow-origin * content-encoding br cache-control max-age=1209600 accept-ranges bytes x-timer S1661407916.770562,VS0,VE0 content-length 19376 x-cache-hits 1, 341543
GET H2	200	vuid.min.js Show response f.vimeocdn.com/js_opt/modules/utils/ Frame 55E7	2 KB 1 KB	31ms 9ms	Script application/javascript	151.101.114.109 FASTLY
General Check archive.org Show headers Download Go to Full URL https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js Requested by Host: player.vimeo.com URL: https://player.vimeo.com/video/235637953? Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash c051b8b5eb2a0aef699780f15a449491868faa6f8b39b684b5ae8f64f345b94a Request headers accept-language de-DE,de;q=0.9 Referer https://player.vimeo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 25 Aug 2022 06:11:55 GMT via 1.1 varnish, 1.1 varnish age 392077 x-timer S1661407916.770684,VS0,VE0 x-served-by cache-iad-kcgs7200048-IAD, cache-hhn4030-HHN vary Accept-Encoding,x-http-method-override x-cache HIT, HIT content-type application/javascript content-encoding gzip cache-control public, max-age=2592000 accept-ranges bytes timing-allow-origin * content-length 997 x-cache-hits 1, 252614
GET H2	200	4000327.js Show response bat.bing.com/p/action/	1 KB 841 B	228ms 226ms	Script application/javascript	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/p/action/4000327.js Requested by Host: bat.bing.com URL: https://bat.bing.com/bat.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 622f0c7e5a45a3acbec3e95c26851d305216d5bfb653a4736d524c7052ee8334 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 62195544285543E0B7B7F189E1801E2A Ref B: FRAEDGE1107 Ref C: 2022-08-25T06:11:55Z date Thu, 25 Aug 2022 06:11:55 GMT vary Accept-Encoding x-cache CONFIG_NOCACHE content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control private,max-age=60 content-length 666
GET H2	204	0 bat.bing.com/action/	0 175 B	33ms 32ms	Image text/plain	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://bat.bing.com/action/0?ti=4000327&tm=gtm002&Ver=2&mid=21bd4eae-8e18-417d-8034-d572a2585a02&sid=d01a5250243c11ed85d945bea6004e10&vid=d01a4160243c11edbc3357d0e526b126&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Fraud.net%20%7C%20AI%20Fraud%20Detection%20and%20Prevention%20for%20Enterprises&p=https%3A%2F%2Ffraud.net%2F&r=&lt=2538&evt=pageLoad&sv=1&rn=676541 Requested by Host: fraud.net URL: https://fraud.net/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=31536000; includeSubDomains; preload accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 3AA63F17B3F7467C82A18D540E1AD5A3 Ref B: FRAEDGE1107 Ref C: 2022-08-25T06:11:55Z date Thu, 25 Aug 2022 06:11:54 GMT x-cache CONFIG_NOCACHE access-control-allow-origin * cache-control no-cache, must-revalidate expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/998743206/	2 KB 2 KB	161ms 80ms	Script text/javascript	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/998743206/?random=1661407912641&cv=9&fst=1661407912641&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg8m0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Ffraud.net%2F&tiba=Fraud.net%20%7C%20AI%20Fraud%20Detection%20and%20Prevention%20for%20Enterprises&auid=1921845629.1661407912&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 Requested by Host: www.googleadservices.com URL: https://www.googleadservices.com/pagead/conversion_async.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 2e59be1d67b0d104fe7e40f09cb4eb8d0a8353fd93fb009aa40f8e3eaaff9658 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Thu, 25 Aug 2022 06:11:55 GMT content-encoding gzip x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1033 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	2113031.js Show response js.hs-banner.com/	60 KB 16 KB	461ms 425ms	Script text/javascript	2606:4700:4400::ac40:9a55 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-banner.com/2113031.js Requested by Host: js.hs-scripts.com URL: https://js.hs-scripts.com/2113031.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:9a55 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e7919e8e33a7ec856c123829114cb062da969c2dba5bd76ebc1a1759eb8f7d63 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 25 Aug 2022 06:11:56 GMT content-encoding br cf-cache-status REVALIDATED x-amz-request-id V252FJW8683QR6ZH x-amz-server-side-encryption AES256 content-type text/javascript; charset=UTF-8 access-control-max-age 604800 x-amz-id-2 /Q/6lnkJ6hbuvqjODESNhURr/CjXTkxRmvqmRbS8AWXkrXigavbNfxOqdq25JwOopR17TGEDnzo= timing-allow-origin * last-modified Tue, 23 Aug 2022 20:40:55 GMT server cloudflare etag W/"a30a68b79dcd24191e1e6e70700cd279" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD x-amz-version-id 0QHK_9_YWAvLK6HdSGGiccExXslS2_BV access-control-allow-origin https://fraud.net access-control-expose-headers x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing cache-control max-age=300, public access-control-allow-credentials true cf-ray 74022c51fb479a41-FRA access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id expires Thu, 25 Aug 2022 06:16:56 GMT
GET H2	200	leadflows.js Show response js.hsleadflows.net/	548 KB 88 KB	69ms 29ms	Script application/javascript	2606:4700::6811:e9cc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hsleadflows.net/leadflows.js Requested by Host: js.hs-scripts.com URL: https://js.hs-scripts.com/2113031.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:e9cc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ea21ff9664b52694ea829b6553aedc3d67a5a5867a173284395f904e4f5dc014 Request headers Referer https://fraud.net/ Origin https://fraud.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 25 Aug 2022 06:11:55 GMT via 1.1 4a050b98a443ca2d3af477f9b4dc39ae.cloudfront.net (CloudFront) vary Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method cf-cache-status HIT age 44606 x-amz-server-side-encryption AES256 content-security-policy-report-only frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=lead-flows-js/static-1.1106/bundle/main/lead-flows-release.js&cfRay=73fdeb4c3bba9a24-IAD x-cache Hit from cloudfront cache-tag staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod x-amz-replication-status COMPLETED content-encoding br cf-ray 74022c520d5f5b9e-FRA last-modified Mon, 22 Aug 2022 01:21:28 UTC server cloudflare etag W/"0c24f3060d1178909a85b4ab9a000639" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 3000 access-control-allow-methods GET x-amz-version-id a33gcE0MRil3cAfo1VEwTC6ydN3a0TVb access-control-allow-origin * cache-control s-maxage=86400, max-age=0 x-hs-cache-status MISS x-amz-cf-pop IAD89-P1 content-type application/javascript; charset=utf-8 x-amz-cf-id p94plq4u7O4QSatqTW9Lp3VgMog52XTItuIwD5Gk4_XZk5fdAdtvDg== x-hs-target-asset lead-flows-js/static-1.1106/bundle/main/lead-flows-release.js
GET H2	200	2113031.js Show response js.hs-analytics.net/analytics/1661407800000/	63 KB 20 KB	185ms 158ms	Script text/javascript	2606:4700::6811:43b0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-analytics.net/analytics/1661407800000/2113031.js Requested by Host: js.hs-scripts.com URL: https://js.hs-scripts.com/2113031.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:43b0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 020507ea704ff4a8e616a31894df2fb387c0adf72cce07a10d40ea96d05ac93f Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 25 Aug 2022 06:11:55 GMT content-encoding br cf-cache-status MISS x-amz-request-id 5B0VM2NC29YXPMGX x-amz-server-side-encryption AES256 cf-ray 74022c51ff7990e6-FRA x-amz-id-2 EVaBhHBv3AGERP+sYkTf6SIphF0I2dgYTUqRKd6NGDPKs4pGKqQW4sKi2SB+6tM/sUXbHjWt3sg= last-modified Tue, 23 Aug 2022 20:18:19 GMT server cloudflare etag W/"20faff190c2c575f943bb6a2bc39a8d5" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-amz-version-id null cache-control max-age=300, public access-control-allow-credentials false content-type text/javascript expires Thu, 25 Aug 2022 06:16:55 GMT
GET H2	200	collectedforms.js Show response js.hscollectedforms.net/	72 KB 25 KB	65ms 24ms	Script application/javascript	2606:4700::6811:83ab CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hscollectedforms.net/collectedforms.js Requested by Host: js.hs-scripts.com URL: https://js.hs-scripts.com/2113031.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:83ab , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5e0a88a680075dec852a87e3caa62bbb27bc77affb238de1778e1a8dca88e088 Request headers Referer https://fraud.net/ Origin https://fraud.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 25 Aug 2022 06:11:55 GMT via 1.1 d3cd567650e598ded7d5dd9266aa396c.cloudfront.net (CloudFront) cf-cache-status HIT age 85275 x-amz-server-side-encryption AES256 content-security-policy-report-only frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.285/bundles/project.js&cfRay=73fa0a654eea9b7d-IAD x-cache Hit from cloudfront cache-tag staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod access-control-max-age 3000 x-amz-replication-status COMPLETED content-encoding br cf-ray 74022c5208049c01-FRA last-modified Mon, 18 Jul 2022 02:17:32 UTC server cloudflare etag W/"877e5f54a66a69786dec54038d0864c4" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method access-control-allow-methods GET x-amz-version-id gdKWpz_yvObw8s97wY_QgOhrdmJzIElp access-control-allow-origin * cache-control s-maxage=86400, max-age=0 x-hs-cache-status MISS x-amz-cf-pop IAD89-P2 content-type application/javascript; charset=utf-8 x-amz-cf-id JpCgbJ3iZIEYMgKmaRAOgrnkxlp9kEA0sNfnAy7VSTZTidO5QUPe_A== x-hs-target-asset collected-forms-embed-js/static-1.285/bundles/project.js
POST H2	200	tp2 Show response device.fraud.net/com.snowplowanalytics.snowplow/	2 B 323 B	322ms 116ms	XHR text/plain	107.20.11.76 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://device.fraud.net/com.snowplowanalytics.snowplow/tp2 Requested by Host: media.fraud.net URL: https://media.fraud.net/shield/js/v1/analytics.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 107.20.11.76 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-107-20-11-76.compute-1.amazonaws.com Software nginx / Resource Hash 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df Request headers Referer https://fraud.net/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Content-Type application/json; charset=UTF-8 Response headers access-control-allow-origin https://fraud.net date Thu, 25 Aug 2022 06:11:56 GMT access-control-allow-credentials true server nginx content-type text/plain; charset=UTF-8 content-length 2 p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
OPTIONS H2	200	tp2 device.fraud.net/com.snowplowanalytics.snowplow/ Frame	0 0	331ms 102ms	Preflight	107.20.11.76 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://device.fraud.net/com.snowplowanalytics.snowplow/tp2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 107.20.11.76 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-107-20-11-76.compute-1.amazonaws.com Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://fraud.net Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Content-Type, SP-Anonymous access-control-allow-origin https://fraud.net access-control-max-age 5 content-length 0 date Thu, 25 Aug 2022 06:11:56 GMT server nginx
GET H3	200	cm us-u.openx.net/w/1.0/ Redirect Chain https://aorta.clickagy.com/pixel.gif?ch=278&cm=678a03a7664e090c105d8b2cb841d7fce4629060bb8ec4fffd017e52e7bbdeb1 https://sync.crwdcntrl.net/map/c=8545/tp=CKGY/tpid=c:d2c2385b65f3e3b5ecc387359ef54d12/gdpr=0/gdpr_consent=false/?https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D120%26cm%3D%24%7... https://sync.crwdcntrl.net/map/ct=y/c=8545/tp=CKGY/tpid=c:d2c2385b65f3e3b5ecc387359ef54d12/gdpr=0/gdpr_consent=false/?https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D120%26cm%3D... https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=120&cm= https://cm.g.doubleclick.net/pixel?google_nid=clickagy&google_sc&google_cm&google_hm=YzpkMmMyMzg1YjY1ZjNlM2I1ZWNjMzg3MzU5ZWY1NGQxMg https://aorta.clickagy.com/pixel.gif?ch=8&cm=CAESEMW_MH72zpXhaN7V-_bUtFo&google_cver=1 https://sync.crwdcntrl.net/map/c=8545/tp=CKGY/tpid=c:d2c2385b65f3e3b5ecc387359ef54d12/gdpr=0/gdpr_consent=false/?https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D120%26cm%3D%24%7... https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=120&cm= https://us-u.openx.net/w/1.0/cm?id=af408286-42f3-4d1c-bb48-10bd86dbcd66&r=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fch%3D4%26cm%3D%7BOPENX_ID%7D%26redir%3Dhttps%253A%252F%252Fus-u.openx.net%25...	43 B 75 B	37ms 20ms	Image image/gif	34.98.64.218 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://us-u.openx.net/w/1.0/cm?id=af408286-42f3-4d1c-bb48-10bd86dbcd66&r=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fch%3D4%26cm%3D%7BOPENX_ID%7D%26redir%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537073026%2526val%253D%257Bvisitor_id%257D Requested by Host: fraud.net URL: https://fraud.net/ Protocol H3 Server 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 218.64.98.34.bc.googleusercontent.com Software OXGW/0.0.0 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Thu, 25 Aug 2022 06:11:57 GMT content-encoding gzip server OXGW/0.0.0 vary Accept, Accept-Encoding p3p CP="CUR ADM OUR NOR STA NID" via 1.1 google cache-control private, max-age=0, no-cache content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 56 expires Mon, 26 Jul 1997 05:00:00 GMT Redirect headers date Thu, 25 Aug 2022 06:11:57 GMT server Aorta/20220823.10fb48f9 location https://us-u.openx.net/w/1.0/cm?id=af408286-42f3-4d1c-bb48-10bd86dbcd66&r=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fch%3D4%26cm%3D%7BOPENX_ID%7D%26redir%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537073026%2526val%253D%257Bvisitor_id%257D expect 0 access-control-max-age 31536000 access-control-allow-methods POST, GET, OPTIONS content-type application/json access-control-allow-origin access-control-expose-headers Set-Cookie cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true x-aorta-region us-east-1 x-aorta-host d0f5855ac2ba access-control-allow-headers Origin,cache-control,content-type,man,messagetype,soapaction content-length 0
GET H3	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	117ms 36ms	Script text/javascript	2a00:1450:4001:82a::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVZ4N9X Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Wed, 13 Apr 2022 21:02:38 GMT server Golfe2 age 3958 date Thu, 25 Aug 2022 05:05:57 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Thu, 25 Aug 2022 07:05:57 GMT
GET H2	200	box-1ada912494ba7fc7aca15fcef1c2a7ae.html Show response vars.hotjar.com/ Frame 7310	2 KB 1 KB	54ms 7ms	Document text/html	13.224.189.10 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://vars.hotjar.com/box-1ada912494ba7fc7aca15fcef1c2a7ae.html Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-2001329.js?sv=7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.189.10 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-189-10.fra2.r.cloudfront.net Software / Resource Hash 90438997aa817bad94f49d367b04dbaaaa387493ef5a1f5b5d5f7b953b76c1ac Security Headers Name Value Strict-Transport-Security max-age=86400; includeSubDomains Request headers Referer https://fraud.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 3706729 cache-control max-age=31536000 content-encoding br content-length 1044 content-type text/html cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Wed, 13 Jul 2022 08:33:06 GMT etag "0b3d3f4206ab84d8861a8cc4b2ddbe66" last-modified Wed, 13 Jul 2022 08:32:20 GMT strict-transport-security max-age=86400; includeSubDomains vary Accept-Encoding via 1.1 2ec3090d74e200e4acdb2780da3c3c44.cloudfront.net (CloudFront) x-amz-cf-id ggDi2vflVejCg2aOZvxRN-pQGf3wHXRHBIeTr_NvBF_oBI-paDZEKA== x-amz-cf-pop FRA2-C1 x-cache Hit from cloudfront x-robots-tag none
GET H2	200	HVT2SOYWOBESJB535C7MUS Show response d.adroll.com/consent/check/	448 B 917 B	112ms 29ms	Script application/javascript	108.128.2.13 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d.adroll.com/consent/check/HVT2SOYWOBESJB535C7MUS?arrfrr=https%3A%2F%2Ffraud.net%2F&_s=470c4f80f383b94eaffddd9d3b949cbf&_b=2 Requested by Host: s.adroll.com URL: https://s.adroll.com/j/roundtrip.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 108.128.2.13 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-108-128-2-13.eu-west-1.compute.amazonaws.com Software nginx/1.20.0 / Resource Hash cf518126d84e176a78c36a9257c8e5fb70b401e48268e4fd1feda3fd1432874d Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Thu, 25 Aug 2022 06:11:55 GMT cache-control no-store, no-cache, must-revalidate server nginx/1.20.0 content-type application/javascript content-length 448 p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
GET H2	200	preload-base.ee4452c8.js Show response front.optimonk.com/	52 KB 17 KB	14ms 14ms	Script application/javascript	157.245.25.14 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://front.optimonk.com/preload-base.ee4452c8.js Requested by Host: front.optimonk.com URL: https://front.optimonk.com/public/177110/js/preload.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 157.245.25.14 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash 4d53ef07c09b2dbd4a2da0d7de0fd16fc49ea43fe1da4412727ce3f99cb37e2a Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 25 Aug 2022 06:11:55 GMT content-encoding gzip x-content-type-options nosniff server nginx etag W/"d113-jc8ETtb9aFqEObQN8/PmUH6uf2c" x-download-options noopen x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=604800 strict-transport-security max-age=15552000; includeSubDomains x-dns-prefetch-control off vary Accept-Encoding x-xss-protection 1; mode=block
GET H2	200	MicrosoftTeams-image-2-2.png 149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/	192 KB 192 KB	7ms 7ms	Image image/png	192.0.77.39 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/MicrosoftTeams-image-2-2.png Requested by Host: fraud.net URL: https://fraud.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash bde3b71f93b22cd94edb3a80c7ca8dc84e6e90f0609084d6254c7b82a1f59fb5 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-nc HIT hhn 2 date Thu, 25 Aug 2022 06:11:55 GMT x-ac 2.hhn _atomic_ams last-modified Fri, 03 Sep 2021 16:33:05 GMT server nginx strict-transport-security max-age=15552000 access-control-allow-methods GET, HEAD content-type image/png access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes link <http://fraud.net/wp-content/uploads/sites/2/2021/09/MicrosoftTeams-image-2-2.png>; rel="canonical" content-length 196542 expires Thu, 01 Sep 2022 06:11:55 GMT
GET H2	200	enterprise.js Show response www.google.com/recaptcha/	1008 B 1 KB	154ms 66ms	Script text/javascript	2a00:1450:4001:829::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit&isolated=true Requested by Host: js.hsforms.net URL: https://js.hsforms.net/forms/v2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 26a820079654b1e24673e578de6c858302b466cac28db21ad7bb58c966ae1553 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 25 Aug 2022 06:11:55 GMT content-encoding gzip x-content-type-options nosniff server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin content-security-policy frame-ancestors 'self' alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 616 x-xss-protection 1; mode=block expires Thu, 25 Aug 2022 06:11:55 GMT
GET H2	200	/ www.facebook.com/tr/	44 B 297 B	29ms 9ms	Image image/gif	2a03:2880:f11c:8183:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1567786626743241&ev=PageView&dl=https%3A%2F%2Ffraud.net%2F&rl=&if=false&ts=1661407912824&sw=1600&sh=1200&v=2.9.77&r=stable&ec=0&o=30&fbp=fb.1.1661407912823.1601690513&it=1661407912338&coo=false&rqm=GET Requested by Host: fraud.net URL: https://fraud.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 25 Aug 2022 06:11:56 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 44 expires Thu, 25 Aug 2022 06:11:56 GMT
GET H2	200	icallback.b7567e0eee5c6197a915.js Show response app.leadconnect.cc/	384 KB 70 KB	59ms 29ms	Script application/javascript	134.122.57.141 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://app.leadconnect.cc/icallback.b7567e0eee5c6197a915.js Requested by Host: app.convolo.ai URL: https://app.convolo.ai/js/icallback.js?v=0.7361156327968554&key=722eceab7f60d18ed20b7092f33c4d77&uri=https%3A%2F%2Ffraud.net%2F Protocol H2 Security TLS 1.3, , AES_128_GCM Server 134.122.57.141 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.18.0 / Resource Hash d0772452d6787b0c560aa284b90407f6f834d9029a4dc9d4c706a15a11af6fd3 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 25 Aug 2022 06:11:56 GMT content-encoding gzip last-modified Fri, 01 Jul 2022 10:36:16 GMT server nginx/1.18.0 etag W/"62bece20-601b2" vary Accept-Encoding content-type application/javascript cache-control max-age=315360000 expires Thu, 31 Dec 2037 23:55:55 GMT
POST H2	200	player-test-impression fresnel.vimeocdn.com/add/ Frame 55E7	0 40 B	196ms 128ms	Ping text/plain	34.120.202.204 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fresnel.vimeocdn.com/add/player-test-impression?beacon=1 Requested by Host: f.vimeocdn.com URL: https://f.vimeocdn.com/p/4.9.3/js/player.de-DE.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.120.202.204 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 204.202.120.34.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://player.vimeo.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin https://player.vimeo.com date Thu, 25 Aug 2022 06:11:56 GMT via 1.1 google access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	761269575-6c5f8c54d48457c4a582eb93d22363f05ec10d47e9829dffd8598b02a20ddb61-d i.vimeocdn.com/video/ Frame 55E7	27 KB 27 KB	8ms 7ms	Image image/avif	151.101.14.109 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.vimeocdn.com/video/761269575-6c5f8c54d48457c4a582eb93d22363f05ec10d47e9829dffd8598b02a20ddb61-d?mw=700&mh=394 Requested by Host: player.vimeo.com URL: https://player.vimeo.com/video/235637953? Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 5a8fec3c4a16262ecaa3bb9de610f13ba27c1ae1699af37faa43a6cd1ebcc52d Request headers accept-language de-DE,de;q=0.9 Referer https://player.vimeo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 25 Aug 2022 06:11:56 GMT via vvarnish, 1.1 varnish, 1.1 varnish age 1966901 x-viewmaster-lossless-format automatic x-cache miss, HIT, HIT access-control-max-age 86400 x-backend-server varnish content-length 27328 viewmaster-server viewmaster-us-east1-k0q5 x-served-by cache-dfw-kdfw8210099-DFW, cache-fra19170-FRA x-timer S1661407916.325988,VS0,VE1 etag f8192317ef45f7d64358bbad45347dbc vary Accept content-type image/avif access-control-allow-origin * access-control-expose-headers X-Viewmaster-Status cache-control public, max-age=2592000 accept-ranges bytes x-cache-hits 1, 1
POST H2	200	player-stats fresnel.vimeocdn.com/add/ Frame 55E7	0 142 B	188ms 127ms	Ping text/plain	34.120.202.204 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=bd7aa6638fef3437c449d23a62675ee312b395f81661407915 Requested by Host: f.vimeocdn.com URL: https://f.vimeocdn.com/p/4.9.3/js/player.de-DE.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.120.202.204 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 204.202.120.34.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://player.vimeo.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin https://player.vimeo.com date Thu, 25 Aug 2022 06:11:56 GMT via 1.1 google access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	Group-2851.png 149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/	304 KB 305 KB	7ms 6ms	Image image/png	192.0.77.39 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Group-2851.png Requested by Host: fraud.net URL: https://fraud.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash 2d94d3066a34b525976103a941c069e16f5ed11534466b0070d88f83a63c9ef7 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-nc HIT hhn 2 date Thu, 25 Aug 2022 06:11:56 GMT x-ac 1.hhn _atomic_ams last-modified Fri, 03 Sep 2021 16:15:11 GMT server nginx strict-transport-security max-age=15552000 access-control-allow-methods GET, HEAD content-type image/png access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes link <http://fraud.net/wp-content/uploads/sites/2/2021/09/Group-2851.png>; rel="canonical" content-length 311451 expires Thu, 01 Sep 2022 06:11:56 GMT
GET H2	200	Group-2858.png 149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/	235 KB 236 KB	6ms 6ms	Image image/png	192.0.77.39 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Group-2858.png Requested by Host: fraud.net URL: https://fraud.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash f557768dc0c8791b80b0d6415b9c5d292503431d5c48f155e23f335883c7fe4c Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-nc HIT hhn 2 date Thu, 25 Aug 2022 06:11:56 GMT x-ac 2.hhn _atomic_ams last-modified Fri, 03 Sep 2021 16:14:30 GMT server nginx strict-transport-security max-age=15552000 access-control-allow-methods GET, HEAD content-type image/png access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes link <http://fraud.net/wp-content/uploads/sites/2/2021/09/Group-2858.png>; rel="canonical" content-length 241112 expires Thu, 01 Sep 2022 06:11:56 GMT
GET H2	200	Group-2859.png 149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/	84 KB 84 KB	8ms 8ms	Image image/png	192.0.77.39 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Group-2859.png Requested by Host: fraud.net URL: https://fraud.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash 8a5b549f97ff7e1523fed10f7de1b2bd371e1d07a9a5ffb748520609b348bb5d Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-nc HIT hhn 2 date Thu, 25 Aug 2022 06:11:56 GMT x-ac 1.hhn _atomic_ams last-modified Fri, 03 Sep 2021 16:14:37 GMT server nginx strict-transport-security max-age=15552000 access-control-allow-methods GET, HEAD content-type image/png access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes link <http://fraud.net/wp-content/uploads/sites/2/2021/09/Group-2859.png>; rel="canonical" content-length 85846 expires Thu, 01 Sep 2022 06:11:56 GMT
GET H2	200	Computer-Appstore-e1628881087778-uai-1032x638.png 149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/	191 KB 191 KB	8ms 8ms	Image image/png	192.0.77.39 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Computer-Appstore-e1628881087778-uai-1032x638.png Requested by Host: fraud.net URL: https://fraud.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash d34714f028b8a056625c6cc214a4a2456052e03cee9bac45c19b138f4560b368 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-nc HIT hhn 2 date Thu, 25 Aug 2022 06:11:56 GMT x-ac 1.hhn _atomic_ams last-modified Fri, 03 Dec 2021 13:48:14 GMT server nginx strict-transport-security max-age=15552000 content-type image/png cache-control max-age=604800 accept-ranges bytes link <http://fraud.net/wp-content/uploads/sites/2/2021/09/Computer-Appstore-e1628881087778-uai-1032x638.png>; rel="canonical" content-length 195680 expires Thu, 01 Sep 2022 06:11:56 GMT
GET H2	200	Group-2854.png 149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/	265 KB 265 KB	10ms 10ms	Image image/png	192.0.77.39 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Group-2854.png Requested by Host: fraud.net URL: https://fraud.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash 78cada0d0ef4f1560d0bf4022a53790fad68297d09099dbbb3628d8dc62c9275 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-nc HIT hhn 2 date Thu, 25 Aug 2022 06:11:56 GMT x-ac 2.hhn _atomic_ams last-modified Fri, 03 Sep 2021 16:14:08 GMT server nginx strict-transport-security max-age=15552000 access-control-allow-methods GET, HEAD content-type image/png access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes link <http://fraud.net/wp-content/uploads/sites/2/2021/09/Group-2854.png>; rel="canonical" content-length 271391 expires Thu, 01 Sep 2022 06:11:56 GMT
GET H2	200	Group-2851@2x-uai-2064x645.png 149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/	500 KB 501 KB	10ms 9ms	Image image/png	192.0.77.39 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Group-2851@2x-uai-2064x645.png Requested by Host: fraud.net URL: https://fraud.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash c7d26650e92cefe3dca2d12dbc1524fbbed818e854aa3a18a7c74520873f8441 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-nc HIT hhn 2 date Thu, 25 Aug 2022 06:11:56 GMT x-ac 2.hhn _atomic_ams last-modified Fri, 03 Dec 2021 13:48:15 GMT server nginx strict-transport-security max-age=15552000 content-type image/png cache-control max-age=604800 accept-ranges bytes link <http://fraud.net/wp-content/uploads/sites/2/2021/09/Group-2851@2x-uai-2064x645.png>; rel="canonical" content-length 512361 expires Thu, 01 Sep 2022 06:11:56 GMT
POST H/1.1	204 No Content	vuid vimeo.com/ablincoln/ Frame 55E7	0 995 B	198ms 150ms	Ping text/plain	162.159.138.60 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://vimeo.com/ablincoln/vuid?pid=bd7aa6638fef3437c449d23a62675ee312b395f81661407915 Requested by Host: f.vimeocdn.com URL: https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.159.138.60 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://player.vimeo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Thu, 25 Aug 2022 06:11:56 GMT Via 1.1 varnish, 1.1 varnish x-content-type-options nosniff CF-Cache-Status DYNAMIC content-security-policy-report-only default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /_csp X-Cache MISS, MISS Connection keep-alive Vary User-Agent x-xss-protection 1; mode=block X-Served-By cache-iad-kiad7000125-IAD, cache-fra19169-FRA x-vimeo-device d Server cloudflare X-Timer S1661407916.438211,VS0,VE116 x-frame-options sameorigin x-backend-proxy webproxy1 Expect-CT max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload expires Wed, 24 Aug 2022 18:11:56 GMT cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 x-bapp-server pweb-66b575b967-d7hw2 x-ua-compatible IE=edge Accept-Ranges bytes CF-RAY 74022c55a8cb9229-FRA X-Cache-Hits 0, 0
GET H2	200	fraud-dot-net-background-dots-bottom-sm.jpg 149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2018/10/	45 KB 45 KB	8ms 6ms	Image image/jpeg	192.0.77.39 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2018/10/fraud-dot-net-background-dots-bottom-sm.jpg Requested by Host: fraud.net URL: https://fraud.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash 445d907172a2bf29b119fecb54a2c2cad1a2eda934f9c887e4c1c923789108d7 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-nc HIT hhn 2 date Thu, 25 Aug 2022 06:11:56 GMT x-ac 1.hhn _atomic_ams last-modified Thu, 26 Sep 2019 11:05:29 GMT server nginx strict-transport-security max-age=15552000 access-control-allow-methods GET, HEAD content-type image/jpeg access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes link <http://fraud.net/wp-content/uploads/sites/2/2018/10/fraud-dot-net-background-dots-bottom-sm.jpg>; rel="canonical" content-length 45696 expires Thu, 01 Sep 2022 06:11:56 GMT
GET H3	200	/ www.google.com/pagead/1p-user-list/998743206/	42 B 64 B	139ms 48ms	Image image/gif	2a00:1450:4001:829::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/998743206/?random=1661407912641&cv=9&fst=1661407200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg8m0&sendb=1&frm=0&url=https%3A%2F%2Ffraud.net%2F&tiba=Fraud.net%20%7C%20AI%20Fraud%20Detection%20and%20Prevention%20for%20Enterprises&async=1&fmt=3&is_vtc=1&random=131665856&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y Requested by Host: fraud.net URL: https://fraud.net/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Thu, 25 Aug 2022 06:11:56 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.de/pagead/1p-user-list/998743206/	42 B 548 B	152ms 51ms	Image image/gif	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/998743206/?random=1661407912641&cv=9&fst=1661407200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg8m0&sendb=1&frm=0&url=https%3A%2F%2Ffraud.net%2F&tiba=Fraud.net%20%7C%20AI%20Fraud%20Detection%20and%20Prevention%20for%20Enterprises&async=1&fmt=3&is_vtc=1&random=131665856&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y Requested by Host: fraud.net URL: https://fraud.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Thu, 25 Aug 2022 06:11:56 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	200	collect Show response www.google-analytics.com/j/	1 B 21 B	43ms 43ms	XHR text/plain	2a00:1450:4001:82a::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&a=703416952&t=pageview&_s=1&dl=https%3A%2F%2Ffraud.net%2F&ul=en-us&de=UTF-8&dt=Fraud.net%20%7C%20AI%20Fraud%20Detection%20and%20Prevention%20for%20Enterprises&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABQAAAAC~&jid=1502502977&gjid=1977663754&cid=1273730995.1661407913&tid=UA-35675858-1&_gid=1582904783.1661407913&_r=1&gtm=2wg8m0WVZ4N9X&z=260871972 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://fraud.net/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 25 Aug 2022 06:11:56 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://fraud.net cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	6SMH2DHXINFNDD52UNEEKG.js Show response s.adroll.com/pixel/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM/ Redirect Chain https://d.adroll.com/pixel/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM?adroll_fpc=e1c4d0a54c94d6d983d00446970aa8bc-1661407913316&arrfrr=https%3A%2F%2Ffraud.net%2F&pv=55512049575.952545&cookie=&ad... https://s.adroll.com/pixel/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM/6SMH2DHXINFNDD52UNEEKG.js	5 KB 3 KB	12ms 12ms	Script text/javascript	2600:9000:20eb:b400:6:9280:1080:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.adroll.com/pixel/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM/6SMH2DHXINFNDD52UNEEKG.js Requested by Host: fraud.net URL: https://fraud.net/ Protocol HTTP/1.1 Server 2600:9000:20eb:b400:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 545f44a8320d5eae4d978a473057f732caa934db7f972806def87803b7d188ab Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers X-Amz-Version-Id b1N6mYTtUHwGux0XMJK_PN0zTfmwApP2 Content-Encoding gzip Etag W/"c2019b6ba47cdbb640b4ea62683b781c" Age 197 X-Amz-Server-Side-Encryption AES256 Transfer-Encoding chunked X-Cache Hit from cloudfront Connection keep-alive Vary Accept-Encoding Via 1.1 42b60ee17f7593fff72ca1cb725d6c9a.cloudfront.net (CloudFront) Last-Modified Wed, 17 Aug 2022 20:15:56 GMT Server AmazonS3 Date Thu, 25 Aug 2022 06:08:40 GMT Access-Control-Max-Age 600 Access-Control-Allow-Methods GET Content-Type text/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control max-age=3600, must-revalidate Access-Control-Allow-Credentials false X-Amz-Cf-Pop FRA2-C1 Access-Control-Allow-Headers * X-Amz-Cf-Id LiI7Ba6tBVoeUWrATTzOqgpInSHezAPaG3Ldx6S_mz6FPQacQBQ5Dg== Redirect headers date Thu, 25 Aug 2022 06:11:56 GMT x-segment-display-name FN Homepage p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" x-rule-type s content-length 0 pragma no-cache x-conversion-value 0.00 server nginx/1.20.0 x-rule *fraud.net/* x-segment-eid 6SMH2DHXINFNDD52UNEEKG location https://s.adroll.com/pixel/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM/6SMH2DHXINFNDD52UNEEKG.js cache-control no-store, no-cache, must-revalidate x-pixel-eid ML43PNVWLZH6BAVX2UYHRM x-segment-name d1dcd5e9 x-advertisable-eid HVT2SOYWOBESJB535C7MUS x-conversion-currency
GET H2	200	json Show response forms.hubspot.com/collected-forms/v1/config/	115 B 1 KB	176ms 134ms	XHR application/json	2606:4700::6813:9a53 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://forms.hubspot.com/collected-forms/v1/config/json?portalId=2113031&utk= Requested by Host: js.hscollectedforms.net URL: https://js.hscollectedforms.net/collectedforms.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a4df654661d6a1770cd4d647cf1a16adc085a300d1e521e9bc9f2c133d4e22a5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Accept application/json, text/plain, */* Referer https://fraud.net/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 25 Aug 2022 06:11:56 GMT content-encoding br vary Accept-Encoding cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-hubspot-correlation-id 7240562e-1c5a-4e76-89f2-7f5d9ecf3496 access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD strict-transport-security max-age=31536000; includeSubDomains; preload alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 180 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2SskeBvaemek3aGGf0vNbMhtyxX6NjOtXK9qBh40Q%2F%2F6kXUXsw2fGRbCAb1WT0fcTmNBMwwj27CJFzxyxs1zBtasOEeZjz1Qx%2FUDtbCv9%2FYlWavwwXVXesAA8qdtSLTEUiIBXCqi0k6MbqO3bEdV"}],"group":"cf-nel","max_age":604800} content-type application/json;charset=utf-8 access-control-allow-origin https://fraud.net x-robots-tag none access-control-allow-credentials false cf-ray 74022c565d729143-FRA access-control-allow-headers *
GET H2	200	4000327 Show response www.clarity.ms/tag/uet/	2 KB 2 KB	173ms 120ms	Script application/x-javascript	2620:1ec:27::cafe:1425 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.clarity.ms/tag/uet/4000327 Requested by Host: bat.bing.com URL: https://bat.bing.com/p/action/4000327.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:27::cafe:1425 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / ASP.NET Resource Hash 404a0072c71c7f95608997feed84aea18034ed6d1ca28e8bd60ce6fbcfe6e227 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 25 Aug 2022 06:11:56 GMT x-powered-by ASP.NET x-azure-ref 0rBIHYwAAAAAF8pZmczurQ5bqCQnKDWtuTUlMMzBFREdFMDYyMgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE= x-cache CONFIG_NOCACHE content-type application/x-javascript expires -1 cache-control no-cache, no-store request-context appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
GET H2	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/	390 KB 155 KB	36ms 36ms	Script text/javascript	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit&isolated=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 151bac179d2ce855508abc6505e6a2c5b3a02a923a30a17c70acc2c2b0169640 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fraud.net/ Origin https://fraud.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 25 Aug 2022 04:04:26 GMT content-encoding gzip x-content-type-options nosniff age 7650 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 158666 x-xss-protection 0 last-modified Mon, 15 Aug 2022 20:03:29 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 25 Aug 2023 04:04:26 GMT
GET H/1.1	200 OK	track.gif secure.gaug.es/	35 B 389 B	113ms 113ms	Image image/gif	3.229.169.85 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://secure.gaug.es/track.gif?h[site_id]=5d2ff78cc994471481492bdc&h[resource]=https%3A%2F%2Ffraud.net%2F&h[referrer]=&h[title]=Fraud.net%20%7C%20AI%20Fraud%20Detection%20and%20Prevention%20for%20Enterprises&h[user_agent]=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F104.0.5112.101%20Safari%2F537.36&h[unique]=1&h[unique_hour]=1&h[unique_day]=1&h[unique_month]=1&h[unique_year]=1&h[screenx]=1600&h[browserx]=1600&h[browsery]=1200&timestamp=1661407913356 Requested by Host: fraud.net URL: https://fraud.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.229.169.85 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-229-169-85.compute-1.amazonaws.com Software nginx/1.10.3 (Ubuntu) / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Pragma no-cache Date Thu, 25 Aug 2022 06:11:56 GMT X-Content-Type-Options nosniff Last-Modified Thu, 25 Aug 2022 06:11:56 GMT Server nginx/1.10.3 (Ubuntu) Content-Type image/gif Cache-Control no-store, no-cache, must-revalidate, private Connection keep-alive Content-Length 35 Expires Sat, 25 Nov 2000 05:00:00 GMT
GET H2	200	jfclientsdk.min.js Show response gs-cdn.optimonk.com/jfclientsdk/latest/	95 KB 32 KB	47ms 7ms	Script application/javascript	138.199.37.226 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://gs-cdn.optimonk.com/jfclientsdk/latest/jfclientsdk.min.js?ts=12 Requested by Host: front.optimonk.com URL: https://front.optimonk.com/preload-base.ee4452c8.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 138.199.37.226 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS unn-138-199-37-226.datapacket.com Software BunnyCDN-DE-832 / Resource Hash 85f0b9ca412b1b2c5ce84007871323a0d6f3e532e7b8a726026b458a1656c1df Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 25 Aug 2022 06:11:56 GMT content-encoding br cdn-edgestorageid 832 x-guploader-uploadid ADPycdufD01ZCHN0eBMZz4hgzASLTUGZK-L8ST7DVgeuykWV4WxvfLvZ_MO9eOk61R3tD-nH6e-6lerrVdhz8_kWa5QBDA x-goog-storage-class STANDARD x-goog-metageneration 1 cdn-pullzone 592317 x-goog-stored-content-encoding identity cdn-cachedat 07/08/2022 21:36:24 alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000 server BunnyCDN-DE-832 last-modified Thu, 23 Jun 2022 11:01:56 GMT cdn-proxyver 1.02 cdn-requestpullcode 200 etag W/"0d51daede184576e937e1d8135d6e64d" content-language en vary Accept-Encoding, Accept-Encoding x-goog-hash crc32c=KnNijw==, md5=DVHa7eGEV26Tfh2BNdbmTQ== x-goog-generation 1655982116491970 cdn-cache HIT cdn-uid 03887a3a-e2eb-4f9c-b547-bb29001e27f6 cache-control public, max-age=2592000 x-goog-stored-content-length 97067 cdn-requestid be6c52595da66bd7402400f4708db001 content-type application/javascript cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
POST H2	200	load Show response front.optimonk.com/public/177110/js/	4 KB 2 KB	50ms 36ms	XHR application/javascript	157.245.25.14 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://front.optimonk.com/public/177110/js/load Requested by Host: front.optimonk.com URL: https://front.optimonk.com/preload-base.ee4452c8.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 157.245.25.14 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash ca81b0f3d72cf7f17dacfc77d6b7a4de9151bef83785f8b770f7287260b2837e Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://fraud.net/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers date Thu, 25 Aug 2022 06:11:56 GMT content-encoding gzip x-content-type-options nosniff server nginx etag W/"f8b-kVqqcc23HWoRN4FLJ/GhD6lmfpQ" x-download-options noopen x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control no-cache strict-transport-security max-age=15552000; includeSubDomains x-dns-prefetch-control off vary Accept-Encoding x-xss-protection 1; mode=block
GET H2	200	/ Show response api.leads.convolo.ai/api/v1/ext/collect-data/	16 B 174 B	83ms 24ms	XHR application/json	134.122.57.141 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://api.leads.convolo.ai/api/v1/ext/collect-data/?visit_id=b3b90af3fe67ff37e42ed44ee87b14be&params=%7B%22referer%22%3A%22%22%2C%22screenWidth%22%3A1600%2C%22screenHeight%22%3A1200%2C%22userAgent%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F104.0.5112.101%20Safari%2F537.36%22%2C%22title%22%3A%22Fraud.net%20%7C%20AI%20Fraud%20Detection%20and%20Prevention%20for%20Enterprises%22%7D Requested by Host: app.leadconnect.cc URL: https://app.leadconnect.cc/icallback.b7567e0eee5c6197a915.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 134.122.57.141 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.18.0 / Express Resource Hash c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers access-control-allow-origin * date Thu, 25 Aug 2022 06:11:56 GMT server nginx/1.18.0 x-powered-by Express etag W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA" content-length 16 content-type application/json; charset=utf-8
GET H2	200	css fonts.googleapis.com/	8 KB 1 KB	140ms 56ms	Stylesheet text/css	2a00:1450:4001:82a::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:100,300,400,700&display=swap Requested by Host: app.leadconnect.cc URL: https://app.leadconnect.cc/icallback.b7567e0eee5c6197a915.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 1436f321981765943075690d17d8c0cf0a06584f82ff6c22085687e1413ebeea Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Thu, 25 Aug 2022 05:44:07 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Thu, 25 Aug 2022 06:11:56 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 25 Aug 2022 06:11:56 GMT
GET H2	200	/ Show response api.leads.convolo.ai/api/v1/ext/register-event/	16 B 175 B	59ms 22ms	XHR application/json	134.122.57.141 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://api.leads.convolo.ai/api/v1/ext/register-event/?event=INIT&visit_id=b3b90af3fe67ff37e42ed44ee87b14be&params=%7B%7D Requested by Host: app.leadconnect.cc URL: https://app.leadconnect.cc/icallback.b7567e0eee5c6197a915.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 134.122.57.141 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.18.0 / Express Resource Hash c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers access-control-allow-origin * date Thu, 25 Aug 2022 06:11:56 GMT server nginx/1.18.0 x-powered-by Express etag W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA" content-length 16 content-type application/json; charset=utf-8
GET H2	200	663ead3e63f8d79c2107ae68dcb5310221.png app.leadconnect.cc/images/saved/	2 KB 2 KB	15ms 14ms	Image image/png	134.122.57.141 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://app.leadconnect.cc/images/saved/663ead3e63f8d79c2107ae68dcb5310221.png Requested by Host: fraud.net URL: https://fraud.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 134.122.57.141 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.18.0 / Resource Hash e2310cdd13a9432e8234e690dd787286e1daf5603559a8d4eab22d38d4085899 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 25 Aug 2022 06:11:56 GMT last-modified Thu, 19 May 2022 16:42:48 GMT server nginx/1.18.0 etag "62867388-8c9" content-type image/png cache-control max-age=2592000, public accept-ranges bytes content-length 2249 expires Sat, 24 Sep 2022 06:11:56 GMT
POST H3	200	/ Show response www.facebook.com/tr/ Frame 1724	0 18 B	19ms 8ms	Document text/plain	2a03:2880:f11c:8183:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/tr/ Requested by Host: fraud.net URL: https://fraud.net/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Content-Type application/x-www-form-urlencoded Origin https://fraud.net Referer https://fraud.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-credentials true access-control-allow-origin https://fraud.net alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0 content-type text/plain cross-origin-resource-policy cross-origin date Thu, 25 Aug 2022 06:11:56 GMT priority u=0 server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains
POST H2	200	visit-data Show response in.hotjar.com/api/v2/client/sites/2001329/	148 B 322 B	101ms 34ms	XHR application/json	54.76.37.156 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://in.hotjar.com/api/v2/client/sites/2001329/visit-data?sv=7 Requested by Host: script.hotjar.com URL: https://script.hotjar.com/modules.037fa2a5f9634344bb40.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.76.37.156 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-76-37-156.eu-west-1.compute.amazonaws.com Software / Resource Hash 47f866be06afeedbb11f7dafe75b1ddb58fd9e1f7219b95de1af57454d63230c Request headers Referer https://fraud.net/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Content-Type text/plain; charset=UTF-8 Response headers date Thu, 25 Aug 2022 06:11:56 GMT content-encoding br vary Accept-Encoding content-type application/json access-control-allow-origin * access-control-max-age 86400 cache-control no-cache, no-store access-control-allow-credentials true
GET H3	200	counters.gif forms.hsforms.com/embed/v3/	35 B 471 B	154ms 129ms	Image image/gif	2606:4700::6810:5505 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=3 Requested by Host: fraud.net URL: https://fraud.net/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:5505 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 25 Aug 2022 06:11:56 GMT vary Accept-Encoding cf-cache-status DYNAMIC x-hubspot-correlation-id e816c41e-0684-4d37-b9fb-aa6e136957b1 cf-ray 74022c57ecf390bb-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 35 server cloudflare x-trace 2B9368CC9BA23639C14312FB5B82D2504CC0C2AAE0000000000000000000 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type image/gif access-control-expose-headers X-Origin-Hublet cache-control max-age=0, no-cache, no-store access-control-allow-credentials false x-robots-tag none
GET H2	200	load.1bb28309.js Show response front.optimonk.com/load.esm/	208 KB 57 KB	18ms 17ms	Script application/javascript	157.245.25.14 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://front.optimonk.com/load.esm/load.1bb28309.js Requested by Host: fraud.net URL: https://fraud.net/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 157.245.25.14 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash 24f21c727cf00383c8733e2dbf02f74caa35bce76a99c0b7f09df44bf41fb35e Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://fraud.net/ Origin https://fraud.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 25 Aug 2022 06:11:56 GMT content-encoding gzip x-content-type-options nosniff server nginx etag W/"33e36-Sc1+++ny9TVJnhXFNn3NenYUpVk" x-download-options noopen x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=604800 strict-transport-security max-age=15552000; includeSubDomains x-dns-prefetch-control off vary Accept-Encoding x-xss-protection 1; mode=block
GET H/1.1	200 OK	onsiteloader.js Show response s.adroll.com/onsite_personalization/production/0.1/loader/	2 KB 2 KB	14ms 13ms	Script application/javascript	2600:9000:20eb:b400:6:9280:1080:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.adroll.com/onsite_personalization/production/0.1/loader/onsiteloader.js Requested by Host: d.adroll.com URL: https://d.adroll.com/pixel/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM?adroll_fpc=e1c4d0a54c94d6d983d00446970aa8bc-1661407913316&arrfrr=https%3A%2F%2Ffraud.net%2F&pv=55512049575.952545&cookie=&adroll_s_ref=&keyw= Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:b400:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 61e6bb7dc98f8adb836fc72a8fdd38c6cfb48a0e71d3c58ffc2943217764ef40 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers X-Amz-Version-Id jCG0Y9XUUOQKBmsnFB0TVFtRkjlhb5c. Content-Encoding gzip Etag W/"73534cc70057d4d96ec3c5a56ad5d4ef" X-Amz-Cf-Pop FRA2-C1 X-Amz-Server-Side-Encryption AES256 Transfer-Encoding chunked X-Cache Hit from cloudfront Access-Control-Max-Age 600 Connection keep-alive Access-Control-Allow-Origin * Last-Modified Thu, 09 Dec 2021 21:03:21 GMT Server AmazonS3 Date Thu, 25 Aug 2022 06:11:56 GMT Vary Accept-Encoding Access-Control-Allow-Methods GET Content-Type application/javascript Via 1.1 42b60ee17f7593fff72ca1cb725d6c9a.cloudfront.net (CloudFront) Cache-Control no-cache Access-Control-Allow-Credentials false Access-Control-Allow-Headers * X-Amz-Cf-Id fuBdEtHcoAAWr3lyOSQqrns4gh_Kwj_luGB9ZiNMflwAC_mNYivSPg==
GET H/1.1	200 OK	sendrolling.js Show response s.adroll.com/j/	8 KB 3 KB	10ms 9ms	Script application/javascript	2600:9000:20eb:b400:6:9280:1080:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.adroll.com/j/sendrolling.js Requested by Host: d.adroll.com URL: https://d.adroll.com/pixel/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM?adroll_fpc=e1c4d0a54c94d6d983d00446970aa8bc-1661407913316&arrfrr=https%3A%2F%2Ffraud.net%2F&pv=55512049575.952545&cookie=&adroll_s_ref=&keyw= Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:b400:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 0e5cf82e4a17e79c80c6f17c3fff873756de944e1301fa01c1d03aba1e359669 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers X-Amz-Version-Id wG3UJevK_dyyBSOJeVU2_V1xC3jx_aLw Content-Encoding gzip Etag W/"9f2aa6ae991d93164d9512029d813cad" Age 77832 X-Amz-Server-Side-Encryption AES256 Transfer-Encoding chunked X-Cache Hit from cloudfront Access-Control-Max-Age 600 Connection keep-alive Via 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront) Last-Modified Thu, 30 Jun 2022 21:48:50 GMT Server AmazonS3 Date Wed, 24 Aug 2022 08:34:46 GMT Vary Accept-Encoding Access-Control-Allow-Methods GET Content-Type application/javascript Access-Control-Allow-Origin * Access-Control-Allow-Credentials false X-Amz-Cf-Pop FRA2-C1 Access-Control-Allow-Headers * X-Amz-Cf-Id IkZlOdiDhoFvpFv_Fdq3zk_pSwJM1cctnm0MOAn07ij3Fyl5gb9uDw==
GET H3	200	411617989444864 Show response connect.facebook.net/signals/config/	292 KB 84 KB	50ms 49ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/411617989444864?v=2.9.77&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 8726fbb5c4e2bf86f89f28d16c5493387a186d95024f0e81b0547d1421807960 Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; content-encoding gzip x-content-type-options nosniff document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 x-xss-protection 0 pragma public x-fb-debug b9BV7m7CGA6dEDQdLWjqYBDE5f/aazC/5ZnE4fhmCIM9d0gWwhTc8im0BMfHv0I1pAxaJR6p/O8Jnl8Ssqr+OQ== cross-origin-opener-policy same-origin-allow-popups x-frame-options DENY date Thu, 25 Aug 2022 06:11:56 GMT strict-transport-security max-age=31536000; preload; includeSubDomains x-content-cdn-origin-ts 1661407916849 content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H3	200	rum dsum-sec.casalemedia.com/ Redirect Chain https://d.adroll.com/cm/index/out?adroll_fpc=e1c4d0a54c94d6d983d00446970aa8bc-1661407913316&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=Njk2NDU3NmUyMjdlMjU1Mjk1ZTI0YjBlZmFmOTQ0NWQ&expiration=1692943916 https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=Njk2NDU3NmUyMjdlMjU1Mjk1ZTI0YjBlZmFmOTQ0NWQ&expiration=1692943916&C=1	43 B 949 B	59ms 37ms	Image image/gif	104.18.18.126 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=Njk2NDU3NmUyMjdlMjU1Mjk1ZTI0YjBlZmFmOTQ0NWQ&expiration=1692943916&C=1 Requested by Host: fraud.net URL: https://fraud.net/ Protocol H3 Server 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers cf-ray 74022c59896a929f-FRA pragma no-cache date Thu, 25 Aug 2022 06:11:57 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9NHU92QbF%2BrlkKp%2FSYYWJLO23b9rz0C9pP%2BctkrsVUIFLr50DbdQZqCjBSue5w4sKmLCJ4eYbYf7HY3XLhZV20z26LYJdpo%2B6%2Bz4FJOjxKkwuV6HiPD3Y%2FhO7XVq92j5MvmejMLaA4WGLA%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" cache-control no-cache content-type image/gif alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Thu, 25 Aug 2022 06:11:56 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M0Uy0Q25vscfRgVgv1nP0zzSKtC2gLP3VaNT%2FI2bShtQcL7RbQglh%2FcnfurtyUctIH6i2Kv%2BKMqHMYn%2FdTRYz5RE58aSAADLmhC1Y%2FAG6zrr%2FyJPNg7NYkTVzwDkxA6by%2FJmdWpk12RG3w%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" location /rum?cm_dsp_id=105&external_user_id=Njk2NDU3NmUyMjdlMjU1Mjk1ZTI0YjBlZmFmOTQ0NWQ&expiration=1692943916&C=1 cache-control no-cache cf-ray 74022c592856bb65-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0 expires 0
GET H/1.1	204 No Content	tap.php pixel.rubiconproject.com/ Redirect Chain https://d.adroll.com/cm/n/out?adroll_fpc=e1c4d0a54c94d6d983d00446970aa8bc-1661407913316&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=Njk2NDU3NmUyMjdlMjU1Mjk1ZTI0YjBlZmFmOTQ0NWQ&expires=365	0 239 B	55ms 10ms	Image image/gif	69.173.144.138 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=Njk2NDU3NmUyMjdlMjU1Mjk1ZTI0YjBlZmFmOTQ0NWQ&expires=365 Requested by Host: fraud.net URL: https://fraud.net/ Protocol HTTP/1.1 Server 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" X-RPHost 37b22a0c36bd84993dd2cda4a5e04b1d Content-Type image/gif Redirect headers location https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=Njk2NDU3NmUyMjdlMjU1Mjk1ZTI0YjBlZmFmOTQ0NWQ&expires=365 pragma no-cache date Thu, 25 Aug 2022 06:11:56 GMT cache-control no-store, no-cache, must-revalidate server nginx/1.20.0 content-length 124 p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
GET H/1.1	200 OK	cookie-sync sync.outbrain.com/ Redirect Chain https://d.adroll.com/cm/outbrain/out?adroll_fpc=e1c4d0a54c94d6d983d00446970aa8bc-1661407913316&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS https://sync.outbrain.com/cookie-sync?p=adroll&uid=Njk2NDU3NmUyMjdlMjU1Mjk1ZTI0YjBlZmFmOTQ0NWQ	0 308 B	355ms 82ms	Image text/plain	70.42.32.95 AS-OUTBRAIN
General Check archive.org Show headers Download Go to Show image Full URL https://sync.outbrain.com/cookie-sync?p=adroll&uid=Njk2NDU3NmUyMjdlMjU1Mjk1ZTI0YjBlZmFmOTQ0NWQ Requested by Host: fraud.net URL: https://fraud.net/ Protocol HTTP/1.1 Server 70.42.32.95 , United States, ASN22075 (AS-OUTBRAIN, US), Reverse DNS ny.outbrain.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Thu, 25 Aug 2022 06:11:57 GMT Cache-Control no-cache X-TraceId 4e96feec6a57fc39eaad5df447efef51 Content-Length 0 Redirect headers location https://sync.outbrain.com/cookie-sync?p=adroll&uid=Njk2NDU3NmUyMjdlMjU1Mjk1ZTI0YjBlZmFmOTQ0NWQ pragma no-cache date Thu, 25 Aug 2022 06:11:56 GMT cache-control no-store, no-cache, must-revalidate server nginx/1.20.0 content-length 100 p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
GET H2	200	Pug image2.pubmatic.com/AdServer/ Redirect Chain https://d.adroll.com/cm/pubmatic/out?adroll_fpc=e1c4d0a54c94d6d983d00446970aa8bc-1661407913316&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=Njk2NDU3NmUyMjdlMjU1Mjk1ZTI0YjBlZmFmOTQ0NWQ&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXy...	42 B 492 B	79ms 17ms	Image image/gif	185.64.190.80 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=Njk2NDU3NmUyMjdlMjU1Mjk1ZTI0YjBlZmFmOTQ0NWQ&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA Requested by Host: fraud.net URL: https://fraud.net/ Protocol H2 Server 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 25 Aug 2022 06:11:56 GMT cache-control no-store, no-cache, private server nginx content-type image/gif; charset=utf-8 content-length 42 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers location https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=Njk2NDU3NmUyMjdlMjU1Mjk1ZTI0YjBlZmFmOTQ0NWQ&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA pragma no-cache date Thu, 25 Aug 2022 06:11:56 GMT cache-control no-store, no-cache, must-revalidate server nginx/1.20.0 content-length 212 p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
GET H2	204	rtb-h sync.taboola.com/sg/adroll-network/1/ Redirect Chain https://d.adroll.com/cm/taboola/out?adroll_fpc=e1c4d0a54c94d6d983d00446970aa8bc-1661407913316&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=Njk2NDU3NmUyMjdlMjU1Mjk1ZTI0YjBlZmFmOTQ0NWQ	0 90 B	77ms 16ms	Image text/plain	141.226.228.48 TABOOLA-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=Njk2NDU3NmUyMjdlMjU1Mjk1ZTI0YjBlZmFmOTQ0NWQ Requested by Host: fraud.net URL: https://fraud.net/ Protocol H2 Server 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 25 Aug 2022 06:11:57 GMT access-control-allow-credentials true server nginx x-fastly-to-nlb-rtt 13734 Redirect headers location https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=Njk2NDU3NmUyMjdlMjU1Mjk1ZTI0YjBlZmFmOTQ0NWQ pragma no-cache date Thu, 25 Aug 2022 06:11:56 GMT cache-control no-store, no-cache, must-revalidate server nginx/1.20.0 content-length 111 p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
GET H2	200	xuid eb2.3lift.com/ Redirect Chain https://d.adroll.com/cm/triplelift/out?adroll_fpc=e1c4d0a54c94d6d983d00446970aa8bc-1661407913316&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS https://eb2.3lift.com/xuid?mid=4714&xuid=Njk2NDU3NmUyMjdlMjU1Mjk1ZTI0YjBlZmFmOTQ0NWQ&dongle=c85e	37 B 140 B	32ms 9ms	Image image/gif	13.248.245.213 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://eb2.3lift.com/xuid?mid=4714&xuid=Njk2NDU3NmUyMjdlMjU1Mjk1ZTI0YjBlZmFmOTQ0NWQ&dongle=c85e Requested by Host: fraud.net URL: https://fraud.net/ Protocol H2 Server 13.248.245.213 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a0f671730127a0812.awsglobalaccelerator.com Software / Resource Hash bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 25 Aug 2022 06:11:56 GMT cache-control no-cache, no-store, must-revalidate content-length 37 content-type image/gif Redirect headers location https://eb2.3lift.com/xuid?mid=4714&xuid=Njk2NDU3NmUyMjdlMjU1Mjk1ZTI0YjBlZmFmOTQ0NWQ&dongle=c85e pragma no-cache date Thu, 25 Aug 2022 06:11:56 GMT cache-control no-store, no-cache, must-revalidate server nginx/1.20.0 content-length 102 p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
GET H2	204	sync ups.analytics.yahoo.com/ups/55980/ Redirect Chain https://d.adroll.com/cm/r/out?adroll_fpc=e1c4d0a54c94d6d983d00446970aa8bc-1661407913316&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=Njk2NDU3NmUyMjdlMjU1Mjk1ZTI0YjBlZmFmOTQ0NWQ&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA	0 125 B	42ms 12ms	Image text/plain	3.126.56.137 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=Njk2NDU3NmUyMjdlMjU1Mjk1ZTI0YjBlZmFmOTQ0NWQ&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA Requested by Host: fraud.net URL: https://fraud.net/ Protocol H2 Server 3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-56-137.eu-central-1.compute.amazonaws.com Software ATS/9.1.10.25 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 25 Aug 2022 06:11:57 GMT server ATS/9.1.10.25 age 0 strict-transport-security max-age=31536000 p3p CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV Redirect headers location https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=Njk2NDU3NmUyMjdlMjU1Mjk1ZTI0YjBlZmFmOTQ0NWQ&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA pragma no-cache date Thu, 25 Aug 2022 06:11:56 GMT cache-control no-store, no-cache, must-revalidate server nginx/1.20.0 content-length 169 p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
GET H/1.1	200 OK	sync x.bidswitch.net/ul_cb/ Redirect Chain https://d.adroll.com/cm/b/out?adroll_fpc=e1c4d0a54c94d6d983d00446970aa8bc-1661407913316&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS https://x.bidswitch.net/sync?dsp_id=44&user_id=Njk2NDU3NmUyMjdlMjU1Mjk1ZTI0YjBlZmFmOTQ0NWQ https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=Njk2NDU3NmUyMjdlMjU1Mjk1ZTI0YjBlZmFmOTQ0NWQ	43 B 495 B	20ms 20ms	Image image/gif	3.73.7.113 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=Njk2NDU3NmUyMjdlMjU1Mjk1ZTI0YjBlZmFmOTQ0NWQ Requested by Host: fraud.net URL: https://fraud.net/ Protocol HTTP/1.1 Server 3.73.7.113 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-73-7-113.eu-central-1.compute.amazonaws.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Thu, 25 Aug 2022 06:11:57 GMT Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Content-Length 43 Content-Type image/gif Redirect headers Location https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=Njk2NDU3NmUyMjdlMjU1Mjk1ZTI0YjBlZmFmOTQ0NWQ Date Thu, 25 Aug 2022 06:11:57 GMT Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Content-Length 0
GET H/1.1	200 OK	bounce ib.adnxs.com/ Redirect Chain https://d.adroll.com/cm/x/out?adroll_fpc=e1c4d0a54c94d6d983d00446970aa8bc-1661407913316&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS https://ib.adnxs.com/setuid?entity=172&code=Njk2NDU3NmUyMjdlMjU1Mjk1ZTI0YjBlZmFmOTQ0NWQ https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DNjk2NDU3NmUyMjdlMjU1Mjk1ZTI0YjBlZmFmOTQ0NWQ	43 B 1 KB	20ms 20ms	Image image/gif	37.252.172.37 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DNjk2NDU3NmUyMjdlMjU1Mjk1ZTI0YjBlZmFmOTQ0NWQ Requested by Host: fraud.net URL: https://fraud.net/ Protocol HTTP/1.1 Server 37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.21.3 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Pragma no-cache Date Thu, 25 Aug 2022 06:11:57 GMT X-Proxy-Origin 185.213.155.168; 185.213.155.168; 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com AN-X-Request-Uuid 8b397b84-9060-47cc-aae4-27f69e00fda9 Server nginx/1.21.3 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin * Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type image/gif Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers Pragma no-cache Date Thu, 25 Aug 2022 06:11:57 GMT X-Proxy-Origin 185.213.155.168; 185.213.155.168; 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com AN-X-Request-Uuid 8eb81b12-25a7-4ebf-8291-37b78a2fda09 Server nginx/1.21.3 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DNjk2NDU3NmUyMjdlMjU1Mjk1ZTI0YjBlZmFmOTQ0NWQ Cache-Control no-store, no-cache, private Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	out d.adroll.com/cm/l/	42 B 180 B	56ms 53ms	Image image/gif	108.128.2.13 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d.adroll.com/cm/l/out?adroll_fpc=e1c4d0a54c94d6d983d00446970aa8bc-1661407913316&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS Requested by Host: fraud.net URL: https://fraud.net/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 108.128.2.13 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-108-128-2-13.eu-west-1.compute.amazonaws.com Software nginx/1.20.0 / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 25 Aug 2022 06:11:56 GMT cache-control no-transform,public,max-age=300,s-maxage=900 server nginx/1.20.0 content-length 42 vary Cookie content-type image/gif
GET H2	200	sd us-u.openx.net/w/1.0/ Redirect Chain https://d.adroll.com/cm/o/out?adroll_fpc=e1c4d0a54c94d6d983d00446970aa8bc-1661407913316&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS https://us-u.openx.net/w/1.0/sd?id=537103138&val=6964576e227e255295e24b0efaf9445d&gdpr=1&gdpr_consent=	43 B 273 B	57ms 20ms	Image image/gif	34.98.64.218 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://us-u.openx.net/w/1.0/sd?id=537103138&val=6964576e227e255295e24b0efaf9445d&gdpr=1&gdpr_consent= Requested by Host: fraud.net URL: https://fraud.net/ Protocol H2 Server 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 218.64.98.34.bc.googleusercontent.com Software OXGW/0.0.0 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Thu, 25 Aug 2022 06:11:57 GMT via 1.1 google server OXGW/0.0.0 vary Accept p3p CP="CUR ADM OUR NOR STA NID" cache-control private, max-age=0, no-cache content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43 expires Mon, 26 Jul 1997 05:00:00 GMT Redirect headers location https://us-u.openx.net/w/1.0/sd?id=537103138&val=6964576e227e255295e24b0efaf9445d&gdpr=1&gdpr_consent= pragma no-cache date Thu, 25 Aug 2022 06:11:56 GMT cache-control no-store, no-cache, must-revalidate server nginx/1.20.0 content-length 108 p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
GET H2	200	in d.adroll.com/cm/g/ Redirect Chain https://d.adroll.com/cm/g/out?adroll_fpc=e1c4d0a54c94d6d983d00446970aa8bc-1661407913316&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS&google_nid=adroll5 https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=aWRXbiJ-JVKV4ksO-vlEXQ https://d.adroll.com/cm/g/in	42 B 537 B	34ms 33ms	Image image/gif	108.128.2.13 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d.adroll.com/cm/g/in Requested by Host: fraud.net URL: https://fraud.net/ Protocol H2 Server 108.128.2.13 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-108-128-2-13.eu-west-1.compute.amazonaws.com Software nginx/1.20.0 / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Thu, 25 Aug 2022 06:11:57 GMT server nginx/1.20.0 p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" cache-control no-store, no-cache, must-revalidate content-type image/gif content-length 42 x-result g.-1.-1.-1 Redirect headers pragma no-cache date Thu, 25 Aug 2022 06:11:56 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://d.adroll.com/cm/g/in cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 225 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	clarity.js Show response www.clarity.ms/eus-f/s/0.6.39/	53 KB 23 KB	117ms 115ms	Script application/javascript	2620:1ec:27::cafe:1425 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.clarity.ms/eus-f/s/0.6.39/clarity.js Requested by Host: www.clarity.ms URL: https://www.clarity.ms/tag/uet/4000327 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:27::cafe:1425 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / ASP.NET Resource Hash f083096f236cb98c87af2abc70707aef6a74bb105074919b0bdc3aeec6964c1d Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 25 Aug 2022 06:11:56 GMT content-encoding br etag "1d8b56efcd011a1" last-modified Wed, 01 Jun 2022 12:22:22 GMT x-powered-by ASP.NET vary Accept-Encoding x-cache CONFIG_NOCACHE content-type application/javascript;charset=utf-8 cache-control public,max-age=86400 x-azure-ref 0rBIHYwAAAADFTBRPxdBLT4hVLthoiiZ0TUlMMzBFREdFMDYyMgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE= accept-ranges bytes request-context appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0
GET H3	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 15 KB	36ms 36ms	Font font/woff2	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,700&display=swap Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://fraud.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 18 Aug 2022 08:01:51 GMT x-content-type-options nosniff age 598205 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15744 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:48 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 18 Aug 2023 08:01:51 GMT
GET H3	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 16 KB	36ms 36ms	Font font/woff2	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,700&display=swap Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://fraud.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sun, 21 Aug 2022 05:29:41 GMT x-content-type-options nosniff age 348135 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15860 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Mon, 21 Aug 2023 05:29:41 GMT
GET H3	200	anchor Show response www.google.com/recaptcha/enterprise/ Frame C83F	44 KB 23 KB	69ms 69ms	Document text/html	2a00:1450:4001:829::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9mcmF1ZC5uZXQ6NDQz&hl=de&v=PRMRaAwB3KlylGQR57Dyk-pF&size=invisible&badge=inline&cb=73t5oug2oya5 Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/recaptcha__de.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 6750c12f103cfb0cc355b0733b0760a1c681a44ffd3ae551c945eb708c6bd638 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-UnX6ixdg7B5UdcZyNv_Htg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://fraud.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-length 23914 content-security-policy script-src 'report-sample' 'nonce-UnX6ixdg7B5UdcZyNv_Htg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Thu, 25 Aug 2022 06:11:56 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H2	200	counters.gif perf.hsforms.com/embed/v3/	35 B 545 B	186ms 138ms	Image image/gif	2606:4700::6810:5605 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://perf.hsforms.com/embed/v3/counters.gif?key=forms-next-recaptcha-viewed&count=1&portalId=2113031 Requested by Host: fraud.net URL: https://fraud.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5605 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 25 Aug 2022 06:11:57 GMT vary Accept-Encoding cf-cache-status MISS x-hubspot-correlation-id fefa56ee-8ce1-43d9-bec8-8e6fb77e4523 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 35 x-robots-tag none last-modified Thu, 25 Aug 2022 06:11:57 GMT server cloudflare x-trace 2B929193ABE6B0D436D3EC42CBD0FC53C06DD581D1000000000000000000 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type image/gif access-control-expose-headers X-Origin-Hublet cache-control max-age=0, no-cache, no-store access-control-allow-credentials false accept-ranges bytes cf-ray 74022c593821691b-FRA
POST H2	200	/ Show response jfapiprod.optimonk.com/v2/	26 B 196 B	252ms 183ms	Fetch application/json	34.117.177.207 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://jfapiprod.optimonk.com/v2/ Requested by Host: gs-cdn.optimonk.com URL: https://gs-cdn.optimonk.com/jfclientsdk/latest/jfclientsdk.min.js?ts=12 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.117.177.207 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 207.177.117.34.bc.googleusercontent.com Software / Resource Hash 3e9b76cd18916b141392804403064f5b92bcbf054ca0b20036d44b04405fd854 Request headers Referer https://fraud.net/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Content-Type application/x-www-form-urlencoded;charset=UTF-8 Response headers access-control-allow-origin * date Thu, 25 Aug 2022 06:11:57 GMT via 1.1 google etag W/"1a-oDk6RB3+SLV96sulj5WuSYroQto" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 26 content-type application/json; charset=utf-8
GET H2	200	optimonk.5d3c34f7.js Show response front.optimonk.com/load.esm/	44 B 434 B	14ms 13ms	Script application/javascript	157.245.25.14 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://front.optimonk.com/load.esm/optimonk.5d3c34f7.js Requested by Host: fraud.net URL: https://fraud.net/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 157.245.25.14 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash 304adf5eb6dd395fd121fb062ffc6d507859591fdd6dbc792b2e1fe5145ab4b9 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://front.optimonk.com/load.esm/load.1bb28309.js Origin https://fraud.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 25 Aug 2022 06:11:57 GMT content-encoding gzip x-content-type-options nosniff server nginx x-frame-options SAMEORIGIN etag W/"2c-PP9xovXOpjsVds3Gr04DXoLaxdY" x-download-options noopen vary Accept-Encoding, Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=604800 strict-transport-security max-age=15552000; includeSubDomains x-dns-prefetch-control off x-xss-protection 1; mode=block
GET H2	200	videoFactory.1fc45964.js Show response front.optimonk.com/load.esm/	171 B 533 B	11ms 10ms	Script application/javascript	157.245.25.14 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://front.optimonk.com/load.esm/videoFactory.1fc45964.js Requested by Host: fraud.net URL: https://fraud.net/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 157.245.25.14 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash 9be2d6412eae24dc1e616cc56dcdef97920513dff73c3136b1a808622989aeb0 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://front.optimonk.com/load.esm/load.1bb28309.js Origin https://fraud.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 25 Aug 2022 06:11:57 GMT content-encoding gzip x-content-type-options nosniff server nginx x-frame-options SAMEORIGIN etag W/"ab-7+puoeInCgrrEYILjxVDJpCdVEA" x-download-options noopen vary Accept-Encoding, Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=604800 strict-transport-security max-age=15552000; includeSubDomains x-dns-prefetch-control off x-xss-protection 1; mode=block
GET H2	200	subscriptionFactory.46119ee2.js Show response front.optimonk.com/load.esm/	742 B 767 B	10ms 9ms	Script application/javascript	157.245.25.14 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://front.optimonk.com/load.esm/subscriptionFactory.46119ee2.js Requested by Host: fraud.net URL: https://fraud.net/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 157.245.25.14 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash 42a22f0c57d2d6b59d2ae0058026f3589e6a71440ab3a95f3147081c25b7111c Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://front.optimonk.com/load.esm/load.1bb28309.js Origin https://fraud.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 25 Aug 2022 06:11:57 GMT content-encoding gzip x-content-type-options nosniff server nginx x-frame-options SAMEORIGIN etag W/"2e6-GwTorv9WH0Bij15tMU74UHL+pbk" x-download-options noopen vary Accept-Encoding, Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=604800 strict-transport-security max-age=15552000; includeSubDomains x-dns-prefetch-control off x-xss-protection 1; mode=block
GET H3	200	/ www.facebook.com/tr/	44 B 88 B	9ms 7ms	Image image/gif	2a03:2880:f11c:8183:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=411617989444864&ev=PageView&dl=https%3A%2F%2Ffraud.net%2F&rl=&if=false&ts=1661407913883&cd[segment_eid]=6SMH2DHXINFNDD52UNEEKG&sw=1600&sh=1200&v=2.9.77&r=stable&ec=0&o=29&fbp=fb.1.1661407912823.1601690513&it=1661407912338&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET Requested by Host: fraud.net URL: https://fraud.net/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 25 Aug 2022 06:11:57 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin content-length 44 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 priority u=3,i expires Thu, 25 Aug 2022 06:11:57 GMT
GET H/1.1	200 OK	main.39c29e42.js Show response s.adroll.com/onsite_personalization/production/0.1/static/js/	336 KB 100 KB	26ms 8ms	Script application/javascript	2600:9000:20eb:b400:6:9280:1080:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.adroll.com/onsite_personalization/production/0.1/static/js/main.39c29e42.js Requested by Host: s.adroll.com URL: https://s.adroll.com/onsite_personalization/production/0.1/loader/onsiteloader.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:b400:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 07db2104bff88b827b7d0dc6c06ec4b2d6fe59c2633680546dbddb3be400285f Request headers Referer https://fraud.net/ Origin https://fraud.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers X-Amz-Version-Id VbMgk_gXghimoZRhj6QFui2WfE6aoopb Content-Encoding gzip Etag W/"86fbdc8ff56a043dffe520cd42b1e7b9" Age 75686 X-Amz-Server-Side-Encryption AES256 Transfer-Encoding chunked X-Cache Hit from cloudfront Access-Control-Max-Age 600 Connection keep-alive Via 1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront) Last-Modified Wed, 22 Dec 2021 19:15:34 GMT Server AmazonS3 Date Wed, 24 Aug 2022 09:10:36 GMT Vary Accept-Encoding Access-Control-Allow-Methods GET Content-Type application/javascript Access-Control-Allow-Origin * Access-Control-Allow-Credentials false X-Amz-Cf-Pop FRA2-C1 Access-Control-Allow-Headers * X-Amz-Cf-Id qz64-Q2dF-ZKOdiUXE1TtOr2nAA6IPzwKx5MBOkmVc_h2VUJPjQkmg==
GET H/1.1	200 OK	main.2a90a3dd.css s.adroll.com/onsite_personalization/production/0.1/static/css/	25 KB 4 KB	126ms 125ms	Stylesheet text/css	2600:9000:20eb:b400:6:9280:1080:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.adroll.com/onsite_personalization/production/0.1/static/css/main.2a90a3dd.css Requested by Host: s.adroll.com URL: https://s.adroll.com/onsite_personalization/production/0.1/loader/onsiteloader.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:b400:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 59c48654847cab7c894b4e49aed73de1a4141c27e501d72dd1117a356ef0f069 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers X-Amz-Version-Id stG5rI47SkR3xxZTGnejIIBdHw6mvWlq Content-Encoding gzip Etag W/"3b96be16936102d8935969d4c53c212f" X-Amz-Cf-Pop FRA2-C1 X-Amz-Server-Side-Encryption AES256 Transfer-Encoding chunked X-Cache Hit from cloudfront Access-Control-Max-Age 600 Connection keep-alive Access-Control-Allow-Origin * Last-Modified Thu, 09 Dec 2021 21:03:21 GMT Server AmazonS3 Date Thu, 25 Aug 2022 06:11:58 GMT Vary Accept-Encoding Access-Control-Allow-Methods GET Content-Type text/css Via 1.1 42b60ee17f7593fff72ca1cb725d6c9a.cloudfront.net (CloudFront) Cache-Control no-cache Access-Control-Allow-Credentials false Access-Control-Allow-Headers * X-Amz-Cf-Id jOqUNkwe9PZUOM8s7Tl_7tcViOLEyU2sq0y89RcMr3klRW56Tq3QwQ==
GET H3	200	styles__ltr.css www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/ Frame C83F	52 KB 24 KB	140ms 62ms	Stylesheet text/css	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9mcmF1ZC5uZXQ6NDQz&hl=de&v=PRMRaAwB3KlylGQR57Dyk-pF&size=invisible&badge=inline&cb=73t5oug2oya5 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 25 Aug 2022 03:41:23 GMT content-encoding gzip x-content-type-options nosniff age 9034 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 24251 x-xss-protection 0 last-modified Mon, 15 Aug 2022 20:03:29 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 25 Aug 2023 03:41:23 GMT
GET H3	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/ Frame C83F	390 KB 155 KB	148ms 70ms	Script text/javascript	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9mcmF1ZC5uZXQ6NDQz&hl=de&v=PRMRaAwB3KlylGQR57Dyk-pF&size=invisible&badge=inline&cb=73t5oug2oya5 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 151bac179d2ce855508abc6505e6a2c5b3a02a923a30a17c70acc2c2b0169640 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 25 Aug 2022 04:04:26 GMT content-encoding gzip x-content-type-options nosniff age 7651 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 158666 x-xss-protection 0 last-modified Mon, 15 Aug 2022 20:03:29 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 25 Aug 2023 04:04:26 GMT
GET H2	200	optimonk.min.css cdn-asset.optimonk.com/bundles/wseoptimonk/css/	15 KB 3 KB	48ms 7ms	Stylesheet text/css	138.199.37.226 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://cdn-asset.optimonk.com/bundles/wseoptimonk/css/optimonk.min.css?v=b2efbc5949 Requested by Host: front.optimonk.com URL: https://front.optimonk.com/load.esm/load.1bb28309.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 138.199.37.226 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS unn-138-199-37-226.datapacket.com Software BunnyCDN-DE-832 / Resource Hash 7bc2093fddc50bfc2e60a164b34bff71975b3d3d467d8d6b657f4c6324b1a76a Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 25 Aug 2022 06:11:57 GMT content-encoding br x-content-type-options nosniff cdn-edgestorageid 832 access-control-allow-origin * access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match x-dns-prefetch-control off cdn-cachedat 07/08/2022 21:36:30 cdn-pullzone 580384 strict-transport-security max-age=15552000; includeSubDomains x-xss-protection 1; mode=block server BunnyCDN-DE-832 access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-proxyver 1.02 cdn-requestpullcode 200 x-frame-options SAMEORIGIN etag W/"3c5f-+aJzZURpEvNsmjMFlnXjMeoe03w" x-download-options noopen vary Accept-Encoding, Accept-Encoding content-type text/css; charset=utf-8 cdn-cache HIT cdn-uid 03887a3a-e2eb-4f9c-b547-bb29001e27f6 cache-control public, max-age=2592000 cdn-requestid b8c2cc3cfaa68b15076c5fd7b17aeac1 cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	62f2b0b960ab400023076b7b.html Show response cdn-renderer.optimonk.com/ssr/177110/ Frame E1D3	31 KB 5 KB	42ms 7ms	XHR text/html	138.199.37.226 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://cdn-renderer.optimonk.com/ssr/177110/62f2b0b960ab400023076b7b.html?v=1660774521 Requested by Host: front.optimonk.com URL: https://front.optimonk.com/load.esm/load.1bb28309.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 138.199.37.226 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS unn-138-199-37-226.datapacket.com Software BunnyCDN-DE-832 / Resource Hash b6cfc61a6842f9d9909f32ff5994856ac810353121dd9e00163a0b45d1ecf13a Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 25 Aug 2022 06:11:57 GMT content-encoding br x-content-type-options nosniff x-permitted-cross-domain-policies none access-control-allow-origin * access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match x-dns-prefetch-control off cdn-cachedat 08/17/2022 22:30:45 cdn-pullzone 736120 strict-transport-security max-age=15552000; includeSubDomains x-xss-protection 0 server BunnyCDN-DE-832 access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-edgestorageid 832 referrer-policy no-referrer cdn-proxyver 1.02 cdn-requestpullcode 200 x-frame-options SAMEORIGIN etag W/"7ac1-PsJXcOf9yeY2f5dqGwfkM54auKg" expect-ct max-age=0 vary Accept-Encoding x-download-options noopen content-type text/html; charset=utf-8 cdn-cache HIT cdn-uid 03887a3a-e2eb-4f9c-b547-bb29001e27f6 cache-control public, max-age=2592000 access-control-allow-credentials true cdn-requestid a0b48351265bf79dff2185cf2f9554de cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H/1.1	200 OK	no_builder_customizations.json Show response s.adroll.com/onsite_personalization/production/advertiser-personalizations/HVT2SOYWOBESJB535C7MUS/	2 B 774 B	608ms 607ms	XHR binary/octet-stream	2600:9000:20eb:b400:6:9280:1080:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.adroll.com/onsite_personalization/production/advertiser-personalizations/HVT2SOYWOBESJB535C7MUS/no_builder_customizations.json Requested by Host: s.adroll.com URL: https://s.adroll.com/onsite_personalization/production/0.1/static/js/main.39c29e42.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:b400:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers X-Amz-Version-Id Qq4r8F1tiHtgStZBEhtkqfS84yGuBoes Via 1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront) Etag "99914b932bd37a50b983c5e7c90ae93b" X-Amz-Cf-Pop FRA2-C1 X-Amz-Server-Side-Encryption AES256 X-Cache RefreshHit from cloudfront Access-Control-Max-Age 600 Connection keep-alive Content-Length 2 Last-Modified Tue, 07 Sep 2021 06:39:56 GMT Server AmazonS3 Date Thu, 25 Aug 2022 06:11:58 GMT Vary Accept-Encoding Access-Control-Allow-Methods GET Content-Type binary/octet-stream Access-Control-Allow-Origin * Cache-Control no-cache Access-Control-Allow-Credentials false Accept-Ranges bytes Access-Control-Allow-Headers * X-Amz-Cf-Id Hl95BPYkWtSaSWADU6Lkvw4Ca1QxS7DhE9NexXLMNpcFIj3xB00drQ==
GET H/1.1	200 OK	config.json Show response s.adroll.com/onsite_personalization/production/advertiser-personalizations/HVT2SOYWOBESJB535C7MUS/	2 KB 2 KB	615ms 601ms	XHR binary/octet-stream	2600:9000:20eb:b400:6:9280:1080:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.adroll.com/onsite_personalization/production/advertiser-personalizations/HVT2SOYWOBESJB535C7MUS/config.json Requested by Host: s.adroll.com URL: https://s.adroll.com/onsite_personalization/production/0.1/static/js/main.39c29e42.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:b400:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 0b7cc6c8b7fefd78a6ae414419fedf7a729897da31dd6a95d350d3cd5633005c Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers X-Amz-Version-Id gdsCJ91e36preZqcIA6RaB5svplwGuhr Via 1.1 34f50889bc574f1edeb41dd758962a5a.cloudfront.net (CloudFront) Etag "04a72a37c10f648fb8263045b284cb6c" X-Amz-Cf-Pop FRA2-C1 X-Amz-Server-Side-Encryption AES256 X-Cache RefreshHit from cloudfront Access-Control-Max-Age 600 Connection keep-alive Content-Length 1697 Last-Modified Tue, 07 Sep 2021 06:39:56 GMT Server AmazonS3 Date Thu, 25 Aug 2022 06:11:58 GMT Vary Accept-Encoding Access-Control-Allow-Methods GET Content-Type binary/octet-stream Access-Control-Allow-Origin * Cache-Control no-cache Access-Control-Allow-Credentials false Accept-Ranges bytes Access-Control-Allow-Headers * X-Amz-Cf-Id XoMFgvkwawOWfYY9qUN6a0BaQRA-ZWAu33y-xHU_WEJb9lzkdsyvCg==
POST H2	204	collect Show response m.clarity.ms/	0 171 B	294ms 100ms	XHR text/plain	20.120.124.64 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://m.clarity.ms/collect Requested by Host: www.clarity.ms URL: https://www.clarity.ms/eus-f/s/0.6.39/clarity.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.120.124.64 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/x-clarity-gzip Referer https://fraud.net/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers access-control-allow-origin https://fraud.net date Thu, 25 Aug 2022 06:11:56 GMT access-control-allow-credentials true server Microsoft-IIS/10.0 x-powered-by ASP.NET request-context appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0
GET H2	200	Teaser.abc20503.js Show response front.optimonk.com/load.esm/	3 KB 2 KB	24ms 24ms	Script application/javascript	157.245.25.14 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://front.optimonk.com/load.esm/Teaser.abc20503.js Requested by Host: front.optimonk.com URL: https://front.optimonk.com/load.esm/load.1bb28309.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 157.245.25.14 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash f5689b71c7c3bab494b4c4299de1ef98725f89d1070010693db51cd493ebc4d8 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://fraud.net/ Origin https://fraud.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 25 Aug 2022 06:11:57 GMT content-encoding gzip x-content-type-options nosniff server nginx etag W/"cb2-gLeox7aeSmYEjO0QfqH69bZiPEA" x-download-options noopen x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=604800 strict-transport-security max-age=15552000; includeSubDomains x-dns-prefetch-control off vary Accept-Encoding x-xss-protection 1; mode=block
GET H3	200	webworker.js www.google.com/recaptcha/enterprise/ Frame C83F	102 B 134 B	46ms 45ms	Other text/javascript	2a00:1450:4001:829::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/enterprise/webworker.js?hl=de&v=PRMRaAwB3KlylGQR57Dyk-pF Requested by Host: www.google.com URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9mcmF1ZC5uZXQ6NDQz&hl=de&v=PRMRaAwB3KlylGQR57Dyk-pF&size=invisible&badge=inline&cb=73t5oug2oya5 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 67c7cf2537681e76ae6b64e0159beaaa71413f83e01c809b7274f17c0ad9bd21 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9mcmF1ZC5uZXQ6NDQz&hl=de&v=PRMRaAwB3KlylGQR57Dyk-pF&size=invisible&badge=inline&cb=73t5oug2oya5 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 25 Aug 2022 06:11:57 GMT content-encoding gzip x-content-type-options nosniff server GSE cross-origin-embedder-policy require-corp x-frame-options SAMEORIGIN report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 content-security-policy frame-ancestors 'self' alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 112 x-xss-protection 1; mode=block expires Thu, 25 Aug 2022 06:11:57 GMT
GET H2	200	__ptq.gif track.hubspot.com/	45 B 964 B	147ms 121ms	Image image/gif	2606:4700::6813:9a53 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://track.hubspot.com/__ptq.gif?k=15&fi=e7da54a7-2f38-4f6a-9f57-178fe485ef3c&fci=1be13768-ceff-4c34-921f-76ce14811f21&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1091019263&v=1.1&a=2113031&rcu=https%3A%2F%2Ffraud.net%2F&pu=https%3A%2F%2Ffraud.net%2F&t=Fraud.net+%7C+AI+Fraud+Detection+and+Prevention+for+Enterprises&cts=1661407914444&vi=1a7e82b68ebfa7f6045485d3aca3a15b&nc=true&u=57037109.1a7e82b68ebfa7f6045485d3aca3a15b.1661407914439.1661407914439.1661407914439.1&b=57037109.1.1661407914439&cc=15 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 25 Aug 2022 06:11:57 GMT vary Accept-Encoding cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-hubspot-correlation-id 3a9fed4c-7515-41c7-91d5-25556b098de3 cf-ray 74022c5d3ea7917d-FRA p3p CP="NOI CUR ADM OUR NOR STA NID" alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 45 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fMHmYxf4W2vlxgnDf4y%2FlJidEcUYhtpUHDewcFhO%2FqX%2BfgdNzWv5LP4Qkljn%2FjKcefQmQ82T1jrPEQiPOcpmEJno4X3PJqYZtILvbtNhiZ%2Ffw1vwPKO0N2BE%2FhJnRkc3qhKedilY0sfMibZA0KFG"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control no-cache, no-store, no-transform access-control-allow-credentials false x-robots-tag none
GET H2	200	__ptq.gif track.hubspot.com/	45 B 561 B	147ms 122ms	Image image/gif	2606:4700::6813:9a53 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1091019263&v=1.1&a=2113031&rcu=https%3A%2F%2Ffraud.net%2F&pu=https%3A%2F%2Ffraud.net%2F&t=Fraud.net+%7C+AI+Fraud+Detection+and+Prevention+for+Enterprises&cts=1661407914445&vi=1a7e82b68ebfa7f6045485d3aca3a15b&nc=true&u=57037109.1a7e82b68ebfa7f6045485d3aca3a15b.1661407914439.1661407914439.1661407914439.1&b=57037109.1.1661407914439&cc=15 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 25 Aug 2022 06:11:57 GMT vary Accept-Encoding cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-hubspot-correlation-id 4637e143-89b6-407b-844f-9463ab0366c3 cf-ray 74022c5d3ea8917d-FRA p3p CP="NOI CUR ADM OUR NOR STA NID" alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 45 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j%2BnndC8M8ecuaebdnSLm%2Fwv3PPhIIyfdzUxbgveuJLVnt1It0GQxv7aUwWlyAE%2BR2QkTD%2BGRwMhVwWk11Dq0gjnD%2FR9aV8pKg4ZuOo8hdIO7ifhe4wbdQbmgoc%2FxSocldranIVWnjPRyPEf4mqNz"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control no-cache, no-store, no-transform access-control-allow-credentials false x-robots-tag none
GET H2	200	c.gif c.clarity.ms/ Redirect Chain https://c.clarity.ms/c.gif https://c.bing.com/c.gif?CtsSyncId=307CA1BCA0FB49A981C460FDF16DC2A3&RedC=c.clarity.ms&MXFR=1ACCA88EF9AD6B5A27D1BA85FDAD654A https://c.clarity.ms/c.gif?CtsSyncId=307CA1BCA0FB49A981C460FDF16DC2A3&MUID=1C2301AC7C916B8C194B13A77DE06A61	42 B 367 B	27ms 26ms	Image image/gif	20.234.93.27 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://c.clarity.ms/c.gif?CtsSyncId=307CA1BCA0FB49A981C460FDF16DC2A3&MUID=1C2301AC7C916B8C194B13A77DE06A61 Protocol H2 Server 20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12 Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Thu, 25 Aug 2022 06:11:56 GMT last-modified Wed, 17 Aug 2022 23:56:46 GMT server Microsoft-IIS/10.0 x-powered-by ASP.NET etag "de363c295b2d81:0" p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" cache-control private, no-cache, proxy-revalidate, no-store accept-ranges bytes content-type image/gif content-length 42 Redirect headers pragma no-cache date Thu, 25 Aug 2022 06:11:56 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: A9697CDAE81140A6AEFEE6686376C7C9 Ref B: FRAEDGE1107 Ref C: 2022-08-25T06:11:57Z x-powered-by ASP.NET x-cache CONFIG_NOCACHE p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" location https://c.clarity.ms/c.gif?CtsSyncId=307CA1BCA0FB49A981C460FDF16DC2A3&MUID=1C2301AC7C916B8C194B13A77DE06A61 cache-control private, no-cache, proxy-revalidate, no-store content-length 0
GET H3	200	json Show response forms.hubspot.com/lead-flows-config/v1/config/	254 B 1 KB	160ms 148ms	XHR application/json	2606:4700::6813:9a53 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=2113031&utk=1a7e82b68ebfa7f6045485d3aca3a15b&__hstc=57037109.1a7e82b68ebfa7f6045485d3aca3a15b.1661407914439.1661407914439.1661407914439.1&__hssc=57037109.1.1661407914439&currentUrl=https%3A%2F%2Ffraud.net%2F Requested by Host: js.hsleadflows.net URL: https://js.hsleadflows.net/leadflows.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 82044e26d592cb48cfbe52d62d7950cdf771d204a49cefec6e62691726863fb5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://fraud.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 25 Aug 2022 06:11:57 GMT content-encoding br vary Accept-Encoding cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-hubspot-correlation-id af9d6191-b051-4323-8da5-6c4cdbc2c9d0 access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD strict-transport-security max-age=31536000; includeSubDomains; preload alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-robots-tag none server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 180 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jpuvdOAFAJ5JaGeG1IL3Ak7flhzp7vYzEp8TUG8kr1dYlSH%2BdfYL1jLzuEB4oNmjaTmMhzowrp5M09LZd9tR9R5a76LsN%2BcxyZ90UPL5ya5H0zDJQieMPgNUW8LD1qgQ4QCmQ6tKHIexuznUoVym"}],"group":"cf-nel","max_age":604800} content-type application/json;charset=utf-8 access-control-allow-origin https://fraud.net cache-control max-age=0, no-cache, no-store access-control-allow-credentials false cf-ray 74022c5d6c86920d-FRA access-control-allow-headers Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
GET H3	200	bframe Show response www.google.com/recaptcha/enterprise/ Frame D250	7 KB 1 KB	47ms 47ms	Document text/html	2a00:1450:4001:829::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/enterprise/bframe?hl=de&v=PRMRaAwB3KlylGQR57Dyk-pF&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/recaptcha__de.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 69c94aa682fb9d815ea6881b9f8fb2fb74e9c7ce437de2c0e57c48769d51e6e8 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-x_FPk1QVXx0xclaTTd3Tjw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://fraud.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-length 1116 content-security-policy script-src 'report-sample' 'nonce-x_FPk1QVXx0xclaTTd3Tjw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Thu, 25 Aug 2022 06:11:57 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	styles__ltr.css www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/ Frame D250	52 KB 24 KB	37ms 36ms	Stylesheet text/css	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/enterprise/bframe?hl=de&v=PRMRaAwB3KlylGQR57Dyk-pF&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 25 Aug 2022 03:41:23 GMT content-encoding gzip x-content-type-options nosniff age 9034 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 24251 x-xss-protection 0 last-modified Mon, 15 Aug 2022 20:03:29 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 25 Aug 2023 03:41:23 GMT
GET H3	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/ Frame D250	390 KB 155 KB	38ms 37ms	Script text/javascript	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/enterprise/bframe?hl=de&v=PRMRaAwB3KlylGQR57Dyk-pF&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 151bac179d2ce855508abc6505e6a2c5b3a02a923a30a17c70acc2c2b0169640 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 25 Aug 2022 04:04:26 GMT content-encoding gzip x-content-type-options nosniff age 7651 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 158666 x-xss-protection 0 last-modified Mon, 15 Aug 2022 20:03:29 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 25 Aug 2023 04:04:26 GMT
POST H3	200	reload Show response www.google.com/recaptcha/enterprise/ Frame D250	39 KB 23 KB	76ms 76ms	XHR application/json	2a00:1450:4001:829::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/enterprise/reload?k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/recaptcha__de.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 0b5344746847b61101af776f80d3be8fb89106fcb94df6ff6d8da3a6993335c3 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.google.com/recaptcha/enterprise/bframe?hl=de&v=PRMRaAwB3KlylGQR57Dyk-pF&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Content-Type application/x-protobuffer Response headers date Thu, 25 Aug 2022 06:11:58 GMT content-encoding gzip x-content-type-options nosniff server GSE x-frame-options SAMEORIGIN content-type application/json; charset=utf-8 cache-control private, max-age=0 content-security-policy frame-ancestors 'self' alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 24036 x-xss-protection 1; mode=block expires Thu, 25 Aug 2022 06:11:58 GMT
POST H2	204	collect Show response m.clarity.ms/	0 48 B	283ms 282ms	XHR text/plain	20.120.124.64 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://m.clarity.ms/collect Requested by Host: www.clarity.ms URL: https://www.clarity.ms/eus-f/s/0.6.39/clarity.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.120.124.64 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/x-clarity-gzip Referer https://fraud.net/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers access-control-allow-origin https://fraud.net date Thu, 25 Aug 2022 06:11:57 GMT access-control-allow-credentials true server Microsoft-IIS/10.0 x-powered-by ASP.NET request-context appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0
GET H3	200	refresh_2x.png www.gstatic.com/recaptcha/api2/ Frame D250	600 B 624 B	38ms 37ms	Image image/png	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/recaptcha/api2/refresh_2x.png Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/styles__ltr.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/styles__ltr.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Wed, 24 Aug 2022 08:44:59 GMT x-content-type-options nosniff age 77219 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 600 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type image/png cache-control public, max-age=604800 accept-ranges bytes expires Wed, 31 Aug 2022 08:44:59 GMT
GET H3	200	audio_2x.png www.gstatic.com/recaptcha/api2/ Frame D250	530 B 554 B	39ms 37ms	Image image/png	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/recaptcha/api2/audio_2x.png Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/styles__ltr.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/styles__ltr.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 22 Aug 2022 23:42:15 GMT x-content-type-options nosniff age 196183 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 530 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type image/png cache-control public, max-age=604800 accept-ranges bytes expires Mon, 29 Aug 2022 23:42:15 GMT
GET H3	200	info_2x.png www.gstatic.com/recaptcha/api2/ Frame D250	665 B 689 B	41ms 40ms	Image image/png	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/recaptcha/api2/info_2x.png Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/styles__ltr.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/styles__ltr.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Tue, 23 Aug 2022 16:37:52 GMT x-content-type-options nosniff age 135246 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 665 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type image/png cache-control public, max-age=604800 accept-ranges bytes expires Tue, 30 Aug 2022 16:37:52 GMT
GET H3	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/ Frame D250	15 KB 15 KB	39ms 38ms	Font font/woff2	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://www.google.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Tue, 23 Aug 2022 11:18:05 GMT x-content-type-options nosniff age 154433 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15344 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:32:55 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Wed, 23 Aug 2023 11:18:05 GMT
GET H3	200	KFOlCnqEu92Fr1MmYUtfBBc4.woff2 fonts.gstatic.com/s/roboto/v18/ Frame D250	15 KB 15 KB	51ms 51ms	Font font/woff2	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://www.google.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 19 Aug 2022 06:37:10 GMT x-content-type-options nosniff age 516888 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15340 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:33:16 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Sat, 19 Aug 2023 06:37:10 GMT
GET H3	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v18/ Frame D250	15 KB 15 KB	39ms 39ms	Font font/woff2	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://www.google.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Tue, 23 Aug 2022 18:59:48 GMT x-content-type-options nosniff age 126730 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15552 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:33:02 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Wed, 23 Aug 2023 18:59:48 GMT
GET H3	200	payload www.google.com/recaptcha/enterprise/ Frame D250	22 KB 22 KB	45ms 45ms	Image image/jpeg	2a00:1450:4001:829::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/recaptcha/enterprise/payload?p=06ANYolqt8t068H5bJxqztaJgIDfLdHbDS_bN6giYcVfzRldB6SjJdXjyOM1NnC2LK6Sl7Xxc6yPFYdEckGKFZVg4MVpzdah0mTUng5P9soFHR2h80vqfa19jE6Wt_nTW8ThpMi40rPHnDQpXuO7calIErm3eYSsZgErCJx1I2XlNOJ023DzYMq-7HH2QdU53YaVvEC3sEPA-woRI7L7NY41jhvYNPxuFdLw&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 483880642d2129abbacb4725e2b869527d68288d5572f2f0fd393a423695317f Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/recaptcha/enterprise/bframe?hl=de&v=PRMRaAwB3KlylGQR57Dyk-pF&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 25 Aug 2022 06:11:58 GMT x-content-type-options nosniff server GSE x-frame-options SAMEORIGIN content-type image/jpeg cache-control private, max-age=30 content-security-policy frame-ancestors 'self' alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 22206 x-xss-protection 1; mode=block expires Thu, 25 Aug 2022 06:11:58 GMT
POST H2	204	collect Show response m.clarity.ms/	0 48 B	92ms 92ms	XHR text/plain	20.120.124.64 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://m.clarity.ms/collect Requested by Host: www.clarity.ms URL: https://www.clarity.ms/eus-f/s/0.6.39/clarity.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.120.124.64 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/x-clarity-gzip Referer https://fraud.net/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers access-control-allow-origin https://fraud.net date Thu, 25 Aug 2022 06:12:02 GMT access-control-allow-credentials true server Microsoft-IIS/10.0 x-powered-by ASP.NET request-context appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0